| title | description | services | author | ms.service | ms.topic | ms.custom | ms.author | ms.date |
|---|---|---|---|---|---|---|---|---|
Create an Azure Attestation certificate by using Azure Resource Manager template |
Learn how to create an Azure Attestation certificate by using Azure Resource Manager template. |
azure-resource-manager |
msmbaldwin |
attestation |
quickstart |
subject-armqs, devx-track-azurepowershell, mode-arm |
mbaldwin |
05/20/2021 |
Microsoft Azure Attestation is a solution for attesting Trusted Execution Environments (TEEs). This quickstart focuses on the process of deploying an Azure Resource Manager template (ARM template) to create a Microsoft Azure Attestation policy.
[!INCLUDE About Azure Resource Manager]
If your environment meets the prerequisites and you're familiar with using ARM templates, select the Deploy to Azure button. The template will open in the Azure portal.
If you don't have an Azure subscription, create a free account before you begin.
The template used in this quickstart is from Azure Quickstart Templates.
:::code language="json" source="~/quickstart-templates/quickstarts/microsoft.attestation/attestation-provider-create/azuredeploy.json":::
Azure resources defined in the template:
- Microsoft.Attestation/attestationProviders
-
Select the following image to sign in to Azure and open the template.
-
Select or enter the following values.
Unless it's specified, use the default value to create the attestation provider.
- Attestation Provider Name: Select a name for your Azure Attestation provider.
- Location: Select a location. For example, Central US.
- Tags: Select a location. For example, Central US.
-
Select Purchase. After the attestation resource has been deployed successfully, you get a notification.
The Azure portal is used to deploy the template. In addition to the Azure portal, you can also use the Azure PowerShell, Azure CLI, and REST API. To learn other deployment methods, see Deploy templates.
You can use the Azure portal to check the attestation resource.
Other Azure Attestation build upon this quickstart. If you plan to continue on to work with subsequent quickstarts and tutorials, you may wish to leave these resources in place.
When no longer needed, delete the resource group, which deletes the Attestation resource. To delete the resource group by using Azure CLI or Azure PowerShell:
echo "Enter the Resource Group name:" &&
read resourceGroupName &&
az group delete --name $resourceGroupName &&
echo "Press [ENTER] to continue ..."
$resourceGroupName = Read-Host -Prompt "Enter the Resource Group name"
Remove-AzResourceGroup -Name $resourceGroupName
Write-Host "Press [ENTER] to continue..."
In this quickstart, you created an attestation resource using an ARM template, and validated the deployment. To learn more about Azure Attestation, see Overview of Azure Attestation.