{
	"id": "e738db41-dc34-4663-951b-074685a08d66",
	"created_at": "2026-04-06T03:36:02.514094Z",
	"updated_at": "2026-04-10T03:21:57.905427Z",
	"deleted_at": null,
	"sha1_hash": "d5c09b44ade0b4f6fe1c9369c50bc9d42095674f",
	"title": "Create a legacy managed image in Azure - Azure Virtual Machines",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 89283,
	"plain_text": "Create a legacy managed image in Azure - Azure Virtual Machines\r\nBy cynthn\r\nArchived: 2026-04-06 03:19:13 UTC\r\nThis article covers the older managed image technology. For the most current technology, customers are\r\nencouraged to use Azure Compute Gallery. All new features, like ARM64, Trusted Launch, and Confidential VM\r\nare only supported through Azure Compute Gallery. If you have an existing managed image, you can use it as a\r\nsource and create an Azure Compute Gallery image. For more information, see Create an image definition and\r\nimage version.\r\nImportant\r\nA legacy managed image cannot be created from a virtual machine deployed using Trusted Launch.\r\nOnce you mark a VM as generalized in Azure, you cannot restart the VM.\r\nOne managed image supports up to 20 simultaneous deployments. Attempting to create more than 20 VMs\r\nconcurrently, from the same managed image, may result in provisioning timeouts due to the storage performance\r\nlimitations of a single VHD. To create more than 20 VMs concurrently, use an Azure Compute Gallery (formerly\r\nknown as Shared Image Gallery) image configured with 1 replica for every 20 concurrent VM deployments.\r\nFor information on how managed images are billed, see Managed disk pricing.\r\nYou need a generalized VM in order to create an image.\r\nThe VM cannot be a Trusted Launch VM.\r\nCreate a legacy managed image of the VM with az image create. Creating a legacy managed image directly from\r\nthe VM ensures that the image includes all of the disks associated with the VM, including the OS disk and any\r\ndata disks.\r\nThe legacy managed image is created in the same resource group as your source VM. You can create VMs in any\r\nresource group within your subscription from this image. From a management perspective, you may wish to create\r\na specific resource group for your VM resources and images.\r\nThe following example creates a legacy managed image named myImage in the resource group named\r\nmyResourceGroup using the VM resource named myVM.\r\naz image create \\\r\n --resource-group myResourceGroup \\\r\n --name myImage --source myVM\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 1 of 6\n\nIf you are capturing an image of a generation 2 VM, also use the --hyper-v-generation V2 parameter. for more\r\ninformation, see Generation 2 VMs.\r\nIf you would like to store your image in zone-resilient storage, you need to create it in a region that supports\r\navailability zones and include the --zone-resilient true parameter.\r\nThis command returns JSON that describes the VM image. Save this output for later reference.\r\nThis example shows how to create a legacy managed image from a VM. Creating a legacy managed image\r\ndirectly from the VM ensures that the image includes all of the disks associated with the VM, including the OS\r\ndisk and any data disks.\r\nBefore you begin, make sure that you have the latest version of the Azure PowerShell module. To find the version,\r\nrun Get-Module -ListAvailable Az in PowerShell. If you need to upgrade, see Install Azure PowerShell on\r\nWindows with PowerShellGet. If you are running PowerShell locally, run Connect-AzAccount to create a\r\nconnection with Azure.\r\nIf you would like to store your image in zone-redundant storage, you need to create it in a region that supports\r\navailability zones and include the -ZoneResilient parameter in the image configuration ( New-AzImageConfig\r\ncommand).