Accounts - Create Or Update
Create or update a NetApp account
Create or update the specified NetApp account within the resource group
PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.NetApp/netAppAccounts/{accountName}?api-version=2023-07-01
URI Parameters
Name | In | Required | Type | Description |
---|---|---|---|---|
account
|
path | True |
string |
The name of the NetApp account Regex pattern: |
resource
|
path | True |
string |
The name of the resource group. The name is case insensitive. |
subscription
|
path | True |
string uuid |
The ID of the target subscription. The value must be an UUID. |
api-version
|
query | True |
string |
The API version to use for this operation. |
Request Body
Name | Required | Type | Description |
---|---|---|---|
location | True |
string |
The geo-location where the resource lives |
identity |
The identity used for the resource. |
||
properties.activeDirectories |
Active Directories |
||
properties.encryption |
Encryption settings |
||
tags |
object |
Resource tags. |
Responses
Name | Type | Description |
---|---|---|
200 OK |
OK - account updated |
|
201 Created |
Account created |
|
Other Status Codes |
Error response describing why the operation failed. |
Security
azure_auth
Azure Active Directory OAuth2 Flow
Type:
oauth2
Flow:
implicit
Authorization URL:
https://login.microsoftonline.com/common/oauth2/authorize
Scopes
Name | Description |
---|---|
user_impersonation | impersonate your user account |
Examples
Accounts_Create |
Accounts_Create |
Accounts_CreateOrUpdate
Sample Request
Sample Response
{
"id": "/subscriptions/D633CC2E-722B-4AE1-B636-BBD9E4C60ED9/resourceGroups/myRG/providers/Microsoft.NetApp/netAppAccounts/account1",
"name": "account1",
"type": "Microsoft.NetApp/netAppAccounts",
"location": "eastus",
"properties": {
"provisioningState": "Succeeded"
}
}
{
"id": "/subscriptions/D633CC2E-722B-4AE1-B636-BBD9E4C60ED9/resourceGroups/myRG/providers/Microsoft.NetApp/netAppAccounts/account1",
"name": "account1",
"type": "Microsoft.NetApp/netAppAccounts",
"location": "eastus",
"properties": {
"provisioningState": "Creating"
}
}
Accounts_CreateOrUpdateWithActiveDirectory
Sample Request
PUT https://management.azure.com/subscriptions/D633CC2E-722B-4AE1-B636-BBD9E4C60ED9/resourceGroups/myRG/providers/Microsoft.NetApp/netAppAccounts/account1?api-version=2023-07-01
{
"location": "eastus",
"properties": {
"activeDirectories": [
{
"site": "SiteName",
"username": "ad_user_name",
"password": "ad_password",
"domain": "10.10.10.3",
"dns": "10.10.10.3",
"smbServerName": "SMBServer",
"organizationalUnit": "OU=Engineering",
"aesEncryption": true,
"ldapSigning": false,
"ldapOverTLS": false
}
]
}
}
Sample Response
{
"id": "/subscriptions/D633CC2E-722B-4AE1-B636-BBD9E4C60ED9/resourceGroups/myRG/providers/Microsoft.NetApp/netAppAccounts/account1",
"name": "account1",
"type": "Microsoft.NetApp/netAppAccounts",
"location": "eastus",
"properties": {
"provisioningState": "Succeeded",
"activeDirectories": [
{
"activeDirectoryId": "503d38f9-f17c-f92d-ef26-b0d46374534b",
"site": "SiteName",
"username": "ad_user_name",
"password": null,
"domain": "10.10.10.3",
"dns": "10.10.10.3",
"smbServerName": "SMBServer",
"organizationalUnit": "OU=Engineering",
"aesEncryption": true,
"ldapSigning": false,
"ldapOverTLS": false
}
]
}
}
{
"id": "/subscriptions/D633CC2E-722B-4AE1-B636-BBD9E4C60ED9/resourceGroups/myRG/providers/Microsoft.NetApp/netAppAccounts/account1",
"name": "account1",
"type": "Microsoft.NetApp/netAppAccounts",
"location": "eastus",
"properties": {
"provisioningState": "Creating",
"activeDirectories": [
{
"activeDirectoryId": "503d38f9-f17c-f92d-ef26-b0d46374534b",
"site": "SiteName",
"username": "ad_user_name",
"password": null,
"domain": "10.10.10.3",
"dns": "10.10.10.3",
"smbServerName": "SMBServer",
"organizationalUnit": "OU=Engineering",
"aesEncryption": true,
"ldapSigning": false,
"ldapOverTLS": false
}
]
}
}
Definitions
Name | Description |
---|---|
account |
Encryption settings |
active |
Active Directory |
Active |
Status of the Active Directory |
created |
The type of identity that created the resource. |
Encryption |
Identity used to authenticate with key vault. |
Error |
The resource management error additional info. |
Error |
