Microsoft.MachineLearningServices workspaces/datastores 2024-04-01
- Latest
- 2024-10-01
- 2024-10-01-preview
- 2024-07-01-preview
- 2024-04-01
- 2024-04-01-preview
- 2024-01-01-preview
- 2023-10-01
- 2023-08-01-preview
- 2023-06-01-preview
- 2023-04-01
- 2023-04-01-preview
- 2023-02-01-preview
- 2022-12-01-preview
- 2022-10-01
- 2022-10-01-preview
- 2022-06-01-preview
- 2022-05-01
- 2022-02-01-preview
- 2021-03-01-preview
- 2020-05-01-preview
Bicep resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.MachineLearningServices/workspaces/datastores@2024-04-01' = {
name: 'string'
properties: {
credentials: {
credentialsType: 'string'
// For remaining properties, see DatastoreCredentials objects
}
description: 'string'
properties: {
{customized property}: 'string'
}
tags: {
{customized property}: 'string'
}
datastoreType: 'string'
// For remaining properties, see DatastoreProperties objects
}
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
artifactType: 'LakeHouse'
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
credentialsType: 'AccountKey'
secrets: {
key: 'string'
secretsType: 'string'
}
}
For Certificate, use:
{
authorityUrl: 'string'
clientId: 'string'
credentialsType: 'Certificate'
resourceUrl: 'string'
secrets: {
certificate: 'string'
secretsType: 'string'
}
tenantId: 'string'
thumbprint: 'string'
}
For None, use:
{
credentialsType: 'None'
}
For Sas, use:
{
credentialsType: 'Sas'
secrets: {
sasToken: 'string'
secretsType: 'string'
}
}
For ServicePrincipal, use:
{
authorityUrl: 'string'
clientId: 'string'
credentialsType: 'ServicePrincipal'
resourceUrl: 'string'
secrets: {
clientSecret: 'string'
secretsType: 'string'
}
tenantId: 'string'
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
accountName: 'string'
containerName: 'string'
datastoreType: 'AzureBlob'
endpoint: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For AzureDataLakeGen1, use:
{
datastoreType: 'AzureDataLakeGen1'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
storeName: 'string'
subscriptionId: 'string'
}
For AzureDataLakeGen2, use:
{
accountName: 'string'
datastoreType: 'AzureDataLakeGen2'
endpoint: 'string'
filesystem: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For AzureFile, use:
{
accountName: 'string'
datastoreType: 'AzureFile'
endpoint: 'string'
fileShareName: 'string'
protocol: 'string'
resourceGroup: 'string'
serviceDataAccessAuthIdentity: 'string'
subscriptionId: 'string'
}
For OneLake, use:
{
artifact: {
artifactName: 'string'
artifactType: 'string'
// For remaining properties, see OneLakeArtifact objects
}
datastoreType: 'OneLake'
endpoint: 'string'
oneLakeWorkspaceName: 'string'
serviceDataAccessAuthIdentity: 'string'
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'OneLake' (required) |
| description | The asset description text. | string |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: workspaces |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
ARM template resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following JSON to your template.
