你当前正在访问 Microsoft Azure Global Edition 技术文档网站。 如果需要访问由世纪互联运营的 Microsoft Azure 中国技术文档网站,请访问 https://docs.azure.cn。
Microsoft.Databricks workspaces
Bicep resource definition
The workspaces resource type can be deployed to: Resource groups.
To learn about resource group deployments, see Bicep.
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Databricks/workspaces resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Databricks/workspaces@2022-04-01-preview' = {
name: 'string'
location: 'string'
tags: {
tagName1: 'tagValue1'
tagName2: 'tagValue2'
}
sku: {
name: 'string'
tier: 'string'
}
properties: {
authorizations: [
{
principalId: 'string'
roleDefinitionId: 'string'
}
]
createdBy: {}
encryption: {
entities: {
managedServices: {
keySource: 'Microsoft.Keyvault'
keyVaultProperties: {
keyName: 'string'
keyVaultUri: 'string'
keyVersion: 'string'
}
}
}
}
managedResourceGroupId: 'string'
parameters: {
amlWorkspaceId: {
value: 'string'
}
customPrivateSubnetName: {
value: 'string'
}
customPublicSubnetName: {
value: 'string'
}
customVirtualNetworkId: {
value: 'string'
}
enableNoPublicIp: {
value: bool
}
encryption: {
value: {
KeyName: 'string'
keySource: 'string'
keyvaulturi: 'string'
keyversion: 'string'
}
}
loadBalancerBackendPoolName: {
value: 'string'
}
loadBalancerId: {
value: 'string'
}
natGatewayName: {
value: 'string'
}
prepareEncryption: {
value: bool
}
publicIpName: {
value: 'string'
}
requireInfrastructureEncryption: {
value: bool
}
storageAccountName: {
value: 'string'
}
storageAccountSkuName: {
value: 'string'
}
vnetAddressPrefix: {
value: 'string'
}
}
publicNetworkAccess: 'string'
requiredNsgRules: 'string'
storageAccountIdentity: {}
uiDefinitionUri: 'string'
updatedBy: {}
}
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| name | The resource name | string (required) Character limit: 3-64 Valid characters: Alphanumerics, underscores, and hyphens |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| sku | The SKU of the resource. | Sku |
| properties | The workspace properties. | WorkspaceProperties (required) |
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| authorizations | The workspace provider authorizations. | WorkspaceProviderAuthorization[] |
| createdBy | Indicates the Object ID, PUID and Application ID of entity that created the workspace. | CreatedBy |
| encryption | Encryption properties for databricks workspace | WorkspacePropertiesEncryption |
| managedResourceGroupId | The managed resource group Id. | string (required) |
| parameters | The workspace's custom parameters. | WorkspaceCustomParameters |
| publicNetworkAccess | The network access type for accessing workspace. Set value to disabled to access workspace only via private link. | 'Disabled' 'Enabled' |
| requiredNsgRules | Gets or sets a value indicating whether data plane (clusters) to control plane communication happen over private endpoint. Supported values are 'AllRules' and 'NoAzureDatabricksRules'. 'NoAzureServiceRules' value is for internal use only. | 'AllRules' 'NoAzureDatabricksRules' 'NoAzureServiceRules' |
| storageAccountIdentity | The details of Managed Identity of Storage Account | ManagedIdentityConfiguration |
| uiDefinitionUri | The blob URI where the UI definition file is located. | string |
| updatedBy | Indicates the Object ID, PUID and Application ID of entity that last updated the workspace. | CreatedBy |
WorkspaceProviderAuthorization
| Name | Description | Value |
|---|---|---|
| principalId | The provider's principal identifier. This is the identity that the provider will use to call ARM to manage the workspace resources. | string (required) |
| roleDefinitionId | The provider's role definition identifier. This role will define all the permissions that the provider must have on the workspace's container resource group. This role definition cannot have permission to delete the resource group. | string (required) |
CreatedBy
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspacePropertiesEncryption
| Name | Description | Value |
|---|---|---|
| entities | Encryption entities definition for the workspace. | EncryptionEntitiesDefinition (required) |
EncryptionEntitiesDefinition
| Name | Description | Value |
|---|---|---|
| managedServices | Encryption properties for the databricks managed services. | EncryptionV2 |
EncryptionV2
| Name | Description | Value |
|---|---|---|
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Keyvault | 'Microsoft.Keyvault' (required) |
| keyVaultProperties | Key Vault input properties for encryption. | EncryptionV2KeyVaultProperties |
