Azure
/
azure-resource-manager-schemas
зеркало из https://github.com/Azure/azure-resource-manager-schemas.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
azure-resource-manager-schemas/schemas/2021-06-01/Microsoft.Synapse.json

5858 строки
192 KiB
JSON
Исходник Постоянная ссылка Ответственный История

{
"id": "https://schema.management.azure.com/schemas/2021-06-01/Microsoft.Synapse.json#",
"title": "Microsoft.Synapse",
"description": "Microsoft Synapse Resource Types",
"$schema": "http://json-schema.org/draft-04/schema#",
"resourceDefinitions": {
"privateLinkHubs": {
"description": "Microsoft.Synapse/privateLinkHubs",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "Name of the privateLinkHub",
"type": "string"
},
"properties": {
"description": "PrivateLinkHub resource properties",
"oneOf": [
{
"$ref": "#/definitions/PrivateLinkHubProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/privateLinkHubs"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces": {
"description": "Microsoft.Synapse/workspaces",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"identity": {
"description": "Identity of the workspace",
"oneOf": [
{
"$ref": "#/definitions/ManagedIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "The name of the workspace.",
"type": "string"
},
"properties": {
"description": "Workspace resource properties",
"oneOf": [
{
"$ref": "#/definitions/WorkspaceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/workspaces_keys_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_childResource"
},
{
"$ref": "#/definitions/workspaces_bigDataPools_childResource"
},
{
"$ref": "#/definitions/workspaces_firewallRules_childResource"
},
{
"$ref": "#/definitions/workspaces_administrators_childResource"
},
{
"$ref": "#/definitions/workspaces_auditingSettings_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlAdministrators_childResource"
},
{
"$ref": "#/definitions/workspaces_encryptionProtector_childResource"
},
{
"$ref": "#/definitions/workspaces_integrationRuntimes_childResource"
},
{
"$ref": "#/definitions/workspaces_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/workspaces_extendedAuditingSettings_childResource"
},
{
"$ref": "#/definitions/workspaces_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/workspaces_azureADOnlyAuthentications_childResource"
},
{
"$ref": "#/definitions/workspaces_privateEndpointConnections_childResource"
},
{
"$ref": "#/definitions/workspaces_dedicatedSQLminimalTlsSettings_childResource"
},
{
"$ref": "#/definitions/workspaces_managedIdentitySqlControlSettings_childResource"
}
]
},
"type": "array"
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_administrators": {
"description": "Microsoft.Synapse/workspaces/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/activeDirectory$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Workspace active directory administrator properties",
"oneOf": [
{
"$ref": "#/definitions/AadAdminProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_auditingSettings": {
"description": "Microsoft.Synapse/workspaces/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the blob auditing policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_azureADOnlyAuthentications": {
"description": "Microsoft.Synapse/workspaces/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "name of the property",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "azureADOnlyAuthentication resource properties",
"oneOf": [
{
"$ref": "#/definitions/AzureADOnlyAuthenticationProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_bigDataPools": {
"description": "Microsoft.Synapse/workspaces/bigDataPools",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "Big Data pool name",
"type": "string"
},
"properties": {
"description": "Big Data pool properties",
"oneOf": [
{
"$ref": "#/definitions/BigDataPoolResourceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/bigDataPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_dedicatedSQLminimalTlsSettings": {
"description": "Microsoft.Synapse/workspaces/dedicatedSQLminimalTlsSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the dedicated sql minimal tls settings.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DedicatedSQLminimalTlsSettingsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/dedicatedSQLminimalTlsSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_encryptionProtector": {
"description": "Microsoft.Synapse/workspaces/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/EncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_extendedAuditingSettings": {
"description": "Microsoft.Synapse/workspaces/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the blob auditing policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_firewallRules": {
"description": "Microsoft.Synapse/workspaces/firewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The IP firewall rule name",
"type": "string"
},
"properties": {
"description": "IP firewall rule properties",
"oneOf": [
{
"$ref": "#/definitions/IpFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/firewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_integrationRuntimes": {
"description": "Microsoft.Synapse/workspaces/integrationRuntimes",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "Integration runtime name",
"type": "string"
},
"properties": {
"description": "Integration runtime properties.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntime"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/integrationRuntimes"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_keys": {
"description": "Microsoft.Synapse/workspaces/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workspace key",
"type": "string"
},
"properties": {
"description": "Keys resource properties",
"oneOf": [
{
"$ref": "#/definitions/KeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_managedIdentitySqlControlSettings": {
"description": "Microsoft.Synapse/workspaces/managedIdentitySqlControlSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Sql Control Settings for workspace managed identity",
"oneOf": [
{
"$ref": "#/definitions/ManagedIdentitySqlControlSettingsModelProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/managedIdentitySqlControlSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_privateEndpointConnections": {
"description": "Microsoft.Synapse/workspaces/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the private endpoint connection.",
"type": "string"
},
"properties": {
"description": "Private endpoint connection properties.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_securityAlertPolicies": {
"description": "Microsoft.Synapse/workspaces/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerSecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlAdministrators": {
"description": "Microsoft.Synapse/workspaces/sqlAdministrators",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/activeDirectory$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Workspace active directory administrator properties",
"oneOf": [
{
"$ref": "#/definitions/AadAdminProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlAdministrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools": {
"description": "Microsoft.Synapse/workspaces/sqlPools",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "SQL pool name",
"type": "string"
},
"properties": {
"description": "SQL pool properties",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolResourceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/workspaces_sqlPools_metadataSync_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_workloadGroups_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_auditingSettings_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_geoBackupPolicies_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_dataMaskingPolicies_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_extendedAuditingSettings_childResource"
},
{
"$ref": "#/definitions/workspaces_sqlPools_transparentDataEncryption_childResource"
}
]
},
"type": "array"
},
"sku": {
"description": "SQL pool SKU",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_auditingSettings": {
