Microsoft.AVS privateClouds 2021-12-01
Bicep resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.AVS/privateClouds@2021-12-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
}
identity: {
type: 'string'
}
properties: {
availability: {
secondaryZone: int
strategy: 'string'
zone: int
}
circuit: {}
encryption: {
keyVaultProperties: {
keyName: 'string'
keyVaultUrl: 'string'
keyVersion: 'string'
}
status: 'string'
}
identitySources: [
{
alias: 'string'
baseGroupDN: 'string'
baseUserDN: 'string'
domain: 'string'
name: 'string'
password: 'string'
primaryServer: 'string'
secondaryServer: 'string'
ssl: 'string'
username: 'string'
}
]
internet: 'string'
managementCluster: {
clusterSize: int
hosts: [
'string'
]
}
networkBlock: 'string'
nsxtPassword: 'string'
secondaryCircuit: {}
vcenterPassword: 'string'
}
}
Property values
privateClouds
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) |
| location | Resource location | string |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| sku | The private cloud SKU | Sku (required) |
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | 'None' 'SystemAssigned' |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | 'Disabled' 'Enabled' |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | 'DualZone' 'SingleZone' |
| zone | The primary availability zone for the private cloud | int |
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | 'Disabled' 'Enabled' |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | 'Disabled' 'Enabled' |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
ARM template resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following JSON to your template.
{
"type": "Microsoft.AVS/privateClouds",
"apiVersion": "2021-12-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string"
},
"identity": {
"type": "string"
},
"properties": {
"availability": {
"secondaryZone": "int",
"strategy": "string",
"zone": "int"
},
"circuit": {},
"encryption": {
"keyVaultProperties": {
"keyName": "string",
"keyVaultUrl": "string",
"keyVersion": "string"
},
"status": "string"
},
"identitySources": [
{
"alias": "string",
"baseGroupDN": "string",
"baseUserDN": "string",
"domain": "string",
"name": "string",
"password": "string",
"primaryServer": "string",
"secondaryServer": "string",
"ssl": "string",
"username": "string"
}
],
"internet": "string",
"managementCluster": {
"clusterSize": "int",
"hosts": [ "string" ]
},
"networkBlock": "string",
"nsxtPassword": "string",
"secondaryCircuit": {},
"vcenterPassword": "string"
}
}
Property values
privateClouds
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.AVS/privateClouds' |
| apiVersion | The resource api version | '2021-12-01' |
| name | The resource name | string (required) |
| location | Resource location | string |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| sku | The private cloud SKU | Sku (required) |
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | 'None' 'SystemAssigned' |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | 'Disabled' 'Enabled' |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | 'DualZone' 'SingleZone' |
| zone | The primary availability zone for the private cloud | int |
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | 'Disabled' 'Enabled' |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | 'Disabled' 'Enabled' |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
Terraform (AzAPI provider) resource definition
The privateClouds resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.AVS/privateClouds resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.AVS/privateClouds@2021-12-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
identity {
type = "SystemAssigned"
}
body = jsonencode({
properties = {
availability = {
secondaryZone = int
strategy = "string"
zone = int
}
circuit = {}
encryption = {
keyVaultProperties = {
keyName = "string"
keyVaultUrl = "string"
keyVersion = "string"
}
status = "string"
}
identitySources = [
{
alias = "string"
baseGroupDN = "string"
baseUserDN = "string"
domain = "string"
name = "string"
password = "string"
primaryServer = "string"
secondaryServer = "string"
ssl = "string"
username = "string"
}
]
internet = "string"
managementCluster = {
clusterSize = int
hosts = [
"string"
]
}
networkBlock = "string"
nsxtPassword = "string"
secondaryCircuit = {}
vcenterPassword = "string"
}
sku = {
name = "string"
}
})
}
Property values
privateClouds
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.AVS/privateClouds@2021-12-01" |
| name | The resource name | string (required) |
| location | Resource location | string |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags | Dictionary of tag names and values. |
| sku | The private cloud SKU | Sku (required) |
| identity | The identity of the private cloud, if configured. | PrivateCloudIdentity |
| properties | The properties of a private cloud resource | PrivateCloudProperties |
PrivateCloudIdentity
| Name | Description | Value |
|---|---|---|
| type | The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud. | "SystemAssigned" |
PrivateCloudProperties
| Name | Description | Value |
|---|---|---|
| availability | Properties describing how the cloud is distributed across availability zones | AvailabilityProperties |
| circuit | An ExpressRoute Circuit | Circuit |
| encryption | Customer managed key encryption, can be enabled or disabled | Encryption |
| identitySources | vCenter Single Sign On Identity Sources | IdentitySource[] |
| internet | Connectivity to internet is enabled or disabled | "Disabled" "Enabled" |
| managementCluster | The default cluster used for management | ManagementCluster |
| networkBlock | The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 | string (required) |
| nsxtPassword | Optionally, set the NSX-T Manager password when the private cloud is created | string |
| secondaryCircuit | A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud | Circuit |
| vcenterPassword | Optionally, set the vCenter admin password when the private cloud is created | string |
AvailabilityProperties
| Name | Description | Value |
|---|---|---|
| secondaryZone | The secondary availability zone for the private cloud | int |
| strategy | The availability strategy for the private cloud | "DualZone" "SingleZone" |
| zone | The primary availability zone for the private cloud | int |
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
| Name | Description | Value |
|---|---|---|
| keyVaultProperties | The key vault where the encryption key is stored | EncryptionKeyVaultProperties |
| status | Status of customer managed encryption key | "Disabled" "Enabled" |
EncryptionKeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key. | string |
| keyVaultUrl | The URL of the vault. | string |
| keyVersion | The version of the key. | string |
IdentitySource
| Name | Description | Value |
|---|---|---|
| alias | The domain's NetBIOS name | string |
| baseGroupDN | The base distinguished name for groups | string |
| baseUserDN | The base distinguished name for users | string |
| domain | The domain's dns name | string |
| name | The name of the identity source | string |
| password | The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. | string |
| primaryServer | Primary server URL | string |
| secondaryServer | Secondary server URL | string |
| ssl | Protect LDAP communication using SSL certificate (LDAPS) | "Disabled" "Enabled" |
| username | The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group | string |
ManagementCluster
| Name | Description | Value |
|---|---|---|
| clusterSize | The cluster size | int |
| hosts | The hosts | string[] |
Sku
| Name | Description | Value |
|---|---|---|
| name | The name of the SKU. | string (required) |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for