Request to support --enable-integrity-monitoring flag with security type 'ConfidentialVM'

[ketanatri1]

Preconditions

• No need to upgrade Python SDK or the Python SDK is ready.

Related command

az vm create
az vmss create

Resource Provider

Microsoft.Compute/virtualMachines/extensions

Description of Feature or Work Requested

Current Az CLI supports the flag '--enable-integrity-monitoring' when '--security-type' for VM is set to 'TrustedLaunch'.
This flag causes the Guest attestation extension to be installed on the VM.
More details on the flag and its usage can be found here: https://learn.microsoft.com/en-us/azure/virtual-machines/boot-integrity-monitoring-overview?tabs=cli

We would like to add the same usage of this flag for '--security-type' 'ConfidentialVM' as well. This way the Guest attestation extension will be installed for Confidential VMs as well when the flag is used with the az vm create or az vmss create command.

Minimum API Version Required

N/A

Swagger PR link / SDK link

N/A

Request Example

No response

Target Date

2025-01-15

PM Contact

reprasa, tusharjain

Engineer Contact

ketanatri, babnishvyas

Additional context

No response

[yonzhan]

Thank you for opening this issue, we will look into it.

[yanzhudd]

Hi @ketanatri1
could you please help verify if this private package could meet your expectations?
You can refer to this guideline. Thanks!

[ketanatri1]

Hi @yanzhudd I verified the attached package and can confirm that it works as expected. Thanks!