"description": "Microsoft.Synapse/workspaces/sqlPools/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_dataMaskingPolicies": {
"description": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "The properties of the data masking policy.",
"oneOf": [
{
"$ref": "#/definitions/DataMaskingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/workspaces_sqlPools_dataMaskingPolicies_rules_childResource"
}
]
},
"type": "array"
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_dataMaskingPolicies_rules": {
"description": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the data masking rule.",
"type": "string"
},
"properties": {
"description": "The properties of the resource.",
"oneOf": [
{
"$ref": "#/definitions/DataMaskingRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_extendedAuditingSettings": {
"description": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_geoBackupPolicies": {
"description": "Microsoft.Synapse/workspaces/sqlPools/geoBackupPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the geo backup policy.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "The properties of the geo backup policy.",
"oneOf": [
{
"$ref": "#/definitions/GeoBackupPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/geoBackupPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_metadataSync": {
"description": "Microsoft.Synapse/workspaces/sqlPools/metadataSync",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/config$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Metadata Sync Config properties",
"oneOf": [
{
"$ref": "#/definitions/MetadataSyncConfigProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/metadataSync"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_schemas_tables_columns_sensitivityLabels": {
"description": "Microsoft.Synapse/workspaces/sqlPools/schemas/tables/columns/sensitivityLabels",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SensitivityLabelProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/schemas/tables/columns/sensitivityLabels"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_securityAlertPolicies": {
"description": "Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_transparentDataEncryption": {
"description": "Microsoft.Synapse/workspaces/sqlPools/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Represents the properties of the resource.",
"oneOf": [
{
"$ref": "#/definitions/TransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_vulnerabilityAssessments": {
"description": "Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_vulnerabilityAssessments_rules_baselines": {
"description": "Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments/rules/baselines",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a Sql pool level rule and master for workspace level rule).",
"oneOf": [
{
"enum": [
"master",
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments/rules/baselines"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_workloadGroups": {
"description": "Microsoft.Synapse/workspaces/sqlPools/workloadGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workload group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/workspaces_sqlPools_workloadGroups_workloadClassifiers_childResource"
}
]
},
"type": "array"
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/workloadGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_workloadGroups_workloadClassifiers": {
"description": "Microsoft.Synapse/workspaces/sqlPools/workloadGroups/workloadClassifiers",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workload classifier.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadClassifierProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/sqlPools/workloadGroups/workloadClassifiers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_vulnerabilityAssessments": {
"description": "Microsoft.Synapse/workspaces/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Synapse/workspaces/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
}
},
"definitions": {
"AadAdminProperties": {
"description": "Workspace active directory administrator properties",
"properties": {
"administratorType": {
"description": "Workspace active directory administrator type",
"type": "string"
},
"login": {
"description": "Login of the workspace active directory administrator",
"type": "string"
},
"sid": {
"description": "Object ID of the workspace active directory administrator",
"type": "string"
},
"tenantId": {
"description": "Tenant ID of the workspace active directory administrator",
"type": "string"
}
},
"type": "object"
},
"AutoPauseProperties": {
"description": "Auto-pausing properties of a Big Data pool powered by Apache Spark",
"properties": {
"delayInMinutes": {
"description": "Number of minutes of idle time before the Big Data pool is automatically paused.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"enabled": {
"description": "Whether auto-pausing is enabled for the Big Data pool.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"AutoScaleProperties": {
"description": "Auto-scaling properties of a Big Data pool powered by Apache Spark",
"properties": {
"enabled": {
"description": "Whether automatic scaling is enabled for the Big Data pool.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maxNodeCount": {
"description": "The maximum number of nodes the Big Data pool can support.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minNodeCount": {
"description": "The minimum number of nodes the Big Data pool can support.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"AzureADOnlyAuthenticationProperties": {
"description": "Properties of a active directory only authentication.",
"properties": {
"azureADOnlyAuthentication": {
"description": "Azure Active Directory only Authentication enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"azureADOnlyAuthentication"
],
"type": "object"
},
"BigDataPoolResourceProperties": {
"description": "Properties of a Big Data pool powered by Apache Spark",
"properties": {
"autoPause": {
"description": "Auto-pausing properties",
"oneOf": [
{
"$ref": "#/definitions/AutoPauseProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"autoScale": {
"description": "Auto-scaling properties",
"oneOf": [
{
"$ref": "#/definitions/AutoScaleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"cacheSize": {
"description": "The cache size",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"customLibraries": {
"description": "List of custom libraries/packages associated with the spark pool.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/LibraryInfo"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"defaultSparkLogFolder": {
"description": "The default folder where Spark logs will be written.",
"type": "string"
},
"dynamicExecutorAllocation": {
"description": "Dynamic Executor Allocation",
"oneOf": [
{
"$ref": "#/definitions/DynamicExecutorAllocation"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAutotuneEnabled": {
"description": "Whether autotune is required or not.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isComputeIsolationEnabled": {
"description": "Whether compute isolation is required or not.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"libraryRequirements": {
"description": "Library version requirements",
"oneOf": [
{
"$ref": "#/definitions/LibraryRequirements"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"nodeCount": {
"description": "The number of nodes in the Big Data pool.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"nodeSize": {
"description": "The level of compute power that each node in the Big Data pool has.",
"oneOf": [
{
"enum": [
"None",
"Small",
"Medium",
"Large",
"XLarge",
"XXLarge",
"XXXLarge"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"nodeSizeFamily": {
"description": "The kind of nodes that the Big Data pool provides.",
"oneOf": [
{
"enum": [
"None",
"MemoryOptimized",
"HardwareAcceleratedFPGA",
"HardwareAcceleratedGPU"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"provisioningState": {
"description": "The state of the Big Data pool.",
"type": "string"
},
