Edit

Share via

Protect-TemplateDisk

Module:
ShieldedVMTemplate Module

Prepares a signed template disk (.VHDX) which can be used to provision new shielded virtual machines.

Syntax

SpecifyVolumeNameAndVersion (Default) 

Protect-TemplateDisk
    -Path <String>
    -TemplateName <String>
    -Version <Version>
    -Certificate <X509Certificate2>
    [-ProtectedTemplateTargetDiskType <ProtectedTemplateTargetDiskType>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

PopulateFrom 

Protect-TemplateDisk
    -Path <String>
    -PopulateFrom <String>
    -Certificate <X509Certificate2>
    [-TemplateName <String>]
    [-Version <Version>]
    [-ProtectedTemplateTargetDiskType <ProtectedTemplateTargetDiskType>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

SpecializedDiskParameterSet 

Protect-TemplateDisk
    -Path <String>
    [-DiskIsAlreadySpecialized]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

The Protect-TemplateDisk cmdlet prepares a virtual hard disk to be used for provisioning shielded virtual machines. The virtual hard disk must use the VHDX format and contain a generalized OS image. The VHDX will be modified in place, and can only be used with shielded virtual machines after the process is complete.

Examples

Example 1: Prepare a template disk by populating existing values

PS C:\>Protect-TemplateDisk -Certificate $certificate -PopulateFrom "ExistingPreparedTemplate.vhdx" -Path "NewTemplate.vhdx" -TemplateName "Windows Server 2016"

This command prepares the .vhdx that the Path specifies. The command uses the version information from ExistingPreparedTemplate.vhdx. The command specifies the template name "Windows Server 2016".

Example 2: Prepare a template disk by specifying name and version

PS C:\>Protect-TemplateDisk -Certificate $certificate -Path "WindowsServer2016-ShieldedTemplate.vhdx" -TemplateName "Windows Server 2016" -Version 1.0.0.0

This command prepares the .vhdx that the Path specifies. The command uses the name and version information specified by the TemplateName and Version parameters.

Parameters

-Certificate

Specifies the certificate used to sign metadata including the disk name, version, and hash calculated during the preparation process. The specified certificate must have a private key installed on the local machine.

Parameter properties

Type:X509Certificate2
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SpecifyVolumeNameAndVersion
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
PopulateFrom
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DiskIsAlreadySpecialized

Indicates the disk has already been prepared as a signed template disk, but its contents have since changed.

Parameter properties

Type:SwitchParameter
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SpecializedDiskParameterSet
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Path

Specifies the path to the template disk (.VHDX) to be prepared.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-PopulateFrom

Specifies the path of a template disk that contains a previously published volume signature catalog. The disk name, version, and certificate will be used as defaults for the new template disk.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

PopulateFrom
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ProtectedTemplateTargetDiskType

Specifies the type of OS installed on the VHDX.

Parameter properties

Type:ProtectedTemplateTargetDiskType
Default value:None
Accepted values:MicrosoftWindows, PreprocessedLinux
Supports wildcards:False
DontShow:False

Parameter sets

SpecifyVolumeNameAndVersion
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
PopulateFrom
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-TemplateName

Specifies the name of the template.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SpecifyVolumeNameAndVersion
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Version

Specifies a value that uniquely identifies this version of the template. The version value uses the form a.b.c.d, where each value is an integer less than 65536.

Parameter properties

Type:Version
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

SpecifyVolumeNameAndVersion
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.