Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The caches resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/caches resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.StorageCache/caches@2023-05-01' = {
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
location: 'string'
name: 'string'
properties: {
cacheSizeGB: int
directoryServicesSettings: {
activeDirectory: {
cacheNetBiosName: 'string'
credentials: {
password: 'string'
username: 'string'
}
domainName: 'string'
domainNetBiosName: 'string'
primaryDnsIpAddress: 'string'
secondaryDnsIpAddress: 'string'
}
usernameDownload: {
autoDownloadCertificate: bool
caCertificateURI: 'string'
credentials: {
bindDn: 'string'
bindPassword: 'string'
}
encryptLdapConnection: bool
extendedGroups: bool
groupFileURI: 'string'
ldapBaseDN: 'string'
ldapServer: 'string'
requireValidCertificate: bool
userFileURI: 'string'
usernameSource: 'string'
}
}
encryptionSettings: {
keyEncryptionKey: {
keyUrl: 'string'
sourceVault: {
id: 'string'
}
}
rotationToLatestKeyVersionEnabled: bool
}
networkSettings: {
dnsSearchDomain: 'string'
dnsServers: [
'string'
]
mtu: int
ntpServer: 'string'
}
securitySettings: {
accessPolicies: [
{
accessRules: [
{
access: 'string'
anonymousGID: 'string'
anonymousUID: 'string'
filter: 'string'
rootSquash: bool
scope: 'string'
submountAccess: bool
suid: bool
}
]
name: 'string'
}
]
}
subnet: 'string'
upgradeSettings: {
scheduledTime: 'string'
upgradeScheduleEnabled: bool
}
zones: [
'string'
]
}
sku: {
name: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.StorageCache/caches
| Name | Description | Value |
|---|---|---|
| identity | The identity of the cache, if configured. | CacheIdentity |
| location | Region name string. | string |
| name | The resource name | string Constraints: Pattern = ^[-0-9a-zA-Z_]{1,80}$ (required) |
| properties | Properties of the cache. | CacheProperties |
| sku | SKU for the cache. | CacheSku |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
CacheActiveDirectorySettings
| Name | Description | Value |
|---|---|---|
| cacheNetBiosName | The NetBIOS name to assign to the HPC Cache when it joins the Active Directory domain as a server. Length must 1-15 characters from the class [-0-9a-zA-Z]. | string Constraints: Pattern = ^[-0-9a-zA-Z]{1,15}$ (required) |
| credentials | Active Directory admin credentials used to join the HPC Cache to a domain. | CacheActiveDirectorySettingsCredentials |
| domainName | The fully qualified domain name of the Active Directory domain controller. | string (required) |
| domainNetBiosName | The Active Directory domain's NetBIOS name. | string (required) |
| primaryDnsIpAddress | Primary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string (required) |
| secondaryDnsIpAddress | Secondary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string |
CacheActiveDirectorySettingsCredentials
| Name | Description | Value |
|---|---|---|
| password | Plain text password of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| username | Username of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string (required) |
CacheDirectorySettings
| Name | Description | Value |
|---|---|---|
| activeDirectory | Specifies settings for joining the HPC Cache to an Active Directory domain. | CacheActiveDirectorySettings |
| usernameDownload | Specifies settings for Extended Groups. Extended Groups allows users to be members of more than 16 groups. | CacheUsernameDownloadSettings |
CacheEncryptionSettings
| Name | Description | Value |
|---|---|---|
| keyEncryptionKey | Specifies the location of the key encryption key in key vault. | KeyVaultKeyReference |
| rotationToLatestKeyVersionEnabled | Specifies whether the service will automatically rotate to the newest version of the key in the key vault. | bool |
CacheIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the cache | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' |
| userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | CacheIdentityUserAssignedIdentities |
CacheIdentityUserAssignedIdentities
| Name | Description | Value |
|---|
CacheNetworkSettings
| Name | Description | Value |
|---|---|---|
| dnsSearchDomain | DNS search domain | string |
| dnsServers | DNS servers for the cache to use. It will be set from the network configuration if no value is provided. | string[] |
| mtu | The IPv4 maximum transmission unit configured for the subnet. | int Constraints: Min value = 576 Max value = 1500 |
| ntpServer | NTP server IP Address or FQDN for the cache to use. The default is time.windows.com. | string |
CacheProperties
| Name | Description | Value |
|---|---|---|
| cacheSizeGB | The size of this Cache, in GB. | int |
| directoryServicesSettings | Specifies Directory Services settings of the cache. | CacheDirectorySettings |
| encryptionSettings | Specifies encryption settings of the cache. | CacheEncryptionSettings |
| networkSettings | Specifies network settings of the cache. | CacheNetworkSettings |