"sessionLevelPackagesEnabled": {
"description": "Whether session level packages enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sparkConfigProperties": {
"description": "Spark configuration file to specify additional properties",
"oneOf": [
{
"$ref": "#/definitions/SparkConfigProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sparkEventsFolder": {
"description": "The Spark events folder",
"type": "string"
},
"sparkVersion": {
"description": "The Apache Spark version.",
"type": "string"
}
},
"type": "object"
},
"CmdkeySetupTypeProperties": {
"description": "Cmdkey command custom setup type properties.",
"properties": {
"password": {
"description": "The password of data source access.",
"oneOf": [
{
"$ref": "#/definitions/SecretBase"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"targetName": {
"description": "The server name of data source access.",
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"userName": {
"description": "The user name of data source access.",
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"targetName",
"userName",
"password"
],
"type": "object"
},
"CspWorkspaceAdminProperties": {
"description": "Initial workspace AAD admin properties for a CSP subscription",
"properties": {
"initialWorkspaceAdminObjectId": {
"description": "AAD object ID of initial workspace admin",
"type": "string"
}
},
"type": "object"
},
"CustomSetupBase": {
"description": "The base definition of the custom setup.",
"oneOf": [
{
"description": "The custom setup of running cmdkey commands.",
"properties": {
"type": {
"enum": [
"CmdkeySetup"
],
"type": "string"
},
"typeProperties": {
"description": "Cmdkey command custom setup type properties.",
"oneOf": [
{
"$ref": "#/definitions/CmdkeySetupTypeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"typeProperties",
"type"
],
"type": "object"
},
{
"description": "The custom setup of installing 3rd party components.",
"properties": {
"type": {
"enum": [
"ComponentSetup"
],
"type": "string"
},
"typeProperties": {
"description": "Install 3rd party component type properties.",
"oneOf": [
{
"$ref": "#/definitions/LicensedComponentSetupTypeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"typeProperties",
"type"
],
"type": "object"
},
{
"description": "The custom setup of setting environment variable.",
"properties": {
"type": {
"enum": [
"EnvironmentVariableSetup"
],
"type": "string"
},
"typeProperties": {
"description": "Add environment variable type properties.",
"oneOf": [
{
"$ref": "#/definitions/EnvironmentVariableSetupTypeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"typeProperties",
"type"
],
"type": "object"
}
],
"properties": {},
"type": "object"
},
"CustomerManagedKeyDetails": {
"description": "Details of the customer managed key associated with the workspace",
"properties": {
"kekIdentity": {
"description": "Key encryption key",
"oneOf": [
{
"$ref": "#/definitions/KekIdentityProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"key": {
"description": "The key object of the workspace",
"oneOf": [
{
"$ref": "#/definitions/WorkspaceKeyDetails"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"DataLakeStorageAccountDetails": {
"description": "Details of the data lake storage account associated with the workspace",
"properties": {
"accountUrl": {
"description": "Account URL",
"type": "string"
},
"createManagedPrivateEndpoint": {
"description": "Create managed private endpoint to this storage account or not",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"filesystem": {
"description": "Filesystem name",
"type": "string"
},
"resourceId": {
"description": "ARM resource Id of this storage account",
"type": "string"
}
},
"type": "object"
},
"DataMaskingPolicyProperties": {
"description": "The properties of a database data masking policy.",
"properties": {
"dataMaskingState": {
"description": "The state of the data masking policy.",
"oneOf": [
{
"enum": [
"Disabled",
"Enabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"exemptPrincipals": {
"description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries.",
"type": "string"
}
},
"required": [
"dataMaskingState"
],
"type": "object"
},
"DataMaskingRuleProperties": {
"description": "The properties of a Sql pool data masking rule.",
"properties": {
"aliasName": {
"description": "The alias name. This is a legacy parameter and is no longer used.",
"type": "string"
},
"columnName": {
"description": "The column name on which the data masking rule is applied.",
"type": "string"
},
"maskingFunction": {
"description": "The masking function that is used for the data masking rule.",
"oneOf": [
{
"enum": [
"Default",
"CCN",
"Email",
"Number",
"SSN",
"Text"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"numberFrom": {
"description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored.",
"type": "string"
},
"numberTo": {
"description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored.",
"type": "string"
},
"prefixSize": {
"description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored.",
"type": "string"
},
"replacementString": {
"description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored.",
"type": "string"
},
"ruleState": {
"description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState.",
"oneOf": [
{
"enum": [
"Disabled",
"Enabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"schemaName": {
"description": "The schema name on which the data masking rule is applied.",
"type": "string"
},
"suffixSize": {
"description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored.",
"type": "string"
},
"tableName": {
"description": "The table name on which the data masking rule is applied.",
"type": "string"
}
},
"required": [
"schemaName",
"tableName",
"columnName",
"maskingFunction"
],
"type": "object"
},
"DedicatedSQLminimalTlsSettingsProperties": {
"description": "Properties of a dedicated sql minimal tls settings.",
"properties": {
"minimalTlsVersion": {
"description": "The minimal tls version of the sql server.",
"type": "string"
}
},
"type": "object"
},
"DynamicExecutorAllocation": {
"description": "Dynamic Executor Allocation Properties",
"properties": {
"enabled": {
"description": "Indicates whether Dynamic Executor Allocation is enabled or not.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maxExecutors": {
"description": "The maximum number of executors alloted",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minExecutors": {
"description": "The minimum number of executors alloted",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"EncryptionDetails": {
"description": "Details of the encryption associated with the workspace",
"properties": {
"cmk": {
"description": "Customer Managed Key Details",
"oneOf": [
{
"$ref": "#/definitions/CustomerManagedKeyDetails"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"EncryptionProtectorProperties": {
"description": "Properties for an encryption protector execution.",
"properties": {
"serverKeyName": {
"description": "The name of the server key.",
"type": "string"
},
"serverKeyType": {
"description": "The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.",
"oneOf": [
{
"enum": [
"ServiceManaged",
"AzureKeyVault"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"serverKeyType"
],
"type": "object"
},
"EntityReference": {
"description": "The entity reference.",
"properties": {
"referenceName": {
"description": "The name of this referenced entity.",
"type": "string"
},
"type": {
"description": "The type of this referenced entity.",
"oneOf": [
{
"enum": [
"IntegrationRuntimeReference",
"LinkedServiceReference"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"EnvironmentVariableSetupTypeProperties": {
"description": "Environment variable custom setup type properties.",
"properties": {
"variableName": {
"description": "The name of the environment variable.",
"type": "string"
},
"variableValue": {
"description": "The value of the environment variable.",
"type": "string"
}
},
"required": [
"variableName",
"variableValue"
],
"type": "object"
},
"ExtendedServerBlobAuditingPolicyProperties": {
"description": "Properties of an extended server blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isDevopsAuditEnabled": {
