Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The privateLinkServicesForM365SecurityCenter resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter@2021-03-08' = {
etag: 'string'
identity: {
type: 'string'
}
kind: 'string'
location: 'string'
name: 'string'
properties: {
accessPolicies: [
{
objectId: 'string'
}
]
authenticationConfiguration: {
audience: 'string'
authority: 'string'
smartProxyEnabled: bool
}
corsConfiguration: {
allowCredentials: bool
headers: [
'string'
]
maxAge: int
methods: [
'string'
]
origins: [
'string'
]
}
cosmosDbConfiguration: {
keyVaultKeyUri: 'string'
offerThroughput: int
}
exportConfiguration: {
storageAccountName: 'string'
}
privateEndpointConnections: [
{
properties: {
privateEndpoint: {}
privateLinkServiceConnectionState: {
actionsRequired: 'string'
description: 'string'
status: 'string'
}
}
}
]
publicNetworkAccess: 'string'
}
tags: {
{customized property}: 'string'
}
}
Property Values
Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter
| Name | Description | Value |
|---|---|---|
| etag | An etag associated with the resource, used for optimistic concurrency when editing it. | string |
| identity | Setting indicating whether the service has a managed identity associated with it. | ServicesResourceIdentity |
| kind | The kind of the service. | 'fhir' 'fhir-R4' 'fhir-Stu3' (required) |
| location | The resource location. | string (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 24 (required) |
| properties | The common properties of a service. | ServicesProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
PrivateEndpoint
| Name | Description | Value |
|---|
PrivateEndpointConnection
| Name | Description | Value |
|---|---|---|
| properties | Resource properties. | PrivateEndpointConnectionProperties |
PrivateEndpointConnectionProperties
| Name | Description | Value |
|---|---|---|
| privateEndpoint | The resource of private end point. | PrivateEndpoint |
| privateLinkServiceConnectionState | A collection of information about the state of the connection between service consumer and provider. | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
| Name | Description | Value |
|---|---|---|
| actionsRequired | A message indicating if changes on the service provider require any updates on the consumer. | string |
| description | The reason for approval/rejection of the connection. | string |
| status | Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service. | 'Approved' 'Pending' 'Rejected' |
ServiceAccessPolicyEntry
| Name | Description | Value |
|---|---|---|
| objectId | An Azure AD object ID (User or Apps) that is allowed access to the FHIR service. | string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required) |
ServiceAuthenticationConfigurationInfo
| Name | Description | Value |
|---|---|---|
| audience | The audience url for the service | string |
| authority | The authority url for the service | string |
| smartProxyEnabled | If the SMART on FHIR proxy is enabled | bool |
ServiceCorsConfigurationInfo
| Name | Description | Value |
|---|---|---|
| allowCredentials | If credentials are allowed via CORS. | bool |
| headers | The headers to be allowed via CORS. | string[] |
| maxAge | The max age to be allowed via CORS. | int Constraints: Min value = 0 Max value = 99999 |
| methods | The methods to be allowed via CORS. | string[] |
| origins | The origins to be allowed via CORS. | string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[] |
ServiceCosmosDbConfigurationInfo
| Name | Description | Value |
|---|---|---|
| keyVaultKeyUri | The URI of the customer-managed key for the backing database. | string |
| offerThroughput | The provisioned throughput for the backing database. | int Constraints: Min value = 400 Max value = 10000 |
ServiceExportConfigurationInfo
| Name | Description | Value |
|---|---|---|
| storageAccountName | The name of the default export storage account. | string |
ServicesProperties
| Name | Description | Value |
|---|---|---|
| accessPolicies | The access policies of the service instance. | ServiceAccessPolicyEntry[] |
| authenticationConfiguration | The authentication configuration for the service instance. | ServiceAuthenticationConfigurationInfo |
| corsConfiguration | The settings for the CORS configuration of the service instance. | ServiceCorsConfigurationInfo |
| cosmosDbConfiguration | The settings for the Cosmos DB database backing the service. | ServiceCosmosDbConfigurationInfo |
| exportConfiguration | The settings for the export operation of the service instance. | ServiceExportConfigurationInfo |
| privateEndpointConnections | The list of private endpoint connections that are set up for this resource. | PrivateEndpointConnection[] |
| publicNetworkAccess | Control permission for data plane traffic coming from public networks while private endpoint is enabled. | 'Disabled' 'Enabled' |
ServicesResourceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of identity being specified, currently SystemAssigned and None are allowed. | 'None' 'SystemAssigned' |
ServicesResourceTags
| Name | Description | Value |
|---|
ARM template resource definition
The privateLinkServicesForM365SecurityCenter resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter resource, add the following JSON to your template.
