Microsoft.NetApp netAppAccounts 2021-08-01
- Latest
- 2024-03-01
- 2024-03-01-preview
- 2023-11-01
- 2023-11-01-preview
- 2023-07-01
- 2023-07-01-preview
- 2023-05-01
- 2023-05-01-preview
- 2022-11-01
- 2022-11-01-preview
- 2022-09-01
- 2022-05-01
- 2022-03-01
- 2022-01-01
- 2021-10-01
- 2021-08-01
- 2021-06-01
- 2021-04-01
- 2021-04-01-preview
- 2021-02-01
- 2020-12-01
- 2020-11-01
- 2020-09-01
- 2020-08-01
- 2020-07-01
- 2020-06-01
- 2020-05-01
- 2020-03-01
- 2020-02-01
- 2019-11-01
- 2019-10-01
- 2019-08-01
- 2019-07-01
- 2019-06-01
- 2019-05-01
- 2017-08-15
Bicep resource definition
The netAppAccounts resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.NetApp/netAppAccounts@2021-08-01' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
properties: {
activeDirectories: [
{
activeDirectoryId: 'string'
administrators: [
'string'
]
adName: 'string'
aesEncryption: bool
allowLocalNfsUsersWithLdap: bool
backupOperators: [
'string'
]
dns: 'string'
domain: 'string'
encryptDCConnections: bool
kdcIP: 'string'
ldapOverTLS: bool
ldapSigning: bool
organizationalUnit: 'string'
password: 'string'
securityOperators: [
'string'
]
serverRootCACertificate: 'string'
site: 'string'
smbServerName: 'string'
username: 'string'
}
]
encryption: {
keySource: 'string'
}
}
}
Property values
netAppAccounts
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) Character limit: 1-128 Valid characters: Alphanumerics, underscores, and hyphens. Start with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| properties | NetApp Account properties | AccountProperties |
AccountProperties
| Name | Description | Value |
|---|---|---|
| activeDirectories | Active Directories | ActiveDirectory[] |
| encryption | Encryption settings | AccountEncryption |
ActiveDirectory
| Name | Description | Value |
|---|---|---|
| activeDirectoryId | Id of the Active Directory | string |
| administrators | Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| adName | Name of the active directory machine. This optional parameter is used only while creating kerberos volume | string Constraints: Min length = 1 Max length = 64 |
| aesEncryption | If enabled, AES encryption will be enabled for SMB communication. | bool |
| allowLocalNfsUsersWithLdap | If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes. | bool |
| backupOperators | Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| dns | Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| domain | Name of the Active Directory domain | string |
| encryptDCConnections | If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted. | bool |
| kdcIP | kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume. | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| ldapOverTLS | Specifies whether or not the LDAP traffic needs to be secured via TLS. | bool |
| ldapSigning | Specifies whether or not the LDAP traffic needs to be signed. | bool |
| organizationalUnit | The Organizational Unit (OU) within the Windows Active Directory | string |
| password | Plain text password of Active Directory domain administrator, value is masked in the response | string Constraints: Sensitive value. Pass in as a secure parameter. |
| securityOperators | Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| serverRootCACertificate | When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes. | string Constraints: Min length = 1 Max length = 10240 Sensitive value. Pass in as a secure parameter. |
| site | The Active Directory site the service will limit Domain Controller discovery to | string |
| smbServerName | NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes | string |
| username | A domain user account with permission to create machine accounts | string |
AccountEncryption
| Name | Description | Value |
|---|---|---|
| keySource | Encryption Key Source. Possible values are: 'Microsoft.NetApp'. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create new ANF resource with NFSV3/NFSv4.1 volume |
This template allows you to create a new Azure NetApp Files resource with a single Capacity pool and single volume configured with NFSV3 or NFSv4.1 protocol. They are all deployed together with Azure Virtual Network and Delegated subnet that are required for any volume to be created |
| Create new ANF resource with SMB volume |
This template allows you to create a new Azure NetApp Files resource with a single Capacity pool and single volume configured with SMB protocol. |
ARM template resource definition
The netAppAccounts resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts resource, add the following JSON to your template.