"description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"predicateExpression": {
"description": "Specifies condition of where clause when creating an audit.",
"type": "string"
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ExtendedSqlPoolBlobAuditingPolicyProperties": {
"description": "Properties of an extended Sql pool blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"predicateExpression": {
"description": "Specifies condition of where clause when creating an audit.",
"type": "string"
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"GeoBackupPolicyProperties": {
"description": "The properties of the geo backup policy.",
"properties": {
"state": {
"description": "The state of the geo backup policy.",
"oneOf": [
{
"enum": [
"Disabled",
"Enabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"state"
],
"type": "object"
},
"IntegrationRuntime": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "Azure Synapse nested object which serves as a compute resource for activities.",
"oneOf": [
{
"description": "Managed integration runtime, including managed elastic and managed dedicated integration runtimes.",
"properties": {
"managedVirtualNetwork": {
"description": "Managed integration runtime managed virtual network.",
"oneOf": [
{
"$ref": "#/definitions/ManagedIntegrationRuntimeManagedVirtualNetworkReference"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Managed"
],
"type": "string"
},
"typeProperties": {
"description": "Managed integration runtime properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedIntegrationRuntimeTypeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"typeProperties",
"type"
],
"type": "object"
},
{
"description": "Self-hosted integration runtime.",
"properties": {
"type": {
"enum": [
"SelfHosted"
],
"type": "string"
},
"typeProperties": {
"description": "When this property is not null, means this is a linked integration runtime. The property is used to access original integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/SelfHostedIntegrationRuntimeTypeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"type"
],
"type": "object"
}
],
"properties": {
"description": {
"description": "Integration runtime description.",
"type": "string"
}
},
"type": "object"
},
"IntegrationRuntimeComputeProperties": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "The compute resource properties for managed integration runtime.",
"properties": {
"dataFlowProperties": {
"description": "Data flow properties for managed integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeDataFlowProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "The location for managed integration runtime. The supported regions could be found on https://docs.microsoft.com/en-us/azure/data-factory/data-factory-data-movement-activities",
"type": "string"
},
"maxParallelExecutionsPerNode": {
"description": "Maximum parallel executions count per node for managed integration runtime.",
"oneOf": [
{
"minimum": 1,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"nodeSize": {
"description": "The node size requirement to managed integration runtime.",
"type": "string"
},
"numberOfNodes": {
"description": "The required number of nodes for managed integration runtime.",
"oneOf": [
{
"minimum": 1,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"vNetProperties": {
"description": "VNet properties for managed integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeVNetProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"IntegrationRuntimeCustomSetupScriptProperties": {
"description": "Custom setup script properties for a managed dedicated integration runtime.",
"properties": {
"blobContainerUri": {
"description": "The URI of the Azure blob container that contains the custom setup script.",
"type": "string"
},
"sasToken": {
"description": "The SAS token of the Azure blob container.",
"oneOf": [
{
"$ref": "#/definitions/SecureString"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"IntegrationRuntimeCustomerVirtualNetwork": {
"description": "The definition and properties of virtual network to which Azure-SSIS integration runtime will join.",
"properties": {
"subnetId": {
"description": "The ID of subnet to which Azure-SSIS integration runtime will join.",
"type": "string"
}
},
"type": "object"
},
"IntegrationRuntimeDataFlowProperties": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "Data flow properties for managed integration runtime.",
"properties": {
"computeType": {
"description": "Compute type of the cluster which will execute data flow job.",
"oneOf": [
{
"enum": [
"General",
"MemoryOptimized",
"ComputeOptimized"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"coreCount": {
"description": "Core count of the cluster which will execute data flow job. Supported values are: 8, 16, 32, 48, 80, 144 and 272.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"timeToLive": {
"description": "Time to live (in minutes) setting of the cluster which will execute data flow job.",
"oneOf": [
{
"minimum": 0,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"IntegrationRuntimeDataProxyProperties": {
"description": "Data proxy properties for a managed dedicated integration runtime.",
"properties": {
"connectVia": {
"description": "The self-hosted integration runtime reference.",
"oneOf": [
{
"$ref": "#/definitions/EntityReference"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"path": {
"description": "The path to contain the staged data in the Blob storage.",
"type": "string"
},
"stagingLinkedService": {
"description": "The staging linked service reference.",
"oneOf": [
{
"$ref": "#/definitions/EntityReference"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"IntegrationRuntimeSsisCatalogInfo": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "Catalog information for managed dedicated integration runtime.",
"properties": {
"catalogAdminPassword": {
"description": "The password of the administrator user account of the catalog database.",
"oneOf": [
{
"$ref": "#/definitions/SecureString"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"catalogAdminUserName": {
"description": "The administrator user name of catalog database.",
"maxLength": 128,
"minLength": 1,
"type": "string"
},
"catalogPricingTier": {
"description": "The pricing tier for the catalog database. The valid values could be found in https://azure.microsoft.com/en-us/pricing/details/sql-database/",
"oneOf": [
{
"enum": [
"Basic",
"Standard",
"Premium",
"PremiumRS"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"catalogServerEndpoint": {
"description": "The catalog database server URL.",
"type": "string"
}
},
"type": "object"
},
"IntegrationRuntimeSsisProperties": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "SSIS properties for managed integration runtime.",
"properties": {
"catalogInfo": {
"description": "Catalog information for managed dedicated integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeSsisCatalogInfo"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"customSetupScriptProperties": {
"description": "Custom setup script properties for a managed dedicated integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeCustomSetupScriptProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"dataProxyProperties": {
"description": "Data proxy properties for a managed dedicated integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeDataProxyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"edition": {
"description": "The edition for the SSIS Integration Runtime",
"oneOf": [
{
"enum": [
"Standard",
"Enterprise"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"expressCustomSetupProperties": {
"description": "Custom setup without script properties for a SSIS integration runtime.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/CustomSetupBase"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"licenseType": {
"description": "License type for bringing your own license scenario.",
"oneOf": [
{
"enum": [
"BasePrice",
"LicenseIncluded"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"IntegrationRuntimeVNetProperties": {
