Microsoft.MachineLearningServices workspaces/datastores 2023-04-01-preview
- Latest
- 2024-10-01
- 2024-10-01-preview
- 2024-07-01-preview
- 2024-04-01
- 2024-04-01-preview
- 2024-01-01-preview
- 2023-10-01
- 2023-08-01-preview
- 2023-06-01-preview
- 2023-04-01
- 2023-04-01-preview
- 2023-02-01-preview
- 2022-12-01-preview
- 2022-10-01
- 2022-10-01-preview
- 2022-06-01-preview
- 2022-05-01
- 2022-02-01-preview
- 2021-03-01-preview
- 2020-05-01-preview
Bicep resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.MachineLearningServices/workspaces/datastores@2023-04-01-preview' = {
name: 'string'
properties: {
credentials: {
credentialsType: 'string'
// For remaining properties, see DatastoreCredentials objects
}
description: 'string'
intellectualProperty: {
protectionLevel: 'string'
publisher: 'string'
}
properties: {
{customized property}: 'string'
}
tags: {
{customized property}: 'string'
}
datastoreType: 'string'
// For remaining properties, see DatastoreProperties objects
}
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
accountName: 'string'
containerName: 'string'
datastoreType: 'AzureBlob'
endpoint: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For AzureDataLakeGen1, use:
{
datastoreType: 'AzureDataLakeGen1'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
storeName: 'string'
subscriptionId: 'string'
}
For AzureDataLakeGen2, use:
{
accountName: 'string'
datastoreType: 'AzureDataLakeGen2'
endpoint: 'string'
filesystem: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For AzureFile, use:
{
accountName: 'string'
datastoreType: 'AzureFile'
endpoint: 'string'
fileShareName: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For Hdfs, use:
{
datastoreType: 'Hdfs'
hdfsServerCertificate: 'string'
nameNodeAddress: 'string'
protocol: 'string'
}
For OneLake, use:
{
artifact: {
artifactName: 'string'
artifactType: 'string'
// For remaining properties, see OneLakeArtifact objects
}
datastoreType: 'OneLake'
endpoint: 'string'
oneLakeWorkspaceName: 'string'
serviceDataAccessAuthIdentity: 'string'
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
credentialsType: 'AccountKey'
secrets: {
key: 'string'
secretsType: 'string'
}
}
For Certificate, use:
{
authorityUrl: 'string'
clientId: 'string'
credentialsType: 'Certificate'
resourceUrl: 'string'
secrets: {
certificate: 'string'
secretsType: 'string'
}
tenantId: 'string'
thumbprint: 'string'
}
For KerberosKeytab, use:
{
credentialsType: 'KerberosKeytab'
kerberosKdcAddress: 'string'
kerberosPrincipal: 'string'
kerberosRealm: 'string'
secrets: {
kerberosKeytab: 'string'
secretsType: 'string'
}
}
For KerberosPassword, use:
{
credentialsType: 'KerberosPassword'
kerberosKdcAddress: 'string'
kerberosPrincipal: 'string'
kerberosRealm: 'string'
secrets: {
kerberosPassword: 'string'
secretsType: 'string'
}
}
For None, use:
{
credentialsType: 'None'
}
For Sas, use:
{
credentialsType: 'Sas'
secrets: {
sasToken: 'string'
secretsType: 'string'
}
}
For ServicePrincipal, use:
{
authorityUrl: 'string'
clientId: 'string'
credentialsType: 'ServicePrincipal'
resourceUrl: 'string'
secrets: {
clientSecret: 'string'
secretsType: 'string'
}
tenantId: 'string'
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
artifactType: 'LakeHouse'
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'KerberosKeytab' for type KerberosKeytabCredentials. Set to 'KerberosPassword' for type KerberosPasswordCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'Hdfs' for type HdfsDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'Hdfs' 'OneLake' (required) |
| description | The asset description text. | string |
| intellectualProperty | Intellectual Property details. | IntellectualProperty |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
HdfsDatastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'Hdfs' (required) |
| hdfsServerCertificate | The TLS cert of the HDFS server. Needs to be a base64 encoded string. Required if "Https" protocol is selected. | string |
| nameNodeAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account (Https/Http). | string |
IntellectualProperty
| Name | Description | Value |
|---|---|---|
| protectionLevel | Protection level of the Intellectual Property. | 'All' 'None' |
| publisher | [Required] Publisher of the Intellectual Property. Must be the same as Registry publisher name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
KerberosKeytabCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosKeytab' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Keytab secrets. | KerberosKeytabSecrets (required) |
KerberosKeytabSecrets
| Name | Description | Value |
|---|---|---|
| kerberosKeytab | Kerberos keytab secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
KerberosPasswordCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosPassword' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Kerberos password secrets. | KerberosPasswordSecrets (required) |
KerberosPasswordSecrets
| Name | Description | Value |
|---|---|---|
| kerberosPassword | Kerberos password secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: workspaces |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
ARM template resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following JSON to your template.
