Azure
/
azure-resource-manager-schemas
зеркало из https://github.com/Azure/azure-resource-manager-schemas.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
azure-resource-manager-schemas/schemas/2021-11-01-preview/Microsoft.Sql.json

9919 строки
315 KiB
JSON
Исходник Постоянная ссылка Ответственный История

{
"id": "https://schema.management.azure.com/schemas/2021-11-01-preview/Microsoft.Sql.json#",
"title": "Microsoft.Sql",
"description": "Microsoft Sql Resource Types",
"$schema": "http://json-schema.org/draft-04/schema#",
"resourceDefinitions": {
"instancePools": {
"description": "Microsoft.Sql/instancePools",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the instance pool to be created or updated.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/InstancePoolProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The name and tier of the SKU.",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/instancePools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"locations_instanceFailoverGroups": {
"description": "Microsoft.Sql/locations/instanceFailoverGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the failover group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/InstanceFailoverGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/locations/instanceFailoverGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"locations_serverTrustGroups": {
"description": "Microsoft.Sql/locations/serverTrustGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the server trust group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerTrustGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/locations/serverTrustGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances": {
"description": "Microsoft.Sql/managedInstances",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"identity": {
"description": "The Azure Active Directory identity of the managed instance.",
"oneOf": [
{
"$ref": "#/definitions/ResourceIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the managed instance.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/managedInstances_keys_childResource"
},
{
"$ref": "#/definitions/managedInstances_sqlAgent_childResource"
},
{
"$ref": "#/definitions/managedInstances_databases_childResource"
},
{
"$ref": "#/definitions/managedInstances_dnsAliases_childResource"
},
{
"$ref": "#/definitions/managedInstances_administrators_childResource"
},
{
"$ref": "#/definitions/managedInstances_encryptionProtector_childResource"
},
{
"$ref": "#/definitions/managedInstances_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/managedInstances_serverTrustCertificates_childResource"
},
{
"$ref": "#/definitions/managedInstances_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/managedInstances_azureADOnlyAuthentications_childResource"
},
{
"$ref": "#/definitions/managedInstances_privateEndpointConnections_childResource"
},
{
"$ref": "#/definitions/managedInstances_distributedAvailabilityGroups_childResource"
}
]
},
"type": "array"
},
"sku": {
"description": "Managed instance SKU. Allowed values for sku.name: GP_Gen4, GP_Gen5, BC_Gen4, BC_Gen5",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_administrators": {
"description": "Microsoft.Sql/managedInstances/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"oneOf": [
{
"pattern": "^.*/ActiveDirectory$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceAdministratorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_azureADOnlyAuthentications": {
"description": "Microsoft.Sql/managedInstances/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server azure active directory only authentication.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceAzureADOnlyAuthProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases": {
"description": "Microsoft.Sql/managedInstances/databases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the database.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedDatabaseProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/managedInstances_databases_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/managedInstances_databases_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/managedInstances_databases_transparentDataEncryption_childResource"
},
{
"$ref": "#/definitions/managedInstances_databases_backupLongTermRetentionPolicies_childResource"
},
{
"$ref": "#/definitions/managedInstances_databases_backupShortTermRetentionPolicies_childResource"
}
]
},
"type": "array"
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_backupLongTermRetentionPolicies": {
"description": "Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be Default.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BaseLongTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_backupShortTermRetentionPolicies": {
"description": "Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be \"default\".",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_schemas_tables_columns_sensitivityLabels": {
"description": "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SensitivityLabelProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_securityAlertPolicies": {
"description": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_transparentDataEncryption": {
"description": "Microsoft.Sql/managedInstances/databases/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedTransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_vulnerabilityAssessments": {
"description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_vulnerabilityAssessments_rules_baselines": {
"description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/rules/baselines",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule).",
"oneOf": [
{
"enum": [
"master",
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/rules/baselines"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_distributedAvailabilityGroups": {
"description": "Microsoft.Sql/managedInstances/distributedAvailabilityGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The distributed availability group name.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DistributedAvailabilityGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/distributedAvailabilityGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_dnsAliases": {
"description": "Microsoft.Sql/managedInstances/dnsAliases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"createDnsRecord": {
"description": "Whether or not DNS record should be created for this alias.",
"oneOf": [
{
"default": true,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"name": {
"description": "",
"type": "string"
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/dnsAliases"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_encryptionProtector": {
"description": "Microsoft.Sql/managedInstances/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector to be updated.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceEncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_keys": {
"description": "Microsoft.Sql/managedInstances/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the managed instance key to be operated on (updated or created).",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceKeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_privateEndpointConnections": {
"description": "Microsoft.Sql/managedInstances/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstancePrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_restorableDroppedDatabases_backupShortTermRetentionPolicies": {
"description": "Microsoft.Sql/managedInstances/restorableDroppedDatabases/backupShortTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be \"default\".",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/restorableDroppedDatabases/backupShortTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_securityAlertPolicies": {
"description": "Microsoft.Sql/managedInstances/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_serverTrustCertificates": {
"description": "Microsoft.Sql/managedInstances/serverTrustCertificates",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "Name of of the certificate to upload.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerTrustCertificateProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/serverTrustCertificates"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_sqlAgent": {
"description": "Microsoft.Sql/managedInstances/sqlAgent",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlAgentConfigurationProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/sqlAgent"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_vulnerabilityAssessments": {
"description": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/managedInstances/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers": {
"description": "Microsoft.Sql/servers",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"identity": {
"description": "The Azure Active Directory identity of the server.",
"oneOf": [
{
"$ref": "#/definitions/ResourceIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the server.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_keys_childResource"
},
{
"$ref": "#/definitions/servers_databases_childResource"
},
{
"$ref": "#/definitions/servers_jobAgents_childResource"
},
{
"$ref": "#/definitions/servers_dnsAliases_childResource"
},
{
"$ref": "#/definitions/servers_syncAgents_childResource"
},
{
"$ref": "#/definitions/servers_elasticPools_childResource"
},
{
"$ref": "#/definitions/servers_firewallRules_childResource"
},
{
"$ref": "#/definitions/servers_failoverGroups_childResource"
},
{
"$ref": "#/definitions/servers_administrators_childResource"
},
{
"$ref": "#/definitions/servers_auditingSettings_childResource"
},
{
"$ref": "#/definitions/servers_ipv6FirewallRules_childResource"
},
{
"$ref": "#/definitions/servers_connectionPolicies_childResource"
},
{
"$ref": "#/definitions/servers_encryptionProtector_childResource"
},
{
"$ref": "#/definitions/servers_virtualNetworkRules_childResource"
},
{
"$ref": "#/definitions/servers_outboundFirewallRules_childResource"
},
{
"$ref": "#/definitions/servers_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/servers_devOpsAuditingSettings_childResource"
},
{
"$ref": "#/definitions/servers_extendedAuditingSettings_childResource"
},
{
"$ref": "#/definitions/servers_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/servers_privateEndpointConnections_childResource"
},
{
"$ref": "#/definitions/servers_azureADOnlyAuthentications_childResource"
},
{
"$ref": "#/definitions/servers_advancedThreatProtectionSettings_childResource"
}
]
},
"type": "array"
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_administrators": {
"description": "Microsoft.Sql/servers/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server active directory administrator.",
"oneOf": [
{
"pattern": "^.*/ActiveDirectory$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdministratorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_advancedThreatProtectionSettings": {
"description": "Microsoft.Sql/servers/advancedThreatProtectionSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the Advanced Threat Protection state.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdvancedThreatProtectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/advancedThreatProtectionSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_auditingSettings": {
"description": "Microsoft.Sql/servers/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_azureADOnlyAuthentications": {
"description": "Microsoft.Sql/servers/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server azure active directory only authentication.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AzureADOnlyAuthProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_connectionPolicies": {
"description": "Microsoft.Sql/servers/connectionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the connection policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerConnectionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/connectionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases": {
"description": "Microsoft.Sql/servers/databases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"identity": {
"description": "The Azure Active Directory identity of the database.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the database.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_databases_extensions_childResource"
},
{
"$ref": "#/definitions/servers_databases_syncGroups_childResource"
},
{
"$ref": "#/definitions/servers_databases_workloadGroups_childResource"
},
{
"$ref": "#/definitions/servers_databases_auditingSettings_childResource"
},
{
"$ref": "#/definitions/servers_databases_ledgerDigestUploads_childResource"
},
{
"$ref": "#/definitions/servers_databases_securityAlertPolicies_childResource"
},
{
"$ref": "#/definitions/servers_databases_extendedAuditingSettings_childResource"
},
{
"$ref": "#/definitions/servers_databases_vulnerabilityAssessments_childResource"
},
{
"$ref": "#/definitions/servers_databases_transparentDataEncryption_childResource"
},
{
"$ref": "#/definitions/servers_databases_backupLongTermRetentionPolicies_childResource"
},
{
"$ref": "#/definitions/servers_databases_backupShortTermRetentionPolicies_childResource"
},
{
"$ref": "#/definitions/servers_databases_advancedThreatProtectionSettings_childResource"
}
]
},
"type": "array"
},
"sku": {
