Merge pull request #208569 from joshdmcc/jmccarthy/updateimdsdocs

Adding missing information to the IMDS public docs

Author: prmerger-automator[bot]

includes/virtual-machines-imds-full-instance-response.md

@@ -14,6 +14,12 @@ ms.reviewer: azmetadatadev
 {
     "compute": {
         "azEnvironment": "AZUREPUBLICCLOUD",
+        "additionalCapabilities": {
+            "hibernationEnabled": "true"
+        },
+        "hostGroup": {
+          "id": "testHostGroupId"
+        }, 
         "extendedLocation": {
             "type": "edgeZone",
             "name": "microsoftlosangeles"
@@ -54,7 +60,9 @@ ms.reviewer: azmetadatadev
         "resourceId": "/subscriptions/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/macikgo-test-may-23/providers/Microsoft.Compute/virtualMachines/examplevmname",
         "securityProfile": {
             "secureBootEnabled": "true",
-            "virtualTpmEnabled": "false"
+            "virtualTpmEnabled": "false",
+            "encryptionAtHost": "true",
+            "securityType": "TrustedLaunch"
         },
         "sku": "2019-Datacenter",
         "storageProfile": {
@@ -96,7 +104,19 @@ ms.reviewer: azmetadatadev
                     "option": "Local"
                 },
                 "encryptionSettings": {
-                    "enabled": "false"
+                  "enabled": "false",
+                  "diskEncryptionKey": {
+                    "sourceVault": {
+                      "id": "/subscriptions/test-source-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                    },
+                    "secretUrl": "https://test-disk.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+                  },
+                  "keyEncryptionKey": {
+                    "sourceVault": {
+                      "id": "/subscriptions/test-key-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                    },
+                    "keyUrl": "https://test-key.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+                  }
                 },
                 "image": {
                     "uri": ""
@@ -155,6 +175,12 @@ ms.reviewer: azmetadatadev
 {
     "compute": {
         "azEnvironment": "AZUREPUBLICCLOUD",
+        "additionalCapabilities": {
+            "hibernationEnabled": "true"
+        },
+        "hostGroup": {
+          "id": "testHostGroupId"
+        }, 
         "extendedLocation": {
             "type": "edgeZone",
             "name": "microsoftlosangeles"
@@ -195,7 +221,9 @@ ms.reviewer: azmetadatadev
         "resourceId": "/subscriptions/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/macikgo-test-may-23/providers/Microsoft.Compute/virtualMachines/examplevmname",
         "securityProfile": {
             "secureBootEnabled": "true",
-            "virtualTpmEnabled": "false"
+            "virtualTpmEnabled": "false",
+            "encryptionAtHost": "true",
+            "securityType": "TrustedLaunch"
         },
         "sku": "18.04-LTS",
         "storageProfile": {
@@ -237,7 +265,19 @@ ms.reviewer: azmetadatadev
                     "option": "Local"
                 },
                 "encryptionSettings": {
-                    "enabled": "false"
+                  "enabled": "false",
+                  "diskEncryptionKey": {
+                    "sourceVault": {
+                      "id": "/subscriptions/test-source-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                    },
+                    "secretUrl": "https://test-disk.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+                  },
+                  "keyEncryptionKey": {
+                    "sourceVault": {
+                      "id": "/subscriptions/test-key-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                    },
+                    "keyUrl": "https://test-key.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+                  }
                 },
                 "image": {
                     "uri": ""

includes/virtual-machines-imds.md

@@ -340,10 +340,13 @@ Schema breakdown:
 | Data | Description | Version introduced |
 |------|-------------|--------------------|
 | `azEnvironment` | Azure Environment where the VM is running in | 2018-10-01
+| `additionalCapabilities.hibernationEnabled` | Identifies if hibernation is enabled on the VM | 2021-11-01†
 | `customData` | This feature is deprecated and disabled [in IMDS](#frequently-asked-questions). It has been superseded by `userData` | 2019-02-01
 | `evictionPolicy` | Sets how a [Spot VM](../articles/virtual-machines/spot-vms.md) will be evicted. | 2020-12-01
 | `extendedLocation.type` | Type of the extended location of the VM. | 2021-03-01
 | `extendedLocation.name` | Name of the extended location of the VM | 2021-03-01
+| `host.id` | Name of the host of the VM. Note that a VM will either have a host or a hostGroup but not both. | 2021-11-15†
+| `hostGroup.id` | Name of the hostGroup of the VM. Note that a VM will either have a host or a hostGroup but not both. | 2021-11-15†
 | `isHostCompatibilityLayerVm` | Identifies if the VM runs on the Host Compatibility Layer | 2020-06-01
 | `licenseType` | Type of license for [Azure Hybrid Benefit](https://azure.microsoft.com/pricing/hybrid-benefit). This is only present for AHB-enabled VMs | 2020-09-01
 | `location` | Azure Region the VM is running in | 2017-04-02
@@ -367,6 +370,8 @@ Schema breakdown:
 | `sku` | Specific SKU for the VM image | 2017-04-02
 | `securityProfile.secureBootEnabled` | Identifies if UEFI secure boot is enabled on the VM | 2020-06-01
 | `securityProfile.virtualTpmEnabled` | Identifies if the virtual Trusted Platform Module (TPM) is enabled on the VM | 2020-06-01
+| `securityProfile.encryptionAtHost` | Identifies if [Encryption at Host](../articles/virtual-machines/disks-enable-host-based-encryption-portal.md) is enabled on the VM | 2021-11-01†
+| `securityProfile.securityType` | Identifies if the VM is a [Trusted VM](../articles/virtual-machines/trusted-launch.md) or a [Confidential VM](../articles/confidential-computing/confidential-vm-overview.md) | 2021-12-13†
 | `storageProfile` | See Storage Profile below | 2019-06-01
 | `subscriptionId` | Azure subscription for the Virtual Machine | 2017-08-01
 | `tags` | [Tags](../articles/azure-resource-manager/management/tag-resources.md) for your Virtual Machine  | 2017-08-01
@@ -379,6 +384,8 @@ Schema breakdown:
 | `vmSize` | [VM size](../articles/virtual-machines/sizes.md) | 2017-04-02
 | `zone` | [Availability Zone](../articles/availability-zones/az-overview.md) of your virtual machine | 2017-12-01
 