{
"type": "Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter",
"apiVersion": "2021-03-08",
"name": "string",
"etag": "string",
"identity": {
"type": "string"
},
"kind": "string",
"location": "string",
"properties": {
"accessPolicies": [
{
"objectId": "string"
}
],
"authenticationConfiguration": {
"audience": "string",
"authority": "string",
"smartProxyEnabled": "bool"
},
"corsConfiguration": {
"allowCredentials": "bool",
"headers": [ "string" ],
"maxAge": "int",
"methods": [ "string" ],
"origins": [ "string" ]
},
"cosmosDbConfiguration": {
"keyVaultKeyUri": "string",
"offerThroughput": "int"
},
"exportConfiguration": {
"storageAccountName": "string"
},
"privateEndpointConnections": [
{
"properties": {
"privateEndpoint": {
},
"privateLinkServiceConnectionState": {
"actionsRequired": "string",
"description": "string",
"status": "string"
}
}
}
],
"publicNetworkAccess": "string"
},
"tags": {
"{customized property}": "string"
}
}
Property Values
Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2021-03-08' |
| etag | An etag associated with the resource, used for optimistic concurrency when editing it. | string |
| identity | Setting indicating whether the service has a managed identity associated with it. | ServicesResourceIdentity |
| kind | The kind of the service. | 'fhir' 'fhir-R4' 'fhir-Stu3' (required) |
| location | The resource location. | string (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 24 (required) |
| properties | The common properties of a service. | ServicesProperties |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter' |
PrivateEndpoint
| Name | Description | Value |
|---|
PrivateEndpointConnection
| Name | Description | Value |
|---|---|---|
| properties | Resource properties. | PrivateEndpointConnectionProperties |
PrivateEndpointConnectionProperties
| Name | Description | Value |
|---|---|---|
| privateEndpoint | The resource of private end point. | PrivateEndpoint |
| privateLinkServiceConnectionState | A collection of information about the state of the connection between service consumer and provider. | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
| Name | Description | Value |
|---|---|---|
| actionsRequired | A message indicating if changes on the service provider require any updates on the consumer. | string |
| description | The reason for approval/rejection of the connection. | string |
| status | Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service. | 'Approved' 'Pending' 'Rejected' |
ServiceAccessPolicyEntry
| Name | Description | Value |
|---|---|---|
| objectId | An Azure AD object ID (User or Apps) that is allowed access to the FHIR service. | string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required) |
ServiceAuthenticationConfigurationInfo
| Name | Description | Value |
|---|---|---|
| audience | The audience url for the service | string |
| authority | The authority url for the service | string |
| smartProxyEnabled | If the SMART on FHIR proxy is enabled | bool |
ServiceCorsConfigurationInfo
| Name | Description | Value |
|---|---|---|
| allowCredentials | If credentials are allowed via CORS. | bool |
| headers | The headers to be allowed via CORS. | string[] |
| maxAge | The max age to be allowed via CORS. | int Constraints: Min value = 0 Max value = 99999 |
| methods | The methods to be allowed via CORS. | string[] |
| origins | The origins to be allowed via CORS. | string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[] |
ServiceCosmosDbConfigurationInfo
| Name | Description | Value |
|---|---|---|
| keyVaultKeyUri | The URI of the customer-managed key for the backing database. | string |
| offerThroughput | The provisioned throughput for the backing database. | int Constraints: Min value = 400 Max value = 10000 |
ServiceExportConfigurationInfo
| Name | Description | Value |
|---|---|---|
| storageAccountName | The name of the default export storage account. | string |
ServicesProperties
| Name | Description | Value |
|---|---|---|
| accessPolicies | The access policies of the service instance. | ServiceAccessPolicyEntry[] |
| authenticationConfiguration | The authentication configuration for the service instance. | ServiceAuthenticationConfigurationInfo |
| corsConfiguration | The settings for the CORS configuration of the service instance. | ServiceCorsConfigurationInfo |
| cosmosDbConfiguration | The settings for the Cosmos DB database backing the service. | ServiceCosmosDbConfigurationInfo |
| exportConfiguration | The settings for the export operation of the service instance. | ServiceExportConfigurationInfo |
| privateEndpointConnections | The list of private endpoint connections that are set up for this resource. | PrivateEndpointConnection[] |
| publicNetworkAccess | Control permission for data plane traffic coming from public networks while private endpoint is enabled. | 'Disabled' 'Enabled' |
ServicesResourceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of identity being specified, currently SystemAssigned and None are allowed. | 'None' 'SystemAssigned' |
ServicesResourceTags
| Name | Description | Value |
|---|
Usage Examples
Terraform (AzAPI provider) resource definition
The privateLinkServicesForM365SecurityCenter resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter@2021-03-08"