| securitySettings | Specifies security settings of the cache. | CacheSecuritySettings |
| subnet | Subnet used for the cache. | string |
| upgradeSettings | Upgrade settings of the cache. | CacheUpgradeSettings |
| zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
CacheSecuritySettings
| Name | Description | Value |
|---|---|---|
| accessPolicies | NFS access policies defined for this cache. | NfsAccessPolicy[] |
CacheSku
| Name | Description | Value |
|---|---|---|
| name | SKU name for this cache. | string |
CacheTags
| Name | Description | Value |
|---|
CacheUpgradeSettings
| Name | Description | Value |
|---|---|---|
| scheduledTime | When upgradeScheduleEnabled is true, this field holds the user-chosen upgrade time. At the user-chosen time, the firmware update will automatically be installed on the cache. | string |
| upgradeScheduleEnabled | True if the user chooses to select an installation time between now and firmwareUpdateDeadline. Else the firmware will automatically be installed after firmwareUpdateDeadline if not triggered earlier via the upgrade operation. | bool |
CacheUsernameDownloadSettings
| Name | Description | Value |
|---|---|---|
| autoDownloadCertificate | Determines if the certificate should be automatically downloaded. This applies to 'caCertificateURI' only if 'requireValidCertificate' is true. | bool |
| caCertificateURI | The URI of the CA certificate to validate the LDAP secure connection. This field must be populated when 'requireValidCertificate' is set to true. | string |
| credentials | When present, these are the credentials for the secure LDAP connection. | CacheUsernameDownloadSettingsCredentials |
| encryptLdapConnection | Whether or not the LDAP connection should be encrypted. | bool |
| extendedGroups | Whether or not Extended Groups is enabled. | bool |
| groupFileURI | The URI of the file containing group information (in /etc/group file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| ldapBaseDN | The base distinguished name for the LDAP domain. | string |
| ldapServer | The fully qualified domain name or IP address of the LDAP server to use. | string |
| requireValidCertificate | Determines if the certificates must be validated by a certificate authority. When true, caCertificateURI must be provided. | bool |
| userFileURI | The URI of the file containing user information (in /etc/passwd file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| usernameSource | This setting determines how the cache gets username and group names for clients. | 'AD' 'File' 'LDAP' 'None' |
CacheUsernameDownloadSettingsCredentials
| Name | Description | Value |
|---|---|---|
| bindDn | The Bind Distinguished Name identity to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string |
| bindPassword | The Bind password to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
KeyVaultKeyReference
| Name | Description | Value |
|---|---|---|
| keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
| sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
KeyVaultKeyReferenceSourceVault
| Name | Description | Value |
|---|---|---|
| id | Resource Id. | string |
NfsAccessPolicy
| Name | Description | Value |
|---|---|---|
| accessRules | The set of rules describing client accesses allowed under this policy. | NfsAccessRule[] (required) |
| name | Name identifying this policy. Access Policy names are not case sensitive. | string (required) |
NfsAccessRule
| Name | Description | Value |
|---|---|---|
| access | Access allowed by this rule. | 'no' 'ro' 'rw' (required) |
| anonymousGID | GID value that replaces 0 when rootSquash is true. This will use the value of anonymousUID if not provided. | string |
| anonymousUID | UID value that replaces 0 when rootSquash is true. 65534 will be used if not provided. | string |
| filter | Filter applied to the scope for this rule. The filter's format depends on its scope. 'default' scope matches all clients and has no filter value. 'network' scope takes a filter in CIDR format (for example, 10.99.1.0/24). 'host' takes an IP address or fully qualified domain name as filter. If a client does not match any filter rule and there is no default rule, access is denied. | string |
| rootSquash | Map root accesses to anonymousUID and anonymousGID. | bool |
| scope | Scope for this rule. The scope and filter determine which clients match the rule. | 'default' 'host' 'network' (required) |
| submountAccess | For the default policy, allow access to subdirectories under the root export. If this is set to no, clients can only mount the path '/'. If set to yes, clients can mount a deeper path, like '/a/b'. | bool |
| suid | Allow SUID semantics. | bool |
UserAssignedIdentitiesValueAutoGenerated
| Name | Description | Value |
|---|
ARM template resource definition
The caches resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/caches resource, add the following JSON to your template.