The error detail. |
Error |
Error response |
Key |
The encryption keySource (provider). Possible values (case-insensitive): Microsoft.NetApp, Microsoft.KeyVault |
Key |
Properties of key vault. |
Key |
Status of the KeyVault connection. |
ldap |
LDAP search scope |
Managed |
Managed service identity (system assigned and/or user assigned identities) |
Managed |
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). |
net |
NetApp account resource |
system |
Metadata pertaining to creation and last modification of the resource. |
User |
User assigned identity properties |
accountEncryption
Encryption settings
Name | Type | Default Value | Description |
---|---|---|---|
identity |
Identity used to authenticate to KeyVault. Applicable if keySource is 'Microsoft.KeyVault'. |
||
keySource | Microsoft.NetApp |
The encryption keySource (provider). Possible values (case-insensitive): Microsoft.NetApp, Microsoft.KeyVault |
|
keyVaultProperties |
Properties provided by KeVault. Applicable if keySource is 'Microsoft.KeyVault'. |
activeDirectory
Active Directory
Name | Type | Default Value | Description |
---|---|---|---|
activeDirectoryId |
string |
Id of the Active Directory |
|
adName |
string |
Name of the active directory machine. This optional parameter is used only while creating kerberos volume |
|
administrators |
string[] |
Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier |
|
aesEncryption |
boolean |
If enabled, AES encryption will be enabled for SMB communication. |
|
allowLocalNfsUsersWithLdap |
boolean |
If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes. |
|
backupOperators |
string[] |
Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier |
|
dns |
string |
Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain |
|
domain |
string |
Name of the Active Directory domain |
|
encryptDCConnections |
boolean |
If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted. |
|
kdcIP |
string |
kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume. |
|
ldapOverTLS |
boolean |
Specifies whether or not the LDAP traffic needs to be secured via TLS. |
|
ldapSearchScope |
LDAP Search scope options |
||
ldapSigning |
boolean |
Specifies whether or not the LDAP traffic needs to be signed. |
|
organizationalUnit |
string |
CN=Computers |
The Organizational Unit (OU) within the Windows Active Directory |
password |
string |
Plain text password of Active Directory domain administrator, value is masked in the response |
|
preferredServersForLdapClient |
string |
Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed. |
|
securityOperators |
string[] |
Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier |
|
serverRootCACertificate |
string |
When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes. |
|
site |
string |
The Active Directory site the service will limit Domain Controller discovery to |
|
smbServerName |
string |
NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes |
|
status |
Status of the Active Directory |
||
statusDetails |
string |
Any details in regards to the Status of the Active Directory |
|
username |
string |
A domain user account with permission to create machine accounts |
ActiveDirectoryStatus
Status of the Active Directory
Name | Type | Description |
---|---|---|
Created |
string |
Active Directory created but not in use |
Deleted |
string |
Active Directory Deleted |
Error |
string |
Error with the Active Directory |
InUse |
string |
Active Directory in use by SMB Volume |
Updating |
string |
Active Directory Updating |
createdByType
The type of identity that created the resource.
Name | Type | Description |
---|---|---|
Application |
string |
|
Key |
string |
|
ManagedIdentity |
string |
|
User |
string |
EncryptionIdentity
Identity used to authenticate with key vault.
Name | Type | Description |
---|---|---|
principalId |
string |
The principal ID (object ID) of the identity used to authenticate with key vault. Read-only. |
userAssignedIdentity |
string |
The ARM resource identifier of the user assigned identity used to authenticate with key vault. Applicable if identity.type has 'UserAssigned'. It should match key of identity.userAssignedIdentities. |
ErrorAdditionalInfo
The resource management error additional info.