"description": "The database SKU.\r\n\r\nThe list of SKUs may vary by region and support offer. To determine the SKUs (including the SKU name, tier/edition, family, and capacity) that are available to your subscription in an Azure region, use the `Capabilities_ListByLocation` REST API or one of the following commands:\r\n\r\n```azurecli\r\naz sql db list-editions -l <location> -o table\r\n````\r\n\r\n```powershell\r\nGet-AzSqlServerServiceObjective -Location <location>\r\n````\r\n",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_advancedThreatProtectionSettings": {
"description": "Microsoft.Sql/servers/databases/advancedThreatProtectionSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the Advanced Threat Protection state.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdvancedThreatProtectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/advancedThreatProtectionSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_auditingSettings": {
"description": "Microsoft.Sql/servers/databases/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_backupLongTermRetentionPolicies": {
"description": "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be Default.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BaseLongTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_backupShortTermRetentionPolicies": {
"description": "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be \"default\".",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BackupShortTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_extendedAuditingSettings": {
"description": "Microsoft.Sql/servers/databases/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedDatabaseBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_extensions": {
"description": "Microsoft.Sql/servers/databases/extensions",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseExtensionsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/extensions"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_ledgerDigestUploads": {
"description": "Microsoft.Sql/servers/databases/ledgerDigestUploads",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/LedgerDigestUploadsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/ledgerDigestUploads"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_schemas_tables_columns_sensitivityLabels": {
"description": "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SensitivityLabelProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_securityAlertPolicies": {
"description": "Microsoft.Sql/servers/databases/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_syncGroups": {
"description": "Microsoft.Sql/servers/databases/syncGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_databases_syncGroups_syncMembers_childResource"
}
]
},
"type": "array"
},
"sku": {
"description": "The name and capacity of the SKU.",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/syncGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_syncGroups_syncMembers": {
"description": "Microsoft.Sql/servers/databases/syncGroups/syncMembers",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync member.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncMemberProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/syncGroups/syncMembers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_transparentDataEncryption": {
"description": "Microsoft.Sql/servers/databases/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/TransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_vulnerabilityAssessments": {
"description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_vulnerabilityAssessments_rules_baselines": {
"description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/rules/baselines",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule).",
"oneOf": [
{
"enum": [
"master",
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/vulnerabilityAssessments/rules/baselines"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_workloadGroups": {
"description": "Microsoft.Sql/servers/databases/workloadGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the workload group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_databases_workloadGroups_workloadClassifiers_childResource"
}
]
},
"type": "array"
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/workloadGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_workloadGroups_workloadClassifiers": {
"description": "Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the workload classifier to create/update.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadClassifierProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_devOpsAuditingSettings": {
"description": "Microsoft.Sql/servers/devOpsAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the devops audit settings. This should always be 'default'.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerDevOpsAuditSettingsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/devOpsAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_dnsAliases": {
"description": "Microsoft.Sql/servers/dnsAliases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the server dns alias.",
"type": "string"
},
"type": {
"enum": [
"Microsoft.Sql/servers/dnsAliases"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_elasticPools": {
"description": "Microsoft.Sql/servers/elasticPools",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the elastic pool.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ElasticPoolProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The elastic pool SKU.\r\n\r\nThe list of SKUs may vary by region and support offer. To determine the SKUs (including the SKU name, tier/edition, family, and capacity) that are available to your subscription in an Azure region, use the `Capabilities_ListByLocation` REST API or the following command:\r\n\r\n```azurecli\r\naz sql elastic-pool list-editions -l <location> -o table\r\n````\r\n",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/elasticPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_encryptionProtector": {
"description": "Microsoft.Sql/servers/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector to be updated.",
"oneOf": [
{
"pattern": "^.*/current$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/EncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_extendedAuditingSettings": {
"description": "Microsoft.Sql/servers/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_failoverGroups": {
"description": "Microsoft.Sql/servers/failoverGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the failover group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/FailoverGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/failoverGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_firewallRules": {
"description": "Microsoft.Sql/servers/firewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the firewall rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/firewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_ipv6FirewallRules": {
"description": "Microsoft.Sql/servers/ipv6FirewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the firewall rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/IPv6ServerFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/ipv6FirewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents": {
"description": "Microsoft.Sql/servers/jobAgents",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the job agent to be created or updated.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobAgentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_jobAgents_jobs_childResource"
},
{
"$ref": "#/definitions/servers_jobAgents_credentials_childResource"
},
{
"$ref": "#/definitions/servers_jobAgents_targetGroups_childResource"
}
]
},
"type": "array"
},
"sku": {
"description": "The name and tier of the SKU.",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_credentials": {
"description": "Microsoft.Sql/servers/jobAgents/credentials",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the credential.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobCredentialProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents/credentials"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs": {
"description": "Microsoft.Sql/servers/jobAgents/jobs",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the job to get.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"resources": {
"items": {
"oneOf": [
{
"$ref": "#/definitions/servers_jobAgents_jobs_steps_childResource"
},
{
"$ref": "#/definitions/servers_jobAgents_jobs_executions_childResource"
}
]
},
"type": "array"
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents/jobs"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs_executions": {
"description": "Microsoft.Sql/servers/jobAgents/jobs/executions",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The job execution id to create the job execution under.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents/jobs/executions"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs_steps": {
"description": "Microsoft.Sql/servers/jobAgents/jobs/steps",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the job step.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobStepProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents/jobs/steps"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_targetGroups": {
"description": "Microsoft.Sql/servers/jobAgents/targetGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the target group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobTargetGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/jobAgents/targetGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_keys": {
"description": "Microsoft.Sql/servers/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the server key to be operated on (updated or created). The key name is required to be in the format of 'vault_key_version'. For example, if the keyId is https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion, then the server key name should be formatted as: YourVaultName_YourKeyName_YourKeyVersion",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerKeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_outboundFirewallRules": {
"description": "Microsoft.Sql/servers/outboundFirewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"type": {
"enum": [
"Microsoft.Sql/servers/outboundFirewallRules"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_privateEndpointConnections": {
"description": "Microsoft.Sql/servers/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_securityAlertPolicies": {
"description": "Microsoft.Sql/servers/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the threat detection policy.",
"oneOf": [
{
"pattern": "^.*/Default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_syncAgents": {
"description": "Microsoft.Sql/servers/syncAgents",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync agent.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncAgentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/syncAgents"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_virtualNetworkRules": {
"description": "Microsoft.Sql/servers/virtualNetworkRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the virtual network rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/VirtualNetworkRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/virtualNetworkRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_vulnerabilityAssessments": {
"description": "Microsoft.Sql/servers/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"pattern": "^.*/default$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"Microsoft.Sql/servers/vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
}
},
"definitions": {
"AdministratorProperties": {
"description": "Properties of a active directory administrator.",
"properties": {
"administratorType": {
"description": "Type of the sever administrator.",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"login": {
"description": "Login name of the server administrator.",
"type": "string"
},
"sid": {
"description": "SID (object ID) of the server administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tenantId": {
"description": "Tenant ID of the administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"administratorType",
"login",
"sid"
],
"type": "object"
},
"AdvancedThreatProtectionProperties": {
"description": "Properties of an Advanced Threat Protection state.",
"properties": {
"state": {
"description": "Specifies the state of the Advanced Threat Protection, whether it is enabled or disabled or a state has not been applied yet on the specific database or server.",
"oneOf": [
{
"enum": [
"New",
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"state"
],
"type": "object"
},
"AzureADOnlyAuthProperties": {
"description": "Properties of a active directory only authentication.",
"properties": {
"azureADOnlyAuthentication": {
"description": "Azure Active Directory only Authentication enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"azureADOnlyAuthentication"
],
"type": "object"
},
"BackupShortTermRetentionPolicyProperties": {
"description": "Properties of a short term retention policy",
"properties": {
"diffBackupIntervalInHours": {
"description": "The differential backup interval in hours. This is how many interval hours between each differential backup will be supported. This is only applicable to live databases but not dropped databases.",
"oneOf": [
{
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "The backup retention period in days. This is how many days Point-in-Time Restore will be supported.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"BaseLongTermRetentionPolicyProperties": {
"description": "Properties of a long term retention policy",
"properties": {
"monthlyRetention": {