{
"type": "Microsoft.StorageCache/caches",
"apiVersion": "2023-05-01",
"name": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
}
}
},
"location": "string",
"properties": {
"cacheSizeGB": "int",
"directoryServicesSettings": {
"activeDirectory": {
"cacheNetBiosName": "string",
"credentials": {
"password": "string",
"username": "string"
},
"domainName": "string",
"domainNetBiosName": "string",
"primaryDnsIpAddress": "string",
"secondaryDnsIpAddress": "string"
},
"usernameDownload": {
"autoDownloadCertificate": "bool",
"caCertificateURI": "string",
"credentials": {
"bindDn": "string",
"bindPassword": "string"
},
"encryptLdapConnection": "bool",
"extendedGroups": "bool",
"groupFileURI": "string",
"ldapBaseDN": "string",
"ldapServer": "string",
"requireValidCertificate": "bool",
"userFileURI": "string",
"usernameSource": "string"
}
},
"encryptionSettings": {
"keyEncryptionKey": {
"keyUrl": "string",
"sourceVault": {
"id": "string"
}
},
"rotationToLatestKeyVersionEnabled": "bool"
},
"networkSettings": {
"dnsSearchDomain": "string",
"dnsServers": [ "string" ],
"mtu": "int",
"ntpServer": "string"
},
"securitySettings": {
"accessPolicies": [
{
"accessRules": [
{
"access": "string",
"anonymousGID": "string",
"anonymousUID": "string",
"filter": "string",
"rootSquash": "bool",
"scope": "string",
"submountAccess": "bool",
"suid": "bool"
}
],
"name": "string"
}
]
},
"subnet": "string",
"upgradeSettings": {
"scheduledTime": "string",
"upgradeScheduleEnabled": "bool"
},
"zones": [ "string" ]
},
"sku": {
"name": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.StorageCache/caches
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2023-05-01' |
| identity | The identity of the cache, if configured. | CacheIdentity |
| location | Region name string. | string |
| name | The resource name | string Constraints: Pattern = ^[-0-9a-zA-Z_]{1,80}$ (required) |
| properties | Properties of the cache. | CacheProperties |
| sku | SKU for the cache. | CacheSku |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.StorageCache/caches' |
CacheActiveDirectorySettings
| Name | Description | Value |
|---|---|---|
| cacheNetBiosName | The NetBIOS name to assign to the HPC Cache when it joins the Active Directory domain as a server. Length must 1-15 characters from the class [-0-9a-zA-Z]. | string Constraints: Pattern = ^[-0-9a-zA-Z]{1,15}$ (required) |
| credentials | Active Directory admin credentials used to join the HPC Cache to a domain. | CacheActiveDirectorySettingsCredentials |
| domainName | The fully qualified domain name of the Active Directory domain controller. | string (required) |
| domainNetBiosName | The Active Directory domain's NetBIOS name. | string (required) |
| primaryDnsIpAddress | Primary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string (required) |
| secondaryDnsIpAddress | Secondary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string |
CacheActiveDirectorySettingsCredentials
| Name | Description | Value |
|---|---|---|
| password | Plain text password of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| username | Username of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string (required) |
CacheDirectorySettings
| Name | Description | Value |
|---|---|---|
| activeDirectory | Specifies settings for joining the HPC Cache to an Active Directory domain. | CacheActiveDirectorySettings |
| usernameDownload | Specifies settings for Extended Groups. Extended Groups allows users to be members of more than 16 groups. | CacheUsernameDownloadSettings |
CacheEncryptionSettings
| Name | Description | Value |
|---|---|---|
| keyEncryptionKey | Specifies the location of the key encryption key in key vault. | KeyVaultKeyReference |
| rotationToLatestKeyVersionEnabled | Specifies whether the service will automatically rotate to the newest version of the key in the key vault. | bool |
CacheIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the cache | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' |
| userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | CacheIdentityUserAssignedIdentities |
CacheIdentityUserAssignedIdentities
| Name | Description | Value |
|---|
CacheNetworkSettings
| Name | Description | Value |
|---|---|---|
| dnsSearchDomain | DNS search domain | string |
| dnsServers | DNS servers for the cache to use. It will be set from the network configuration if no value is provided. | string[] |
| mtu | The IPv4 maximum transmission unit configured for the subnet. | int Constraints: Min value = 576 Max value = 1500 |
| ntpServer | NTP server IP Address or FQDN for the cache to use. The default is time.windows.com. | string |
CacheProperties
| Name | Description | Value |
|---|---|---|
| cacheSizeGB | The size of this Cache, in GB. | int |
| directoryServicesSettings | Specifies Directory Services settings of the cache. | CacheDirectorySettings |
| encryptionSettings | Specifies encryption settings of the cache. | CacheEncryptionSettings |
| networkSettings | Specifies network settings of the cache. | CacheNetworkSettings |
| securitySettings | Specifies security settings of the cache. | CacheSecuritySettings |
| subnet | Subnet used for the cache. | string |
| upgradeSettings | Upgrade settings of the cache. | CacheUpgradeSettings |
| zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
CacheSecuritySettings
| Name | Description | Value |
|---|---|---|
| accessPolicies | NFS access policies defined for this cache. | NfsAccessPolicy[] |
CacheSku
| Name | Description | Value |
|---|---|---|
| name | SKU name for this cache. | string |
CacheTags
| Name | Description | Value |
|---|
CacheUpgradeSettings
| Name | Description | Value |
|---|---|---|
| scheduledTime | When upgradeScheduleEnabled is true, this field holds the user-chosen upgrade time. At the user-chosen time, the firmware update will automatically be installed on the cache. | string |
| upgradeScheduleEnabled | True if the user chooses to select an installation time between now and firmwareUpdateDeadline. Else the firmware will automatically be installed after firmwareUpdateDeadline if not triggered earlier via the upgrade operation. | bool |
CacheUsernameDownloadSettings
| Name | Description | Value |
|---|---|---|
| autoDownloadCertificate | Determines if the certificate should be automatically downloaded. This applies to 'caCertificateURI' only if 'requireValidCertificate' is true. | bool |
| caCertificateURI | The URI of the CA certificate to validate the LDAP secure connection. This field must be populated when 'requireValidCertificate' is set to true. | string |
| credentials | When present, these are the credentials for the secure LDAP connection. | CacheUsernameDownloadSettingsCredentials |
| encryptLdapConnection | Whether or not the LDAP connection should be encrypted. | bool |
| extendedGroups | Whether or not Extended Groups is enabled. | bool |
| groupFileURI | The URI of the file containing group information (in /etc/group file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| ldapBaseDN | The base distinguished name for the LDAP domain. | string |
| ldapServer | The fully qualified domain name or IP address of the LDAP server to use. | string |
| requireValidCertificate | Determines if the certificates must be validated by a certificate authority. When true, caCertificateURI must be provided. | bool |
| userFileURI | The URI of the file containing user information (in /etc/passwd file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| usernameSource | This setting determines how the cache gets username and group names for clients. | 'AD' 'File' 'LDAP' 'None' |
CacheUsernameDownloadSettingsCredentials
| Name | Description | Value |
|---|---|---|
| bindDn | The Bind Distinguished Name identity to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string |
| bindPassword | The Bind password to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
KeyVaultKeyReference
| Name | Description | Value |
|---|---|---|
| keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
| sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
KeyVaultKeyReferenceSourceVault
| Name | Description | Value |
|---|---|---|
| id | Resource Id. | string |
NfsAccessPolicy
| Name | Description | Value |
|---|---|---|
| accessRules | The set of rules describing client accesses allowed under this policy. | NfsAccessRule[] (required) |
| name | Name identifying this policy. Access Policy names are not case sensitive. | string (required) |
NfsAccessRule
| Name | Description | Value |
|---|---|---|
| access | Access allowed by this rule. | 'no' 'ro' 'rw' (required) |
| anonymousGID | GID value that replaces 0 when rootSquash is true. This will use the value of anonymousUID if not provided. | string |
| anonymousUID | UID value that replaces 0 when rootSquash is true. 65534 will be used if not provided. | string |
| filter | Filter applied to the scope for this rule. The filter's format depends on its scope. 'default' scope matches all clients and has no filter value. 'network' scope takes a filter in CIDR format (for example, 10.99.1.0/24). 'host' takes an IP address or fully qualified domain name as filter. If a client does not match any filter rule and there is no default rule, access is denied. | string |
| rootSquash | Map root accesses to anonymousUID and anonymousGID. | bool |
| scope | Scope for this rule. The scope and filter determine which clients match the rule. | 'default' 'host' 'network' (required) |
| submountAccess | For the default policy, allow access to subdirectories under the root export. If this is set to no, clients can only mount the path '/'. If set to yes, clients can mount a deeper path, like '/a/b'. | bool |
| suid | Allow SUID semantics. | bool |
UserAssignedIdentitiesValueAutoGenerated
| Name | Description | Value |
|---|
Usage Examples
Terraform (AzAPI provider) resource definition
The caches resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/caches resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.StorageCache/caches@2023-05-01"
name = "string"
parent_id = "string"
identity {
type = "string"
identity_ids = [
"string"
]
}
location = "string"
tags = {
{customized property} = "string"
}
body = {
properties = {
cacheSizeGB = int
directoryServicesSettings = {
activeDirectory = {
cacheNetBiosName = "string"
credentials = {
password = "string"
username = "string"
}
domainName = "string"
domainNetBiosName = "string"
primaryDnsIpAddress = "string"
secondaryDnsIpAddress = "string"
}
usernameDownload = {
autoDownloadCertificate = bool
caCertificateURI = "string"
credentials = {
bindDn = "string"
bindPassword = "string"
}
encryptLdapConnection = bool
extendedGroups = bool
groupFileURI = "string"
ldapBaseDN = "string"
ldapServer = "string"
requireValidCertificate = bool
userFileURI = "string"
usernameSource = "string"
}
}
encryptionSettings = {
keyEncryptionKey = {
keyUrl = "string"
sourceVault = {
id = "string"
}
}
rotationToLatestKeyVersionEnabled = bool
}
networkSettings = {
dnsSearchDomain = "string"
dnsServers = [
"string"
]
mtu = int
ntpServer = "string"
}
securitySettings = {
accessPolicies = [
{
accessRules = [
{
access = "string"
anonymousGID = "string"
anonymousUID = "string"
filter = "string"
rootSquash = bool
scope = "string"
submountAccess = bool
suid = bool
}
]
name = "string"
}
]
}
subnet = "string"
upgradeSettings = {
scheduledTime = "string"
upgradeScheduleEnabled = bool
}
zones = [
"string"
]
}
sku = {
name = "string"
}
}
}
Property Values
Microsoft.StorageCache/caches
| Name | Description | Value |
|---|---|---|
| identity | The identity of the cache, if configured. | CacheIdentity |
| location | Region name string. | string |
| name | The resource name | string Constraints: Pattern = ^[-0-9a-zA-Z_]{1,80}$ (required) |
| properties | Properties of the cache. | CacheProperties |
| sku | SKU for the cache. | CacheSku |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.StorageCache/caches@2023-05-01" |
CacheActiveDirectorySettings