{
"type": "Microsoft.MachineLearningServices/workspaces/datastores",
"apiVersion": "2023-04-01-preview",
"name": "string",
"properties": {
"credentials": {
"credentialsType": "string"
// For remaining properties, see DatastoreCredentials objects
},
"description": "string",
"intellectualProperty": {
"protectionLevel": "string",
"publisher": "string"
},
"properties": {
"{customized property}": "string"
},
"tags": {
"{customized property}": "string"
},
"datastoreType": "string"
// For remaining properties, see DatastoreProperties objects
}
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
"accountName": "string",
"containerName": "string",
"datastoreType": "AzureBlob",
"endpoint": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For AzureDataLakeGen1, use:
{
"datastoreType": "AzureDataLakeGen1",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"storeName": "string",
"subscriptionId": "string"
}
For AzureDataLakeGen2, use:
{
"accountName": "string",
"datastoreType": "AzureDataLakeGen2",
"endpoint": "string",
"filesystem": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For AzureFile, use:
{
"accountName": "string",
"datastoreType": "AzureFile",
"endpoint": "string",
"fileShareName": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For Hdfs, use:
{
"datastoreType": "Hdfs",
"hdfsServerCertificate": "string",
"nameNodeAddress": "string",
"protocol": "string"
}
For OneLake, use:
{
"artifact": {
"artifactName": "string",
"artifactType": "string"
// For remaining properties, see OneLakeArtifact objects
},
"datastoreType": "OneLake",
"endpoint": "string",
"oneLakeWorkspaceName": "string",
"serviceDataAccessAuthIdentity": "string"
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
"credentialsType": "AccountKey",
"secrets": {
"key": "string",
"secretsType": "string"
}
}
For Certificate, use:
{
"authorityUrl": "string",
"clientId": "string",
"credentialsType": "Certificate",
"resourceUrl": "string",
"secrets": {
"certificate": "string",
"secretsType": "string"
},
"tenantId": "string",
"thumbprint": "string"
}
For KerberosKeytab, use:
{
"credentialsType": "KerberosKeytab",
"kerberosKdcAddress": "string",
"kerberosPrincipal": "string",
"kerberosRealm": "string",
"secrets": {
"kerberosKeytab": "string",
"secretsType": "string"
}
}
For KerberosPassword, use:
{
"credentialsType": "KerberosPassword",
"kerberosKdcAddress": "string",
"kerberosPrincipal": "string",
"kerberosRealm": "string",
"secrets": {
"kerberosPassword": "string",
"secretsType": "string"
}
}
For None, use:
{
"credentialsType": "None"
}
For Sas, use:
{
"credentialsType": "Sas",
"secrets": {
"sasToken": "string",
"secretsType": "string"
}
}
For ServicePrincipal, use:
{
"authorityUrl": "string",
"clientId": "string",
"credentialsType": "ServicePrincipal",
"resourceUrl": "string",
"secrets": {
"clientSecret": "string",
"secretsType": "string"
},
"tenantId": "string"
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
"artifactType": "LakeHouse"
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'KerberosKeytab' for type KerberosKeytabCredentials. Set to 'KerberosPassword' for type KerberosPasswordCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'Hdfs' for type HdfsDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'Hdfs' 'OneLake' (required) |
| description | The asset description text. | string |
| intellectualProperty | Intellectual Property details. | IntellectualProperty |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
HdfsDatastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'Hdfs' (required) |
| hdfsServerCertificate | The TLS cert of the HDFS server. Needs to be a base64 encoded string. Required if "Https" protocol is selected. | string |
| nameNodeAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account (Https/Http). | string |
IntellectualProperty
| Name | Description | Value |
|---|---|---|
| protectionLevel | Protection level of the Intellectual Property. | 'All' 'None' |
| publisher | [Required] Publisher of the Intellectual Property. Must be the same as Registry publisher name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
KerberosKeytabCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosKeytab' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Keytab secrets. | KerberosKeytabSecrets (required) |
KerberosKeytabSecrets
| Name | Description | Value |
|---|---|---|
| kerberosKeytab | Kerberos keytab secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
KerberosPasswordCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosPassword' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Kerberos password secrets. | KerberosPasswordSecrets (required) |
KerberosPasswordSecrets
| Name | Description | Value |
|---|---|---|
| kerberosPassword | Kerberos password secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2023-04-01-preview' |
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
| type | The resource type | 'Microsoft.MachineLearningServices/workspaces/datastores' |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create a Blob Storage Datastore |
This template creates a blob storage datastore in Azure Machine Learning workspace. |
| Create a Databricks File System Datastore |
This template creates a Databricks File System datastore in Azure Machine Learning workspace. |
| Create a File Share Datastore |
This template creates a file share datastore in Azure Machine Learning workspace. |
| Create AML workspace with multiple Datasets & Datastores |
This template creates Azure Machine Learning workspace with multiple datasets & datastores. |
| Create an Azure ADLS Datastore |
This template creates a ADLS datastore in Azure Machine Learning workspace. |
| Create an Azure ADLS Gen2 Datastore |
This template creates a ADLS Gen2 datastore in Azure Machine Learning workspace. |