+† This version is not fully available yet and may not be supported in all regions.
+
 **Storage profile**
 
 The storage profile of a VM is divided into three categories: image reference, OS disk, and data disks, plus an additional object for the local temporary disk.
@@ -431,6 +438,17 @@ Data | Description | Version introduced |
 
 \* These fields are only populated for Ultra Disks; they will be empty strings from non-Ultra Disks.
 
+The encryption settings blob contains data about how the disk is encrypted (if it is encrypted):
+
+Data | Description | Version introduced |
+|------|-----------|--------------------|
+| `diskEncryptionKey.sourceVault.id` | The location of the disk encryption key | 2021-11-01†
+| `diskEncryptionKey.secretUrl` | The location of the secret | 2021-11-01†
+| `keyEncryptionKey.sourceVault.id` | The location of the key encryption key | 2021-11-01†
+| `keyEncryptionKey.keyUrl` | The location of the key | 2021-11-01† 
+
+\† This version is not fully available yet and may not be supported in all regions.
+
 The resource disk object contains the size of the [Local Temp Disk](../articles/virtual-machines/managed-disks-overview.md#temporary-disk) attached to the VM, if it has one, in kilobytes.
 If there is [no local temp disk for the VM](../articles/virtual-machines/azure-vms-no-temp-disk.yml), this value is 0. 
 
@@ -660,6 +678,12 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
       "name": "microsoftlosangeles"
     },
     "evictionPolicy": "",
+    "additionalCapabilities": {
+        "hibernationEnabled": "false"
+    },
+    "hostGroup": {
+      "id": "testHostGroupId"
+    },    
     "isHostCompatibilityLayerVm": "true",
     "licenseType":  "Windows_Client",
     "location": "westus",
@@ -694,7 +718,9 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
     "resourceId": "/subscriptions/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/macikgo-test-may-23/providers/Microsoft.Compute/virtualMachines/examplevmname",
     "securityProfile": {
         "secureBootEnabled": "true",
-        "virtualTpmEnabled": "false"
+        "virtualTpmEnabled": "false",
+        "encryptionAtHost": "true",
+        "securityType": "TrustedLaunch"
     },
     "sku": "2019-Datacenter",
     "storageProfile": {
@@ -736,7 +762,19 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
                 "option": "Local"
             },
             "encryptionSettings": {
-                "enabled": "false"
+              "enabled": "false",
+              "diskEncryptionKey": {
+                "sourceVault": {
+                  "id": "/subscriptions/test-source-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                },
+                "secretUrl": "https://test-disk.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+              },
+              "keyEncryptionKey": {
+                "sourceVault": {
+                  "id": "/subscriptions/test-key-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                },
+                "keyUrl": "https://test-key.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+              }
             },
             "image": {
                 "uri": ""
@@ -778,6 +816,12 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
       "name": "microsoftlosangeles"
     },
     "evictionPolicy": "",
+    "additionalCapabilities": {
+        "hibernationEnabled": "false"
+    },
+    "hostGroup": {
+      "id": "testHostGroupId"
+    }, 
     "isHostCompatibilityLayerVm": "true",
     "licenseType":  "Windows_Client",
     "location": "westus",
@@ -812,7 +856,9 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
     "resourceId": "/subscriptions/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/resourceGroups/macikgo-test-may-23/providers/Microsoft.Compute/virtualMachines/examplevmname",
     "securityProfile": {
         "secureBootEnabled": "true",
-        "virtualTpmEnabled": "false"
+        "virtualTpmEnabled": "false",
+        "encryptionAtHost": "true",
+        "securityType": "TrustedLaunch"
     },
     "sku": "18.04-LTS",
     "storageProfile": {
@@ -854,7 +900,19 @@ curl -H Metadata:true --noproxy "*" "http://169.254.169.254/metadata/instance/co
                 "option": "Local"
             },
             "encryptionSettings": {
-                "enabled": "false"
+              "enabled": "false",
+              "diskEncryptionKey": {
+                "sourceVault": {
+                  "id": "/subscriptions/test-source-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                },
+                "secretUrl": "https://test-disk.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+              },
+              "keyEncryptionKey": {
+                "sourceVault": {
+                  "id": "/subscriptions/test-key-guid/resourceGroups/testrg/providers/Microsoft.KeyVault/vaults/test-kv"
+                },
+                "keyUrl": "https://test-key.vault.azure.net/secrets/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx/xxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx"
+              }
             },
             "image": {
                 "uri": ""