"additionalProperties": {
"oneOf": [
{
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"description": "VNet properties for managed integration runtime.",
"properties": {
"publicIPs": {
"description": "Resource IDs of the public IP addresses that this integration runtime will use.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"subnet": {
"description": "The name of the subnet this integration runtime will join.",
"type": "string"
},
"subnetId": {
"description": "The ID of subnet, to which this Azure-SSIS integration runtime will be joined.",
"type": "string"
},
"vNetId": {
"description": "The ID of the VNet that this integration runtime will join.",
"type": "string"
}
},
"type": "object"
},
"IpFirewallRuleProperties": {
"description": "IP firewall rule properties",
"properties": {
"endIpAddress": {
"description": "The end IP address of the firewall rule. Must be IPv4 format. Must be greater than or equal to startIpAddress",
"type": "string"
},
"startIpAddress": {
"description": "The start IP address of the firewall rule. Must be IPv4 format",
"type": "string"
}
},
"type": "object"
},
"KekIdentityProperties": {
"description": "Key encryption key properties",
"properties": {
"useSystemAssignedIdentity": {
"description": "Boolean specifying whether to use system assigned identity or not"
},
"userAssignedIdentity": {
"description": "User assigned identity resource Id",
"type": "string"
}
},
"type": "object"
},
"KeyProperties": {
"description": "Key properties",
"properties": {
"isActiveCMK": {
"description": "Used to activate the workspace after a customer managed key is provided.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"keyVaultUrl": {
"description": "The Key Vault Url of the workspace key.",
"type": "string"
}
},
"type": "object"
},
"LibraryInfo": {
"description": "Library/package information of a Big Data pool powered by Apache Spark",
"properties": {
"containerName": {
"description": "Storage blob container name.",
"type": "string"
},
"name": {
"description": "Name of the library.",
"type": "string"
},
"path": {
"description": "Storage blob path of library.",
"type": "string"
},
"type": {
"description": "Type of the library.",
"type": "string"
}
},
"type": "object"
},
"LibraryRequirements": {
"description": "Library requirements for a Big Data pool powered by Apache Spark",
"properties": {
"content": {
"description": "The library requirements.",
"type": "string"
},
"filename": {
"description": "The filename of the library requirements file.",
"type": "string"
}
},
"type": "object"
},
"LicensedComponentSetupTypeProperties": {
"description": "Installation of licensed component setup type properties.",
"properties": {
"componentName": {
"description": "The name of the 3rd party component.",
"type": "string"
},
"licenseKey": {
"description": "The license key to activate the component.",
"oneOf": [
{
"$ref": "#/definitions/SecretBase"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"componentName"
],
"type": "object"
},
"LinkedIntegrationRuntimeType": {
"description": "The base definition of a linked integration runtime.",
"oneOf": [
{
"description": "The key authorization type integration runtime.",
"properties": {
"authorizationType": {
"enum": [
"Key"
],
"type": "string"
},
"key": {
"description": "The key used for authorization.",
"oneOf": [
{
"$ref": "#/definitions/SecureString"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"key",
"authorizationType"
],
"type": "object"
},
{
"description": "The role based access control (RBAC) authorization type integration runtime.",
"properties": {
"authorizationType": {
"enum": [
"RBAC"
],
"type": "string"
},
"resourceId": {
"description": "The resource identifier of the integration runtime to be shared.",
"type": "string"
}
},
"required": [
"resourceId",
"authorizationType"
],
"type": "object"
}
],
"properties": {},
"type": "object"
},
"ManagedIdentity": {
"description": "The workspace managed identity",
"properties": {
"type": {
"description": "The type of managed identity for the workspace",
"oneOf": [
{
"enum": [
"None",
"SystemAssigned",
"SystemAssigned,UserAssigned"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"userAssignedIdentities": {
"description": "The user assigned managed identities.",
"oneOf": [
{
"additionalProperties": {
"$ref": "#/definitions/UserAssignedManagedIdentity"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedIdentitySqlControlSettingsModelProperties": {
"description": "Sql Control Settings for workspace managed identity",
"properties": {
"grantSqlControlToManagedIdentity": {
"description": "Grant sql control to managed identity",
"oneOf": [
{
"$ref": "#/definitions/ManagedIdentitySqlControlSettingsModelPropertiesGrantSqlControlToManagedIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedIdentitySqlControlSettingsModelPropertiesGrantSqlControlToManagedIdentity": {
"description": "Grant sql control to managed identity",
"properties": {
"desiredState": {
"description": "Desired state",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedIntegrationRuntimeManagedVirtualNetworkReference": {
"description": "Managed integration runtime managed virtual network reference.",
"properties": {
"id": {
"description": "The id of the managed virtual network.",
"type": "string"
},
"referenceName": {
"description": "The reference name of the managed virtual network",
"type": "string"
},
"type": {
"description": "The type of the managed virtual network.",
"type": "string"
}
},
"type": "object"
},
"ManagedIntegrationRuntimeTypeProperties": {
"description": "Managed integration runtime type properties.",
"properties": {
"computeProperties": {
"description": "The compute resource for managed integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeComputeProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"customerVirtualNetwork": {
"description": "The name of virtual network to which Azure-SSIS integration runtime will join",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeCustomerVirtualNetwork"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"ssisProperties": {
"description": "SSIS properties for managed integration runtime.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntimeSsisProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedVirtualNetworkSettings": {
"description": "Managed Virtual Network Settings",
"properties": {
"allowedAadTenantIdsForLinking": {
"description": "Allowed Aad Tenant Ids For Linking",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"linkedAccessCheckOnTargetResource": {
"description": "Linked Access Check On Target Resource",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"preventDataExfiltration": {
"description": "Prevent Data Exfiltration",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"MetadataSyncConfigProperties": {
"description": "Metadata Sync Config properties",
"properties": {
"enabled": {
"description": "Indicates whether the metadata sync is enabled or disabled",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"syncIntervalInMinutes": {
"description": "The Sync Interval in minutes.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"PrivateEndpoint": {
"description": "Private endpoint details",
"properties": {},
"type": "object"
},
"PrivateEndpointConnection": {
"description": "A private endpoint connection",
"properties": {
"properties": {
"description": "Private endpoint connection properties.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"PrivateEndpointConnectionProperties": {
"description": "Properties of a private endpoint connection.",
"properties": {
"privateEndpoint": {
"description": "The private endpoint which the connection belongs to.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpoint"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"privateLinkServiceConnectionState": {
"description": "Connection state of the private endpoint connection.",
"oneOf": [
{
"$ref": "#/definitions/PrivateLinkServiceConnectionState"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"PrivateLinkHubProperties": {
"description": "PrivateLinkHub properties",
"properties": {
"provisioningState": {