| Name | Description | Value |
|---|---|---|
| cacheNetBiosName | The NetBIOS name to assign to the HPC Cache when it joins the Active Directory domain as a server. Length must 1-15 characters from the class [-0-9a-zA-Z]. | string Constraints: Pattern = ^[-0-9a-zA-Z]{1,15}$ (required) |
| credentials | Active Directory admin credentials used to join the HPC Cache to a domain. | CacheActiveDirectorySettingsCredentials |
| domainName | The fully qualified domain name of the Active Directory domain controller. | string (required) |
| domainNetBiosName | The Active Directory domain's NetBIOS name. | string (required) |
| primaryDnsIpAddress | Primary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string (required) |
| secondaryDnsIpAddress | Secondary DNS IP address used to resolve the Active Directory domain controller's fully qualified domain name. | string |
CacheActiveDirectorySettingsCredentials
| Name | Description | Value |
|---|---|---|
| password | Plain text password of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
| username | Username of the Active Directory domain administrator. This value is stored encrypted and not returned on response. | string (required) |
CacheDirectorySettings
| Name | Description | Value |
|---|---|---|
| activeDirectory | Specifies settings for joining the HPC Cache to an Active Directory domain. | CacheActiveDirectorySettings |
| usernameDownload | Specifies settings for Extended Groups. Extended Groups allows users to be members of more than 16 groups. | CacheUsernameDownloadSettings |
CacheEncryptionSettings
| Name | Description | Value |
|---|---|---|
| keyEncryptionKey | Specifies the location of the key encryption key in key vault. | KeyVaultKeyReference |
| rotationToLatestKeyVersionEnabled | Specifies whether the service will automatically rotate to the newest version of the key in the key vault. | bool |
CacheIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the cache | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' |
| userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | CacheIdentityUserAssignedIdentities |
CacheIdentityUserAssignedIdentities
| Name | Description | Value |
|---|
CacheNetworkSettings
| Name | Description | Value |
|---|---|---|
| dnsSearchDomain | DNS search domain | string |
| dnsServers | DNS servers for the cache to use. It will be set from the network configuration if no value is provided. | string[] |
| mtu | The IPv4 maximum transmission unit configured for the subnet. | int Constraints: Min value = 576 Max value = 1500 |
| ntpServer | NTP server IP Address or FQDN for the cache to use. The default is time.windows.com. | string |
CacheProperties
| Name | Description | Value |
|---|---|---|
| cacheSizeGB | The size of this Cache, in GB. | int |
| directoryServicesSettings | Specifies Directory Services settings of the cache. | CacheDirectorySettings |
| encryptionSettings | Specifies encryption settings of the cache. | CacheEncryptionSettings |
| networkSettings | Specifies network settings of the cache. | CacheNetworkSettings |
| securitySettings | Specifies security settings of the cache. | CacheSecuritySettings |
| subnet | Subnet used for the cache. | string |
| upgradeSettings | Upgrade settings of the cache. | CacheUpgradeSettings |
| zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
CacheSecuritySettings
| Name | Description | Value |
|---|---|---|
| accessPolicies | NFS access policies defined for this cache. | NfsAccessPolicy[] |
CacheSku
| Name | Description | Value |
|---|---|---|
| name | SKU name for this cache. | string |
CacheTags
| Name | Description | Value |
|---|
CacheUpgradeSettings
| Name | Description | Value |
|---|---|---|
| scheduledTime | When upgradeScheduleEnabled is true, this field holds the user-chosen upgrade time. At the user-chosen time, the firmware update will automatically be installed on the cache. | string |
