Microsoft.Media videoAnalyzers/accessPolicies

Template format

To create a Microsoft.Media/videoAnalyzers/accessPolicies resource, add the following JSON to the resources section of your template.

{
  "name": "string",
  "type": "Microsoft.Media/videoAnalyzers/accessPolicies",
  "apiVersion": "2021-05-01-preview",
  "properties": {
    "role": "Reader",
    "authentication": {
      "@type": "string",
      "issuers": [
        "string"
      ],
      "audiences": [
        "string"
      ],
      "claims": [
        {
          "name": "string",
          "value": "string"
        }
      ],
      "keys": [
        see-variations-below
      ]
    }
  }
}

For RSATokenKey, use:

{
  "@type": "#Microsoft.VideoAnalyzer.RsaTokenKey",
  "kid": "string",
  "alg": "string",
  "n": "string", 
  "e": "string" 
}

For EccTokenKey, use:

{
  "@type": "#Microsoft.VideoAnalyzer.EccTokenKey",
  "kid": "string",
  "alg": "string",
  "x": "string", 
  "y": "string" 
}

Property values

The following tables describe the values you need to set in the schema.

Microsoft.Media/videoAnalyzers/accessPolicies object

Note

In Bicep, type and apiVersion are specified in the first line of the resource declaration. Use the format <type>@<apiVersion>. Don't set those properties in the resource body.

Name Type Required Value
name string Yes The name of the access policy to create or update.
type enum Yes For JSON -accessPolicies
-or-
Microsoft.Media/videoAnalyzers/accessPolicies

See Set name and type for child resources.
apiVersion enum Yes For JSON - 2021-05-01-preview
properties object Yes The resource properties. - AccessPolicyProperties object

AccessPolicyProperties object

Name Type Required Value
role enum No Defines the access level granted by this policy. - Reader
authentication object No Authentication method to be used when validating client API access. - AuthenticationBase object

AuthenticationBase object

Name Type Required Value
@type string Yes The discriminator for derived types. - #Microsoft.VideoAnalyzer.JwtAuthentication
issuers array No List of expected token issuers. Token issuer is valid if it matches at least one of the given values.
audiences array No List of expected token audiences. Token audience is valid if it matches at least one of the given values.
claims array No List of additional token claims to be validated. Token must contains all claims and respective values for it to be valid. - TokenClaim object
keys array No List of keys which can be used to validate access tokens. Having multiple keys allow for seamless key rotation of the token signing key. Token signature must match exactly one key. - RsaTokenKey object, EccTokenKey object

TokenClaim object

Name Type Required Value
name string Yes Name of the claim which must be present on the token.
value string Yes Expected value of the claim to be present on the token.

RsaTokenKey object

Name Type Required Value
@type string Yes The discriminator for derived types. - #Microsoft.VideoAnalyzer.RsaTokenKey
kid string Yes JWT token key id. Validation keys are looked up based on the key id present on the JWT token header.
alg string Yes RSA algorithm to be used: RS256, RS384 or RS512. - RS256, RS384, RS512
n string Yes RSA public key modulus.
e string Yes RSA public key exponent.

EccTokenKey object

Name Type Required Value
@type string Yes The discriminator for derived types. - #Microsoft.VideoAnalyzer.EccTokenKey
kid string Yes JWT token key id. Validation keys are looked up based on the key id present on the JWT token header.
alg string Yes Elliptical curve algorithm to be used: ES256, ES384 or ES512. - ES256, ES384, ES512
x string Yes X coordinate.
y string Yes Y coordinate.