Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
This rule finds the value of the property path properties.osProfile.adminPassword for resources of type Microsoft.Compute/virtualMachines or Microsoft.Compute/virtualMachineScaleSets that doesn't have a secure value.
Linter rule code
Use the following value in the Bicep configuration file to customize rule settings:
use-secure-value-for-secure-inputs
Solution
Assign a secure value to the property with the property path properties.osProfile.adminPassword for resources of type Microsoft.Compute/virtualMachines or Microsoft.Compute/virtualMachineScaleSets. Don't use a literal value. Instead, create a parameter with the @secure() decorator for the password and assign it to adminPassword.
The following examples fail this test because the adminPassword is not a secure value.
resource ubuntuVM 'Microsoft.Compute/virtualMachineScaleSets@2024-03-01' = {
name: 'name'
location: 'China North 2'
properties: {
virtualMachineProfile: {
osProfile: {
adminUsername: 'adminUsername'
adminPassword: 'adminPassword'
}
}
}
}
resource ubuntuVM 'Microsoft.Compute/virtualMachines@2024-03-01' = {
name: 'name'
location: 'China North 2'
properties: {
osProfile: {
computerName: 'computerName'
adminUsername: 'adminUsername'
adminPassword: 'adminPassword'
}
}
}
param adminPassword string
resource ubuntuVM 'Microsoft.Compute/virtualMachines@2024-03-01' = {
name: 'name'
location: 'China North 2'
properties: {
osProfile: {
computerName: 'computerName'
adminUsername: 'adminUsername'
adminPassword: adminPassword
}
}
}
The following example passes this test.
@secure()
param adminPassword string
@secure()
param adminUsername string
param location string = resourceGroup().location
resource ubuntuVM 'Microsoft.Compute/virtualMachines@2024-03-01' = {
name: 'name'
location: location
properties: {
osProfile: {
computerName: 'computerName'
adminUsername: adminUsername
adminPassword: adminPassword
}
}
}
Next steps
For more information about the linter, see Use Bicep linter.