Private Clouds - Get
Get a PrivateCloud
GET https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.AVS/privateClouds/{privateCloudName}?api-version=2025-09-01
URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
private
|
path | True |
string pattern: ^[-\w\._]+$ |
Name of the private cloud |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
subscription
|
path | True |
string (uuid) |
The ID of the target subscription. The value must be an UUID. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
Azure operation completed successfully. |
|
| Other Status Codes |
An unexpected error response. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
|
Private |
|
Private |
PrivateClouds_Get
Sample request
GET https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.AVS/privateClouds/cloud1?api-version=2025-09-01
Sample response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.AVS/privateClouds/cloud1",
"identity": {
"principalId": "881e5573-063f-49e4-8c08-79d7df0169d8",
"tenantId": "881e5573-063f-49e4-8c08-79d7df0169d8",
"type": "SystemAssigned"
},
"location": "eastus2",
"name": "cloud1",
"sku": {
"name": "AV36"
},
"properties": {
"availability": {
"strategy": "SingleZone",
"zone": 1
},
"networkBlock": "192.168.48.0/22",
"circuit": {
"expressRouteID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2/providers/Microsoft.Network/expressroutecircuits/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2-xconnect",
"primarySubnet": "192.168.53.0/30",
"secondarySubnet": "192.168.53.4/30",
"expressRoutePrivatePeeringID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt42-cust-p01-dmo01/providers/Microsoft.Network/expressroutecircuits/tnt42-cust-p01-dmo01-er/peerings/AzurePrivatePeering"
},
"managementCluster": {
"clusterId": 1,
"clusterSize": 4,
"vsanDatastoreName": "vsanDatastore1",
"hosts": [
"fakehost18.nyc1.kubernetes.center",
"fakehost19.nyc1.kubernetes.center",
"fakehost20.nyc1.kubernetes.center",
"fakehost21.nyc1.kubernetes.center"
]
},
"encryption": {
"status": "Enabled",
"keyVaultProperties": {
"keyName": "keyname1",
"keyVersion": "ver1.0",
"keyVaultUrl": "https://keyvault1-kmip-kvault.vault.azure.net/",
"keyState": "Connected",
"versionType": "Fixed"
}
},
"endpoints": {
"nsxtManager": "https://nsx.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"vcsa": "https://vc.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"hcxCloudManager": "https://hcx.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"nsxtManagerIp": "192.168.50.3",
"vcenterIp": "192.168.50.2",
"hcxCloudManagerIp": "192.168.50.4"
},
"externalCloudLinks": [
"/subscriptions/12341234-1234-1234-1234-123412341234/resourceGroups/mygroup/providers/Microsoft.AVS/privateClouds/cloud2"
],
"identitySources": [
{
"alias": "groupAlias",
"baseGroupDN": "ou=baseGroup",
"baseUserDN": "ou=baseUser",
"domain": "domain1",
"name": "group1",
"primaryServer": "ldaps://1.1.1.1:636/",
"secondaryServer": "ldaps://1.1.1.2:636/",
"ssl": "Enabled"
}
],
"internet": "Disabled",
"vcfLicense": {
"kind": "vcf5",
"endDate": "2025-12-31T23:59:59Z",
"cores": 16,
"broadcomSiteId": "123456",
"broadcomContractNumber": "123456",
"provisioningState": "Succeeded"
},
"provisioningState": "Succeeded"
},
"tags": {},
"type": "Microsoft.AVS/privateClouds"
}
PrivateClouds_Get_Stretched
Sample request
GET https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.AVS/privateClouds/cloud1?api-version=2025-09-01
Sample response
{
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.AVS/privateClouds/cloud1",
"location": "eastus2",
"name": "cloud1",
"sku": {
"name": "AV36"
},
"properties": {
"availability": {
"strategy": "DualZone",
"zone": 1,
"secondaryZone": 2
},
"networkBlock": "192.168.48.0/22",
"circuit": {
"expressRouteID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2/providers/Microsoft.Network/expressroutecircuits/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2-xconnect",
"primarySubnet": "192.168.53.0/30",
"secondarySubnet": "192.168.53.4/30",
"expressRoutePrivatePeeringID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt42-cust-p01-dmo01/providers/Microsoft.Network/expressroutecircuits/tnt42-cust-p01-dmo01-er/peerings/AzurePrivatePeering"
},
"secondaryCircuit": {
"expressRouteID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2/providers/Microsoft.Network/expressroutecircuits/tnt13-41a90db2-9d5e-4bd5-a77a-5ce7b58213d6-eastus2-xconnect",
"primarySubnet": "192.168.53.0/30",
"secondarySubnet": "192.168.53.4/30",