EncryptionV2KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of KeyVault key. | string (required) |
| keyVaultUri | The Uri of KeyVault. | string (required) |
| keyVersion | The version of KeyVault key. | string (required) |
WorkspaceCustomParameters
| Name | Description | Value |
|---|---|---|
| amlWorkspaceId | The ID of a Azure Machine Learning workspace to link with Databricks workspace | WorkspaceCustomStringParameter |
| customPrivateSubnetName | The name of the Private Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customPublicSubnetName | The name of a Public Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customVirtualNetworkId | The ID of a Virtual Network where this Databricks Cluster should be created | WorkspaceCustomStringParameter |
| enableNoPublicIp | Should the Public IP be Disabled? | WorkspaceCustomBooleanParameter |
| encryption | Contains the encryption details for Customer-Managed Key (CMK) enabled workspace. | WorkspaceEncryptionParameter |
| loadBalancerBackendPoolName | Name of the outbound Load Balancer Backend Pool for Secure Cluster Connectivity (No Public IP). | WorkspaceCustomStringParameter |
| loadBalancerId | Resource URI of Outbound Load balancer for Secure Cluster Connectivity (No Public IP) workspace. | WorkspaceCustomStringParameter |
| natGatewayName | Name of the NAT gateway for Secure Cluster Connectivity (No Public IP) workspace subnets. | WorkspaceCustomStringParameter |
| prepareEncryption | Prepare the workspace for encryption. Enables the Managed Identity for managed storage account. | WorkspaceCustomBooleanParameter |
| publicIpName | Name of the Public IP for No Public IP workspace with managed vNet. | WorkspaceCustomStringParameter |
| requireInfrastructureEncryption | A boolean indicating whether or not the DBFS root file system will be enabled with secondary layer of encryption with platform managed keys for data at rest. | WorkspaceCustomBooleanParameter |
| storageAccountName | Default DBFS storage account name. | WorkspaceCustomStringParameter |
| storageAccountSkuName | Storage account SKU name, ex: Standard_GRS, Standard_LRS. Refer https://aka.ms/storageskus for valid inputs. | WorkspaceCustomStringParameter |
| vnetAddressPrefix | Address prefix for Managed virtual network. Default value for this input is 10.139. | WorkspaceCustomStringParameter |
WorkspaceCustomStringParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | string (required) |
WorkspaceCustomBooleanParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | bool (required) |
WorkspaceEncryptionParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | Encryption |
Encryption
| Name | Description | Value |
|---|---|---|
| KeyName | The name of KeyVault key. | string |
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Default, Microsoft.Keyvault | 'Default' 'Microsoft.Keyvault' |
| keyvaulturi | The Uri of KeyVault. | string |
| keyversion | The version of KeyVault key. | string |
ManagedIdentityConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
| Name | Description | Value |
|---|---|---|
| name | The SKU name. | string (required) |
| tier | The SKU tier. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Azure Databricks All-in-one Template for VNet Injection |
This template allows you to create a network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| Azure Databricks All-in-one Templat VNetInjection-Pvtendpt |
This template allows you to create a network security group, a virtual network and an Azure Databricks workspace with the virtual network, and Private Endpoint. |
| AzureDatabricks Template for VNetInjection and Load Balancer |
This template allows you to create a a load balancer, network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| AzureDatabricks Template for VNet Injection with NAT Gateway |
This template allows you to create a NAT gateway, network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| Deploy an Azure Databricks Workspace |
This template allows you to create an Azure Databricks workspace. |
| Azure Databricks Workspace with custom Address Range |
This template allows you to create an Azure Databricks workspace with a custom virtual network address range. |
| Deploy an Azure Databricks Workspace and configure CMK |
This template allows you to create an Azure Databricks workspace and configure CMK. |
| Azure Databricks Workspace with VNet Injection |
This template allows you to create an Azure Databricks workspace with a custom virtual network. |
ARM template resource definition
The workspaces resource type can be deployed to: Resource groups.
