Microsoft.DataLakeStore accounts template reference

Template format

To create a Microsoft.DataLakeStore/accounts resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.DataLakeStore/accounts",
  "apiVersion": "2016-11-01",
  "location": "string",
  "tags": {},
  "identity": {
    "type": "SystemAssigned"
  },
  "properties": {
    "defaultGroup": "string",
    "encryptionConfig": {
      "type": "string",
      "keyVaultMetaInfo": {
        "keyVaultResourceId": "string",
        "encryptionKeyName": "string",
        "encryptionKeyVersion": "string"
      }
    },
    "encryptionState": "string",
    "firewallRules": [
      {
        "name": "string",
        "properties": {
          "startIpAddress": "string",
          "endIpAddress": "string"
        }
      }
    ],
    "virtualNetworkRules": [
      {
        "name": "string",
        "properties": {
          "subnetId": "string"
        }
      }
    ],
    "firewallState": "string",
    "firewallAllowAzureIps": "string",
    "trustedIdProviders": [
      {
        "name": "string",
        "properties": {
          "idProvider": "string"
        }
      }
    ],
    "trustedIdProviderState": "string",
    "newTier": "string"
  },
  "resources": []
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.DataLakeStore/accounts object

Name Type Required Value
name string Yes The name of the Data Lake Store account.
type enum Yes Microsoft.DataLakeStore/accounts
apiVersion enum Yes 2016-11-01
location string Yes The resource location.
tags object No The resource tags.
identity object No The Key Vault encryption identity, if any. - EncryptionIdentity object
properties object Yes The Data Lake Store account properties to use for creating. - CreateDataLakeStoreAccountProperties object
resources array No trustedIdProviders virtualNetworkRules firewallRules

EncryptionIdentity object

Name Type Required Value
type enum Yes The type of encryption being used. Currently the only supported type is 'SystemAssigned'. - SystemAssigned

CreateDataLakeStoreAccountProperties object

Name Type Required Value
defaultGroup string No The default owner group for all new folders and files created in the Data Lake Store account.
encryptionConfig object No The Key Vault encryption configuration. - EncryptionConfig object
encryptionState enum No The current state of encryption for this Data Lake Store account. - Enabled or Disabled
firewallRules array No The list of firewall rules associated with this Data Lake Store account. - CreateFirewallRuleWithAccountParameters object
virtualNetworkRules array No The list of virtual network rules associated with this Data Lake Store account. - CreateVirtualNetworkRuleWithAccountParameters object
firewallState enum No The current state of the IP address firewall for this Data Lake Store account. - Enabled or Disabled
firewallAllowAzureIps enum No The current state of allowing or disallowing IPs originating within Azure through the firewall. If the firewall is disabled, this is not enforced. - Enabled or Disabled
trustedIdProviders array No The list of trusted identity providers associated with this Data Lake Store account. - CreateTrustedIdProviderWithAccountParameters object
trustedIdProviderState enum No The current state of the trusted identity provider feature for this Data Lake Store account. - Enabled or Disabled
newTier enum No The commitment tier to use for next month. - Consumption, Commitment_1TB, Commitment_10TB, Commitment_100TB, Commitment_500TB, Commitment_1PB, Commitment_5PB

EncryptionConfig object

Name Type Required Value
type enum Yes The type of encryption configuration being used. Currently the only supported types are 'UserManaged' and 'ServiceManaged'. - UserManaged or ServiceManaged
keyVaultMetaInfo object No The Key Vault information for connecting to user managed encryption keys. - KeyVaultMetaInfo object

CreateFirewallRuleWithAccountParameters object

Name Type Required Value
name string Yes The unique name of the firewall rule to create.
properties object Yes The firewall rule properties to use when creating a new firewall rule. - CreateOrUpdateFirewallRuleProperties object

CreateVirtualNetworkRuleWithAccountParameters object

Name Type Required Value
name string Yes The unique name of the virtual network rule to create.
properties object Yes The virtual network rule properties to use when creating a new virtual network rule. - CreateOrUpdateVirtualNetworkRuleProperties object

CreateTrustedIdProviderWithAccountParameters object

Name Type Required Value
name string Yes The unique name of the trusted identity provider to create.
properties object Yes The trusted identity provider properties to use when creating a new trusted identity provider. - CreateOrUpdateTrustedIdProviderProperties object

KeyVaultMetaInfo object

Name Type Required Value
keyVaultResourceId string Yes The resource identifier for the user managed Key Vault being used to encrypt.
encryptionKeyName string Yes The name of the user managed encryption key.
encryptionKeyVersion string Yes The version of the user managed encryption key.

CreateOrUpdateFirewallRuleProperties object

Name Type Required Value
startIpAddress string Yes The start IP address for the firewall rule. This can be either ipv4 or ipv6. Start and End should be in the same protocol.
endIpAddress string Yes The end IP address for the firewall rule. This can be either ipv4 or ipv6. Start and End should be in the same protocol.

CreateOrUpdateVirtualNetworkRuleProperties object

Name Type Required Value
subnetId string Yes The resource identifier for the subnet.

CreateOrUpdateTrustedIdProviderProperties object

Name Type Required Value
idProvider string Yes The URL of this trusted identity provider.

Quickstart templates

The following quickstart templates deploy this resource type.

Template Description
Deploy Data Lake Analytics on new Data Lake Store

Deploy to Azure
This template allows you to deploy a new Data Lake Analytics account on a new Data Lake Store account.
Deploy Data Lake Store account with encryption(Data Lake)

Deploy to Azure
This template allows you to deploy an Azure Data Lake Store account with data encryption enabled. This account uses the Data Lake store account to manage the encryption key.
Deploy Data Lake Store account with encryption(Key Vault)

Deploy to Azure
This template allows you to deploy an Azure Data Lake Store account with data encryption enabled. This account uses Azure Key Vault to manage the encryption key.
Deploy Azure Data Lake Store with no data encryption

Deploy to Azure
This template allows you to deploy an Azure Data Lake Store account with data encryption disabled.
Deploy HDInsight on new Data Lake Store and Storage

Deploy to Azure
This template allows you to deploy a new Linux HDInsight cluster with new Data Lake Store and Storage accounts.