Document Details

Quick Create Confidential Vm Azure Cli
Home / Scan 2 / Quick Create Confidential Vm Azure Cli
This page contains Windows bias

About This Page

This page is part of the Azure documentation. It contains code examples and configuration instructions for working with Azure services.
GitHub View on GitHub 📚 View on Microsoft Learn

Bias Analysis

Bias Types:
⚠️ powershell_heavy
⚠️ windows_tools
⚠️ missing_linux_example
Summary:
The documentation page demonstrates a bias toward Windows environments in the sections related to customer-managed keys and Azure Key Vault integration. Several steps use PowerShell syntax and Windows-specific tools (e.g., Microsoft Graph SDK for PowerShell), and there are no equivalent Bash or Linux-native command examples provided for these steps. This may hinder Linux users who expect parity in CLI-based documentation.
Recommendations:
  • For every PowerShell example, provide an equivalent Bash/Azure CLI example that works natively on Linux/macOS.
  • Where Microsoft Graph SDK is required, document how to perform the same actions using REST APIs or CLI tools available on Linux.
  • Explicitly note when a step is Windows-only, and provide alternative instructions for Linux users where possible.
  • Ensure that all scripting and automation steps can be performed in cross-platform environments, not just in PowerShell.
  • Review the use of Windows-centric terminology and tools, and balance with Linux-native approaches throughout the documentation.
GitHub Create pull request

Scan History

Date Scan ID Status Bias Status
2025-08-17 00:01 #83 in_progress ✅ Clean
2025-07-13 21:37 #48 completed ✅ Clean
2025-07-09 13:09 #3 cancelled ✅ Clean
2025-07-08 04:23 #2 cancelled ❌ Biased

Flagged Code Snippets

Make a note of the `publicIpAddress` to use later. ## Create Confidential virtual machine using a Customer Managed Key To create a confidential [disk encryption set](/azure/virtual-machines/linux/disks-enable-customer-managed-keys-cli), you have two options: Using [Azure Key Vault](/azure/key-vault/general/quick-create-cli) or [Azure Key Vault managed Hardware Security Module (HSM)](/azure/key-vault/managed-hsm/quick-create-cli). Based on your security and compliance needs you can choose either option. However, it is important to note that the standard SKU is not supported. The following example uses Azure Key Vault Premium. 1. Grant confidential VM Service Principal `Confidential VM Orchestrator` to tenant. For this step you need to be a Global Admin or you need to have the User Access Administrator RBAC role. [Install Microsoft Graph SDK](/powershell/microsoftgraph/installation) to execute the commands below.