Connector - Create Dryrun
create a dryrun job to do necessary check before actual creation
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourcegroups/{resourceGroupName}/providers/Microsoft.ServiceLinker/locations/{location}/dryruns/{dryrunName}?api-version=2022-11-01-previewURI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
dryrun
|
path | True |
string |
The name of dryrun. |
|
location
|
path | True |
string minLength: 1 |
The name of Azure region. |
|
resource
|
path | True |
string minLength: 1maxLength: 90 |
The name of the resource group. The name is case insensitive. |
|
subscription
|
path | True |
string minLength: 1 |
The ID of the target subscription. |
|
api-version
|
query | True |
string minLength: 1 |
The API version to use for this operation. |
Request Body
| Name | Type | Description |
|---|---|---|
| properties.parameters | DryrunParameters: |
The parameters of the dryrun |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
OK. The request has succeeded. |
|
| 201 Created |
Long running operation |
|
| Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow.
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
| Name | Description |
|---|---|
| user_impersonation | impersonate your user account |
Examples
ConnectorDryrunCreate
Sample request
PUT https://management.azure.com/subscriptions/00000000-0000-0000-0000-000000000000/resourcegroups/test-rg/providers/Microsoft.ServiceLinker/locations/westus/dryruns/dryrunName?api-version=2022-11-01-preview
{
"properties": {
"parameters": {
"actionName": "createOrUpdate",
"targetService": {
"type": "AzureResource",
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc/mongodbDatabases/test-db"
},
"authInfo": {
"authType": "secret",
"name": "name",
"secretInfo": {
"secretType": "rawValue",
"value": "secret"
}
}
}
}
}
Sample response
{
"name": "dryrunName",
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.ServiceLinker/locations/westus/dryruns/dryrunName",
"properties": {
"parameters": {
"actionName": "createOrUpdate",
"targetService": {
"type": "AzureResource",
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc/mongodbDatabases/test-db"
},
"authInfo": {
"authType": "secret",
"name": "name"
}
},
"prerequisiteResults": [
{
"type": "basicError",
"code": "ResourceNotFound",
"message": "Target resource is not found"
},
{
"type": "permissionsMissing",
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc",
"permissions": [
"Microsoft.DocumentDb/databaseAccounts/write"
]
}
],
"operationPreviews": [
{
"name": "configFirewallRule",
"operationType": "configNetwork",
"description": "Config firewall rule for target service to allow source service access",
"action": "Microsoft.DocumentDb/databaseAccounts/write",
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc"
}
],
"provisioningState": "Succeeded"
}
}{
"name": "dryrunName",
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.ServiceLinker/locations/westus/dryruns/dryrunName",
"properties": {
"parameters": {
"actionName": "createOrUpdate",
"targetService": {
"type": "AzureResource",
"id": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc/mongodbDatabases/test-db"
},
"authInfo": {
"authType": "secret",
"name": "name"
}
},
"prerequisiteResults": [
{
"type": "basicError",
"code": "ResourceNotFound",
"message": "Target resource is not found"
},
{
"type": "permissionsMissing",
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc",
"permissions": [
"Microsoft.DocumentDb/databaseAccounts/write"
]
}
],
"operationPreviews": [
{
"name": "configFirewallRule",
"operationType": "configNetwork",
"description": "Config firewall rule for target service to allow source service access",
"action": "Microsoft.DocumentDb/databaseAccounts/write",
"scope": "/subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/test-rg/providers/Microsoft.DocumentDb/databaseAccounts/test-acc"
}
],
"provisioningState": "Accepted"
}
}Definitions
| Name | Description |
|---|---|
|
Access |
The access key directly from target resource properties, which target service is Azure Resource, such as Microsoft.Storage |
|
access |
Permissions of the accessKey. |
|
action |
Optional. Indicates public network solution. If enable, enable public network access of target service with best try. Default is enable. If optOut, opt out public network access configuration. |
|
allow |
Allow Azure services to access the target service if true. |
|
Auth |
The authentication type. |
|
Azure |
The resource properties when type is Azure Key Vault |
|
Azure |
The azure resource info when target service type is AzureResource |
|
Basic |
The represent of basic error |
|
client |
The application client type |
|
Configuration |
The configuration information, used to generate configurations or save to applications |
|
Confluent |
The service properties when target service type is ConfluentBootstrapServer |
|
Confluent |
The service properties when target service type is ConfluentSchemaRegistry |
|
created |
The type of identity that created the resource. |
|
Create |
The dryrun parameters for creation or update a linker |
|
Dapr |
The dapr component metadata. |
|
Dapr |
Indicates some additional properties for dapr client type |
|
Delete |
The cleanup behavior to indicate whether clean up operation when resource is deleted or updated |
|
Dryrun |
The name of action for you dryrun job. |
|
Dryrun |
The preview of the operations for creation |
|
Dryrun |
The type of dryrun result. |
|
Dryrun |
The operation type |
|
Dryrun |
a dryrun job resource |
|
Error |
The resource management error additional info. |
|
Error |
The error detail. |
|
Error |
Error response |
|
Firewall |
Target service's firewall rules. to allow connections from source service. |
|
Key |
The secret info when type is keyVaultSecretReference. It's for scenario that user provides a secret stored in user's keyvault and source is Azure Kubernetes. The key Vault's resource id is linked to secretStore.keyVaultId. |
|
Key |
The secret info when type is keyVaultSecretUri. It's for scenario that user provides a secret stored in user's keyvault and source is Web App, Spring Cloud or Container App. |
|
Permissions |
The represent of missing permissions |
|
Public |
Indicates public network solution, include firewall rules |
|
Secret |
The authentication info when authType is secret |
|
Secret |
An option to store secret value in secure place |
|
Secret |
The secret type. |
|
Self |
The service properties when target service type is SelfHostedServer |
|
Service |
The authentication info when authType is servicePrincipal certificate |
|
Service |
The authentication info when authType is servicePrincipal secret |
|
System |
The authentication info when authType is systemAssignedIdentity |
|
system |
Metadata pertaining to creation and last modification of the resource. |
|
User |
The authentication info when authType is user account |
|
User |
The authentication info when authType is userAssignedIdentity |
|
Value |
The secret info when type is rawValue. It's for scenarios that user input the secret. |
|
VNet |
The VNet solution for linker |
|
v |
Type of VNet solution. |
AccessKeyInfoBase
The access key directly from target resource properties, which target service is Azure Resource, such as Microsoft.Storage
| Name | Type | Description |
|---|---|---|
| authType |
string:
access |
The authentication type. |
| permissions |
Permissions of the accessKey. |
accessKeyPermissions
Permissions of the accessKey. Read and Write are for Azure Cosmos DB and Azure App Configuration, Listen, Send and Manage are for Azure Event Hub and Azure Service Bus.
| Value | Description |
|---|---|
| Read | |
| Write | |
| Listen | |
| Send | |
| Manage |
actionType
Optional. Indicates public network solution. If enable, enable public network access of target service with best try. Default is enable. If optOut, opt out public network access configuration.
| Value | Description |
|---|---|
| enable | |
| optOut |
allowType
Allow Azure services to access the target service if true.
| Value | Description |
|---|---|
| true | |
| false |
AuthType
The authentication type.
| Value | Description |
|---|---|
| systemAssignedIdentity | |
| userAssignedIdentity | |
| servicePrincipalSecret | |
| servicePrincipalCertificate | |
| secret | |
| accessKey | |
| userAccount |
AzureKeyVaultProperties
The resource properties when type is Azure Key Vault
| Name | Type | Description |
|---|---|---|
| connectAsKubernetesCsiDriver |
boolean |
True if connect via Kubernetes CSI Driver. |
| type |
string:
Key |
The azure resource type. |
AzureResource
The azure resource info when target service type is AzureResource
| Name | Type | Description |
|---|---|---|
| id |
string |
The Id of azure resource. |
| resourceProperties | AzureResourcePropertiesBase: |
The azure resource connection related properties. |
| type | string: |
The target service type. |
BasicErrorDryrunPrerequisiteResult
The represent of basic error
| Name | Type | Description |
|---|---|---|
| code |
string |
The error code. |
| message |
string |
The error message. |
| type |
string:
basic |
The type of dryrun result. |
clientType
The application client type
| Value | Description |
|---|---|
| none | |
| dotnet | |
| java | |
| python | |
| go | |
| php | |
| ruby | |
| django | |
| nodejs | |
| springBoot | |
| kafka-springBoot | |
| dapr |
ConfigurationInfo
The configuration information, used to generate configurations or save to applications
| Name | Type | Description |
|---|---|---|
| action |
Optional, indicate whether to apply configurations on source application. If enable, generate configurations and applied to the source application. Default is enable. If optOut, no configuration change will be made on source. |
|
| additionalConfigurations |
object |
A dictionary of additional configurations to be added. Service will auto generate a set of basic configurations and this property is to full fill more customized configurations |
| customizedKeys |
object |
Optional. A dictionary of default key name and customized key name mapping. If not specified, default key name will be used for generate configurations |
| daprProperties |
Indicates some additional properties for dapr client type |
|
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
ConfluentBootstrapServer
The service properties when target service type is ConfluentBootstrapServer
| Name | Type | Description |
|---|---|---|
| endpoint |
string |
The endpoint of service. |
| type | string: |
The target service type. |
ConfluentSchemaRegistry
The service properties when target service type is ConfluentSchemaRegistry
| Name | Type | Description |
|---|---|---|
| endpoint |
string |
The endpoint of service. |
| type | string: |
The target service type. |
createdByType
The type of identity that created the resource.
| Value | Description |
|---|---|
| User | |
| Application | |
| ManagedIdentity | |
| Key |
CreateOrUpdateDryrunParameters
The dryrun parameters for creation or update a linker
| Name | Type | Description |
|---|---|---|
| actionName |
string:
create |
The name of action for you dryrun job. |
| authInfo | AuthInfoBase: |
The authentication type. |
| clientType |
The application client type |
|
| configurationInfo |
The connection information consumed by applications, including secrets, connection strings. |
|
| provisioningState |
string |
The provisioning state. |
| publicNetworkSolution |
The network solution. |
|
| scope |
string |
connection scope in source service. |
| secretStore |
An option to store secret value in secure place |
|
| targetService | TargetServiceBase: |
The target service properties |
| vNetSolution |
The VNet solution. |
DaprMetadata
The dapr component metadata.
| Name | Type | Description |
|---|---|---|
| name |
string |
Metadata property name. |
| secretRef |
string |
The secret name where dapr could get value |
| value |
string |
Metadata property value. |
DaprProperties
Indicates some additional properties for dapr client type
| Name | Type | Description |
|---|---|---|
| componentType |
string |
The dapr component type |
| metadata |
Additional dapr metadata |
|
| scopes |
string[] |
The dapr component scopes |
| secretStoreComponent |
string |
The name of a secret store dapr to retrieve secret |
| version |
string |
The dapr component version |
DeleteOrUpdateBehavior
The cleanup behavior to indicate whether clean up operation when resource is deleted or updated
| Value | Description |
|---|---|
| Default | |
| ForcedCleanup |
DryrunActionName
The name of action for you dryrun job.
| Value | Description |
|---|---|
| createOrUpdate |
DryrunOperationPreview
The preview of the operations for creation
| Name | Type | Description |
|---|---|---|
| action |
string |
The action defined by RBAC, refer https://docs.microsoft.com/azure/role-based-access-control/role-definitions#actions-format |
| description |
string |
The description of the operation |
| name |
string |
The operation name |
| operationType |
The operation type |
|
| scope |
string |
The scope of the operation, refer https://docs.microsoft.com/azure/role-based-access-control/scope-overview |
DryrunPrerequisiteResultType
The type of dryrun result.
| Value | Description |
|---|---|
| basicError | |
| permissionsMissing |
DryrunPreviewOperationType
The operation type
| Value | Description |
|---|---|
| configConnection | |
| configNetwork | |
| configAuth |
DryrunResource
a dryrun job resource
| Name | Type | Description |
|---|---|---|
| id |
string |
Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName} |
| name |
string |
The name of the resource |
| properties.operationPreviews |
the preview of the operations for creation |
|
| properties.parameters | DryrunParameters: |
The parameters of the dryrun |
| properties.prerequisiteResults | DryrunPrerequisiteResult[]: |
the result of the dryrun |
| properties.provisioningState |
string |
The provisioning state. |
| systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
| type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
ErrorAdditionalInfo
The resource management error additional info.
| Name | Type | Description |
|---|---|---|
| info |
object |
The additional info. |
| type |
string |
The additional info type. |
ErrorDetail
The error detail.
| Name | Type | Description |
|---|---|---|
| additionalInfo |
The error additional info. |
|
| code |
string |
The error code. |
| details |
The error details. |
|
| message |
string |
The error message. |
| target |
string |
The error target. |
ErrorResponse
Error response
| Name | Type | Description |
|---|---|---|
| error |
The error object. |
FirewallRules
Target service's firewall rules. to allow connections from source service.
| Name | Type | Description |
|---|---|---|
| azureServices |
Allow Azure services to access the target service if true. |
|
| callerClientIP |
Allow caller client IP to access the target service if true. the property is used when connecting local application to target service. |
|
| ipRanges |
string[] |
This value specifies the set of IP addresses or IP address ranges in CIDR form to be included as the allowed list of client IPs for a given database account. |
KeyVaultSecretReferenceSecretInfo
The secret info when type is keyVaultSecretReference. It's for scenario that user provides a secret stored in user's keyvault and source is Azure Kubernetes. The key Vault's resource id is linked to secretStore.keyVaultId.
| Name | Type | Description |
|---|---|---|
| name |
string |
Name of the Key Vault secret. |
| secretType |
string:
key |
The secret type. |
| version |
string |
Version of the Key Vault secret. |
KeyVaultSecretUriSecretInfo
The secret info when type is keyVaultSecretUri. It's for scenario that user provides a secret stored in user's keyvault and source is Web App, Spring Cloud or Container App.
| Name | Type | Description |
|---|---|---|
| secretType |
string:
key |
The secret type. |
| value |
string |
URI to the keyvault secret |
PermissionsMissingDryrunPrerequisiteResult
The represent of missing permissions
| Name | Type | Description |
|---|---|---|
| permissions |
string[] |
The permission list |
| recommendedRole |
string |
The recommended role to resolve permissions missing |
| scope |
string |
The permission scope |
| type |
string:
permissions |
The type of dryrun result. |
PublicNetworkSolution
Indicates public network solution, include firewall rules
| Name | Type | Description |
|---|---|---|
| action |
Optional. Indicates public network solution. If enable, enable public network access of target service with best try. Default is enable. If optOut, opt out public network access configuration. |
|
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation(such as firewall rules) when Linker is updating or deleting |
|
| firewallRules |
Describe firewall rules of target service to make sure source application could connect to the target. |
SecretAuthInfo
The authentication info when authType is secret
| Name | Type | Description |
|---|---|---|
| authType |
string:
secret |
The authentication type. |
| name |
string |
Username or account name for secret auth. |
| secretInfo | SecretInfoBase: |
Password or key vault secret for secret auth. |
SecretStore
An option to store secret value in secure place
| Name | Type | Description |
|---|---|---|
| keyVaultId |
string |
The key vault id to store secret |
| keyVaultSecretName |
string |
The key vault secret name to store secret, only valid when storing one secret |
SecretType
The secret type.
| Value | Description |
|---|---|
| rawValue | |
| keyVaultSecretUri | |
| keyVaultSecretReference |
SelfHostedServer
The service properties when target service type is SelfHostedServer
| Name | Type | Description |
|---|---|---|
| endpoint |
string |
The endpoint of service. |
| type | string: |
The target service type. |
ServicePrincipalCertificateAuthInfo
The authentication info when authType is servicePrincipal certificate
| Name | Type | Description |
|---|---|---|
| authType |
string:
service |
The authentication type. |
| certificate |
string |
ServicePrincipal certificate for servicePrincipal auth. |
| clientId |
string |
Application clientId for servicePrincipal auth. |
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| principalId |
string |
Principal Id for servicePrincipal auth. |
| roles |
string[] |
Optional, this value specifies the Azure roles to be assigned. Automatically |
ServicePrincipalSecretAuthInfo
The authentication info when authType is servicePrincipal secret
| Name | Type | Description |
|---|---|---|
| authType |
string:
service |
The authentication type. |
| clientId |
string |
ServicePrincipal application clientId for servicePrincipal auth. |
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| principalId |
string |
Principal Id for servicePrincipal auth. |
| roles |
string[] |
Optional, this value specifies the Azure roles to be assigned. Automatically |
| secret |
string |
Secret for servicePrincipal auth. |
| userName |
string |
Username created in the database which is mapped to a user in AAD. |
SystemAssignedIdentityAuthInfo
The authentication info when authType is systemAssignedIdentity
| Name | Type | Description |
|---|---|---|
| authType |
string:
system |
The authentication type. |
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| roles |
string[] |
Optional, this value specifies the Azure role to be assigned |
| userName |
string |
Username created in the database which is mapped to a user in AAD. |
systemData
Metadata pertaining to creation and last modification of the resource.
| Name | Type | Description |
|---|---|---|
| createdAt |
string (date-time) |
The timestamp of resource creation (UTC). |
| createdBy |
string |
The identity that created the resource. |
| createdByType |
The type of identity that created the resource. |
|
| lastModifiedAt |
string (date-time) |
The timestamp of resource last modification (UTC) |
| lastModifiedBy |
string |
The identity that last modified the resource. |
| lastModifiedByType |
The type of identity that last modified the resource. |
UserAccountAuthInfo
The authentication info when authType is user account
| Name | Type | Description |
|---|---|---|
| authType |
string:
user |
The authentication type. |
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| principalId |
string |
Principal Id for user account. |
| roles |
string[] |
Optional, this value specifies the Azure roles to be assigned. Automatically |
| userName |
string |
Username created in the database which is mapped to a user in AAD. |
UserAssignedIdentityAuthInfo
The authentication info when authType is userAssignedIdentity
| Name | Type | Description |
|---|---|---|
| authType |
string:
user |
The authentication type. |
| clientId |
string |
Client Id for userAssignedIdentity. |
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| roles |
string[] |
Optional, this value specifies the Azure role to be assigned |
| subscriptionId |
string |
Subscription id for userAssignedIdentity. |
| userName |
string |
Username created in the database which is mapped to a user in AAD. |
ValueSecretInfo
The secret info when type is rawValue. It's for scenarios that user input the secret.
| Name | Type | Description |
|---|---|---|
| secretType |
string:
raw |
The secret type. |
| value |
string |
The actual value of the secret. |
VNetSolution
The VNet solution for linker
| Name | Type | Description |
|---|---|---|
| deleteOrUpdateBehavior |
Indicates whether to clean up previous operation when Linker is updating or deleting |
|
| type |
Type of VNet solution. |
vNetSolutionType
Type of VNet solution.
| Value | Description |
|---|---|
| serviceEndpoint | |
| privateLink |