{
"type": "Microsoft.NetApp/netAppAccounts",
"apiVersion": "2021-08-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"properties": {
"activeDirectories": [
{
"activeDirectoryId": "string",
"administrators": [ "string" ],
"adName": "string",
"aesEncryption": "bool",
"allowLocalNfsUsersWithLdap": "bool",
"backupOperators": [ "string" ],
"dns": "string",
"domain": "string",
"encryptDCConnections": "bool",
"kdcIP": "string",
"ldapOverTLS": "bool",
"ldapSigning": "bool",
"organizationalUnit": "string",
"password": "string",
"securityOperators": [ "string" ],
"serverRootCACertificate": "string",
"site": "string",
"smbServerName": "string",
"username": "string"
}
],
"encryption": {
"keySource": "string"
}
}
}
Property values
netAppAccounts
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.NetApp/netAppAccounts' |
| apiVersion | The resource api version | '2021-08-01' |
| name | The resource name | string (required) Character limit: 1-128 Valid characters: Alphanumerics, underscores, and hyphens. Start with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| properties | NetApp Account properties | AccountProperties |
AccountProperties
| Name | Description | Value |
|---|---|---|
| activeDirectories | Active Directories | ActiveDirectory[] |
| encryption | Encryption settings | AccountEncryption |
ActiveDirectory
| Name | Description | Value |
|---|---|---|
| activeDirectoryId | Id of the Active Directory | string |
| administrators | Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| adName | Name of the active directory machine. This optional parameter is used only while creating kerberos volume | string Constraints: Min length = 1 Max length = 64 |
| aesEncryption | If enabled, AES encryption will be enabled for SMB communication. | bool |
| allowLocalNfsUsersWithLdap | If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes. | bool |
| backupOperators | Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| dns | Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| domain | Name of the Active Directory domain | string |
| encryptDCConnections | If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted. | bool |
| kdcIP | kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume. | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| ldapOverTLS | Specifies whether or not the LDAP traffic needs to be secured via TLS. | bool |
| ldapSigning | Specifies whether or not the LDAP traffic needs to be signed. | bool |
| organizationalUnit | The Organizational Unit (OU) within the Windows Active Directory | string |
| password | Plain text password of Active Directory domain administrator, value is masked in the response | string Constraints: Sensitive value. Pass in as a secure parameter. |
| securityOperators | Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| serverRootCACertificate | When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes. | string Constraints: Min length = 1 Max length = 10240 Sensitive value. Pass in as a secure parameter. |
| site | The Active Directory site the service will limit Domain Controller discovery to | string |
| smbServerName | NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes | string |
| username | A domain user account with permission to create machine accounts | string |
AccountEncryption
| Name | Description | Value |
|---|---|---|
| keySource | Encryption Key Source. Possible values are: 'Microsoft.NetApp'. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Create new ANF resource with NFSV3/NFSv4.1 volume |
This template allows you to create a new Azure NetApp Files resource with a single Capacity pool and single volume configured with NFSV3 or NFSv4.1 protocol. They are all deployed together with Azure Virtual Network and Delegated subnet that are required for any volume to be created |
| Create new ANF resource with SMB volume |
This template allows you to create a new Azure NetApp Files resource with a single Capacity pool and single volume configured with SMB protocol. |
Terraform (AzAPI provider) resource definition
The netAppAccounts resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.NetApp/netAppAccounts@2021-08-01"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
activeDirectories = [
{
activeDirectoryId = "string"
administrators = [
"string"
]
adName = "string"
aesEncryption = bool
allowLocalNfsUsersWithLdap = bool
backupOperators = [
"string"
]
dns = "string"
domain = "string"
encryptDCConnections = bool
kdcIP = "string"
ldapOverTLS = bool
ldapSigning = bool
organizationalUnit = "string"
password = "string"
securityOperators = [
"string"
]
serverRootCACertificate = "string"
site = "string"
smbServerName = "string"
username = "string"
}
]
encryption = {
keySource = "string"
}
}
})
}
Property values
netAppAccounts
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.NetApp/netAppAccounts@2021-08-01" |
| name | The resource name | string (required) Character limit: 1-128 Valid characters: Alphanumerics, underscores, and hyphens. Start with alphanumeric. |
| location | The geo-location where the resource lives | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| properties | NetApp Account properties | AccountProperties |
AccountProperties
| Name | Description | Value |
|---|---|---|
| activeDirectories | Active Directories | ActiveDirectory[] |
| encryption | Encryption settings | AccountEncryption |
ActiveDirectory
| Name | Description | Value |
|---|---|---|
| activeDirectoryId | Id of the Active Directory | string |
| administrators | Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| adName | Name of the active directory machine. This optional parameter is used only while creating kerberos volume | string Constraints: Min length = 1 Max length = 64 |
| aesEncryption | If enabled, AES encryption will be enabled for SMB communication. | bool |
| allowLocalNfsUsersWithLdap | If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes. | bool |
| backupOperators | Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| dns | Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| domain | Name of the Active Directory domain | string |
| encryptDCConnections | If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted. | bool |
| kdcIP | kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume. | string Constraints: Pattern = ^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)((, ?)(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))*$ |
| ldapOverTLS | Specifies whether or not the LDAP traffic needs to be secured via TLS. | bool |
| ldapSigning | Specifies whether or not the LDAP traffic needs to be signed. | bool |
| organizationalUnit | The Organizational Unit (OU) within the Windows Active Directory | string |
| password | Plain text password of Active Directory domain administrator, value is masked in the response | string Constraints: Sensitive value. Pass in as a secure parameter. |
| securityOperators | Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier | string[] Constraints: Min length = 1 Max length = 255 |
| serverRootCACertificate | When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes. | string Constraints: Min length = 1 Max length = 10240 Sensitive value. Pass in as a secure parameter. |
| site | The Active Directory site the service will limit Domain Controller discovery to | string |
| smbServerName | NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes | string |
| username | A domain user account with permission to create machine accounts | string |
AccountEncryption
| Name | Description | Value |
|---|---|---|
| keySource | Encryption Key Source. Possible values are: 'Microsoft.NetApp'. | string |