Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.AVS/privateClouds@2022-05-01' = {
identity: {
type: 'string'
}
location: 'string'
name: 'string'
properties: {
availability: {
secondaryZone: int
strategy: 'string'
zone: int
}
circuit: {}
encryption: {
keyVaultProperties: {
keyName: 'string'
keyVaultUrl: 'string'
keyVersion: 'string'
}
status: 'string'
}
identitySources: [
{
alias: 'string'
baseGroupDN: 'string'
baseUserDN: 'string'
domain: 'string'
name: 'string'
password: 'string'
primaryServer: 'string'
secondaryServer: 'string'
ssl: 'string'
username: 'string'
}
]
internet: 'string'
managementCluster: {
clusterSize: int
hosts: [
'string'
]
}
networkBlock: 'string'
nsxtPassword: 'string'
secondaryCircuit: {}
vcenterPassword: 'string'
}
sku: {
name: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.AVS/privateClouds
| Name | Description | Value |
|---|---|---|
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| location | Resource location | string |
| name | The resource name | string (required) |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
| sku | The private cloud SKU | Sku (required) |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | 'DualZone' 'SingleZone' |
| zone | The primary availability zone for the private cloud | int |
Circuit
| Name | Description | Value |
|---|
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | 'Disabled' 'Enabled' |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | 'Disabled' 'Enabled' |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | 'None' 'SystemAssigned' |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | 'Disabled' 'Enabled' |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
ResourceTags
| Name | Description | Value |
|---|
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
ARM template resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following JSON to your template.
{
"type": "Microsoft.AVS/privateClouds",
"apiVersion": "2022-05-01",
"name": "string",
"identity": {
"type": "string"
},
"location": "string",
"properties": {
"availability": {
"secondaryZone": "int",
"strategy": "string",
"zone": "int"
},
"circuit": {
},
"encryption": {
"keyVaultProperties": {
"keyName": "string",
"keyVaultUrl": "string",
"keyVersion": "string"
},
"status": "string"
},
"identitySources": [
{
"alias": "string",
"baseGroupDN": "string",
"baseUserDN": "string",
"domain": "string",
"name": "string",
"password": "string",
"primaryServer": "string",
"secondaryServer": "string",
"ssl": "string",
"username": "string"
}
],
"internet": "string",
"managementCluster": {
"clusterSize": "int",
"hosts": [ "string" ]
},
"networkBlock": "string",
"nsxtPassword": "string",
"secondaryCircuit": {
},
"vcenterPassword": "string"
},
"sku": {
"name": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.AVS/privateClouds
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2022-05-01' |
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| location | Resource location | string |
| name | The resource name | string (required) |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
| sku | The private cloud SKU | Sku (required) |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.AVS/privateClouds' |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | 'DualZone' 'SingleZone' |
| zone | The primary availability zone for the private cloud | int |
Circuit
| Name | Description | Value |
|---|
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | 'Disabled' 'Enabled' |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | 'Disabled' 'Enabled' |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | 'None' 'SystemAssigned' |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | 'Disabled' 'Enabled' |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
ResourceTags
| Name | Description | Value |
|---|
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
Usage Examples
Terraform (AzAPI provider) resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.AVS/privateClouds@2022-05-01"
name = "string"
parent_id = "string"
identity {
type = "string"
identity_ids = [
"string"
]
}
location = "string"
tags = {
{customized property} = "string"
}
body = {
properties = {
availability = {
secondaryZone = int
strategy = "string"
zone = int
}
circuit = {
}
encryption = {
keyVaultProperties = {
keyName = "string"
keyVaultUrl = "string"
keyVersion = "string"
}
status = "string"
}
identitySources = [
{
alias = "string"
baseGroupDN = "string"
baseUserDN = "string"
domain = "string"
name = "string"
password = "string"
primaryServer = "string"
secondaryServer = "string"
ssl = "string"
username = "string"
}
]
internet = "string"
managementCluster = {
clusterSize = int
hosts = [
"string"
]
}
networkBlock = "string"
nsxtPassword = "string"
secondaryCircuit = {
}
vcenterPassword = "string"
}
sku = {
name = "string"
}
}
}
Property Values
Microsoft.AVS/privateClouds
| Name | Description | Value |
|---|---|---|
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| location | Resource location | string |
| name | The resource name | string (required) |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
| sku | The private cloud SKU | Sku (required) |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.AVS/privateClouds@2022-05-01" |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | 'DualZone' 'SingleZone' |
| zone | The primary availability zone for the private cloud | int |
Circuit
| Name | Description | Value |
|---|
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | 'Disabled' 'Enabled' |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | 'Disabled' 'Enabled' |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | 'None' 'SystemAssigned' |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | 'Disabled' 'Enabled' |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string Constraints: Sensitive value. Pass in as a secure parameter. |
ResourceTags
| Name | Description | Value |
|---|
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
Usage Examples
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| AVS Private Cloud | AVM Resource Module for AVS Private Cloud |