"expressRoutePrivatePeeringID": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/tnt42-cust-p01-dmo01/providers/Microsoft.Network/expressroutecircuits/tnt42-cust-p01-dmo01-er2/peerings/AzurePrivatePeering"
},
"managementCluster": {
"clusterId": 1,
"clusterSize": 4,
"vsanDatastoreName": "vsanDatastore1",
"hosts": [
"fakehost18.nyc1.kubernetes.center",
"fakehost19.nyc1.kubernetes.center",
"fakehost20.nyc1.kubernetes.center",
"fakehost21.nyc1.kubernetes.center"
]
},
"endpoints": {
"nsxtManager": "https://nsx.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"vcsa": "https://vc.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"hcxCloudManager": "https://hcx.290351365f5b41a19b77af.eastus.avslab.azure.com/",
"nsxtManagerIp": "192.168.50.3",
"vcenterIp": "192.168.50.2",
"hcxCloudManagerIp": "192.168.50.4"
},
"externalCloudLinks": [
"/subscriptions/12341234-1234-1234-1234-123412341234/resourceGroups/mygroup/providers/Microsoft.AVS/privateClouds/cloud2"
],
"identitySources": [
{
"alias": "groupAlias",
"baseGroupDN": "ou=baseGroup",
"baseUserDN": "ou=baseUser",
"domain": "domain1",
"name": "group1",
"primaryServer": "ldaps://1.1.1.1:636/",
"secondaryServer": "ldaps://1.1.1.2:636/",
"ssl": "Enabled"
}
],
"internet": "Disabled",
"vcfLicense": {
"kind": "vcf5",
"endDate": "2025-12-31T23:59:59Z",
"cores": 16,
"broadcomSiteId": "123456",
"broadcomContractNumber": "123456",
"provisioningState": "Succeeded"
},
"provisioningState": "Succeeded"
},
"tags": {},
"type": "Microsoft.AVS/privateClouds"
}
Definitions
| Name | Description |
|---|---|
|
Availability |
The properties describing private cloud availability zone distribution |
|
Availability |
Whether the private clouds is available in a single zone or two zones |
| Circuit |
An ExpressRoute Circuit |
|
Cluster |
Cluster provisioning state |
|
created |
The type of identity that created the resource. |
|
Dns |
The type of DNS zone. |
| Encryption |
The properties of customer managed encryption key |
|
Encryption |
Whether the the encryption key is connected or access denied |
|
Encryption |
An Encryption Key |
|
Encryption |
Whether encryption is enabled or disabled |
|
Encryption |
Whether the encryption version is fixed or auto-detected |
| Endpoints |
Endpoint addresses |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Identity |
vCenter Single Sign On Identity Source |
|
Internet |
Whether internet is enabled or disabled |
| Label |
A key-value pair representing a label. |
|
License |
provisioning state of the license |
|
Management |
The properties of a management cluster |
|
Nsx |
NSX public IP quota raised |
|
Private |
A private cloud resource |
|
Private |
private cloud provisioning state |
| Sku |
The resource model definition representing SKU |
|
Sku |
This field is required to be implemented by the Resource Provider if the service has more than one tier, but is not required on a PUT. |
|
Ssl |
Whether SSL is enabled or disabled |
|
System |
Managed service identity (either system assigned, or none) |
|
System |
Type of managed service identity (either system assigned, or none). |
|
system |
Metadata pertaining to creation and last modification of the resource. |
| Vcf5License |
A VMware Cloud Foundation (VCF) 5.0 license |
|
Vcf |
The kind of license. |
AvailabilityProperties
The properties describing private cloud availability zone distribution
| Name | Type | Description |
|---|---|---|
| secondaryZone |
integer (int32) |
The secondary availability zone for the private cloud |
| strategy |
The availability strategy for the private cloud |
|
| zone |
integer (int32) |
The primary availability zone for the private cloud |
AvailabilityStrategy
Whether the private clouds is available in a single zone or two zones
| Value | Description |
|---|---|
| SingleZone |
in single zone |
| DualZone |
in two zones |
Circuit
An ExpressRoute Circuit
| Name | Type | Description |
|---|---|---|
| expressRouteID |
string |
Identifier of the ExpressRoute Circuit (Microsoft Colo only) |
| expressRoutePrivatePeeringID |
string |
ExpressRoute Circuit private peering identifier |
| primarySubnet |
string |
CIDR of primary subnet |
| secondarySubnet |
string |
CIDR of secondary subnet |
ClusterProvisioningState
Cluster provisioning state
| Value | Description |
|---|---|
| Succeeded |
Resource has been created. |
| Failed |
Resource creation failed. |
| Canceled |
Resource creation was canceled. |
| Cancelled |
is cancelled |
| Deleting |
is deleting |
| Updating |
is updating |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
DnsZoneType
The type of DNS zone.
