Microsoft.AVS privateClouds
Article
12/28/2022
9 minutes to read
1 contributor
Feedback
In this article
Bicep resource definition
The privateClouds resource type can be deployed to:
For a list of changed properties in each API version, see change log .
To create a Microsoft.AVS/privateClouds resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.AVS/privateClouds@2022-05-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
}
identity: {
type: 'string'
}
properties: {
availability: {
secondaryZone: int
strategy: 'string'
zone: int
}
circuit: {}
encryption: {
keyVaultProperties: {
keyName: 'string'
keyVaultUrl: 'string'
keyVersion: 'string'
}
status: 'string'
}
identitySources: [
{
alias: 'string'
baseGroupDN: 'string'
baseUserDN: 'string'
domain: 'string'
name: 'string'
password: 'string'
primaryServer: 'string'
secondaryServer: 'string'
ssl: 'string'
username: 'string'
}
]
internet: 'string'
managementCluster: {
clusterSize: int
hosts: [
'string'
]
}
networkBlock: 'string'
nsxtPassword: 'string'
secondaryCircuit: {}
vcenterPassword: 'string'
}
}
Property values
privateClouds
Name
Description
Value
name
The resource name
string (required)
location
Resource location
string
tags
Resource tags
Dictionary of tag names and values. See Tags in templates
sku
The private cloud SKU
Sku (required)
identity
The identity of the private cloud, if configured.
PrivateCloudIdentity
properties
The properties of a private cloud resource
PrivateCloudProperties
PrivateCloudIdentity
Name
Description
Value
type
The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud.
'None'
PrivateCloudProperties
Name
Description
Value
availability
Properties describing how the cloud is distributed across availability zones
AvailabilityProperties
circuit
An ExpressRoute Circuit
Circuit
encryption
Customer managed key encryption, can be enabled or disabled
Encryption
identitySources
vCenter Single Sign On Identity Sources
IdentitySource []
internet
Connectivity to internet is enabled or disabled
'Disabled'
managementCluster
The default cluster used for management
ManagementCluster
networkBlock
The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22
string (required)
nsxtPassword
Optionally, set the NSX-T Manager password when the private cloud is created
string
secondaryCircuit
A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud
Circuit
vcenterPassword
Optionally, set the vCenter admin password when the private cloud is created
string
AvailabilityProperties
Name
Description
Value
secondaryZone
The secondary availability zone for the private cloud
int
strategy
The availability strategy for the private cloud
'DualZone'
zone
The primary availability zone for the private cloud
int
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
Name
Description
Value
keyVaultProperties
The key vault where the encryption key is stored
EncryptionKeyVaultProperties
status
Status of customer managed encryption key
'Disabled'
EncryptionKeyVaultProperties
Name
Description
Value
keyName
The name of the key.
string
keyVaultUrl
The URL of the vault.
string
keyVersion
The version of the key.
string
IdentitySource
Name
Description
Value
alias
The domain's NetBIOS name
string
baseGroupDN
The base distinguished name for groups
string
baseUserDN
The base distinguished name for users
string
domain
The domain's dns name
string
name
The name of the identity source
string
password
The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups.
string
primaryServer
Primary server URL
string
secondaryServer
Secondary server URL
string
ssl
Protect LDAP communication using SSL certificate (LDAPS)
'Disabled'
username
The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group
string
ManagementCluster
Name
Description
Value
clusterSize
The cluster size
int
hosts
The hosts
string[]
Sku
Name
Description
Value
name
The name of the SKU.
string (required)
ARM template resource definition
The privateClouds resource type can be deployed to:
For a list of changed properties in each API version, see change log .
To create a Microsoft.AVS/privateClouds resource, add the following JSON to your template.
{
"type": "Microsoft.AVS/privateClouds",
"apiVersion": "2022-05-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string"
},
"identity": {
"type": "string"
},
"properties": {
"availability": {
"secondaryZone": "int",
"strategy": "string",
"zone": "int"
},
"circuit": {},
"encryption": {
"keyVaultProperties": {
"keyName": "string",
"keyVaultUrl": "string",
"keyVersion": "string"
},
"status": "string"
},
"identitySources": [
{
"alias": "string",
"baseGroupDN": "string",
"baseUserDN": "string",
"domain": "string",
"name": "string",
"password": "string",
"primaryServer": "string",
"secondaryServer": "string",
"ssl": "string",
"username": "string"
}
],
"internet": "string",
"managementCluster": {
"clusterSize": "int",
"hosts": [ "string" ]
},
"networkBlock": "string",
"nsxtPassword": "string",
"secondaryCircuit": {},
"vcenterPassword": "string"
}
}
Property values
privateClouds
Name
Description
Value
type
The resource type
'Microsoft.AVS/privateClouds'
apiVersion
The resource api version
'2022-05-01'
name
The resource name
string (required)
location
Resource location
string
tags
Resource tags
Dictionary of tag names and values. See Tags in templates
sku
The private cloud SKU
Sku (required)
identity
The identity of the private cloud, if configured.
PrivateCloudIdentity
properties
The properties of a private cloud resource
PrivateCloudProperties
PrivateCloudIdentity
Name
Description
Value
type
The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud.