| Create an Azure MySQL Datastore |
This template creates a MySQL datastore in Azure Machine Learning workspace. |
| Create an Azure PostgreSQL Datastore |
This template creates a PostgreSQL datastore in Azure Machine Learning workspace. |
| Create an Azure SQL Datastore |
This template creates a SQL datastore in Azure Machine Learning workspace. |
Terraform (AzAPI provider) resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.MachineLearningServices/workspaces/datastores@2023-04-01-preview"
name = "string"
body = jsonencode({
properties = {
credentials = {
credentialsType = "string"
// For remaining properties, see DatastoreCredentials objects
}
description = "string"
intellectualProperty = {
protectionLevel = "string"
publisher = "string"
}
properties = {
{customized property} = "string"
}
tags = {
{customized property} = "string"
}
datastoreType = "string"
// For remaining properties, see DatastoreProperties objects
}
})
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
accountName = "string"
containerName = "string"
datastoreType = "AzureBlob"
endpoint = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For AzureDataLakeGen1, use:
{
datastoreType = "AzureDataLakeGen1"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
storeName = "string"
subscriptionId = "string"
}
For AzureDataLakeGen2, use:
{
accountName = "string"
datastoreType = "AzureDataLakeGen2"
endpoint = "string"
filesystem = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For AzureFile, use:
{
accountName = "string"
datastoreType = "AzureFile"
endpoint = "string"
fileShareName = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For Hdfs, use:
{
datastoreType = "Hdfs"
hdfsServerCertificate = "string"
nameNodeAddress = "string"
protocol = "string"
}
For OneLake, use:
{
artifact = {
artifactName = "string"
artifactType = "string"
// For remaining properties, see OneLakeArtifact objects
}
datastoreType = "OneLake"
endpoint = "string"
oneLakeWorkspaceName = "string"
serviceDataAccessAuthIdentity = "string"
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
credentialsType = "AccountKey"
secrets = {
key = "string"
secretsType = "string"
}
}
For Certificate, use:
{
authorityUrl = "string"
clientId = "string"
credentialsType = "Certificate"
resourceUrl = "string"
secrets = {
certificate = "string"
secretsType = "string"
}
tenantId = "string"
thumbprint = "string"
}
For KerberosKeytab, use:
{
credentialsType = "KerberosKeytab"
kerberosKdcAddress = "string"
kerberosPrincipal = "string"
kerberosRealm = "string"
secrets = {
kerberosKeytab = "string"
secretsType = "string"
}
}
For KerberosPassword, use:
{
credentialsType = "KerberosPassword"
kerberosKdcAddress = "string"
kerberosPrincipal = "string"
kerberosRealm = "string"
secrets = {
kerberosPassword = "string"
secretsType = "string"
}
}
For None, use:
{
credentialsType = "None"
}
For Sas, use:
{
credentialsType = "Sas"
secrets = {
sasToken = "string"
secretsType = "string"
}
}
For ServicePrincipal, use:
{
authorityUrl = "string"
clientId = "string"
credentialsType = "ServicePrincipal"
resourceUrl = "string"
secrets = {
clientSecret = "string"
secretsType = "string"
}
tenantId = "string"
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
artifactType = "LakeHouse"
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'KerberosKeytab' for type KerberosKeytabCredentials. Set to 'KerberosPassword' for type KerberosPasswordCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'Hdfs' for type HdfsDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'Hdfs' 'OneLake' (required) |
| description | The asset description text. | string |
| intellectualProperty | Intellectual Property details. | IntellectualProperty |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
HdfsDatastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'Hdfs' (required) |
| hdfsServerCertificate | The TLS cert of the HDFS server. Needs to be a base64 encoded string. Required if "Https" protocol is selected. | string |
| nameNodeAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account (Https/Http). | string |
IntellectualProperty
| Name | Description | Value |
|---|---|---|
| protectionLevel | Protection level of the Intellectual Property. | 'All' 'None' |
| publisher | [Required] Publisher of the Intellectual Property. Must be the same as Registry publisher name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
KerberosKeytabCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosKeytab' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Keytab secrets. | KerberosKeytabSecrets (required) |
KerberosKeytabSecrets
| Name | Description | Value |
|---|---|---|
| kerberosKeytab | Kerberos keytab secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
KerberosPasswordCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'KerberosPassword' (required) |
| kerberosKdcAddress | [Required] IP Address or DNS HostName. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosPrincipal | [Required] Kerberos Username | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| kerberosRealm | [Required] Domain over which a Kerberos authentication server has the authority to authenticate a user, host or service. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| secrets | [Required] Kerberos password secrets. | KerberosPasswordSecrets (required) |
KerberosPasswordSecrets
| Name | Description | Value |
|---|---|---|
| kerberosPassword | Kerberos password secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: workspaces |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
| type | The resource type | "Microsoft.MachineLearningServices/workspaces/datastores@2023-04-01-preview" |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'KerberosKeytab' 'KerberosPassword' 'Sas' 'ServicePrincipal' (required) |