name = "string"
parent_id = "string"
identity {
type = "string"
identity_ids = [
"string"
]
}
location = "string"
tags = {
{customized property} = "string"
}
body = {
etag = "string"
kind = "string"
properties = {
accessPolicies = [
{
objectId = "string"
}
]
authenticationConfiguration = {
audience = "string"
authority = "string"
smartProxyEnabled = bool
}
corsConfiguration = {
allowCredentials = bool
headers = [
"string"
]
maxAge = int
methods = [
"string"
]
origins = [
"string"
]
}
cosmosDbConfiguration = {
keyVaultKeyUri = "string"
offerThroughput = int
}
exportConfiguration = {
storageAccountName = "string"
}
privateEndpointConnections = [
{
properties = {
privateEndpoint = {
}
privateLinkServiceConnectionState = {
actionsRequired = "string"
description = "string"
status = "string"
}
}
}
]
publicNetworkAccess = "string"
}
}
}
Property Values
Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter
| Name | Description | Value |
|---|---|---|
| etag | An etag associated with the resource, used for optimistic concurrency when editing it. | string |
| identity | Setting indicating whether the service has a managed identity associated with it. | ServicesResourceIdentity |
| kind | The kind of the service. | 'fhir' 'fhir-R4' 'fhir-Stu3' (required) |
| location | The resource location. | string (required) |
| name | The resource name | string Constraints: Min length = 3 Max length = 24 (required) |
| properties | The common properties of a service. | ServicesProperties |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.SecurityAndCompliance/privateLinkServicesForM365SecurityCenter@2021-03-08" |
PrivateEndpoint
| Name | Description | Value |
|---|
PrivateEndpointConnection
| Name | Description | Value |
|---|---|---|
| properties | Resource properties. | PrivateEndpointConnectionProperties |
PrivateEndpointConnectionProperties
| Name | Description | Value |
|---|---|---|
| privateEndpoint | The resource of private end point. | PrivateEndpoint |
| privateLinkServiceConnectionState | A collection of information about the state of the connection between service consumer and provider. | PrivateLinkServiceConnectionState (required) |
PrivateLinkServiceConnectionState
| Name | Description | Value |
|---|---|---|
| actionsRequired | A message indicating if changes on the service provider require any updates on the consumer. | string |
| description | The reason for approval/rejection of the connection. | string |
| status | Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service. | 'Approved' 'Pending' 'Rejected' |
ServiceAccessPolicyEntry
| Name | Description | Value |
|---|---|---|
| objectId | An Azure AD object ID (User or Apps) that is allowed access to the FHIR service. | string Constraints: Pattern = ^(([0-9A-Fa-f]{8}[-]?(?:[0-9A-Fa-f]{4}[-]?){3}[0-9A-Fa-f]{12}){1})+$ (required) |
ServiceAuthenticationConfigurationInfo
| Name | Description | Value |
|---|---|---|
| audience | The audience url for the service | string |
| authority | The authority url for the service | string |
| smartProxyEnabled | If the SMART on FHIR proxy is enabled | bool |
ServiceCorsConfigurationInfo
| Name | Description | Value |
|---|---|---|
| allowCredentials | If credentials are allowed via CORS. | bool |
| headers | The headers to be allowed via CORS. | string[] |
| maxAge | The max age to be allowed via CORS. | int Constraints: Min value = 0 Max value = 99999 |
| methods | The methods to be allowed via CORS. | string[] |
| origins | The origins to be allowed via CORS. | string Constraints: Pattern = ^(?:(?:(?:[hH][tT][tT][pP](?:[sS]|))\:\/\/(?:[a-zA-Z0-9-]+[.]?)+(?:\:[0-9]{1,5})?|[*]))$[] |
ServiceCosmosDbConfigurationInfo
| Name | Description | Value |
|---|---|---|
| keyVaultKeyUri | The URI of the customer-managed key for the backing database. | string |
| offerThroughput | The provisioned throughput for the backing database. | int Constraints: Min value = 400 Max value = 10000 |
ServiceExportConfigurationInfo
| Name | Description | Value |
|---|---|---|
| storageAccountName | The name of the default export storage account. | string |
ServicesProperties
| Name | Description | Value |
|---|---|---|
| accessPolicies | The access policies of the service instance. | ServiceAccessPolicyEntry[] |
| authenticationConfiguration | The authentication configuration for the service instance. | ServiceAuthenticationConfigurationInfo |
| corsConfiguration | The settings for the CORS configuration of the service instance. | ServiceCorsConfigurationInfo |
| cosmosDbConfiguration | The settings for the Cosmos DB database backing the service. | ServiceCosmosDbConfigurationInfo |
| exportConfiguration | The settings for the export operation of the service instance. | ServiceExportConfigurationInfo |
| privateEndpointConnections | The list of private endpoint connections that are set up for this resource. | PrivateEndpointConnection[] |
| publicNetworkAccess | Control permission for data plane traffic coming from public networks while private endpoint is enabled. | 'Disabled' 'Enabled' |
ServicesResourceIdentity
| Name | Description | Value |
|---|---|---|
| type | Type of identity being specified, currently SystemAssigned and None are allowed. | 'None' 'SystemAssigned' |
ServicesResourceTags
| Name | Description | Value |
|---|