"description": "PrivateLinkHub provisioning state",
"type": "string"
}
},
"type": "object"
},
"PrivateLinkServiceConnectionState": {
"description": "Connection state details of the private endpoint",
"properties": {
"description": {
"description": "The private link service connection description.",
"type": "string"
},
"status": {
"description": "The private link service connection status.",
"type": "string"
}
},
"type": "object"
},
"PurviewConfiguration": {
"description": "Purview Configuration",
"properties": {
"purviewResourceId": {
"description": "Purview Resource ID",
"type": "string"
}
},
"type": "object"
},
"SecretBase": {
"description": "The base definition of a secret type.",
"oneOf": [
{
"description": "Azure Synapse secure string definition. The string value will be masked with asterisks '*' during Get or List API calls.",
"properties": {
"type": {
"enum": [
"SecureString"
],
"type": "string"
},
"value": {
"description": "Value of secure string.",
"type": "string"
}
},
"required": [
"value",
"type"
],
"type": "object"
}
],
"properties": {},
"type": "object"
},
"SecureString": {
"description": "Azure Synapse secure string definition. The string value will be masked with asterisks '*' during Get or List API calls.",
"properties": {
"type": {
"description": "Type of the secret.",
"type": "string"
},
"value": {
"description": "Value of secure string.",
"type": "string"
}
},
"required": [
"value",
"type"
],
"type": "object"
},
"SecurityAlertPolicyProperties": {
"description": "Properties of a security alert policy.",
"properties": {
"disabledAlerts": {
"description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAccountAdmins": {
"description": "Specifies that the alert is sent to the account administrators.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAddresses": {
"description": "Specifies an array of e-mail addresses to which the alert is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the Threat Detection audit logs.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific Sql pool.",
"oneOf": [
{
"enum": [
"New",
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the Threat Detection audit storage account.",
"type": "string"
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"SelfHostedIntegrationRuntimeTypeProperties": {
"description": "The self-hosted integration runtime properties.",
"properties": {
"linkedInfo": {
"description": "Linked integration runtime type from data factory",
"oneOf": [
{
"$ref": "#/definitions/LinkedIntegrationRuntimeType"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SensitivityLabelProperties": {
"description": "Properties of a sensitivity label.",
"properties": {
"informationType": {
"description": "The information type.",
"type": "string"
},
"informationTypeId": {
"description": "The information type ID.",
"type": "string"
},
"labelId": {
"description": "The label ID.",
"type": "string"
},
"labelName": {
"description": "The label name.",
"type": "string"
},
"rank": {
"oneOf": [
{
"enum": [
"None",
"Low",
"Medium",
"High",
"Critical"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ServerBlobAuditingPolicyProperties": {
"description": "Properties of a server blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isDevopsAuditEnabled": {
"description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ServerSecurityAlertPolicyProperties": {
"description": "Properties of a security alert policy.",
"properties": {
"disabledAlerts": {
"description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAccountAdmins": {
"description": "Specifies that the alert is sent to the account administrators.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAddresses": {
"description": "Specifies an array of e-mail addresses to which the alert is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the Threat Detection audit logs.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific server",
"oneOf": [
{
"enum": [
"New",
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the Threat Detection audit storage account.",
"type": "string"
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ServerVulnerabilityAssessmentProperties": {
"description": "Properties of a server Vulnerability Assessment.",
"properties": {
"recurringScans": {
"description": "The recurring scans settings",
"oneOf": [
{
"$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.",
"type": "string"
},
"storageContainerPath": {
"description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).",
"type": "string"
},
"storageContainerSasKey": {
"description": "A shared access signature (SAS Key) that has read and write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.",
"type": "string"
}
},
"required": [
"storageContainerPath"
],
"type": "object"
},
"Sku": {
"description": "SQL pool SKU",
"properties": {
"capacity": {
"description": "If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"name": {
"description": "The SKU name",
"type": "string"
},
"tier": {
"description": "The service tier",
"type": "string"
}
},
"type": "object"
},
"SparkConfigProperties": {
"description": "SparkConfig Properties for a Big Data pool powered by Apache Spark",
"properties": {
"configurationType": {
"description": "The type of the spark config properties file.",
"oneOf": [
{
"enum": [
"File",
"Artifact"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"content": {
"description": "The spark config properties.",
"type": "string"
},
"filename": {
"description": "The filename of the spark config properties file.",
"type": "string"
}
},
"type": "object"
},
"SqlPoolBlobAuditingPolicyProperties": {
"description": "Properties of a Sql pool blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'state' as 'Enabled' and 'isAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"default": false,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. If state is Enabled and storageEndpoint is specified, storageAccountAccessKey is required.",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"SqlPoolResourceProperties": {
"description": "Properties of a SQL Analytics pool",
"properties": {
"collation": {
"default": "",
"description": "Collation mode",
"type": "string"
},
"createMode": {
"description": "Specifies the mode of sql pool creation.\n\nDefault: regular sql pool creation.\n\nPointInTimeRestore: Creates a sql pool by restoring a point in time backup of an existing sql pool. sourceDatabaseId must be specified as the resource ID of the existing sql pool, and restorePointInTime must be specified.\n\nRecovery: Creates a sql pool by a geo-replicated backup. sourceDatabaseId must be specified as the recoverableDatabaseId to restore.\n\nRestore: Creates a sql pool by restoring a backup of a deleted sql pool. SourceDatabaseId should be the sql pool's original resource ID. SourceDatabaseId and sourceDatabaseDeletionDate must be specified.",
"oneOf": [
{
"enum": [
"Default",
"PointInTimeRestore",
"Recovery",
"Restore"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maxSizeBytes": {
"description": "Maximum size in bytes",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"provisioningState": {
"description": "Resource state",
"type": "string"
},
"recoverableDatabaseId": {
"description": "Backup database to restore from",
"type": "string"
},
"restorePointInTime": {
"description": "Snapshot time to restore",
"format": "date-time",
"type": "string"
},
"sourceDatabaseDeletionDate": {
"description": "Specifies the time that the sql pool was deleted",
"format": "date-time",
"type": "string"
},
"sourceDatabaseId": {
"description": "Source database to create from",
"type": "string"
},
"storageAccountType": {
"description": "The storage account type used to store backups for this sql pool.",
"oneOf": [
{
"enum": [
"GRS",
"LRS"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SqlPoolVulnerabilityAssessmentProperties": {
"description": "Properties of a Sql pool Vulnerability Assessment.",
"properties": {
"recurringScans": {
"description": "The recurring scans settings",
"oneOf": [
{
"$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required.",
"type": "string"
},
"storageContainerPath": {
"description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set",