"description": "The monthly retention policy for an LTR backup in an ISO 8601 format.",
"type": "string"
},
"weekOfYear": {
"description": "The week of year to take the yearly backup in an ISO 8601 format.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"weeklyRetention": {
"description": "The weekly retention policy for an LTR backup in an ISO 8601 format.",
"type": "string"
},
"yearlyRetention": {
"description": "The yearly retention policy for an LTR backup in an ISO 8601 format.",
"type": "string"
}
},
"type": "object"
},
"DatabaseBlobAuditingPolicyProperties": {
"description": "Properties of a database blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isManagedIdentityInUse": {
"description": "Specifies whether Managed Identity is used to access blob storage",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"DatabaseExtensionsProperties": {
"description": "Contains the database information after a successful Import, Export, or PolybaseImport",
"properties": {
"administratorLogin": {
"description": "Administrator login name.",
"type": "string"
},
"administratorLoginPassword": {
"description": "Administrator login password.",
"type": "string"
},
"authenticationType": {
"description": "Authentication type: SQL authentication or AD password.",
"type": "string"
},
"databaseEdition": {
"description": "Database edition for the newly created database in the case of an import operation.",
"type": "string"
},
"maxSizeBytes": {
"description": "Database max size in bytes for the newly created database in the case of an import operation.",
"type": "string"
},
"networkIsolation": {
"description": "Optional resource information to enable network isolation for request.",
"oneOf": [
{
"$ref": "#/definitions/NetworkIsolationSettings"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"operationMode": {
"description": "Operation mode of the operation: Import, Export, or PolybaseImport.",
"oneOf": [
{
"enum": [
"PolybaseImport",
"Import",
"Export"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"serviceObjectiveName": {
"description": "Database service level objective for the newly created database in the case of an import operation.",
"type": "string"
},
"storageKey": {
"description": "Storage key for the storage account.",
"type": "string"
},
"storageKeyType": {
"description": "Storage key type: StorageAccessKey or SharedAccessKey.",
"oneOf": [
{
"enum": [
"SharedAccessKey",
"StorageAccessKey"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageUri": {
"description": "Storage Uri for the storage account.",
"type": "string"
}
},
"required": [
"operationMode",
"storageKeyType",
"storageKey",
"storageUri"
],
"type": "object"
},
"DatabaseIdentity": {
"description": "Azure Active Directory identity configuration for a resource.",
"properties": {
"type": {
"description": "The identity type",
"oneOf": [
{
"enum": [
"None",
"UserAssigned"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"userAssignedIdentities": {
"description": "The resource ids of the user assigned identities to use",
"oneOf": [
{
"additionalProperties": {
"$ref": "#/definitions/DatabaseUserIdentity"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"DatabaseProperties": {
"description": "The database's properties.",
"properties": {
"autoPauseDelay": {
"description": "Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"catalogCollation": {
"description": "Collation of the metadata catalog.",
"oneOf": [
{
"enum": [
"DATABASE_DEFAULT",
"SQL_Latin1_General_CP1_CI_AS"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"collation": {
"description": "The collation of the database.",
"type": "string"
},
"createMode": {
"description": "Specifies the mode of database creation.\r\n\r\nDefault: regular database creation.\r\n\r\nCopy: creates a database as a copy of an existing database. sourceDatabaseId must be specified as the resource ID of the source database.\r\n\r\nSecondary: creates a database as a secondary replica of an existing database. sourceDatabaseId must be specified as the resource ID of the existing primary database.\r\n\r\nPointInTimeRestore: Creates a database by restoring a point in time backup of an existing database. sourceDatabaseId must be specified as the resource ID of the existing database, and restorePointInTime must be specified.\r\n\r\nRecovery: Creates a database by restoring a geo-replicated backup. sourceDatabaseId must be specified as the recoverable database resource ID to restore.\r\n\r\nRestore: Creates a database by restoring a backup of a deleted database. sourceDatabaseId must be specified. If sourceDatabaseId is the database's original resource ID, then sourceDatabaseDeletionDate must be specified. Otherwise sourceDatabaseId must be the restorable dropped database resource ID and sourceDatabaseDeletionDate is ignored. restorePointInTime may also be specified to restore from an earlier point in time.\r\n\r\nRestoreLongTermRetentionBackup: Creates a database by restoring from a long term retention vault. recoveryServicesRecoveryPointResourceId must be specified as the recovery point resource ID.\r\n\r\nCopy, Secondary, and RestoreLongTermRetentionBackup are not supported for DataWarehouse edition.",
"oneOf": [
{
"enum": [
"Default",
"Copy",
"Secondary",
"PointInTimeRestore",
"Restore",
"Recovery",
"RestoreExternalBackup",
"RestoreExternalBackupSecondary",
"RestoreLongTermRetentionBackup",
"OnlineSecondary"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"elasticPoolId": {
"description": "The resource identifier of the elastic pool containing this database.",
"type": "string"
},
"federatedClientId": {
"description": "The Client id used for cross tenant per database CMK scenario",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"highAvailabilityReplicaCount": {
"description": "The number of secondary replicas associated with the database that are used to provide high availability. Not applicable to a Hyperscale database within an elastic pool.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isLedgerOn": {
"description": "Whether or not this database is a ledger database, which means all tables in the database are ledger tables. Note: the value of this property cannot be changed after the database has been created.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"licenseType": {
"description": "The license type to apply for this database. `LicenseIncluded` if you need a license, or `BasePrice` if you have a license and are eligible for the Azure Hybrid Benefit.",
"oneOf": [
{
"enum": [
"LicenseIncluded",
"BasePrice"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"longTermRetentionBackupResourceId": {
"description": "The resource identifier of the long term retention backup associated with create operation of this database.",
"type": "string"
},
"maintenanceConfigurationId": {
"description": "Maintenance configuration id assigned to the database. This configuration defines the period when the maintenance updates will occur.",
"type": "string"
},
"maxSizeBytes": {
"description": "The max size of the database expressed in bytes.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minCapacity": {
"description": "Minimal capacity that database will always have allocated, if not paused",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"readScale": {
"description": "The state of read-only routing. If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica in the same region. Not applicable to a Hyperscale database within an elastic pool.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"recoverableDatabaseId": {
"description": "The resource identifier of the recoverable database associated with create operation of this database.",
"type": "string"
},
"recoveryServicesRecoveryPointId": {
"description": "The resource identifier of the recovery point associated with create operation of this database.",
"type": "string"
},
"requestedBackupStorageRedundancy": {
"description": "The storage account type to be used to store backups for this database.",
"oneOf": [
{
"enum": [
"Geo",
"Local",
"Zone",
"GeoZone"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"restorableDroppedDatabaseId": {
"description": "The resource identifier of the restorable dropped database associated with create operation of this database.",
"type": "string"
},
"restorePointInTime": {
"description": "Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database.",
"format": "date-time",
"type": "string"
},
"sampleName": {
"description": "The name of the sample schema to apply when creating this database.",
"oneOf": [
{
"enum": [
"AdventureWorksLT",
"WideWorldImportersStd",
"WideWorldImportersFull"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"secondaryType": {
"description": "The secondary type of the database if it is a secondary. Valid values are Geo and Named.",
"oneOf": [
{
"enum": [
"Geo",
"Named"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sourceDatabaseDeletionDate": {
"description": "Specifies the time that the database was deleted.",
"format": "date-time",
"type": "string"
},
"sourceDatabaseId": {
"description": "The resource identifier of the source database associated with create operation of this database.",
"type": "string"
},
"sourceResourceId": {
"description": "The resource identifier of the source associated with the create operation of this database.\r\n\r\nThis property is only supported for DataWarehouse edition and allows to restore across subscriptions.\r\n\r\nWhen sourceResourceId is specified, sourceDatabaseId, recoverableDatabaseId, restorableDroppedDatabaseId and sourceDatabaseDeletionDate must not be specified and CreateMode must be PointInTimeRestore, Restore or Recover.\r\n\r\nWhen createMode is PointInTimeRestore, sourceResourceId must be the resource ID of the existing database or existing sql pool, and restorePointInTime must be specified.\r\n\r\nWhen createMode is Restore, sourceResourceId must be the resource ID of restorable dropped database or restorable dropped sql pool.\r\n\r\nWhen createMode is Recover, sourceResourceId must be the resource ID of recoverable database or recoverable sql pool.\r\n\r\nWhen source subscription belongs to a different tenant than target subscription, “x-ms-authorization-auxiliary” header must contain authentication token for the source tenant. For more details about “x-ms-authorization-auxiliary” header see https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/authenticate-multi-tenant ",
"type": "string"
},
"zoneRedundant": {
"description": "Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"DatabaseUserIdentity": {
"description": "Azure Active Directory identity configuration for a resource.",
"properties": {},
"type": "object"
},
"DatabaseVulnerabilityAssessmentProperties": {
"description": "Properties of a database Vulnerability Assessment.",
"properties": {
"recurringScans": {
"description": "The recurring scans settings",
"oneOf": [
{
"$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
},
"storageContainerPath": {
"description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set",
"type": "string"
},
"storageContainerSasKey": {
"description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
}
},
"type": "object"
},
"DatabaseVulnerabilityAssessmentRuleBaselineItem": {
"description": "Properties for an Azure SQL Database Vulnerability Assessment rule baseline's result.",
"properties": {
"result": {
"description": "The rule baseline result",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"result"
],
"type": "object"
},
"DatabaseVulnerabilityAssessmentRuleBaselineProperties": {
"description": "Properties of a database Vulnerability Assessment rule baseline.",
"properties": {
"baselineResults": {
"description": "The rule baseline result",
"oneOf": [
{
"items": {
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineItem"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"baselineResults"
],
"type": "object"
},
"DistributedAvailabilityGroupProperties": {
"description": "The properties of a distributed availability group.",
"properties": {
"primaryAvailabilityGroupName": {
"description": "The primary availability group name",
"type": "string"
},
"replicationMode": {
"description": "The replication mode of a distributed availability group. Parameter will be ignored during link creation.",
"oneOf": [
{
"enum": [
"Async",
"Sync"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"secondaryAvailabilityGroupName": {
"description": "The secondary availability group name",
"type": "string"
},
"sourceEndpoint": {
"description": "The source endpoint",
"type": "string"
},
"targetDatabase": {
"description": "The name of the target database",
"type": "string"
}
},
"type": "object"
},
"ElasticPoolPerDatabaseSettings": {
"description": "Per database settings of an elastic pool.",
"properties": {
"maxCapacity": {
"description": "The maximum capacity any one database can consume.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minCapacity": {
"description": "The minimum capacity all databases are guaranteed.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ElasticPoolProperties": {
"description": "Properties of an elastic pool",
"properties": {
"highAvailabilityReplicaCount": {
"description": "The number of secondary replicas associated with the elastic pool that are used to provide high availability. Applicable only to Hyperscale elastic pools.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"licenseType": {
"description": "The license type to apply for this elastic pool.",
"oneOf": [
{
"enum": [
"LicenseIncluded",
"BasePrice"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maintenanceConfigurationId": {
"description": "Maintenance configuration id assigned to the elastic pool. This configuration defines the period when the maintenance updates will will occur.",
"type": "string"
},
"maxSizeBytes": {
"description": "The storage limit for the database elastic pool in bytes.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minCapacity": {
"description": "Minimal capacity that serverless pool will not shrink below, if not paused",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"perDatabaseSettings": {
"description": "The per database settings for the elastic pool.",
"oneOf": [
{
"$ref": "#/definitions/ElasticPoolPerDatabaseSettings"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"zoneRedundant": {
"description": "Whether or not this elastic pool is zone redundant, which means the replicas of this elastic pool will be spread across multiple availability zones.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"EncryptionProtectorProperties": {
"description": "Properties for an encryption protector execution.",
"properties": {
"autoRotationEnabled": {
"description": "Key auto rotation opt-in flag. Either true or false.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"serverKeyName": {
"description": "The name of the server key.",
"type": "string"
},
"serverKeyType": {
"description": "The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.",
"oneOf": [
{
"enum": [
"ServiceManaged",
"AzureKeyVault"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"serverKeyType"
],
"type": "object"
},
"ExtendedDatabaseBlobAuditingPolicyProperties": {
"description": "Properties of an extended database blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isManagedIdentityInUse": {
"description": "Specifies whether Managed Identity is used to access blob storage",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"predicateExpression": {
"description": "Specifies condition of where clause when creating an audit.",
"type": "string"
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ExtendedServerBlobAuditingPolicyProperties": {
"description": "Properties of an extended server blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isDevopsAuditEnabled": {
"description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isManagedIdentityInUse": {
"description": "Specifies whether Managed Identity is used to access blob storage",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"predicateExpression": {
"description": "Specifies condition of where clause when creating an audit.",
"type": "string"
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"FailoverGroupProperties": {
"description": "Properties of a failover group.",
"properties": {
"databases": {
"description": "List of databases in the failover group.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"partnerServers": {
"description": "List of partner server information for the failover group.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/PartnerInfo"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"readOnlyEndpoint": {
"description": "Read-only endpoint of the failover group instance.",
"oneOf": [
{
"$ref": "#/definitions/FailoverGroupReadOnlyEndpoint"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"readWriteEndpoint": {
"description": "Read-write endpoint of the failover group instance.",
"oneOf": [
{
"$ref": "#/definitions/FailoverGroupReadWriteEndpoint"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"readWriteEndpoint",
"partnerServers"
],
"type": "object"
},
"FailoverGroupReadOnlyEndpoint": {
"description": "Read-only endpoint of the failover group instance.",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-only endpoint for the failover group.",
"oneOf": [
{
"enum": [
"Disabled",
"Enabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"FailoverGroupReadWriteEndpoint": {
"description": "Read-write endpoint of the failover group instance.",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"oneOf": [
{
"enum": [
"Manual",
"Automatic"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"failoverWithDataLossGracePeriodMinutes": {
"description": "Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"failoverPolicy"
],
"type": "object"
},
"IPv6ServerFirewallRuleProperties": {
"description": "The properties of an IPv6 server firewall rule.",
"properties": {
"endIPv6Address": {
"description": "The end IP address of the firewall rule. Must be IPv6 format. Must be greater than or equal to startIpAddress.",
"type": "string"
},
"startIPv6Address": {
"description": "The start IP address of the firewall rule. Must be IPv6 format.",
"type": "string"
}
},
"type": "object"
},
"InstanceFailoverGroupProperties": {
"description": "Properties of a instance failover group.",
"properties": {
"managedInstancePairs": {
"description": "List of managed instance pairs in the failover group.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/ManagedInstancePairInfo"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"partnerRegions": {
"description": "Partner region information for the failover group.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/PartnerRegionInfo"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"readOnlyEndpoint": {
"description": "Read-only endpoint of the failover group instance.",
"oneOf": [
{
"$ref": "#/definitions/InstanceFailoverGroupReadOnlyEndpoint"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"readWriteEndpoint": {
"description": "Read-write endpoint of the failover group instance.",
"oneOf": [
{
"$ref": "#/definitions/InstanceFailoverGroupReadWriteEndpoint"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"readWriteEndpoint",
"partnerRegions",
"managedInstancePairs"
],
"type": "object"
},
"InstanceFailoverGroupReadOnlyEndpoint": {
"description": "Read-only endpoint of the failover group instance.",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-only endpoint for the failover group.",
"oneOf": [
{
"enum": [
"Disabled",
"Enabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"InstanceFailoverGroupReadWriteEndpoint": {
"description": "Read-write endpoint of the failover group instance.",
"properties": {
"failoverPolicy": {
"description": "Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"oneOf": [
{
"enum": [
"Manual",
"Automatic"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"failoverWithDataLossGracePeriodMinutes": {
"description": "Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"failoverPolicy"
],
"type": "object"
},
"InstancePoolProperties": {
"description": "Properties of an instance pool.",
"properties": {
"licenseType": {
"description": "The license type. Possible values are 'LicenseIncluded' (price for SQL license is included) and 'BasePrice' (without SQL license price).",
"oneOf": [
{
"enum": [
"LicenseIncluded",
"BasePrice"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"subnetId": {
"description": "Resource ID of the subnet to place this instance pool in.",
"type": "string"
},
"vCores": {
"description": "Count of vCores belonging to this instance pool.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"subnetId",
"vCores",
"licenseType"
],
"type": "object"
},
"JobAgentProperties": {
"description": "Properties of a job agent.",
"properties": {
"databaseId": {
"description": "Resource ID of the database to store job metadata in.",
"type": "string"
}
},
"required": [
"databaseId"
],
"type": "object"
},
"JobCredentialProperties": {
"description": "Properties of a job credential.",
"properties": {
"password": {
"description": "The credential password.",
"type": "string"
},
"username": {
"description": "The credential user name.",
"type": "string"
}
},
"required": [
"username",
"password"
],
"type": "object"
},
"JobProperties": {
"description": "Properties of a job.",
"properties": {
"description": {
"default": "",
"description": "User-defined description of the job.",
"type": "string"
},
"schedule": {
"description": "Schedule properties of the job.",
"oneOf": [
{
"$ref": "#/definitions/JobSchedule"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"JobSchedule": {
"description": "Scheduling properties of a job.",
"properties": {
"enabled": {
"description": "Whether or not the schedule is enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"endTime": {
"default": "9999-12-31T11:59:59+00:00",
"description": "Schedule end time.",
"format": "date-time",
"type": "string"
},
"interval": {
"description": "Value of the schedule's recurring interval, if the ScheduleType is recurring. ISO8601 duration format.",
"type": "string"
},
"startTime": {
"default": "0001-01-01T00:00:00+00:00",
"description": "Schedule start time.",
"format": "date-time",
"type": "string"
},
"type": {
"description": "Schedule interval type",
"oneOf": [
{
"enum": [
"Once",
"Recurring"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"JobStepAction": {
"description": "The action to be executed by a job step.",
"properties": {
"source": {
"description": "The source of the action to execute.",
"oneOf": [
{
"enum": [
"Inline"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"description": "Type of action being executed by the job step.",
"oneOf": [
{
"enum": [
"TSql"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"value": {
"description": "The action value, for example the text of the T-SQL script to execute.",
"type": "string"
}
},
"required": [
"value"
],
"type": "object"
},
"JobStepExecutionOptions": {
"description": "The execution options of a job step.",
"properties": {
"initialRetryIntervalSeconds": {
"description": "Initial delay between retries for job step execution.",
"oneOf": [
{
"default": 1,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maximumRetryIntervalSeconds": {
"description": "The maximum amount of time to wait between retries for job step execution.",
"oneOf": [
{
"default": 120,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retryAttempts": {
"description": "Maximum number of times the job step will be reattempted if the first attempt fails.",
"oneOf": [
{
"default": 10,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retryIntervalBackoffMultiplier": {
"description": "The backoff multiplier for the time between retries.",
"oneOf": [
{
"default": 2,
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"timeoutSeconds": {
"description": "Execution timeout for the job step.",
"oneOf": [
{
"default": 43200,
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"JobStepOutput": {
"description": "The output configuration of a job step.",
"properties": {
"credential": {
"description": "The resource ID of the credential to use to connect to the output destination.",
"type": "string"
},
"databaseName": {
"description": "The output destination database.",
"type": "string"
},
"resourceGroupName": {
"description": "The output destination resource group.",
"type": "string"
},
"schemaName": {
"default": "dbo",
"description": "The output destination schema.",
"type": "string"
},
"serverName": {
"description": "The output destination server name.",
"type": "string"
},
"subscriptionId": {
"description": "The output destination subscription id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tableName": {
"description": "The output destination table.",
"type": "string"
},
"type": {
"description": "The output destination type.",
"oneOf": [
{
"enum": [
"SqlDatabase"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"serverName",
"databaseName",
"tableName",
"credential"
],
"type": "object"
},
"JobStepProperties": {
"description": "Properties of a job step.",
"properties": {
"action": {
"description": "The action payload of the job step.",
"oneOf": [
{
"$ref": "#/definitions/JobStepAction"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"credential": {
"description": "The resource ID of the job credential that will be used to connect to the targets.",
"type": "string"
},
"executionOptions": {
"description": "Execution options for the job step.",
"oneOf": [
{
"$ref": "#/definitions/JobStepExecutionOptions"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"output": {
"description": "Output destination properties of the job step.",
"oneOf": [
{
"$ref": "#/definitions/JobStepOutput"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"stepId": {
"description": "The job step's index within the job. If not specified when creating the job step, it will be created as the last step. If not specified when updating the job step, the step id is not modified.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"targetGroup": {
"description": "The resource ID of the target group that the job step will be executed on.",
"type": "string"
}
},
"required": [
"targetGroup",
"credential",
"action"
],
"type": "object"
},
"JobTarget": {
"description": "A job target, for example a specific database or a container of databases that is evaluated during job execution.",
"properties": {
"databaseName": {
"description": "The target database name.",
"type": "string"
},
"elasticPoolName": {
"description": "The target elastic pool name.",
"type": "string"
},
"membershipType": {
"description": "Whether the target is included or excluded from the group.",
"oneOf": [
{
"enum": [
"Include",
"Exclude"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"refreshCredential": {
"description": "The resource ID of the credential that is used during job execution to connect to the target and determine the list of databases inside the target.",
"type": "string"
},
"serverName": {
"description": "The target server name.",
"type": "string"
},
"shardMapName": {
"description": "The target shard map.",
"type": "string"
},
"type": {
"description": "The target type.",
"oneOf": [
{
"enum": [
"TargetGroup",
"SqlDatabase",
"SqlElasticPool",
"SqlShardMap",