\r\nTo create a legacy managed image of a VM, follow these steps:\r\n1. Create some variables.\r\n$vmName = \"myVM\"\r\n$rgName = \"myResourceGroup\"\r\n$location = \"Central US\"\r\n$imageName = \"myImage\"\r\n2. Make sure the VM has been deallocated.\r\nStop-AzVM -ResourceGroupName $rgName -Name $vmName -Force\r\n3. Set the status of the virtual machine to Generalized.\r\nSet-AzVm -ResourceGroupName $rgName -Name $vmName -Generalized\r\n4. Get the virtual machine.\r\n$vm = Get-AzVM -Name $vmName -ResourceGroupName $rgName\r\n5. Create the image configuration.\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 2 of 6\n\n$imageConfig = New-AzImageConfig -Location $location -SourceVirtualMachineId $vm.Id\r\n6. Create the image.\r\nNew-AzImage -ImageName $imageName -ResourceGroupName $rgName -Image $imageConfig\r\nIf you want to create a legacy managed image of only the OS disk, specify the managed disk ID as the OS disk:\r\n1. Create some variables.\r\n$vmName = \"myVM\"\r\n$rgName = \"myResourceGroup\"\r\n$location = \"Central US\"\r\n$imageName = \"myImage\"\r\n2. Get the VM.\r\n$vm = Get-AzVm -Name $vmName -ResourceGroupName $rgName\r\n3. Get the ID of the managed disk.\r\n$diskID = $vm.StorageProfile.OsDisk.ManagedDisk.Id\r\n4. Create the image configuration.\r\n$imageConfig = New-AzImageConfig -Location $location\r\n$imageConfig = Set-AzImageOsDisk -Image $imageConfig -OsState Generalized -OsType Windows -ManagedDiskId\r\n5. Create the image.\r\nNew-AzImage -ImageName $imageName -ResourceGroupName $rgName -Image $imageConfig\r\nYou can create a managed image from a snapshot of a generalized VM by following these steps:\r\n1. Create some variables.\r\n$rgName = \"myResourceGroup\"\r\n$location = \"Central US\"\r\n$snapshotName = \"mySnapshot\"\r\n$imageName = \"myImage\"\r\n2. Get the snapshot.\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 3 of 6\n\n$snapshot = Get-AzSnapshot -ResourceGroupName $rgName -SnapshotName $snapshotName\r\n3. Create the image configuration.\r\n$imageConfig = New-AzImageConfig -Location $location\r\n$imageConfig = Set-AzImageOsDisk -Image $imageConfig -OsState Generalized -OsType Windows -SnapshotId $sn\r\n4. Create the image.\r\nNew-AzImage -ImageName $imageName -ResourceGroupName $rgName -Image $imageConfig\r\nTo create a managed image from a VM that doesn't use managed disks, you need the URI of the OS VHD in the\r\nstorage account, in the following format:\r\nhttps://mystorageaccount.blob.core.windows.net/vhdcontainer/vhdfilename.vhd. In this example, the VHD is in\r\nmystorageaccount, in a container named vhdcontainer, and the VHD filename is vhdfilename.vhd.\r\n1. Create some variables.\r\n$vmName = \"myVM\"\r\n$rgName = \"myResourceGroup\"\r\n$location = \"Central US\"\r\n$imageName = \"myImage\"\r\n$osVhdUri = \"https://mystorageaccount.blob.core.windows.net/vhdcontainer/vhdfilename.vhd\"\r\n2. Stop/deallocate the VM.\r\nStop-AzVM -ResourceGroupName $rgName -Name $vmName -Force\r\n3. Mark the VM as generalized.\r\nSet-AzVm -ResourceGroupName $rgName -Name $vmName -Generalized\r\n4. Create the image by using your generalized OS VHD.\r\n$imageConfig = New-AzImageConfig -Location $location\r\n$imageConfig = Set-AzImageOsDisk -Image $imageConfig -OsType Windows -OsState Generalized -BlobUri $osVhd\r\n$image = New-AzImage -ImageName $imageName -ResourceGroupName $rgName -Image $imageConfig\r\nCreate a VM from a legacy managed image by using az vm create. The following example creates a VM named\r\nmyVMDeployed from the image named myImage.\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 4 of 6\n\naz vm create \\\r\n --resource-group myResourceGroup \\\r\n --name myVMDeployed \\\r\n --image myImage\\\r\n --admin-username azureuser \\\r\n --ssh-key-value ~/.ssh/id_rsa.pub\r\nYou can create VMs from a legacy managed image in any resource group within your subscription. To create a\r\nVM in a different resource group than the legacy managed image, specify the full resource ID. Use az image list to\r\nview a list of images. The output is similar to the following example.