"type": "string"
},
"storageContainerSasKey": {
"description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required.",
"type": "string"
}
},
"type": "object"
},
"SqlPoolVulnerabilityAssessmentRuleBaselineItem": {
"description": "Properties for an Sql pool vulnerability assessment rule baseline's result.",
"properties": {
"result": {
"description": "The rule baseline result",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"result"
],
"type": "object"
},
"SqlPoolVulnerabilityAssessmentRuleBaselineProperties": {
"description": "Properties of a Sql pool vulnerability assessment rule baseline.",
"properties": {
"baselineResults": {
"description": "The rule baseline result",
"oneOf": [
{
"items": {
"$ref": "#/definitions/SqlPoolVulnerabilityAssessmentRuleBaselineItem"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"baselineResults"
],
"type": "object"
},
"TransparentDataEncryptionProperties": {
"description": "Represents the properties of a database transparent data encryption.",
"properties": {
"status": {
"description": "The status of the database transparent data encryption.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"UserAssignedManagedIdentity": {
"description": "User Assigned Managed Identity",
"properties": {},
"type": "object"
},
"VirtualNetworkProfile": {
"description": "Virtual Network Profile",
"properties": {
"computeSubnetId": {
"description": "Subnet ID used for computes in workspace",
"type": "string"
}
},
"type": "object"
},
"VulnerabilityAssessmentRecurringScansProperties": {
"description": "Properties of a Vulnerability Assessment recurring scans.",
"properties": {
"emailSubscriptionAdmins": {
"description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.",
"oneOf": [
{
"default": true,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emails": {
"description": "Specifies an array of e-mail addresses to which the scan notification is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isEnabled": {
"description": "Recurring scans state.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"WorkloadClassifierProperties": {
"description": "Workload classifier definition. For more information look at sys.workload_management_workload_classifiers (DMV).",
"properties": {
"context": {
"description": "The workload classifier context.",
"type": "string"
},
"endTime": {
"description": "The workload classifier end time for classification.",
"type": "string"
},
"importance": {
"description": "The workload classifier importance.",
"type": "string"
},
"label": {
"description": "The workload classifier label.",
"type": "string"
},
"memberName": {
"description": "The workload classifier member name.",
"type": "string"
},
"startTime": {
"description": "The workload classifier start time for classification.",
"type": "string"
}
},
"required": [
"memberName"
],
"type": "object"
},
"WorkloadGroupProperties": {
"description": "Workload group definition. For more information look at sys.workload_management_workload_groups (DMV).",
"properties": {
"importance": {
"description": "The workload group importance level.",
"type": "string"
},
"maxResourcePercent": {
"description": "The workload group cap percentage resource.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maxResourcePercentPerRequest": {
"description": "The workload group request maximum grant percentage.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minResourcePercent": {
"description": "The workload group minimum percentage resource.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minResourcePercentPerRequest": {
"description": "The workload group request minimum grant percentage.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"queryExecutionTimeout": {
"description": "The workload group query execution timeout.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"minResourcePercent",
"maxResourcePercent",
"minResourcePercentPerRequest"
],
"type": "object"
},
"WorkspaceKeyDetails": {
"description": "Details of the customer managed key associated with the workspace",
"properties": {
"keyVaultUrl": {
"description": "Workspace Key sub-resource key vault url",
"type": "string"
},
"name": {
"description": "Workspace Key sub-resource name",
"type": "string"
}
},
"type": "object"
},
"WorkspaceProperties": {
"description": "Workspace properties",
"properties": {
"azureADOnlyAuthentication": {
"description": "Enable or Disable AzureADOnlyAuthentication on All Workspace subresource",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"cspWorkspaceAdminProperties": {
"description": "Initial workspace AAD admin properties for a CSP subscription",
"oneOf": [
{
"$ref": "#/definitions/CspWorkspaceAdminProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"defaultDataLakeStorage": {
"description": "Workspace default data lake storage account details",
"oneOf": [
{
"$ref": "#/definitions/DataLakeStorageAccountDetails"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"encryption": {
"description": "The encryption details of the workspace",
"oneOf": [
{
"$ref": "#/definitions/EncryptionDetails"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"managedResourceGroupName": {
"description": "Workspace managed resource group. The resource group name uniquely identifies the resource group within the user subscriptionId. The resource group name must be no longer than 90 characters long, and must be alphanumeric characters (Char.IsLetterOrDigit()) and '-', '_', '(', ')' and'.'. Note that the name cannot end with '.'",
"type": "string"
},
"managedVirtualNetwork": {
"description": "Setting this to 'default' will ensure that all compute for this workspace is in a virtual network managed on behalf of the user.",
"type": "string"
},
"managedVirtualNetworkSettings": {
"description": "Managed Virtual Network Settings",
"oneOf": [
{
"$ref": "#/definitions/ManagedVirtualNetworkSettings"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"privateEndpointConnections": {
"description": "Private endpoint connections to the workspace",
"oneOf": [
{
"items": {
"$ref": "#/definitions/PrivateEndpointConnection"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"publicNetworkAccess": {
"description": "Enable or Disable public network access to workspace",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"purviewConfiguration": {
"description": "Purview Configuration",
"oneOf": [
{
"$ref": "#/definitions/PurviewConfiguration"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sqlAdministratorLogin": {
"description": "Login for workspace SQL active directory administrator",
"type": "string"
},
"sqlAdministratorLoginPassword": {
"description": "SQL administrator login password",
"type": "string"
},
"trustedServiceBypassEnabled": {
"description": "Is trustedServiceBypassEnabled for the workspace",
"oneOf": [
{
"default": false,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"virtualNetworkProfile": {
"description": "Virtual Network profile",
"oneOf": [
{
"$ref": "#/definitions/VirtualNetworkProfile"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"workspaceRepositoryConfiguration": {
"description": "Git integration settings",
"oneOf": [
{
"$ref": "#/definitions/WorkspaceRepositoryConfiguration"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"WorkspaceRepositoryConfiguration": {
"description": "Git integration settings",
"properties": {
"accountName": {
"description": "Account name",
"type": "string"
},
"collaborationBranch": {
"description": "Collaboration branch",
"type": "string"
},
"hostName": {
"description": "GitHub Enterprise host name. For example: `https://github.mydomain.com`",
"type": "string"
},
"lastCommitId": {
"description": "The last commit ID",
"type": "string"
},
"projectName": {
"description": "VSTS project name",
"type": "string"
},
"repositoryName": {
"description": "Repository name",
"type": "string"
},
"rootFolder": {
"description": "Root folder to use in the repository",
"type": "string"
},
"tenantId": {
"description": "The VSTS tenant ID",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"description": "Type of workspace repositoryID configuration. Example WorkspaceVSTSConfiguration, WorkspaceGitHubConfiguration",