"SqlServer"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"type"
],
"type": "object"
},
"JobTargetGroupProperties": {
"description": "Properties of job target group.",
"properties": {
"members": {
"description": "Members of the target group.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/JobTarget"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"members"
],
"type": "object"
},
"LedgerDigestUploadsProperties": {
"description": "The properties of a database ledger digest upload settings.",
"properties": {
"digestStorageEndpoint": {
"description": "The digest storage endpoint, which must be either an Azure blob storage endpoint or an URI for Azure Confidential Ledger.",
"type": "string"
}
},
"type": "object"
},
"ManagedBackupShortTermRetentionPolicyProperties": {
"description": "Properties of a short term retention policy",
"properties": {
"retentionDays": {
"description": "The backup retention period in days. This is how many days Point-in-Time Restore will be supported.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedDatabaseProperties": {
"description": "The managed database's properties.",
"properties": {
"autoCompleteRestore": {
"description": "Whether to auto complete restore of this managed database.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"catalogCollation": {
"description": "Collation of the metadata catalog.",
"oneOf": [
{
"enum": [
"DATABASE_DEFAULT",
"SQL_Latin1_General_CP1_CI_AS"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"collation": {
"description": "Collation of the managed database.",
"type": "string"
},
"createMode": {
"description": "Managed database create mode. PointInTimeRestore: Create a database by restoring a point in time backup of an existing database. SourceDatabaseName, SourceManagedInstanceName and PointInTime must be specified. RestoreExternalBackup: Create a database by restoring from external backup files. Collation, StorageContainerUri and StorageContainerSasToken must be specified. Recovery: Creates a database by restoring a geo-replicated backup. RecoverableDatabaseId must be specified as the recoverable database resource ID to restore. RestoreLongTermRetentionBackup: Create a database by restoring from a long term retention backup (longTermRetentionBackupResourceId required).",
"oneOf": [
{
"enum": [
"Default",
"RestoreExternalBackup",
"PointInTimeRestore",
"Recovery",
"RestoreLongTermRetentionBackup"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"lastBackupName": {
"description": "Last backup file name for restore of this managed database.",
"type": "string"
},
"longTermRetentionBackupResourceId": {
"description": "The name of the Long Term Retention backup to be used for restore of this managed database.",
"type": "string"
},
"recoverableDatabaseId": {
"description": "The resource identifier of the recoverable database associated with create operation of this database.",
"type": "string"
},
"restorableDroppedDatabaseId": {
"description": "The restorable dropped database resource id to restore when creating this database.",
"type": "string"
},
"restorePointInTime": {
"description": "Conditional. If createMode is PointInTimeRestore, this value is required. Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database.",
"format": "date-time",
"type": "string"
},
"sourceDatabaseId": {
"description": "The resource identifier of the source database associated with create operation of this database.",
"type": "string"
},
"storageContainerSasToken": {
"description": "Conditional. If createMode is RestoreExternalBackup, this value is required. Specifies the storage container sas token.",
"type": "string"
},
"storageContainerUri": {
"description": "Conditional. If createMode is RestoreExternalBackup, this value is required. Specifies the uri of the storage container where backups for this restore are stored.",
"type": "string"
}
},
"type": "object"
},
"ManagedInstanceAdministratorProperties": {
"description": "The properties of a managed instance administrator.",
"properties": {
"administratorType": {
"description": "Type of the managed instance administrator.",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"login": {
"description": "Login name of the managed instance administrator.",
"type": "string"
},
"sid": {
"description": "SID (object ID) of the managed instance administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tenantId": {
"description": "Tenant ID of the managed instance administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"administratorType",
"login",
"sid"
],
"type": "object"
},
"ManagedInstanceAzureADOnlyAuthProperties": {
"description": "Properties of a active directory only authentication for Managed Instance.",
"properties": {
"azureADOnlyAuthentication": {
"description": "Azure Active Directory only Authentication enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"azureADOnlyAuthentication"
],
"type": "object"
},
"ManagedInstanceEncryptionProtectorProperties": {
"description": "Properties for an encryption protector execution.",
"properties": {
"autoRotationEnabled": {
"description": "Key auto rotation opt-in flag. Either true or false.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"serverKeyName": {
"description": "The name of the managed instance key.",
"type": "string"
},
"serverKeyType": {
"description": "The encryption protector type like 'ServiceManaged', 'AzureKeyVault'.",
"oneOf": [
{
"enum": [
"ServiceManaged",
"AzureKeyVault"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"serverKeyType"
],
"type": "object"
},
"ManagedInstanceExternalAdministrator": {
"description": "Properties of a active directory administrator.",
"properties": {
"administratorType": {
"description": "Type of the sever administrator.",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"azureADOnlyAuthentication": {
"description": "Azure Active Directory only Authentication enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"login": {
"description": "Login name of the server administrator.",
"type": "string"
},
"principalType": {
"description": "Principal Type of the sever administrator.",
"oneOf": [
{
"enum": [
"User",
"Group",
"Application"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sid": {
"description": "SID (object ID) of the server administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tenantId": {
"description": "Tenant ID of the administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedInstanceKeyProperties": {
"description": "Properties for a key execution.",
"properties": {
"serverKeyType": {
"description": "The key type like 'ServiceManaged', 'AzureKeyVault'.",
"oneOf": [
{
"enum": [
"ServiceManaged",
"AzureKeyVault"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"uri": {
"description": "The URI of the key. If the ServerKeyType is AzureKeyVault, then the URI is required.",
"type": "string"
}
},
"required": [
"serverKeyType"
],
"type": "object"
},
"ManagedInstancePairInfo": {
"description": "Pairs of Managed Instances in the failover group.",
"properties": {
"partnerManagedInstanceId": {
"description": "Id of Partner Managed Instance in pair.",
"type": "string"
},
"primaryManagedInstanceId": {
"description": "Id of Primary Managed Instance in pair.",
"type": "string"
}
},
"type": "object"
},
"ManagedInstancePrivateEndpointConnectionProperties": {
"description": "Properties of a private endpoint connection.",
"properties": {
"privateEndpoint": {
"description": "Private endpoint which the connection belongs to.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstancePrivateEndpointProperty"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"privateLinkServiceConnectionState": {
"description": "Connection State of the Private Endpoint Connection.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstancePrivateLinkServiceConnectionStateProperty"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedInstancePrivateEndpointProperty": {
"properties": {
"id": {
"description": "Resource id of the private endpoint.",
"type": "string"
}
},
"type": "object"
},
"ManagedInstancePrivateLinkServiceConnectionStateProperty": {
"properties": {
"description": {
"description": "The private link service connection description.",
"type": "string"
},
"status": {
"description": "The private link service connection status.",
"type": "string"
}
},
"required": [
"status",
"description"
],
"type": "object"
},
"ManagedInstanceProperties": {
"description": "The properties of a managed instance.",
"properties": {
"administratorLogin": {
"description": "Administrator username for the managed instance. Can only be specified when the managed instance is being created (and is required for creation).",
"type": "string"
},
"administratorLoginPassword": {
"description": "The administrator login password (required for managed instance creation).",
"type": "string"
},
"administrators": {
"description": "The Azure Active Directory administrator of the server.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceExternalAdministrator"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"collation": {
"description": "Collation of the managed instance.",
"type": "string"
},
"dnsZonePartner": {
"description": "The resource id of another managed instance whose DNS zone this managed instance will share after creation.",
"type": "string"
},
"instancePoolId": {
"description": "The Id of the instance pool this managed server belongs to.",
"type": "string"
},
"keyId": {
"description": "A CMK URI of the key to use for encryption.",
"type": "string"
},
"licenseType": {
"description": "The license type. Possible values are 'LicenseIncluded' (regular price inclusive of a new SQL license) and 'BasePrice' (discounted AHB price for bringing your own SQL licenses).",
"oneOf": [
{
"enum": [
"LicenseIncluded",
"BasePrice"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maintenanceConfigurationId": {
"description": "Specifies maintenance configuration id to apply to this managed instance.",
"type": "string"
},
"managedInstanceCreateMode": {
"description": "Specifies the mode of database creation.\r\n\r\nDefault: Regular instance creation.\r\n\r\nRestore: Creates an instance by restoring a set of backups to specific point in time. RestorePointInTime and SourceManagedInstanceId must be specified.",
"oneOf": [
{
"enum": [
"Default",
"PointInTimeRestore"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minimalTlsVersion": {
"description": "Minimal TLS version. Allowed values: 'None', '1.0', '1.1', '1.2'",
"type": "string"
},
"primaryUserAssignedIdentityId": {
"description": "The resource id of a user assigned identity to be used by default.",
"type": "string"
},
"proxyOverride": {
"description": "Connection type used for connecting to the instance.",
"oneOf": [
{
"enum": [
"Proxy",
"Redirect",
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"publicDataEndpointEnabled": {
"description": "Whether or not the public data endpoint is enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"requestedBackupStorageRedundancy": {
"description": "The storage account type to be used to store backups for this instance. The options are Local (LocallyRedundantStorage), Zone (ZoneRedundantStorage), Geo (GeoRedundantStorage) and GeoZone(GeoZoneRedundantStorage)",
"oneOf": [
{
"enum": [
"Geo",
"Local",
"Zone",
"GeoZone"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"restorePointInTime": {
"description": "Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database.",
"format": "date-time",
"type": "string"
},
"servicePrincipal": {
"description": "The managed instance's service principal.",
"oneOf": [
{
"$ref": "#/definitions/ServicePrincipal"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sourceManagedInstanceId": {
"description": "The resource identifier of the source managed instance associated with create operation of this instance.",
"type": "string"
},
"storageSizeInGB": {
"description": "Storage size in GB. Minimum value: 32. Maximum value: 8192. Increments of 32 GB allowed only.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"subnetId": {
"description": "Subnet resource ID for the managed instance.",
"type": "string"
},
"timezoneId": {
"description": "Id of the timezone. Allowed values are timezones supported by Windows.\r\nWindows keeps details on supported timezones, including the id, in registry under\r\nKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones.\r\nYou can get those registry values via SQL Server by querying SELECT name AS timezone_id FROM sys.time_zone_info.\r\nList of Ids can also be obtained by executing [System.TimeZoneInfo]::GetSystemTimeZones() in PowerShell.\r\nAn example of valid timezone id is \"Pacific Standard Time\" or \"W. Europe Standard Time\".",
"type": "string"
},
"vCores": {
"description": "The number of vCores. Allowed values: 8, 16, 24, 32, 40, 64, 80.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"zoneRedundant": {
"description": "Whether or not the multi-az is enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ManagedInstanceVulnerabilityAssessmentProperties": {
"description": "Properties of a managed instance vulnerability assessment.",
"properties": {
"recurringScans": {
"description": "The recurring scans settings",
"oneOf": [
{
"$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
},
"storageContainerPath": {
"description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).",
"type": "string"
},
"storageContainerSasKey": {
"description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
}
},
"required": [
"storageContainerPath"
],
"type": "object"
},
"ManagedTransparentDataEncryptionProperties": {
"description": "Properties of a transparent data encryption.",
"properties": {
"state": {
"description": "Specifies the state of the transparent data encryption.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"state"
],
"type": "object"
},
"NetworkIsolationSettings": {
"description": "Contains the ARM resources for which to create private endpoint connection.",
"properties": {
"sqlServerResourceId": {
"description": "The resource id for the SQL server which is the target of this request. If set, private endpoint connection will be created for the SQL server. Must match server which is target of the operation.",
"type": "string"
},
"storageAccountResourceId": {
"description": "The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for StorageUri parameter.",
"type": "string"
}
},
"type": "object"
},
"PartnerInfo": {
"description": "Partner server information for the failover group.",
"properties": {
"id": {
"description": "Resource identifier of the partner server.",
"type": "string"
}
},
"required": [
"id"
],
"type": "object"
},
"PartnerRegionInfo": {
"description": "Partner region information for the failover group.",
"properties": {
"location": {
"description": "Geo location of the partner managed instances.",
"type": "string"
}
},
"type": "object"
},
"PrivateEndpointConnectionProperties": {
"description": "Properties of a private endpoint connection.",
"properties": {
"privateEndpoint": {
"description": "Private endpoint which the connection belongs to.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointProperty"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"privateLinkServiceConnectionState": {
"description": "Connection state of the private endpoint connection.",
"oneOf": [
{
"$ref": "#/definitions/PrivateLinkServiceConnectionStateProperty"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"PrivateEndpointProperty": {
"properties": {
"id": {
"description": "Resource id of the private endpoint.",
"type": "string"
}
},
"type": "object"
},
"PrivateLinkServiceConnectionStateProperty": {
"properties": {
"description": {
"description": "The private link service connection description.",
"type": "string"
},
"status": {
"description": "The private link service connection status.",
"oneOf": [
{
"enum": [
"Approved",
"Pending",
"Rejected",
"Disconnected"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"status",
"description"
],
"type": "object"
},
"ResourceIdentity": {
"description": "Azure Active Directory identity configuration for a resource.",
"properties": {
"type": {
"description": "The identity type. Set this to 'SystemAssigned' in order to automatically create and assign an Azure Active Directory principal for the resource.",
"oneOf": [
{
"enum": [
"None",
"SystemAssigned",
"UserAssigned",
"SystemAssigned,UserAssigned"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"userAssignedIdentities": {
"description": "The resource ids of the user assigned identities to use",
"oneOf": [
{
"additionalProperties": {
"$ref": "#/definitions/UserIdentity"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SecurityAlertPolicyProperties": {
"description": "Properties of a security alert policy.",
"properties": {
"disabledAlerts": {
"description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAccountAdmins": {
"description": "Specifies that the alert is sent to the account administrators.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAddresses": {
"description": "Specifies an array of e-mail addresses to which the alert is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the Threat Detection audit logs.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.",
"oneOf": [
{
"enum": [
"New",
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the Threat Detection audit storage account.",
"type": "string"
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"SecurityAlertsPolicyProperties": {
"description": "Properties of a security alert policy.",
"properties": {
"disabledAlerts": {
"description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAccountAdmins": {
"description": "Specifies that the alert is sent to the account administrators.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emailAddresses": {
"description": "Specifies an array of e-mail addresses to which the alert is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the Threat Detection audit logs.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the Threat Detection audit storage account.",
"type": "string"
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"SensitivityLabelProperties": {
"description": "Properties of a sensitivity label.",
"properties": {
"informationType": {
"description": "The information type.",
"type": "string"
},
"informationTypeId": {
"description": "The information type ID.",
"type": "string"
},
"labelId": {
"description": "The label ID.",
"type": "string"
},
"labelName": {
"description": "The label name.",
"type": "string"
},
"rank": {
"oneOf": [
{
"enum": [
"None",
"Low",
"Medium",
"High",
"Critical"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ServerBlobAuditingPolicyProperties": {
"description": "Properties of a server blob auditing policy.",
"properties": {
"auditActionsAndGroups": {
"description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that <object> in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isDevopsAuditEnabled": {
"description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isManagedIdentityInUse": {
"description": "Specifies whether Managed Identity is used to access blob storage",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isStorageSecondaryKeyInUse": {
"description": "Specifies whether storageAccountAccessKey value is the storage's secondary key.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"queueDelayMs": {
"description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"retentionDays": {
"description": "Specifies the number of days to keep in the audit logs in the storage account.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ServerConnectionPolicyProperties": {
"description": "The properties of a server connection policy.",
"properties": {
"connectionType": {
"description": "The server connection type.",
"oneOf": [
{
"enum": [
"Default",
"Redirect",
"Proxy"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"connectionType"
],
"type": "object"
},
"ServerDevOpsAuditSettingsProperties": {
"description": "Properties of a server DevOps audit settings.",
"properties": {
"isAzureMonitorTargetEnabled": {
"description": "Specifies whether DevOps audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"state": {
"description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)",
"type": "string"
},
"storageAccountSubscriptionId": {
"description": "Specifies the blob storage subscription Id.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageEndpoint": {
"description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required.",
"type": "string"
}
},
"required": [
"state"
],
"type": "object"
},
"ServerExternalAdministrator": {
"description": "Properties of a active directory administrator.",
"properties": {
"administratorType": {
"description": "Type of the sever administrator.",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"azureADOnlyAuthentication": {
"description": "Azure Active Directory only Authentication enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"login": {
"description": "Login name of the server administrator.",
"type": "string"
},
"principalType": {
"description": "Principal Type of the sever administrator.",
"oneOf": [
{
"enum": [
"User",
"Group",
"Application"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sid": {
"description": "SID (object ID) of the server administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tenantId": {
"description": "Tenant ID of the administrator.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"ServerFirewallRuleProperties": {
"description": "The properties of a server firewall rule.",
"properties": {
"endIpAddress": {
"description": "The end IP address of the firewall rule. Must be IPv4 format. Must be greater than or equal to startIpAddress. Use value '0.0.0.0' for all Azure-internal IP addresses.",
"type": "string"
},
"startIpAddress": {
"description": "The start IP address of the firewall rule. Must be IPv4 format. Use value '0.0.0.0' for all Azure-internal IP addresses.",
"type": "string"
}
},
"type": "object"
},
"ServerInfo": {
"description": "Server info for the server trust group.",
"properties": {
"serverId": {
"description": "Server Id.",
"type": "string"
}
},
"required": [
"serverId"
],
"type": "object"
},
"ServerKeyProperties": {
"description": "Properties for a server key execution.",
"properties": {
"serverKeyType": {
"description": "The server key type like 'ServiceManaged', 'AzureKeyVault'.",
"oneOf": [
{
"enum": [
"ServiceManaged",
"AzureKeyVault"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"uri": {
"description": "The URI of the server key. If the ServerKeyType is AzureKeyVault, then the URI is required. The AKV URI is required to be in this format: 'https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion'",
"type": "string"
}
},
"required": [
"serverKeyType"
],
"type": "object"
},
"ServerProperties": {
"description": "The properties of a server.",
"properties": {
"administratorLogin": {
"description": "Administrator username for the server. Once created it cannot be changed.",
"type": "string"
},
"administratorLoginPassword": {
"description": "The administrator login password (required for server creation).",
"type": "string"
},
"administrators": {
"description": "The Azure Active Directory administrator of the server.",
"oneOf": [
{
"$ref": "#/definitions/ServerExternalAdministrator"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"federatedClientId": {
"description": "The Client id used for cross tenant CMK scenario",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"keyId": {
"description": "A CMK URI of the key to use for encryption.",
"type": "string"
},
"minimalTlsVersion": {
"description": "Minimal TLS version. Allowed values: '1.0', '1.1', '1.2'",
"type": "string"
},
"primaryUserAssignedIdentityId": {
"description": "The resource id of a user assigned identity to be used by default.",
"type": "string"
},
"publicNetworkAccess": {
"description": "Whether or not public endpoint access is allowed for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"restrictOutboundNetworkAccess": {
"description": "Whether or not to restrict outbound network access for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"version": {
"description": "The version of the server.",
"type": "string"
}
},
"type": "object"
},
"ServerTrustCertificateProperties": {
"description": "The properties of a server trust certificate.",
"properties": {
"publicBlob": {
"description": "The certificate public blob",
"type": "string"
}
},
"type": "object"
},
"ServerTrustGroupProperties": {
"description": "Properties of a server trust group.",
"properties": {
"groupMembers": {
"description": "Group members information for the server trust group.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/ServerInfo"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"trustScopes": {
"description": "Trust scope of the server trust group.",
"oneOf": [
{
"items": {
"enum": [
"GlobalTransactions",
"ServiceBroker"
],
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"groupMembers",
"trustScopes"
],
"type": "object"
},
"ServerVulnerabilityAssessmentProperties": {
"description": "Properties of a server Vulnerability Assessment.",
"properties": {
"recurringScans": {
"description": "The recurring scans settings",
"oneOf": [
{
"$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"storageAccountAccessKey": {
"description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
},
"storageContainerPath": {
"description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).",
"type": "string"
},
"storageContainerSasKey": {
"description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall",
"type": "string"
}
},
"required": [
"storageContainerPath"
],
"type": "object"
},
"ServicePrincipal": {
"description": "The managed instance's service principal configuration for a resource.",
"properties": {
"type": {
"description": "Service principal type.",
"oneOf": [
{
"enum": [
"None",
"SystemAssigned"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"Sku": {
"description": "An ARM Resource SKU.",
"properties": {
"capacity": {
"description": "Capacity of the particular SKU.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"family": {
"description": "If the service has different generations of hardware, for the same SKU, then that can be captured here.",
"type": "string"
},
"name": {
"description": "The name of the SKU, typically, a letter + Number code, e.g. P3.",
"type": "string"
},
"size": {
"description": "Size of the particular SKU",
"type": "string"
},
"tier": {
"description": "The tier or edition of the particular SKU, e.g. Basic, Premium.",
"type": "string"
}
},
"required": [
"name"
],
"type": "object"
},
"SqlAgentConfigurationProperties": {
"description": "Sql agent configuration properties.",
"properties": {
"state": {
"description": "The state of Sql Agent.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SyncAgentProperties": {
"description": "Properties of an Azure SQL Database sync agent.",
"properties": {
"syncDatabaseId": {
"description": "ARM resource id of the sync database in the sync agent.",
"type": "string"
}
},
"type": "object"
},
"SyncGroupProperties": {
"description": "Properties of a sync group.",
"properties": {
"conflictLoggingRetentionInDays": {
"description": "Conflict logging retention period.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"conflictResolutionPolicy": {
"description": "Conflict resolution policy of the sync group.",
"oneOf": [
{
"enum": [
"HubWin",
"MemberWin"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"enableConflictLogging": {
"description": "If conflict logging is enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"hubDatabasePassword": {
"description": "Password for the sync group hub database credential.",
"type": "string"
},
"hubDatabaseUserName": {
"description": "User name for the sync group hub database credential.",
"type": "string"
},
"interval": {
"description": "Sync interval of the sync group.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"schema": {
"description": "Sync schema of the sync group.",
"oneOf": [
{
"$ref": "#/definitions/SyncGroupSchema"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"syncDatabaseId": {
"description": "ARM resource id of the sync database in the sync group.",
"type": "string"
},
"usePrivateLinkConnection": {
"description": "If use private link connection is enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SyncGroupSchema": {
"description": "Properties of sync group schema.",
"properties": {
"masterSyncMemberName": {
"description": "Name of master sync member where the schema is from.",
"type": "string"
},
"tables": {
"description": "List of tables in sync group schema.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/SyncGroupSchemaTable"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"SyncGroupSchemaTable": {
"description": "Properties of table in sync group schema.",
"properties": {
"columns": {
"description": "List of columns in sync group schema.",
"oneOf": [
{
"items": {
"$ref": "#/definitions/SyncGroupSchemaTableColumn"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"quotedName": {
"description": "Quoted name of sync group schema table.",
"type": "string"
}
},
"type": "object"
},
"SyncGroupSchemaTableColumn": {
"description": "Properties of column in sync group table.",
"properties": {
"dataSize": {
"description": "Data size of the column.",
"type": "string"
},
"dataType": {
"description": "Data type of the column.",
"type": "string"
},
"quotedName": {
"description": "Quoted name of sync group table column.",
"type": "string"
}
},
"type": "object"
},
"SyncMemberProperties": {
"description": "Properties of a sync member.",
"properties": {
"databaseName": {
"description": "Database name of the member database in the sync member.",
"type": "string"
},
"databaseType": {
"description": "Database type of the sync member.",
"oneOf": [
{
"enum": [
"AzureSqlDatabase",
"SqlServerDatabase"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"password": {
"description": "Password of the member database in the sync member.",
"type": "string"
},
"serverName": {
"description": "Server name of the member database in the sync member",
"type": "string"
},
"sqlServerDatabaseId": {
"description": "SQL Server database id of the sync member.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"syncAgentId": {
"description": "ARM resource id of the sync agent in the sync member.",
"type": "string"
},
"syncDirection": {
"description": "Sync direction of the sync member.",
"oneOf": [
{
"enum": [
"Bidirectional",
"OneWayMemberToHub",
"OneWayHubToMember"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"syncMemberAzureDatabaseResourceId": {
"description": "ARM resource id of the sync member logical database, for sync members in Azure.",
"type": "string"
},
"usePrivateLinkConnection": {
"description": "Whether to use private link connection.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"userName": {
"description": "User name of the member database in the sync member.",
"type": "string"
}
},
"type": "object"
},
"TransparentDataEncryptionProperties": {
"description": "Properties of a transparent data encryption.",
"properties": {
"state": {
"description": "Specifies the state of the transparent data encryption.",
"oneOf": [
{
"enum": [
"Enabled",
"Disabled"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"state"
],
"type": "object"
},
"UserIdentity": {
"description": "Azure Active Directory identity configuration for a resource.",
"properties": {},
"type": "object"
},
"VirtualNetworkRuleProperties": {
"description": "Properties of a virtual network rule.",
"properties": {
"ignoreMissingVnetServiceEndpoint": {
"description": "Create firewall rule before the virtual network has vnet service endpoint enabled.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"virtualNetworkSubnetId": {
"description": "The ARM resource id of the virtual network subnet.",
"type": "string"
}
},
"required": [
"virtualNetworkSubnetId"
],
"type": "object"
},
"VulnerabilityAssessmentRecurringScansProperties": {
"description": "Properties of a Vulnerability Assessment recurring scans.",
"properties": {
"emailSubscriptionAdmins": {
"description": "Specifies that the schedule scan notification will be is sent to the subscription administrators.",
"oneOf": [
{
"default": true,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"emails": {
"description": "Specifies an array of e-mail addresses to which the scan notification is sent.",
"oneOf": [
{
"items": {
"type": "string"
},
"type": "array"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"isEnabled": {
"description": "Recurring scans state.",
"oneOf": [
{
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"type": "object"
},
"WorkloadClassifierProperties": {
"description": "Workload classifier definition. For more information look at sys.workload_management_workload_classifiers (DMV).",
"properties": {
"context": {
"description": "The workload classifier context.",
"type": "string"
},
"endTime": {
"description": "The workload classifier end time for classification.",
"type": "string"
},
"importance": {
"description": "The workload classifier importance.",
"type": "string"
},
"label": {
"description": "The workload classifier label.",
"type": "string"
},
"memberName": {
"description": "The workload classifier member name.",
"type": "string"
},
"startTime": {
"description": "The workload classifier start time for classification.",
"type": "string"
}
},
"required": [
"memberName"
],
"type": "object"
},
"WorkloadGroupProperties": {
"description": "Workload group definition. For more information look at sys.workload_management_workload_groups (DMV).",
"properties": {
"importance": {
"description": "The workload group importance level.",
"type": "string"
},
"maxResourcePercent": {
"description": "The workload group cap percentage resource.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"maxResourcePercentPerRequest": {
"description": "The workload group request maximum grant percentage.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minResourcePercent": {
"description": "The workload group minimum percentage resource.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"minResourcePercentPerRequest": {
"description": "The workload group request minimum grant percentage.",
"oneOf": [
{
"type": "number"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"queryExecutionTimeout": {
"description": "The workload group query execution timeout.",
"oneOf": [
{
"type": "integer"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
}
},
"required": [
"minResourcePercent",
"maxResourcePercent",
"minResourcePercentPerRequest"
],
"type": "object"
},
"managedInstances_administrators_childResource": {
"description": "Microsoft.Sql/managedInstances/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceAdministratorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_azureADOnlyAuthentications_childResource": {
"description": "Microsoft.Sql/managedInstances/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server azure active directory only authentication.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceAzureADOnlyAuthProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_backupLongTermRetentionPolicies_childResource": {
"description": "Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be Default.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BaseLongTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"backupLongTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_backupShortTermRetentionPolicies_childResource": {
"description": "Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be \"default\".",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"backupShortTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_childResource": {
"description": "Microsoft.Sql/managedInstances/databases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the database.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedDatabaseProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"databases"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_securityAlertPolicies_childResource": {
"description": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_transparentDataEncryption_childResource": {
"description": "Microsoft.Sql/managedInstances/databases/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedTransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_databases_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_distributedAvailabilityGroups_childResource": {
"description": "Microsoft.Sql/managedInstances/distributedAvailabilityGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The distributed availability group name.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DistributedAvailabilityGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"distributedAvailabilityGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_dnsAliases_childResource": {
"description": "Microsoft.Sql/managedInstances/dnsAliases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"createDnsRecord": {
"description": "Whether or not DNS record should be created for this alias.",
"oneOf": [
{
"default": true,
"type": "boolean"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"name": {
"description": "",
"type": "string"
},
"type": {
"enum": [
"dnsAliases"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_encryptionProtector_childResource": {
"description": "Microsoft.Sql/managedInstances/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector to be updated.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceEncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_keys_childResource": {
"description": "Microsoft.Sql/managedInstances/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the managed instance key to be operated on (updated or created).",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceKeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_privateEndpointConnections_childResource": {
"description": "Microsoft.Sql/managedInstances/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstancePrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_securityAlertPolicies_childResource": {
"description": "Microsoft.Sql/managedInstances/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_serverTrustCertificates_childResource": {
"description": "Microsoft.Sql/managedInstances/serverTrustCertificates",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "Name of of the certificate to upload.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerTrustCertificateProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"serverTrustCertificates"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_sqlAgent_childResource": {
"description": "Microsoft.Sql/managedInstances/sqlAgent",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SqlAgentConfigurationProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"sqlAgent"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"managedInstances_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Sql/managedInstances/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ManagedInstanceVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_administrators_childResource": {
"description": "Microsoft.Sql/servers/administrators",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server active directory administrator.",
"oneOf": [
{
"enum": [
"ActiveDirectory"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdministratorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"administrators"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_advancedThreatProtectionSettings_childResource": {
"description": "Microsoft.Sql/servers/advancedThreatProtectionSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the Advanced Threat Protection state.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdvancedThreatProtectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"advancedThreatProtectionSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_auditingSettings_childResource": {
"description": "Microsoft.Sql/servers/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_azureADOnlyAuthentications_childResource": {
"description": "Microsoft.Sql/servers/azureADOnlyAuthentications",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of server azure active directory only authentication.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AzureADOnlyAuthProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"azureADOnlyAuthentications"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_connectionPolicies_childResource": {
"description": "Microsoft.Sql/servers/connectionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the connection policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerConnectionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"connectionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_advancedThreatProtectionSettings_childResource": {
"description": "Microsoft.Sql/servers/databases/advancedThreatProtectionSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the Advanced Threat Protection state.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/AdvancedThreatProtectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"advancedThreatProtectionSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_auditingSettings_childResource": {
"description": "Microsoft.Sql/servers/databases/auditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"auditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_backupLongTermRetentionPolicies_childResource": {
"description": "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be Default.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BaseLongTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"backupLongTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_backupShortTermRetentionPolicies_childResource": {
"description": "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The policy name. Should always be \"default\".",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/BackupShortTermRetentionPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"backupShortTermRetentionPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_childResource": {
"description": "Microsoft.Sql/servers/databases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"identity": {
"description": "The Azure Active Directory identity of the database.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseIdentity"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the database.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The database SKU.\r\n\r\nThe list of SKUs may vary by region and support offer. To determine the SKUs (including the SKU name, tier/edition, family, and capacity) that are available to your subscription in an Azure region, use the `Capabilities_ListByLocation` REST API or one of the following commands:\r\n\r\n```azurecli\r\naz sql db list-editions -l <location> -o table\r\n````\r\n\r\n```powershell\r\nGet-AzSqlServerServiceObjective -Location <location>\r\n````\r\n",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"databases"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_extendedAuditingSettings_childResource": {
"description": "Microsoft.Sql/servers/databases/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedDatabaseBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_extensions_childResource": {
"description": "Microsoft.Sql/servers/databases/extensions",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseExtensionsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"extensions"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_ledgerDigestUploads_childResource": {
"description": "Microsoft.Sql/servers/databases/ledgerDigestUploads",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/LedgerDigestUploadsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"ledgerDigestUploads"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_securityAlertPolicies_childResource": {
"description": "Microsoft.Sql/servers/databases/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the security alert policy.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_syncGroups_childResource": {
"description": "Microsoft.Sql/servers/databases/syncGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The name and capacity of the SKU.",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"syncGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_syncGroups_syncMembers_childResource": {
"description": "Microsoft.Sql/servers/databases/syncGroups/syncMembers",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync member.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncMemberProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"syncMembers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_transparentDataEncryption_childResource": {
"description": "Microsoft.Sql/servers/databases/transparentDataEncryption",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the transparent data encryption configuration.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/TransparentDataEncryptionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"transparentDataEncryption"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_workloadGroups_childResource": {
"description": "Microsoft.Sql/servers/databases/workloadGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the workload group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"workloadGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_databases_workloadGroups_workloadClassifiers_childResource": {
"description": "Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the workload classifier to create/update.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/WorkloadClassifierProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"workloadClassifiers"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_devOpsAuditingSettings_childResource": {
"description": "Microsoft.Sql/servers/devOpsAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the devops audit settings. This should always be 'default'.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerDevOpsAuditSettingsProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"devOpsAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_dnsAliases_childResource": {
"description": "Microsoft.Sql/servers/dnsAliases",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the server dns alias.",
"type": "string"
},
"type": {
"enum": [
"dnsAliases"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_elasticPools_childResource": {
"description": "Microsoft.Sql/servers/elasticPools",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the elastic pool.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ElasticPoolProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The elastic pool SKU.\r\n\r\nThe list of SKUs may vary by region and support offer. To determine the SKUs (including the SKU name, tier/edition, family, and capacity) that are available to your subscription in an Azure region, use the `Capabilities_ListByLocation` REST API or the following command:\r\n\r\n```azurecli\r\naz sql elastic-pool list-editions -l <location> -o table\r\n````\r\n",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"elasticPools"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_encryptionProtector_childResource": {
"description": "Microsoft.Sql/servers/encryptionProtector",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the encryption protector to be updated.",
"oneOf": [
{
"enum": [
"current"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/EncryptionProtectorProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"encryptionProtector"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_extendedAuditingSettings_childResource": {
"description": "Microsoft.Sql/servers/extendedAuditingSettings",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"extendedAuditingSettings"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_failoverGroups_childResource": {
"description": "Microsoft.Sql/servers/failoverGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the failover group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/FailoverGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"failoverGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_firewallRules_childResource": {
"description": "Microsoft.Sql/servers/firewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the firewall rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"firewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_ipv6FirewallRules_childResource": {
"description": "Microsoft.Sql/servers/ipv6FirewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the firewall rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/IPv6ServerFirewallRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"ipv6FirewallRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_childResource": {
"description": "Microsoft.Sql/servers/jobAgents",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"location": {
"description": "Resource location.",
"type": "string"
},
"name": {
"description": "The name of the job agent to be created or updated.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobAgentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"sku": {
"description": "The name and tier of the SKU.",
"oneOf": [
{
"$ref": "#/definitions/Sku"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"tags": {
"description": "Resource tags.",
"oneOf": [
{
"additionalProperties": {
"type": "string"
},
"properties": {},
"type": "object"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"jobAgents"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_credentials_childResource": {
"description": "Microsoft.Sql/servers/jobAgents/credentials",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the credential.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobCredentialProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"credentials"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs_childResource": {
"description": "Microsoft.Sql/servers/jobAgents/jobs",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the job to get.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"jobs"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs_executions_childResource": {
"description": "Microsoft.Sql/servers/jobAgents/jobs/executions",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The job execution id to create the job execution under.",
"oneOf": [
{
"pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$",
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"executions"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_jobs_steps_childResource": {
"description": "Microsoft.Sql/servers/jobAgents/jobs/steps",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the job step.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobStepProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"steps"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_jobAgents_targetGroups_childResource": {
"description": "Microsoft.Sql/servers/jobAgents/targetGroups",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the target group.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/JobTargetGroupProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"targetGroups"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_keys_childResource": {
"description": "Microsoft.Sql/servers/keys",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the server key to be operated on (updated or created). The key name is required to be in the format of 'vault_key_version'. For example, if the keyId is https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion, then the server key name should be formatted as: YourVaultName_YourKeyName_YourKeyVersion",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerKeyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"keys"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_outboundFirewallRules_childResource": {
"description": "Microsoft.Sql/servers/outboundFirewallRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"type": {
"enum": [
"outboundFirewallRules"
],
"type": "string"
}
},
"required": [
"name",
"apiVersion",
"type"
],
"type": "object"
},
"servers_privateEndpointConnections_childResource": {
"description": "Microsoft.Sql/servers/privateEndpointConnections",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/PrivateEndpointConnectionProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"privateEndpointConnections"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_securityAlertPolicies_childResource": {
"description": "Microsoft.Sql/servers/securityAlertPolicies",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the threat detection policy.",
"oneOf": [
{
"enum": [
"Default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SecurityAlertsPolicyProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"securityAlertPolicies"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_syncAgents_childResource": {
"description": "Microsoft.Sql/servers/syncAgents",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the sync agent.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/SyncAgentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"syncAgents"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_virtualNetworkRules_childResource": {
"description": "Microsoft.Sql/servers/virtualNetworkRules",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the virtual network rule.",
"type": "string"
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/VirtualNetworkRuleProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"virtualNetworkRules"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
},
"servers_vulnerabilityAssessments_childResource": {
"description": "Microsoft.Sql/servers/vulnerabilityAssessments",
"properties": {
"apiVersion": {
"enum": [
"2021-11-01-preview"
],
"type": "string"
},
"name": {
"description": "The name of the vulnerability assessment.",
"oneOf": [
{
"enum": [
"default"
],
"type": "string"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"properties": {
"description": "Resource properties.",
"oneOf": [
{
"$ref": "#/definitions/ServerVulnerabilityAssessmentProperties"
},
{
"$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression"
}
]
},
"type": {
"enum": [
"vulnerabilityAssessments"
],
"type": "string"
}
},
"required": [
"name",
"properties",
"apiVersion",
"type"
],
"type": "object"
}
}
}
Ссылка в новой задаче Показать git blame Копировать постоянную ссылку