Name | Type | Description |
---|---|---|
info |
object |
The additional info. |
type |
string |
The additional info type. |
ErrorDetail
The error detail.
Name | Type | Description |
---|---|---|
additionalInfo |
The error additional info. |
|
code |
string |
The error code. |
details |
The error details. |
|
message |
string |
The error message. |
target |
string |
The error target. |
ErrorResponse
Error response
Name | Type | Description |
---|---|---|
error |
The error object. |
KeySource
The encryption keySource (provider). Possible values (case-insensitive): Microsoft.NetApp, Microsoft.KeyVault
Name | Type | Description |
---|---|---|
Microsoft.KeyVault |
string |
Customer-managed key encryption |
Microsoft.NetApp |
string |
Microsoft-managed key encryption |
KeyVaultProperties
Properties of key vault.
Name | Type | Description |
---|---|---|
keyName |
string |
The name of KeyVault key. |
keyVaultId |
string |
UUID v4 used to identify the Azure Key Vault configuration |
keyVaultResourceId |
string |
The resource ID of KeyVault. |
keyVaultUri |
string |
The Uri of KeyVault. |
status |
Status of the KeyVault connection. |
KeyVaultStatus
Status of the KeyVault connection.
Name | Type | Description |
---|---|---|
Created |
string |
KeyVault connection created but not in use |
Deleted |
string |
KeyVault connection Deleted |
Error |
string |
Error with the KeyVault connection |
InUse |
string |
KeyVault connection in use by SMB Volume |
Updating |
string |
KeyVault connection Updating |
ldapSearchScopeOpt
LDAP search scope
Name | Type | Description |
---|---|---|
groupDN |
string |
This specifies the group DN, which overrides the base DN for group lookups. |
groupMembershipFilter |
string |
This specifies the custom LDAP search filter to be used when looking up group membership from LDAP server. |
userDN |
string |
This specifies the user DN, which overrides the base DN for user lookups. |
ManagedServiceIdentity
Managed service identity (system assigned and/or user assigned identities)
Name | Type | Description |
---|---|---|
principalId |
string |
The service principal ID of the system assigned identity. This property will only be provided for a system assigned identity. |
tenantId |
string |
The tenant ID of the system assigned identity. This property will only be provided for a system assigned identity. |
type |
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed). |
|
userAssignedIdentities |
<string,
User |
User-Assigned Identities |
ManagedServiceIdentityType
Type of managed service identity (where both SystemAssigned and UserAssigned types are allowed).
Name | Type | Description |
---|---|---|
None |
string |
|
SystemAssigned |
string |
|
SystemAssigned,UserAssigned |
string |
|
UserAssigned |
string |
netAppAccount
NetApp account resource
Name | Type | Description |
---|---|---|
etag |
string |
A unique read-only string that changes whenever the resource is updated. |
id |
string |
Fully qualified resource ID for the resource. E.g. "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}" |
identity |
The identity used for the resource. |
|
location |
string |
The geo-location where the resource lives |
name |
string |
The name of the resource |
properties.activeDirectories |
Active Directories |
|
properties.disableShowmount |
boolean |
Shows the status of disableShowmount for all volumes under the subscription, null equals false |
properties.encryption |
Encryption settings |
|
properties.provisioningState |
string |
Azure lifecycle management |
systemData |
Azure Resource Manager metadata containing createdBy and modifiedBy information. |
|
tags |
object |
Resource tags. |
type |
string |
The type of the resource. E.g. "Microsoft.Compute/virtualMachines" or "Microsoft.Storage/storageAccounts" |
systemData
Metadata pertaining to creation and last modification of the resource.
Name | Type | Description |
---|---|---|
createdAt |
string |
The timestamp of resource creation (UTC). |
createdBy |
string |
The identity that created the resource. |
createdByType |
The type of identity that created the resource. |
|
lastModifiedAt |
string |
The timestamp of resource last modification (UTC) |
lastModifiedBy |
string |
The identity that last modified the resource. |
lastModifiedByType |
The type of identity that last modified the resource. |
UserAssignedIdentity
User assigned identity properties
Name | Type | Description |
---|---|---|
clientId |
string |
The client ID of the assigned identity. |
principalId |
string |
The principal ID of the assigned identity. |