'None'
PrivateCloudProperties
Name
Description
Value
availability
Properties describing how the cloud is distributed across availability zones
AvailabilityProperties
circuit
An ExpressRoute Circuit
Circuit
encryption
Customer managed key encryption, can be enabled or disabled
Encryption
identitySources
vCenter Single Sign On Identity Sources
IdentitySource []
internet
Connectivity to internet is enabled or disabled
'Disabled'
managementCluster
The default cluster used for management
ManagementCluster
networkBlock
The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22
string (required)
nsxtPassword
Optionally, set the NSX-T Manager password when the private cloud is created
string
secondaryCircuit
A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud
Circuit
vcenterPassword
Optionally, set the vCenter admin password when the private cloud is created
string
AvailabilityProperties
Name
Description
Value
secondaryZone
The secondary availability zone for the private cloud
int
strategy
The availability strategy for the private cloud
'DualZone'
zone
The primary availability zone for the private cloud
int
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
Name
Description
Value
keyVaultProperties
The key vault where the encryption key is stored
EncryptionKeyVaultProperties
status
Status of customer managed encryption key
'Disabled'
EncryptionKeyVaultProperties
Name
Description
Value
keyName
The name of the key.
string
keyVaultUrl
The URL of the vault.
string
keyVersion
The version of the key.
string
IdentitySource
Name
Description
Value
alias
The domain's NetBIOS name
string
baseGroupDN
The base distinguished name for groups
string
baseUserDN
The base distinguished name for users
string
domain
The domain's dns name
string
name
The name of the identity source
string
password
The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups.
string
primaryServer
Primary server URL
string
secondaryServer
Secondary server URL
string
ssl
Protect LDAP communication using SSL certificate (LDAPS)
'Disabled'
username
The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group
string
ManagementCluster
Name
Description
Value
clusterSize
The cluster size
int
hosts
The hosts
string[]
Sku
Name
Description
Value
name
The name of the SKU.
string (required)
The privateClouds resource type can be deployed to:
For a list of changed properties in each API version, see change log .
To create a Microsoft.AVS/privateClouds resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.AVS/privateClouds@2022-05-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
identity {
type = "SystemAssigned"
}
body = jsonencode({
properties = {
availability = {
secondaryZone = int
strategy = "string"
zone = int
}
circuit = {}
encryption = {
keyVaultProperties = {
keyName = "string"
keyVaultUrl = "string"
keyVersion = "string"
}
status = "string"
}
identitySources = [
{
alias = "string"
baseGroupDN = "string"
baseUserDN = "string"
domain = "string"
name = "string"
password = "string"
primaryServer = "string"
secondaryServer = "string"
ssl = "string"
username = "string"
}
]
internet = "string"
managementCluster = {
clusterSize = int
hosts = [
"string"
]
}
networkBlock = "string"
nsxtPassword = "string"
secondaryCircuit = {}
vcenterPassword = "string"
}
sku = {
name = "string"
}
})
}
Property values
privateClouds
Name
Description
Value
type
The resource type
"Microsoft.AVS/privateClouds@2022-05-01"
name
The resource name
string (required)
location
Resource location
string
parent_id
To deploy to a resource group, use the ID of that resource group.
string (required)
tags
Resource tags
Dictionary of tag names and values.
sku
The private cloud SKU
Sku (required)
identity
The identity of the private cloud, if configured.
PrivateCloudIdentity
properties
The properties of a private cloud resource
PrivateCloudProperties
PrivateCloudIdentity
Name
Description
Value
type
The type of identity used for the private cloud. The type 'SystemAssigned' refers to an implicitly created identity. The type 'None' will remove any identities from the Private Cloud.
"SystemAssigned"
PrivateCloudProperties
Name
Description
Value
availability
Properties describing how the cloud is distributed across availability zones
AvailabilityProperties
circuit
An ExpressRoute Circuit
Circuit
encryption
Customer managed key encryption, can be enabled or disabled
Encryption
identitySources
vCenter Single Sign On Identity Sources
IdentitySource []
internet
Connectivity to internet is enabled or disabled
"Disabled"
managementCluster
The default cluster used for management
ManagementCluster
networkBlock
The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22
string (required)
nsxtPassword
Optionally, set the NSX-T Manager password when the private cloud is created
string
secondaryCircuit
A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud
Circuit
vcenterPassword
Optionally, set the vCenter admin password when the private cloud is created
string
AvailabilityProperties
Name
Description
Value
secondaryZone
The secondary availability zone for the private cloud
int
strategy
The availability strategy for the private cloud
"DualZone"
zone
The primary availability zone for the private cloud
int
Circuit
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Encryption
Name
Description
Value
keyVaultProperties
The key vault where the encryption key is stored
EncryptionKeyVaultProperties
status
Status of customer managed encryption key
"Disabled"
EncryptionKeyVaultProperties
Name
Description
Value
keyName
The name of the key.
string
keyVaultUrl
The URL of the vault.
string
keyVersion
The version of the key.
string
IdentitySource
Name
Description
Value
alias
The domain's NetBIOS name
string
baseGroupDN
The base distinguished name for groups
string
baseUserDN
The base distinguished name for users
string
domain
The domain's dns name
string
name
The name of the identity source
string
password
The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups.
string
primaryServer
Primary server URL
string
secondaryServer
Secondary server URL
string
ssl
Protect LDAP communication using SSL certificate (LDAPS)
"Disabled"
username
The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group
string
ManagementCluster
Name
Description
Value
clusterSize
The cluster size
int
hosts
The hosts
string[]
Sku
Name
Description
Value
name
The name of the SKU.
string (required)