| Value | Description |
|---|---|
| Public |
Primary DNS zone. |
| Private |
Private DNS zone. |
Encryption
The properties of customer managed encryption key
| Name | Type | Description |
|---|---|---|
| keyVaultProperties |
The key vault where the encryption key is stored |
|
| status |
Status of customer managed encryption key |
EncryptionKeyStatus
Whether the the encryption key is connected or access denied
| Value | Description |
|---|---|
| Connected |
is connected |
| AccessDenied |
is access denied |
EncryptionKeyVaultProperties
An Encryption Key
| Name | Type | Description |
|---|---|---|
| autoDetectedKeyVersion |
string |
The auto-detected version of the key if versionType is auto-detected. |
| keyName |
string |
The name of the key. |
| keyState |
The state of key provided |
|
| keyVaultUrl |
string |
The URL of the vault. |
| keyVersion |
string |
The version of the key. |
| versionType |
Property of the key if user provided or auto detected |
EncryptionState
Whether encryption is enabled or disabled
| Value | Description |
|---|---|
| Enabled |
is enabled |
| Disabled |
is disabled |
EncryptionVersionType
Whether the encryption version is fixed or auto-detected
| Value | Description |
|---|---|
| Fixed |
is fixed |
| AutoDetected |
is auto-detected |
Endpoints
Endpoint addresses
| Name | Type | Description |
|---|---|---|
| hcxCloudManager |
string |
Endpoint FQDN for the HCX Cloud Manager |
| hcxCloudManagerIp |
string |
Endpoint IP for the HCX Cloud Manager |
| nsxtManager |
string |
Endpoint FQDN for the NSX-T Data Center manager |
| nsxtManagerIp |
string |
Endpoint IP for the NSX-T Data Center manager |
| vcenterIp |
string |
Endpoint IP for Virtual Center Server Appliance |
| vcsa |
string |
Endpoint FQDN for Virtual Center Server Appliance |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
IdentitySource
vCenter Single Sign On Identity Source
| Name | Type | Description |
|---|---|---|
| alias |
string |
The domain's NetBIOS name |
| baseGroupDN |
string |
The base distinguished name for groups |
| baseUserDN |
string |
The base distinguished name for users |
| domain |
string |
The domain's DNS name |
| name |
string |
The name of the identity source |
| password |
string (password) |
The password of the Active Directory user with a minimum of read-only access to Base DN for users and groups. |
| primaryServer |
string |
Primary server URL |
| secondaryServer |
string |
Secondary server URL |
| ssl |
Protect LDAP communication using SSL certificate (LDAPS) |
|
| username |
string |
The ID of an Active Directory user with a minimum of read-only access to Base DN for users and group |
InternetEnum
Whether internet is enabled or disabled
| Value | Description |
|---|---|
| Enabled |
is enabled |
| Disabled |
is disabled |
Label
A key-value pair representing a label.
| Name | Type | Description |
|---|---|---|
| key |
string minLength: 1 |
The key of the label. |
| value |
string minLength: 1 |
The value of the label. |
LicenseProvisioningState
provisioning state of the license
| Value | Description |
|---|---|
| Succeeded |
Resource has been created. |
| Failed |
Resource creation failed. |
| Canceled |
Resource creation was canceled. |
ManagementCluster
The properties of a management cluster
| Name | Type | Description |
|---|---|---|
| clusterId |
integer (int32) |
The identity |
| clusterSize |
integer (int32) |
The cluster size |
| hosts |
string[] |
The hosts |
| provisioningState |
The state of the cluster provisioning |
|
| vsanDatastoreName |
string |
Name of the vsan datastore associated with the cluster |
NsxPublicIpQuotaRaisedEnum
NSX public IP quota raised
| Value | Description |
|---|---|
| Enabled |
is enabled |
| Disabled |
is disabled |
PrivateCloud
A private cloud resource
| Name | Type | Default value | Description |
|---|---|---|---|
| id |
string (arm-id) |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
|
| identity |
The managed service identities assigned to this resource. |
||
| location |
string |
The geo-location where the resource lives |
|
| name |
string |
The name of the resource |
|
| properties.availability |
Properties describing how the cloud is distributed across availability zones |
||
| properties.circuit |
An ExpressRoute Circuit |
||
| properties.dnsZoneType |
The type of DNS zone to use. |
||
| properties.encryption |
Customer managed key encryption, can be enabled or disabled |
||
| properties.endpoints |
The endpoints |
||
| properties.extendedNetworkBlocks |
string[] |
Array of additional networks noncontiguous with networkBlock. Networks must be unique and non-overlapping across VNet in your subscription, on-premise, and this privateCloud networkBlock attribute. Make sure the CIDR format conforms to (A.B.C.D/X). |
|
| properties.externalCloudLinks |
string[] |
Array of cloud link IDs from other clouds that connect to this one |