\r\n\"id\":\r\n\"/subscriptions/guid/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/images/myImage\",\r\n\"location\": \"westus\", \"name\": \"myImage\",\r\nThe following example uses az vm create to create a VM in a resource group other than the source legacy\r\nmanaged image, by specifying the image resource ID.\r\naz vm create \\\r\n --resource-group myOtherResourceGroup \\\r\n --name myOtherVMDeployed \\\r\n --image \"/subscriptions/guid/resourceGroups/MYRESOURCEGROUP/providers/Microsoft.Compute/images/myImage\" \\\r\n --admin-username azureuser \\\r\n --ssh-key-value ~/.ssh/id_rsa.pub\r\nCreate a VM in Azure from a legacy managed image: Find image in portal, choose 'Create VM', fill in details,\r\nselect size, adjust settings, and deploy.\r\n1. Go to the Azure portal to find a managed image. Search for and select Images.\r\n2. Select the image you want to use from the list. The image Overview page opens.\r\n3. Select Create VM from the menu.\r\n4. Enter the virtual machine information. The user name and password entered here will be used to log in to\r\nthe virtual machine. When complete, select OK. You can create the new VM in an existing resource group,\r\nor choose Create new to create a new resource group to store the VM.\r\n5. Select a size for the VM. To see more sizes, select View all or change the Supported disk type filter.\r\n6. Under Settings, make changes as necessary and select OK.\r\n7. On the summary page, you should see your image name listed as a Private image. Select Ok to start the\r\nvirtual machine deployment.\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 5 of 6\n\nYou can use PowerShell to create a VM from a legacy managed image by using the simplified parameter set for\r\nthe New-AzVm cmdlet. The legacy managed image needs to be in the same resource group where you'll create the\r\nVM.\r\nThe simplified parameter set for New-AzVm only requires that you provide a name, resource group, and image\r\nname to create a VM from an image. New-AzVm will use the value of the -Name parameter as the name of all of\r\nthe resources that it creates automatically. In this example, we provide more detailed names for each of the\r\nresources but let the cmdlet create them automatically. You can also create resources beforehand, such as the\r\nvirtual network, and pass the resource name into the cmdlet. New-AzVm will use the existing resources if it can\r\nfind them by their name.\r\nThe following example creates a VM named myVMFromImage, in the myResourceGroup resource group, from the\r\nimage named myImage.\r\nNew-AzVm `\r\n -ResourceGroupName \"myResourceGroup\" `\r\n -Name \"myVMfromImage\" `\r\n -ImageName \"myImage\" `\r\n -Location \"East US\" `\r\n -VirtualNetworkName \"myImageVnet\" `\r\n -SubnetName \"myImageSubnet\" `\r\n -SecurityGroupName \"myImageNSG\" `\r\n -PublicIpAddressName \"myImagePIP\"\r\nSource: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nhttps://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource\r\nPage 6 of 6",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"MITRE"
	],
	"references": [
		"https://docs.microsoft.com/en-us/azure/virtual-machines/windows/capture-image-resource"
	],
	"report_names": [
		"capture-image-resource"
	],
	"threat_actors": [],
	"ts_created_at": 1775446562,
	"ts_updated_at": 1775791317,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/d5c09b44ade0b4f6fe1c9369c50bc9d42095674f.pdf",
		"text": "https://archive.orkl.eu/d5c09b44ade0b4f6fe1c9369c50bc9d42095674f.txt",
		"img": "https://archive.orkl.eu/d5c09b44ade0b4f6fe1c9369c50bc9d42095674f.jpg"
	}
}