| upgradeScheduleEnabled | True if the user chooses to select an installation time between now and firmwareUpdateDeadline. Else the firmware will automatically be installed after firmwareUpdateDeadline if not triggered earlier via the upgrade operation. | bool |
CacheUsernameDownloadSettings
| Name | Description | Value |
|---|---|---|
| autoDownloadCertificate | Determines if the certificate should be automatically downloaded. This applies to 'caCertificateURI' only if 'requireValidCertificate' is true. | bool |
| caCertificateURI | The URI of the CA certificate to validate the LDAP secure connection. This field must be populated when 'requireValidCertificate' is set to true. | string |
| credentials | When present, these are the credentials for the secure LDAP connection. | CacheUsernameDownloadSettingsCredentials |
| encryptLdapConnection | Whether or not the LDAP connection should be encrypted. | bool |
| extendedGroups | Whether or not Extended Groups is enabled. | bool |
| groupFileURI | The URI of the file containing group information (in /etc/group file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| ldapBaseDN | The base distinguished name for the LDAP domain. | string |
| ldapServer | The fully qualified domain name or IP address of the LDAP server to use. | string |
| requireValidCertificate | Determines if the certificates must be validated by a certificate authority. When true, caCertificateURI must be provided. | bool |
| userFileURI | The URI of the file containing user information (in /etc/passwd file format). This field must be populated when 'usernameSource' is set to 'File'. | string |
| usernameSource | This setting determines how the cache gets username and group names for clients. | 'AD' 'File' 'LDAP' 'None' |
CacheUsernameDownloadSettingsCredentials
| Name | Description | Value |
|---|---|---|
| bindDn | The Bind Distinguished Name identity to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string |
| bindPassword | The Bind password to be used in the secure LDAP connection. This value is stored encrypted and not returned on response. | string Constraints: Sensitive value. Pass in as a secure parameter. |
KeyVaultKeyReference
| Name | Description | Value |
|---|---|---|
| keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
| sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
KeyVaultKeyReferenceSourceVault
| Name | Description | Value |
|---|---|---|
| id | Resource Id. | string |
NfsAccessPolicy
| Name | Description | Value |
|---|---|---|
| accessRules | The set of rules describing client accesses allowed under this policy. | NfsAccessRule[] (required) |
| name | Name identifying this policy. Access Policy names are not case sensitive. | string (required) |
NfsAccessRule
| Name | Description | Value |
|---|---|---|
| access | Access allowed by this rule. | 'no' 'ro' 'rw' (required) |
| anonymousGID | GID value that replaces 0 when rootSquash is true. This will use the value of anonymousUID if not provided. | string |
| anonymousUID | UID value that replaces 0 when rootSquash is true. 65534 will be used if not provided. | string |
| filter | Filter applied to the scope for this rule. The filter's format depends on its scope. 'default' scope matches all clients and has no filter value. 'network' scope takes a filter in CIDR format (for example, 10.99.1.0/24). 'host' takes an IP address or fully qualified domain name as filter. If a client does not match any filter rule and there is no default rule, access is denied. | string |
| rootSquash | Map root accesses to anonymousUID and anonymousGID. | bool |
| scope | Scope for this rule. The scope and filter determine which clients match the rule. | 'default' 'host' 'network' (required) |
| submountAccess | For the default policy, allow access to subdirectories under the root export. If this is set to no, clients can only mount the path '/'. If set to yes, clients can mount a deeper path, like '/a/b'. | bool |
| suid | Allow SUID semantics. | bool |
UserAssignedIdentitiesValueAutoGenerated
| Name | Description | Value |
|---|