To learn about resource group deployments, see ARM template.
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Databricks/workspaces resource, add the following JSON to your template.
{
"type": "Microsoft.Databricks/workspaces",
"apiVersion": "2022-04-01-preview",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"sku": {
"name": "string",
"tier": "string"
},
"properties": {
"authorizations": [
{
"principalId": "string",
"roleDefinitionId": "string"
}
],
"createdBy": {},
"encryption": {
"entities": {
"managedServices": {
"keySource": "Microsoft.Keyvault",
"keyVaultProperties": {
"keyName": "string",
"keyVaultUri": "string",
"keyVersion": "string"
}
}
}
},
"managedResourceGroupId": "string",
"parameters": {
"amlWorkspaceId": {
"value": "string"
},
"customPrivateSubnetName": {
"value": "string"
},
"customPublicSubnetName": {
"value": "string"
},
"customVirtualNetworkId": {
"value": "string"
},
"enableNoPublicIp": {
"value": "bool"
},
"encryption": {
"value": {
"KeyName": "string",
"keySource": "string",
"keyvaulturi": "string",
"keyversion": "string"
}
},
"loadBalancerBackendPoolName": {
"value": "string"
},
"loadBalancerId": {
"value": "string"
},
"natGatewayName": {
"value": "string"
},
"prepareEncryption": {
"value": "bool"
},
"publicIpName": {
"value": "string"
},
"requireInfrastructureEncryption": {
"value": "bool"
},
"storageAccountName": {
"value": "string"
},
"storageAccountSkuName": {
"value": "string"
},
"vnetAddressPrefix": {
"value": "string"
}
},
"publicNetworkAccess": "string",
"requiredNsgRules": "string",
"storageAccountIdentity": {},
"uiDefinitionUri": "string",
"updatedBy": {}
}
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| type | The resource type | 'Microsoft.Databricks/workspaces' |
| apiVersion | The resource api version | '2022-04-01-preview' |
| name | The resource name | string (required) Character limit: 3-64 Valid characters: Alphanumerics, underscores, and hyphens |
| location | The geo-location where the resource lives | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. See Tags in templates |
| sku | The SKU of the resource. | Sku |
| properties | The workspace properties. | WorkspaceProperties (required) |
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| authorizations | The workspace provider authorizations. | WorkspaceProviderAuthorization[] |
| createdBy | Indicates the Object ID, PUID and Application ID of entity that created the workspace. | CreatedBy |
| encryption | Encryption properties for databricks workspace | WorkspacePropertiesEncryption |
| managedResourceGroupId | The managed resource group Id. | string (required) |
| parameters | The workspace's custom parameters. | WorkspaceCustomParameters |
| publicNetworkAccess | The network access type for accessing workspace. Set value to disabled to access workspace only via private link. | 'Disabled' 'Enabled' |
| requiredNsgRules | Gets or sets a value indicating whether data plane (clusters) to control plane communication happen over private endpoint. Supported values are 'AllRules' and 'NoAzureDatabricksRules'. 'NoAzureServiceRules' value is for internal use only. | 'AllRules' 'NoAzureDatabricksRules' 'NoAzureServiceRules' |
| storageAccountIdentity | The details of Managed Identity of Storage Account | ManagedIdentityConfiguration |
| uiDefinitionUri | The blob URI where the UI definition file is located. | string |
| updatedBy | Indicates the Object ID, PUID and Application ID of entity that last updated the workspace. | CreatedBy |
WorkspaceProviderAuthorization
| Name | Description | Value |
|---|---|---|
| principalId | The provider's principal identifier. This is the identity that the provider will use to call ARM to manage the workspace resources. | string (required) |
| roleDefinitionId | The provider's role definition identifier. This role will define all the permissions that the provider must have on the workspace's container resource group. This role definition cannot have permission to delete the resource group. | string (required) |
CreatedBy
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspacePropertiesEncryption
| Name | Description | Value |
|---|---|---|
| entities | Encryption entities definition for the workspace. | EncryptionEntitiesDefinition (required) |
EncryptionEntitiesDefinition
| Name | Description | Value |
|---|---|---|
| managedServices | Encryption properties for the databricks managed services. | EncryptionV2 |
EncryptionV2
| Name | Description | Value |
|---|---|---|
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Keyvault | 'Microsoft.Keyvault' (required) |
| keyVaultProperties | Key Vault input properties for encryption. | EncryptionV2KeyVaultProperties |