{
"type": "Microsoft.MachineLearningServices/workspaces/datastores",
"apiVersion": "2024-04-01",
"name": "string",
"properties": {
"credentials": {
"credentialsType": "string"
// For remaining properties, see DatastoreCredentials objects
},
"description": "string",
"properties": {
"{customized property}": "string"
},
"tags": {
"{customized property}": "string"
},
"datastoreType": "string"
// For remaining properties, see DatastoreProperties objects
}
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
"artifactType": "LakeHouse"
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
"credentialsType": "AccountKey",
"secrets": {
"key": "string",
"secretsType": "string"
}
}
For Certificate, use:
{
"authorityUrl": "string",
"clientId": "string",
"credentialsType": "Certificate",
"resourceUrl": "string",
"secrets": {
"certificate": "string",
"secretsType": "string"
},
"tenantId": "string",
"thumbprint": "string"
}
For None, use:
{
"credentialsType": "None"
}
For Sas, use:
{
"credentialsType": "Sas",
"secrets": {
"sasToken": "string",
"secretsType": "string"
}
}
For ServicePrincipal, use:
{
"authorityUrl": "string",
"clientId": "string",
"credentialsType": "ServicePrincipal",
"resourceUrl": "string",
"secrets": {
"clientSecret": "string",
"secretsType": "string"
},
"tenantId": "string"
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
"accountName": "string",
"containerName": "string",
"datastoreType": "AzureBlob",
"endpoint": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For AzureDataLakeGen1, use:
{
"datastoreType": "AzureDataLakeGen1",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"storeName": "string",
"subscriptionId": "string"
}
For AzureDataLakeGen2, use:
{
"accountName": "string",
"datastoreType": "AzureDataLakeGen2",
"endpoint": "string",
"filesystem": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For AzureFile, use:
{
"accountName": "string",
"datastoreType": "AzureFile",
"endpoint": "string",
"fileShareName": "string",
"protocol": "string",
"resourceGroup": "string",
"serviceDataAccessAuthIdentity": "string",
"subscriptionId": "string"
}
For OneLake, use:
{
"artifact": {
"artifactName": "string",
"artifactType": "string"
// For remaining properties, see OneLakeArtifact objects
},
"datastoreType": "OneLake",
"endpoint": "string",
"oneLakeWorkspaceName": "string",
"serviceDataAccessAuthIdentity": "string"
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'OneLake' (required) |
| description | The asset description text. | string |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2024-04-01' |
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
| type | The resource type | 'Microsoft.MachineLearningServices/workspaces/datastores' |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
Quickstart templates
The following quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Create a Blob Storage Datastore |
This template creates a blob storage datastore in Azure Machine Learning workspace. |
| Create a Databricks File System Datastore |
This template creates a Databricks File System datastore in Azure Machine Learning workspace. |
| Create a File Share Datastore |
This template creates a file share datastore in Azure Machine Learning workspace. |
| Create AML workspace with multiple Datasets & Datastores |
This template creates Azure Machine Learning workspace with multiple datasets & datastores. |
| Create an Azure ADLS Datastore |
This template creates a ADLS datastore in Azure Machine Learning workspace. |
| Create an Azure ADLS Gen2 Datastore |
This template creates a ADLS Gen2 datastore in Azure Machine Learning workspace. |
| Create an Azure MySQL Datastore |
This template creates a MySQL datastore in Azure Machine Learning workspace. |
| Create an Azure PostgreSQL Datastore |
This template creates a PostgreSQL datastore in Azure Machine Learning workspace. |
| Create an Azure SQL Datastore |
This template creates a SQL datastore in Azure Machine Learning workspace. |
Terraform (AzAPI provider) resource definition
The workspaces/datastores resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.MachineLearningServices/workspaces/datastores resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.MachineLearningServices/workspaces/datastores@2024-04-01"
name = "string"
body = jsonencode({
properties = {
credentials = {
credentialsType = "string"
// For remaining properties, see DatastoreCredentials objects
}
description = "string"
properties = {
{customized property} = "string"
}
tags = {
{customized property} = "string"
}
datastoreType = "string"
// For remaining properties, see DatastoreProperties objects
}
})
}
OneLakeArtifact objects
Set the artifactType property to specify the type of object.
For LakeHouse, use:
{
artifactType = "LakeHouse"
}
DatastoreCredentials objects
Set the credentialsType property to specify the type of object.
For AccountKey, use:
{
credentialsType = "AccountKey"
secrets = {
key = "string"
secretsType = "string"
}
}
For Certificate, use:
{
authorityUrl = "string"
clientId = "string"
credentialsType = "Certificate"
resourceUrl = "string"
secrets = {
certificate = "string"
secretsType = "string"
}
tenantId = "string"
thumbprint = "string"
}
For None, use:
{
credentialsType = "None"
}
For Sas, use:
{
credentialsType = "Sas"
secrets = {
sasToken = "string"
secretsType = "string"
}
}
For ServicePrincipal, use:
{
authorityUrl = "string"
clientId = "string"
credentialsType = "ServicePrincipal"
resourceUrl = "string"
secrets = {
clientSecret = "string"
secretsType = "string"
}
tenantId = "string"
}
DatastoreProperties objects
Set the datastoreType property to specify the type of object.
