Make Gen2 + TrustedLaunchSupported as Default options for SIG image definition

[sandeepraichura]

Preconditions

• No need to upgrade Python SDK or the Python SDK is ready.

Related command

az sig image-definition create

Resource Provider

Microsoft.compute/galleries

Description of Feature or Work Requested

Current behavior: Hyper-V Generation is an optional parameter and by default it is set to “Gen1” for Image Definition unless specified by customer during creation.

Proposed change: Make Hyper-V generation as “Gen2” with Security Type set as “TrustedLaunchSuppoted” as the default behavior for Image Definition unless specified by customer. For this proposed change, we do need to add a warning as soon as possible in PS/CLI for customers to adopt to this behavior change.

Minimum API Version Required

N/A

Swagger PR link / SDK link

The default behavior is not changing in the API yet, we plan to start with Portal/PS/CLI first and later make the change in the API.

Request Example

Here are the default parameters for PS/CLI currently, we should set HyperV generation to Gen2 by default and update SecurityType=TrustedLaunchSupported. The current behavior is that Hyper-V generation is Gen1 with Standard Security Type when customers don't specify the Hyper-V generation, this behavior should change to Gen2+TrustedLaunchSupported.

az sig image-definition create --gallery-image-definition
--gallery-name
--offer
--os-type {Linux, Windows}
--publisher
--resource-group
--sku

Target Date

2024-03-31

PM Contact

saraic

Engineer Contact

kagarwal

Additional context

This change is to make Trusted Launch Supported as the default behavior as part of TLaD efforts. During the Image definition. This request is mainly for

[yonzhan]

Thank you for opening this issue, we will look into it.