EncryptionV2KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of KeyVault key. | string (required) |
| keyVaultUri | The Uri of KeyVault. | string (required) |
| keyVersion | The version of KeyVault key. | string (required) |
WorkspaceCustomParameters
| Name | Description | Value |
|---|---|---|
| amlWorkspaceId | The ID of a Azure Machine Learning workspace to link with Databricks workspace | WorkspaceCustomStringParameter |
| customPrivateSubnetName | The name of the Private Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customPublicSubnetName | The name of a Public Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customVirtualNetworkId | The ID of a Virtual Network where this Databricks Cluster should be created | WorkspaceCustomStringParameter |
| enableNoPublicIp | Should the Public IP be Disabled? | WorkspaceCustomBooleanParameter |
| encryption | Contains the encryption details for Customer-Managed Key (CMK) enabled workspace. | WorkspaceEncryptionParameter |
| loadBalancerBackendPoolName | Name of the outbound Load Balancer Backend Pool for Secure Cluster Connectivity (No Public IP). | WorkspaceCustomStringParameter |
| loadBalancerId | Resource URI of Outbound Load balancer for Secure Cluster Connectivity (No Public IP) workspace. | WorkspaceCustomStringParameter |
| natGatewayName | Name of the NAT gateway for Secure Cluster Connectivity (No Public IP) workspace subnets. | WorkspaceCustomStringParameter |
| prepareEncryption | Prepare the workspace for encryption. Enables the Managed Identity for managed storage account. | WorkspaceCustomBooleanParameter |
| publicIpName | Name of the Public IP for No Public IP workspace with managed vNet. | WorkspaceCustomStringParameter |
| requireInfrastructureEncryption | A boolean indicating whether or not the DBFS root file system will be enabled with secondary layer of encryption with platform managed keys for data at rest. | WorkspaceCustomBooleanParameter |
| storageAccountName | Default DBFS storage account name. | WorkspaceCustomStringParameter |
| storageAccountSkuName | Storage account SKU name, ex: Standard_GRS, Standard_LRS. Refer https://aka.ms/storageskus for valid inputs. | WorkspaceCustomStringParameter |
| vnetAddressPrefix | Address prefix for Managed virtual network. Default value for this input is 10.139. | WorkspaceCustomStringParameter |
WorkspaceCustomStringParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | string (required) |
WorkspaceCustomBooleanParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | bool (required) |
WorkspaceEncryptionParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | Encryption |
Encryption
| Name | Description | Value |
|---|---|---|
| KeyName | The name of KeyVault key. | string |
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Default, Microsoft.Keyvault | 'Default' 'Microsoft.Keyvault' |
| keyvaulturi | The Uri of KeyVault. | string |
| keyversion | The version of KeyVault key. | string |
ManagedIdentityConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
| Name | Description | Value |
|---|---|---|
| name | The SKU name. | string (required) |
| tier | The SKU tier. | string |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
| Azure Databricks All-in-one Template for VNet Injection |
This template allows you to create a network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| Azure Databricks All-in-one Templat VNetInjection-Pvtendpt |
This template allows you to create a network security group, a virtual network and an Azure Databricks workspace with the virtual network, and Private Endpoint. |
| AzureDatabricks Template for VNetInjection and Load Balancer |
This template allows you to create a a load balancer, network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| AzureDatabricks Template for VNet Injection with NAT Gateway |
This template allows you to create a NAT gateway, network security group, a virtual network and an Azure Databricks workspace with the virtual network. |
| Deploy an Azure Databricks Workspace |
This template allows you to create an Azure Databricks workspace. |
| Azure Databricks Workspace with custom Address Range |
This template allows you to create an Azure Databricks workspace with a custom virtual network address range. |
| Deploy an Azure Databricks Workspace and configure CMK |
This template allows you to create an Azure Databricks workspace and configure CMK. |
| Azure Databricks Workspace with VNet Injection |
This template allows you to create an Azure Databricks workspace with a custom virtual network. |
Terraform (AzAPI provider) resource definition
The workspaces resource type can be deployed to: Resource groups.
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Databricks/workspaces resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Databricks/workspaces@2022-04-01-preview"
name = "string"
location = "string"
parent_id = "string"
tags = {
tagName1 = "tagValue1"
tagName2 = "tagValue2"
}
body = jsonencode({
properties = {
authorizations = [
{
principalId = "string"
roleDefinitionId = "string"
}
]
createdBy = {}
encryption = {
entities = {
managedServices = {
keySource = "Microsoft.Keyvault"
keyVaultProperties = {
keyName = "string"
keyVaultUri = "string"
keyVersion = "string"
}
}
}
}
managedResourceGroupId = "string"
parameters = {
amlWorkspaceId = {
value = "string"
}
customPrivateSubnetName = {
value = "string"
}
customPublicSubnetName = {
value = "string"
}
customVirtualNetworkId = {
value = "string"
}
enableNoPublicIp = {
value = bool
}
encryption = {
value = {
KeyName = "string"
keySource = "string"
keyvaulturi = "string"
keyversion = "string"
}
}
loadBalancerBackendPoolName = {
value = "string"
}
loadBalancerId = {
value = "string"
}
natGatewayName = {
value = "string"
}
prepareEncryption = {
value = bool
}
publicIpName = {
value = "string"
}
requireInfrastructureEncryption = {
value = bool
}
storageAccountName = {
value = "string"
}
storageAccountSkuName = {
value = "string"
}
vnetAddressPrefix = {
value = "string"
}
}
publicNetworkAccess = "string"
requiredNsgRules = "string"
storageAccountIdentity = {}
uiDefinitionUri = "string"
updatedBy = {}
}
sku = {
name = "string"
tier = "string"
}
})
}
Property values
workspaces
| Name | Description | Value |
|---|---|---|
| type | The resource type | "Microsoft.Databricks/workspaces@2022-04-01-preview" |
| name | The resource name | string (required) Character limit: 3-64 Valid characters: Alphanumerics, underscores, and hyphens |
| location | The geo-location where the resource lives | string (required) |
| parent_id | To deploy to a resource group, use the ID of that resource group. | string (required) |
| tags | Resource tags. | Dictionary of tag names and values. |
| sku | The SKU of the resource. | Sku |
| properties | The workspace properties. | WorkspaceProperties (required) |
WorkspaceProperties
| Name | Description | Value |
|---|---|---|
| authorizations | The workspace provider authorizations. | WorkspaceProviderAuthorization[] |
| createdBy | Indicates the Object ID, PUID and Application ID of entity that created the workspace. | CreatedBy |
| encryption | Encryption properties for databricks workspace | WorkspacePropertiesEncryption |
| managedResourceGroupId | The managed resource group Id. | string (required) |
| parameters | The workspace's custom parameters. | WorkspaceCustomParameters |
| publicNetworkAccess | The network access type for accessing workspace. Set value to disabled to access workspace only via private link. | "Disabled" "Enabled" |
| requiredNsgRules | Gets or sets a value indicating whether data plane (clusters) to control plane communication happen over private endpoint. Supported values are 'AllRules' and 'NoAzureDatabricksRules'. 'NoAzureServiceRules' value is for internal use only. | "AllRules" "NoAzureDatabricksRules" "NoAzureServiceRules" |
| storageAccountIdentity | The details of Managed Identity of Storage Account | ManagedIdentityConfiguration |
| uiDefinitionUri | The blob URI where the UI definition file is located. | string |
| updatedBy | Indicates the Object ID, PUID and Application ID of entity that last updated the workspace. | CreatedBy |
WorkspaceProviderAuthorization
| Name | Description | Value |
|---|---|---|
| principalId | The provider's principal identifier. This is the identity that the provider will use to call ARM to manage the workspace resources. | string (required) |
| roleDefinitionId | The provider's role definition identifier. This role will define all the permissions that the provider must have on the workspace's container resource group. This role definition cannot have permission to delete the resource group. | string (required) |
CreatedBy
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
WorkspacePropertiesEncryption
| Name | Description | Value |
|---|---|---|
| entities | Encryption entities definition for the workspace. | EncryptionEntitiesDefinition (required) |
EncryptionEntitiesDefinition
| Name | Description | Value |
|---|---|---|
| managedServices | Encryption properties for the databricks managed services. | EncryptionV2 |
EncryptionV2
| Name | Description | Value |
|---|---|---|
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Keyvault | "Microsoft.Keyvault" (required) |
| keyVaultProperties | Key Vault input properties for encryption. | EncryptionV2KeyVaultProperties |
EncryptionV2KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of KeyVault key. | string (required) |
| keyVaultUri | The Uri of KeyVault. | string (required) |
| keyVersion | The version of KeyVault key. | string (required) |
WorkspaceCustomParameters
| Name | Description | Value |
|---|---|---|
| amlWorkspaceId | The ID of a Azure Machine Learning workspace to link with Databricks workspace | WorkspaceCustomStringParameter |
| customPrivateSubnetName | The name of the Private Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customPublicSubnetName | The name of a Public Subnet within the Virtual Network | WorkspaceCustomStringParameter |
| customVirtualNetworkId | The ID of a Virtual Network where this Databricks Cluster should be created | WorkspaceCustomStringParameter |
| enableNoPublicIp | Should the Public IP be Disabled? | WorkspaceCustomBooleanParameter |
| encryption | Contains the encryption details for Customer-Managed Key (CMK) enabled workspace. | WorkspaceEncryptionParameter |
| loadBalancerBackendPoolName | Name of the outbound Load Balancer Backend Pool for Secure Cluster Connectivity (No Public IP). | WorkspaceCustomStringParameter |
| loadBalancerId | Resource URI of Outbound Load balancer for Secure Cluster Connectivity (No Public IP) workspace. | WorkspaceCustomStringParameter |
| natGatewayName | Name of the NAT gateway for Secure Cluster Connectivity (No Public IP) workspace subnets. | WorkspaceCustomStringParameter |
| prepareEncryption | Prepare the workspace for encryption. Enables the Managed Identity for managed storage account. | WorkspaceCustomBooleanParameter |
| publicIpName | Name of the Public IP for No Public IP workspace with managed vNet. | WorkspaceCustomStringParameter |
| requireInfrastructureEncryption | A boolean indicating whether or not the DBFS root file system will be enabled with secondary layer of encryption with platform managed keys for data at rest. | WorkspaceCustomBooleanParameter |
| storageAccountName | Default DBFS storage account name. | WorkspaceCustomStringParameter |
| storageAccountSkuName | Storage account SKU name, ex: Standard_GRS, Standard_LRS. Refer https://aka.ms/storageskus for valid inputs. | WorkspaceCustomStringParameter |
| vnetAddressPrefix | Address prefix for Managed virtual network. Default value for this input is 10.139. | WorkspaceCustomStringParameter |
WorkspaceCustomStringParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | string (required) |
WorkspaceCustomBooleanParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | bool (required) |
WorkspaceEncryptionParameter
| Name | Description | Value |
|---|---|---|
| value | The value which should be used for this field. | Encryption |
Encryption
| Name | Description | Value |
|---|---|---|
| KeyName | The name of KeyVault key. | string |
| keySource | The encryption keySource (provider). Possible values (case-insensitive): Default, Microsoft.Keyvault | "Default" "Microsoft.Keyvault" |
| keyvaulturi | The Uri of KeyVault. | string |
| keyversion | The version of KeyVault key. | string |
ManagedIdentityConfiguration
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
Sku
| Name | Description | Value |
|---|---|---|
| name | The SKU name. | string (required) |
| tier | The SKU tier. | string |