Deploying Kyvos using Azure Resource Manager Template

Subscription*

Your account subscription.

Resource Group*

Enter the name of your resource group. The resource group is a collection of resources that share the same lifecycle, permissions, and policies.

Region*

Choose the Azure region that's right for you and your customers. Not every resource is available in every region.

vnetAddress

Enter the CIDR notation for the new VPC that will be created during the deployment. 

NOTE: This parameter will only be displayed if a new network security group is created within the deployment.

NetworkSecurityGroupIpWhiteList

Provide the range of IP addresses allowed to access Kyvos Instances. Use 0.0.0.0/0 to allow all users access.
NOTE: This parameter will only be visible in case of new network security group is created within the deployment.

Virtual Network Name*

Name of Virtual Network in which your VMs will run.

VM Subnet Name*

Name of Subnet in which your VMs will run. This Subnet should be part of the above Virtual Network.

ApplicationGatewaySubnetName *  

Name of the Subnet in which Application Gateway will be created. The Subnet should be part of the above Virtual Network.   

NOTE: This parameter will display only if an existing VPC is used for deployment.

Security Group Name*

Name of the Security group that can be used to access the VMs.

Network Resource Group Name*

Name of Resource Group in which Virtual Network and Subnet are deployed.

Security Group Resource Group Name

Name of Resource Group in which SecurityGroup is deployed.

Enable Managed Identity Creation

Select True to Create New Managed Identity for Kyvos.

Select False to use an already existing managed identity.

Managed Identity Name*

Enter the name of User-Managed Identity to be attached with all Kyvos VMs.

Managed Identity Resource Group Name

The Name of the Resource Group in which Managed Identity is deployed.

Databricks Authentication Type

Authentication type to authenticate Kyvos for accessing Databricks REST APIs and  creating  JDBC connection.

Databricks Token*

Specifies the value of the token used to connect to the Databricks Cluster

Kyvos Work Directory

Enter the path for the Kyvos work directory.

SSH public key source

Select the required option from the SSH public key source list. 
NOTE: If you select the Use Existing public key option from the list, the SSH Public Key field is displayed.

SSH Public Key*

Provide an RSA public key in the single-line format (starting with "ssh-rsa") or the multi-line PEM format.

You can generate SSH keys using ssh-keygen on Linux and OS X, or PuTTYGen on Windows.

Additional Tags

Enter the additional tags to put on all resources.

Use the syntax as: {"Key1": "Value1", "Key2" : "Value2"}

Storage Account Name

Enter the name of the Storage Account to be used for Kyvos.

Storage Account Container Name

Enter the name of Container in Storage Account which will be used for Kyvos.

CustomPrefixVirtualMachines

Enter a custom prefix that you want to append before the name of the virtual machines to be used for Kyvos.

CustomPrefixVPC

Enter the custom prefix that you want to append before the name of VPC in case a new VPC is created for use with Kyvos.

CustomPrefixNSG

Enter the custom prefix that you want to append before the name of the Network Security Group in case a new group is created for use with Kyvos.

CustomPrefixKeyVault

Enter the custom prefix that you want to append before the name of Key Vault in case a new Key Vault is created for use with Kyvos.

CustomPrefixScaleSet

Enter the custom prefix that you want to append before the name of Scaleset that will be created for use with Kyvos.

Vault URL*

If you have saved your secrets in the Key Vault, provide its URL.

Vault Resource Group*

Enter the name of the Resource Group in which the Key Vault is deployed.

Boot Diagnostics Storage Account Resource ID

Resource ID of a storage account of type gen1 for enabling Boot Diagnostics of VMs. If left blank, a Storage Account of type Gen1 will be created for use with Kyvos.

Storage Account Resource Group

Enter the name of the Resource Group in which the Storage Account is deployed.

Object Id of Service Principal*

The Object ID assigned to the Service Principal. This maps to the ID inside the Active Directory.

SSH Private Key*

Provide the RSA private key in a single-line format.

Kyvos Cluster Name

Provide a name for your Kyvos cluster. You can ONLY use alphanumeric characters and an underscore (_) as a special character.

NOTE:  If you have enabled Web Portal High Availability, the name should not exceed 32 characters.  

Kyvos Installation Path

Enter the installation path to deploy Kyvos.

Databricks URL*

Provide the URL in <https://<account>.cloud.databricks.com> format.

Databricks Cluster ID*

Enter the Cluster ID of your Azure cluster.

To obtain this ID, click the Cluster Name on the Clusters page in Databricks.

The page URL shows <https://<databricks-instance>/#/settings/clusters/<cluster-id>. The cluster ID is the number after the /clusters/ component in the URL of this page.

Databricks Cluster Organization ID*

Enter the Cluster Organization ID of your Azure cluster. To obtain this ID, click the Cluster Name on the Clusters page in Databricks.
The number after o= in the workspace URL is the organization ID. For example, if the workspace URL is  https://westus.azuredatabricks.net/?o=7692xxxxxxxx , then the organization ID is 7692xxxxxxxx.

Postgres Password*

Provide the password to be used for Postgres.

License File Value*

Enter a valid Kyvos license key.

Secret Key For Kyvos Bundle Download*

Enter the Secret key to access the Kyvos bundle.

Enable Public IP

Select True to enable Public IP for the Kyvos Web portal.

NOTE: If Virtual Network is being created from the template, set the value of this parameter to true. 

DNS Label Prefix

Unique DNS Name for the Public IP used to access the Virtual Machine.

Perform Env Validation

Select True to perform environment validation before cluster deployment to ensure all the resources are created correctly.

Host Name Based Deployment  

Select True to use hostnames instead of IP Addresses for instances during cluster deployment.

KM Repository Password 

Specifies the value of the password used for Postgres.

NOTE: 

• Password must contain 8 to 128 characters from three of the following categories: English uppercase letters or English lowercase letters, numbers (0 through 9), and non-alphanumeric characters (for example, !, $, #, %).

• This parameter is displayed only when you select the Create New RDS option during the Kyvos template creation. 

Kyvos Manager Azure Postgres Server Name

Enter the name of the existing Azure Postgres Server. 

NOTE: This parameter is displayed only when you select the Existing RDS option during the Kyvos template creation. 

Kyvos Manager Azure Postgres Server Resource Group Name

Enter the resource group in which the above Postgres Server resides. 

NOTE: This parameter is displayed only when you select the Existing RDS option during the Kyvos template creation. 

Kyvos Manager Postgres TLS Type 

Choose true if Kyvos Manager Postgres is TLS enabled.

Choose false if Kyvos Manager Postgres is not TLS enabled.

NOTE: This parameter is displayed only when you select the Existing RDS option during the Kyvos template creation. 

KM Repo Username 

Specifies the value of the user used for the Kyvos Manager Repository.

NOTE: This parameter is displayed only when you select the Create New RDS option during the Kyvos template creation. 

KM Repo Database 

Specifies the value of the database used for the Kyvos Manager Repository.

NOTE: This parameter is displayed only when you select the Create New RDS option during the Kyvos template creation.