Move VM between VNETs in Azure

This week I come into this scenario, I would like to move a virtual machine in azure between different VNETs. You might have different reasons to do it, but what is the best way to do it?

First you have to understand the scenario, is between VNETs on the same region, or between regions? Same subscription or different subscriptions? And at last same tenant or between different tenants?

The way that I look into to this is simple. I know that you have different ways to approach these scenarios, but I want to try to create a solution that no matter what you could use it.

Let’s work on the possibilities. What we know:

  • When you create a VM in Azure, you create several resources (compute, network and storage)
  • When you delete the VM in Azure, you only delete de compute (assuming that you click on the delete button and you didn’t delete the resource group). That means the VHD and the network adapter (and all their dependencies) will remain intact.

So we could use this “orphan” resources (objects) to create a new VM on the VNET that we want. Genius! 😊

In this case we could use the script that I publish to create the VM with the existing disk (see here). That is one option.

Although, if you are on the path of using ARM Template with JSON, you might want to double check if your JSON template reflects that as well (see here).

This is another way to solve your issue of moving a VM between VNETS.


Marcos Nogueira
Azure MVP
Twitter: @mdnoga

Create AzureRM VM from existing VHD

While I was helping a costumer creating a Azure RM virtual machine from an existing VHD, I adapt one of my existing scripts, with some search on internet, to improve my script, that I normally used to create Azure RM virtual machines.

In this case, I need to create the VM from an existing VHD on a Storage Account. Usually when you create a new VM, you have to setup the OS type and select the base image.

This script creates a new VM from an image:

$osDiskName = $vmname+’_OS_Disk’

$osDiskCaching = ‘ReadWrite’

$osDiskVhdUri = “https://<STORAGE_ACCOUNT>”+$vmname+”_os.vhd”


# Setup OS & Image

$user = “MrAzure”

$password = ‘<PASSWORD>’

$securePassword = ConvertTo-SecureString $password -AsPlainText -Force

$cred = New-Object System.Management.Automation.PSCredential ($user, $securePassword)

$vm = Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmname -Credential $cred

$vm = Set-AzureRmVMSourceImage -VM $vm -PublisherName $AzureImage.PublisherName -Offer $AzureImage.Offer `

    -Skus $AzureImage.Skus -Version $AzureImage.Version

$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption fromImage-Caching $osDiskCaching 


To use the existing disk, you need to replace the above script and use this one

$osDiskName = $vmname+’_OS_Disk’

$osDiskCaching = ‘ReadWrite’

$osDiskVhdUri = “https://<STORAGE_ACCOUNT>”+$vmname+”_os.vhd”


$vm = Set-AzureRmVMOSDisk -VM $vm -VhdUri $osDiskVhdUri -name $osDiskName -CreateOption attach -Windows -Caching $osDiskCaching



Marcos Nogueira
Azure MVP
Twitter: @mdnoga

Deploy a ARM VM using an existing VHD in Azure

Another day, one of my costumer wants to rebuild a virtual machine from the existing VHD and place on the new Resource Group and on a different VLAN, but without transferring VHD. The idea was to park the VHD on a storage account to avoid transferring this huge VHD.

First, I want to clarify if you delete the VM, you are not deleting the all the resources, that means that the vhd(s), network adapter9s) or the network IPs will remain intact. You are only deleting the compute section of the VM. That means you can redeploy using the same configuration, or change the network, for example.

To achieve that though, you need to do it through PowerShell and/or using JSON files.

So, if you change the original JSON file just replacing the VHD you will probably get an error message saying, “Cannot attach an existing OS disk if the VM is created from a platform or user image.

To avoid that you have to change the JSON file to reflect createOption to use the attach method instead.

Here is what you need to change:

Original JSON:

“storageProfile”: {

“imageReference”: {

“publisher”: “MicrosoftWindowsServer”,

“offer”: “WindowsServer”,

“sku”: “[parameters(‘windowsOSVersion’)]”,

“version”: “latest” },

“osDisk”: { “createOption”: “FromImage” },


Replace with:

“storageProfile”: {

“osDisk”: { “createOption”: “attach”,

“managedDisk”: {

“id”: [Managed_Disk_ID] },





Marcos Nogueira
Azure MVP
Twitter: @mdnoga

Managed disk on Azure

You probably already saw this when you are creating a Virtual Machine on Azure. After you insert the basic information like Name of the VM, choose the size, then comes the time to define and configure the settings of that VM. One of the first thing is the Use of managed disk.