"type": "string"
}
},
"type": "object"
},
"workspaces_administrators_childResource": {
"description": "Microsoft.Synapse/workspaces/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"activeDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Workspace active directory administrator properties",
"oneOf": [
{
"$ref": "#/definitions/AadAdminProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_auditingSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the blob auditing policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_azureADOnlyAuthentications_childResource": {
"description": "Microsoft.Synapse/workspaces/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "name of the property",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "azureADOnlyAuthentication resource properties",
"oneOf": [
{
"$ref": "#/definitions/AzureADOnlyAuthenticationProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_bigDataPools_childResource": {
"description": "Microsoft.Synapse/workspaces/bigDataPools",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "Big Data pool name",
"type": "string"
},
"properties": {
"description": "Big Data pool properties",
"oneOf": [
{
"$ref": "#/definitions/BigDataPoolResourceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"bigDataPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_dedicatedSQLminimalTlsSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/dedicatedSQLminimalTlsSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the dedicated sql minimal tls settings.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DedicatedSQLminimalTlsSettingsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"dedicatedSQLminimalTlsSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_encryptionProtector_childResource": {
"description": "Microsoft.Synapse/workspaces/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/EncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_extendedAuditingSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the blob auditing policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_firewallRules_childResource": {
"description": "Microsoft.Synapse/workspaces/firewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The IP firewall rule name",
"type": "string"
},
"properties": {
"description": "IP firewall rule properties",
"oneOf": [
{
"$ref": "#/definitions/IpFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"firewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_integrationRuntimes_childResource": {
"description": "Microsoft.Synapse/workspaces/integrationRuntimes",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "Integration runtime name",
"type": "string"
},
"properties": {
"description": "Integration runtime properties.",
"oneOf": [
{
"$ref": "#/definitions/IntegrationRuntime"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"integrationRuntimes"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_keys_childResource": {
"description": "Microsoft.Synapse/workspaces/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workspace key",
"type": "string"
},
"properties": {
"description": "Keys resource properties",
"oneOf": [
{
"$ref": "#/definitions/KeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_managedIdentitySqlControlSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/managedIdentitySqlControlSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Sql Control Settings for workspace managed identity",
"oneOf": [
{
"$ref": "#/definitions/ManagedIdentitySqlControlSettingsModelProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"managedIdentitySqlControlSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_privateEndpointConnections_childResource": {
"description": "Microsoft.Synapse/workspaces/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the private endpoint connection.",
"type": "string"
},
"properties": {
"description": "Private endpoint connection properties.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_securityAlertPolicies_childResource": {
"description": "Microsoft.Synapse/workspaces/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerSecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlAdministrators_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlAdministrators",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"activeDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Workspace active directory administrator properties",
"oneOf": [
{
"$ref": "#/definitions/AadAdminProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"sqlAdministrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_auditingSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"location": {
"description": "The geo-location where the resource lives",
"type": "string"
},
"name": {
"description": "SQL pool name",
"type": "string"
},
"properties": {
"description": "SQL pool properties",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolResourceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "SQL pool SKU",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"sqlPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_dataMaskingPolicies_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "The properties of the data masking policy.",
"oneOf": [
{
"$ref": "#/definitions/DataMaskingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"dataMaskingPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_dataMaskingPolicies_rules_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/dataMaskingPolicies/rules",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the data masking rule.",
"type": "string"
},
"properties": {
"description": "The properties of the resource.",
"oneOf": [
{
"$ref": "#/definitions/DataMaskingRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"rules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_extendedAuditingSettings_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedSqlPoolBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_geoBackupPolicies_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/geoBackupPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the geo backup policy.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "The properties of the geo backup policy.",
"oneOf": [
{
"$ref": "#/definitions/GeoBackupPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"geoBackupPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_metadataSync_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/metadataSync",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"config"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Metadata Sync Config properties",
"oneOf": [
{
"$ref": "#/definitions/MetadataSyncConfigProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"metadataSync"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_securityAlertPolicies_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_transparentDataEncryption_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Represents the properties of the resource.",
"oneOf": [
{
"$ref": "#/definitions/TransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlPoolVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_workloadGroups_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/workloadGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workload group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"workloadGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_sqlPools_workloadGroups_workloadClassifiers_childResource": {
"description": "Microsoft.Synapse/workspaces/sqlPools/workloadGroups/workloadClassifiers",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the workload classifier.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadClassifierProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"workloadClassifiers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"workspaces_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Synapse/workspaces/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-06-01"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
}
}
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку