Add database principals for Azure Data Explorer by using an Azure Resource Manager template
Azure Data Explorer is a fast and highly scalable data exploration service for log and telemetry data. In this article, you add database principals for Azure Data Explorer by using an Azure Resource Manager template.
Prerequisites
- An Azure subscription. Create a free Azure account.
- Create a cluster and database.
Azure Resource Manager template for adding a database principal
The following example shows an Azure Resource Manager template for adding a database principal. You can edit and deploy the template in the Azure portal by using the form.
{
"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"principalAssignmentName": {
"type": "string",
"defaultValue": "principalAssignment1",
"metadata": {
"description": "Specifies the name of the principal assignment"
}
},
"clusterName": {
"type": "string",
"defaultValue": "mykustocluster",
"metadata": {
"description": "Specifies the name of the cluster"
}
},
"databaseName": {
"type": "string",
"defaultValue": "mykustodatabase",
"metadata": {
"description": "Specifies the name of the database"
}
},
"principalIdForDatabase": {
"type": "string",
"metadata": {
"description": "Specifies the principal id. It can be user email, application (client) ID, security group name"
}
},
"roleForDatabasePrincipal": {
"type": "string",
"defaultValue": "Admin",
"metadata": {
"description": "Specifies the database principal role. It can be 'Admin', 'Ingestor', 'Monitor', 'User', 'UnrestrictedViewers', 'Viewer'"
}
},
"tenantIdForDatabasePrincipal": {
"type": "string",
"metadata": {
"description": "Specifies the tenantId of the database principal"
}
},
"principalTypeForDatabase": {
"type": "string",
"defaultValue": "App",
"metadata": {
"description": "Specifies the principal type. It can be 'User', 'App', 'Group'"
}
}
},
"variables": {
},
"resources": [{
"type": "Microsoft.Kusto/Clusters/Databases/principalAssignments",
"apiVersion": "2019-11-09",
"name": "[concat(parameters('clusterName'), '/', parameters('databaseName'), '/', parameters('principalAssignmentName'))]",
"properties": {
"principalId": "[parameters('principalIdForDatabase')]",
"role": "[parameters('roleForDatabasePrincipal')]",
"tenantId": "[parameters('tenantIdForDatabasePrincipal')]",
"principalType": "[parameters('principalTypeForDatabase')]"
}
}
]
}