|
| properties.identitySources |
vCenter Single Sign On Identity Sources |
||
| properties.internet | Disabled |
Connectivity to internet is enabled or disabled |
|
| properties.managementCluster |
The default cluster used for management |
||
| properties.managementNetwork |
string |
Network used to access vCenter Server and NSX-T Manager |
|
| properties.networkBlock |
string |
The block of addresses should be unique across VNet in your subscription as well as on-premise. Make sure the CIDR format is conformed to (A.B.C.D/X) where A,B,C,D are between 0 and 255, and X is between 0 and 22 |
|
| properties.nsxPublicIpQuotaRaised |
Flag to indicate whether the private cloud has the quota for provisioned NSX Public IP count raised from 64 to 1024 |
||
| properties.nsxtCertificateThumbprint |
string |
Thumbprint of the NSX-T Manager SSL certificate |
|
| properties.nsxtPassword |
string (password) |
Optionally, set the NSX-T Manager password when the private cloud is created |
|
| properties.provisioningNetwork |
string |
Used for virtual machine cold migration, cloning, and snapshot migration |
|
| properties.provisioningState |
The provisioning state |
||
| properties.secondaryCircuit |
A secondary expressRoute circuit from a separate AZ. Only present in a stretched private cloud |
||
| properties.vcenterCertificateThumbprint |
string |
Thumbprint of the vCenter Server SSL certificate |
|
| properties.vcenterPassword |
string (password) |
Optionally, set the vCenter admin password when the private cloud is created |
|
| properties.vcfLicense | VcfLicense: |
The private cloud license |
|
| properties.virtualNetworkId |
string (arm-id) |
Azure resource ID of the virtual network |
|
| properties.vmotionNetwork |
string |
Used for live migration of virtual machines |
|
| sku |
The SKU (Stock Keeping Unit) assigned to this resource. |
||
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
||
| tags |
object |
Resource tags. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
|
| zones |
string[] |
The availability zones. |
PrivateCloudProvisioningState
private cloud provisioning state
| Value | Description |
|---|---|
| Succeeded |
Resource has been created. |
| Failed |
Resource creation failed. |
| Canceled |
Resource creation was canceled. |
| Cancelled |
is cancelled |
| Pending |
is pending |
| Building |
is building |
| Deleting |
is deleting |
| Updating |
is updating |
Sku
The resource model definition representing SKU
| Name | Type | Description |
|---|---|---|
| capacity |
integer (int32) |
If the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted. |
| family |
string |
If the service has different generations of hardware, for the same SKU, then that can be captured here. |
| name |
string |
The name of the SKU. E.g. P3. It is typically a letter+number code |
| size |
string |
The SKU size. When the name field is the combination of tier and some other value, this would be the standalone code. |
| tier |
This field is required to be implemented by the Resource Provider if the service has more than one tier, but is not required on a PUT. |
SkuTier
This field is required to be implemented by the Resource Provider if the service has more than one tier, but is not required on a PUT.
| Value | Description |
|---|---|
| Free | |
| Basic | |
| Standard | |
| Premium |
SslEnum
Whether SSL is enabled or disabled
| Value | Description |
|---|---|
| Enabled |
is enabled |
| Disabled |
is disabled |
SystemAssignedServiceIdentity
Managed service identity (either system assigned, or none)
| Name | Type | Description |
|---|---|---|
| principalId |
string (uuid) |
The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity. |
| tenantId |
string (uuid) |
The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity. |
| type |
Type of managed service identity (either system assigned, or none). |
SystemAssignedServiceIdentityType
Type of managed service identity (either system assigned, or none).
| Value | Description |
|---|---|
| None | |
| SystemAssigned |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
Vcf5License
A VMware Cloud Foundation (VCF) 5.0 license
| Name | Type | Description |
|---|---|---|
| broadcomContractNumber |
string |
The Broadcom contract number associated with the license. |
| broadcomSiteId |
string |
The Broadcom site ID associated with the license. |
| cores |
integer (int32) |
Number of cores included in the license |
| endDate |
string (date-time) |
UTC datetime when the license expires |
| kind |
string:
vcf5 |
License kind |
| labels |
Label[] |
Additional labels passed through for license reporting. |
| licenseKey |
string (password) |
License key |
| provisioningState |
The state of the license provisioning |
VcfLicenseKind
The kind of license.
| Value | Description |
|---|---|
| vcf5 |
A VMware Cloud Foundation (VCF) 5.0 license |