But what is managed disks? How they work? What are the implication of using the Managed disks?

So, first thing, Managed Disk allow you to abstract the storage accounts where you will use on your virtual machine (see pictures below). When you select that you want to use managed disk, you don’t have to setup or choose the storage account where those disks will be stored.

When you don’t want to use Managed disks, you have to select the storage account.

With Managed disk, you only have to specify the size of the disk, and Azure manage for you. That allows you more granular access control. You don’t have to care with the storage account limits and you will gain higher scalability, meaning that you can create up to 10000 disks per region per subscription.

Managed disk will increase your resilience for your availability sets, by making sure that the disk will belong to a storage unit that is on a different fault domain. In my experience, when you create storage account, it’s not guarantee that your storage account will be on a different fault domain. That scenario, even if you use availability sets on the setup, doesn’t avoid a single point of failure.

But if you are thinking, that you prefer to use storage accounts, to control the access to the VHDs, with managed disks you can use RBAC as well, to assign the permissions for a managed disk to one or more users. In this scenario, you have to managed disk by disk, and not to the entire storage account. That means more granular access control. You can prevent, for example, a user of copy that vhd, but still use the virtual machine.

The integration with Azure Backup is great. You can use Azure Backup Service with managed disk to create a backup job that will easy your VM restoration. Managed disks although, only support the Locally Redundant Storage (LRS) as a replication option, this mean that 3 copies of the vhd within the region.

To resume, here are the benefits of managed disks:

  • Simple and scalable VM deployment
  • Better reliability for Availability Sets
  • Granular Access control
  • Azure Backup service support


Marcos Nogueira
Azure MVP
Twitter: @mdnoga

Azure MVP Award

What a better way to start the 150th Canada day receiving this email:

It’s a huge honor to belong to this Exclusive and Exquisite Elite Technical group. I have been before MVP, but then I lost when I joined Microsoft. But this time, feels completely different. It’s reinvigorating! Being an MVP is a tremendous responsibility and a pleasure at the same time.

This Award means that Microsoft, recognizes exceptional community knowledge share. It’s not something that you can study and pass on exam, it’s earned for the long hours blogging, speaking, preparing content and so on. But, my friends, it’s worth it, when you received this email. All your effort, time away from your family and friend is worth when you enter in this world.

But what is an Microsoft MVP?
Microsoft Most Valuable Professionals, or MVPs, are technology experts who passionately share their knowledge with the community. They are always on the “bleeding edge” and have an unstoppable urge to get their hands on new, exciting technologies. They have very deep knowledge of Microsoft products and services, while also being able to bring together diverse platforms, products and solutions, to solve real world problems. MVPs make up a global community of over 4,000 technical experts and community leaders across 90 countries and are driven by their passion, community spirit, and quest for knowledge. Above all and in addition to their amazing technical abilities, MVPs are always willing to help others – that’s what sets them apart.

What is the MVP Award?
For more than two decades, the Microsoft MVP Award is our way of saying “Thanks!” to outstanding community leaders. The contributions MVPs make to the community, ranging from speaking engagements, to social media posts, to writing books, to helping others in online communities, have incredible impact. Key benefits to MVPs include early access to Microsoft products, direct communication channels with our product teams and an invitation to the Global MVP Summit, an exclusive annual event hosted in our global HQ in Redmond. They also have a very close relationship with the local Microsoft teams in their area, who are there to support and empower MVPs to address needs and opportunities in the local ecosystem. Other benefits include an executive recognition letter, an MSDN technical subscription, and an Office 365 subscription.

You can find more information on the MVP Site

I just want to share my happiness with all of you! Thank you for your support!

Marcos Nogueira
Azure MVP
Twitter: @mdnoga