For AzureBlob, use:
{
accountName = "string"
containerName = "string"
datastoreType = "AzureBlob"
endpoint = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For AzureDataLakeGen1, use:
{
datastoreType = "AzureDataLakeGen1"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
storeName = "string"
subscriptionId = "string"
}
For AzureDataLakeGen2, use:
{
accountName = "string"
datastoreType = "AzureDataLakeGen2"
endpoint = "string"
filesystem = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For AzureFile, use:
{
accountName = "string"
datastoreType = "AzureFile"
endpoint = "string"
fileShareName = "string"
protocol = "string"
resourceGroup = "string"
serviceDataAccessAuthIdentity = "string"
subscriptionId = "string"
}
For OneLake, use:
{
artifact = {
artifactName = "string"
artifactType = "string"
// For remaining properties, see OneLakeArtifact objects
}
datastoreType = "OneLake"
endpoint = "string"
oneLakeWorkspaceName = "string"
serviceDataAccessAuthIdentity = "string"
}
Property values
AccountKeyDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'AccountKey' (required) |
| secrets | [Required] Storage account secrets. | AccountKeyDatastoreSecrets (required) |
AccountKeyDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| key | Storage account key. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
AzureBlobDatastore
| Name | Description | Value |
|---|---|---|
| accountName | Storage account name. | string |
| containerName | Storage account container name. | string |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureBlob' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen1Datastore
| Name | Description | Value |
|---|---|---|
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen1' (required) |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| storeName | [Required] Azure Data Lake store name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| subscriptionId | Azure Subscription Id | string |
AzureDataLakeGen2Datastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureDataLakeGen2' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| filesystem | [Required] The name of the Data Lake Gen2 filesystem. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
AzureFileDatastore
| Name | Description | Value |
|---|---|---|
| accountName | [Required] Storage account name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'AzureFile' (required) |
| endpoint | Azure cloud endpoint for the storage account. | string |
| fileShareName | [Required] The name of the Azure file share that the datastore points to. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| protocol | Protocol used to communicate with the storage account. | string |
| resourceGroup | Azure Resource Group name | string |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
| subscriptionId | Azure Subscription Id | string |
CertificateDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'Certificate' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | CertificateDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| thumbprint | [Required] Thumbprint of the certificate used for authentication. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
CertificateDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| certificate | Service principal certificate. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
DatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | Set to 'AccountKey' for type AccountKeyDatastoreCredentials. Set to 'Certificate' for type CertificateDatastoreCredentials. Set to 'None' for type NoneDatastoreCredentials. Set to 'Sas' for type SasDatastoreCredentials. Set to 'ServicePrincipal' for type ServicePrincipalDatastoreCredentials. | 'AccountKey' 'Certificate' 'None' 'Sas' 'ServicePrincipal' (required) |
DatastoreProperties
| Name | Description | Value |
|---|---|---|
| credentials | [Required] Account credentials. | DatastoreCredentials (required) |
| datastoreType | Set to 'AzureBlob' for type AzureBlobDatastore. Set to 'AzureDataLakeGen1' for type AzureDataLakeGen1Datastore. Set to 'AzureDataLakeGen2' for type AzureDataLakeGen2Datastore. Set to 'AzureFile' for type AzureFileDatastore. Set to 'OneLake' for type OneLakeDatastore. | 'AzureBlob' 'AzureDataLakeGen1' 'AzureDataLakeGen2' 'AzureFile' 'OneLake' (required) |
| description | The asset description text. | string |
| properties | The asset property dictionary. | ResourceBaseProperties |
| tags | Tag dictionary. Tags can be added, removed, and updated. | ResourceBaseTags |
LakeHouseArtifact
| Name | Description | Value |
|---|---|---|
| artifactType | [Required] OneLake artifact type | 'LakeHouse' (required) |
Microsoft.MachineLearningServices/workspaces/datastores
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Pattern = ^[a-zA-Z0-9][a-zA-Z0-9\-_]{0,254}$ (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: workspaces |
| properties | [Required] Additional attributes of the entity. | DatastoreProperties (required) |
| type | The resource type | "Microsoft.MachineLearningServices/workspaces/datastores@2024-04-01" |
NoneDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'None' (required) |
OneLakeArtifact
| Name | Description | Value |
|---|---|---|
| artifactName | [Required] OneLake artifact name | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| artifactType | Set to 'LakeHouse' for type LakeHouseArtifact. | 'LakeHouse' (required) |
OneLakeDatastore
| Name | Description | Value |
|---|---|---|
| artifact | [Required] OneLake artifact backing the datastore. | OneLakeArtifact (required) |
| datastoreType | [Required] Storage type backing the datastore. | 'OneLake' (required) |
| endpoint | OneLake endpoint to use for the datastore. | string |
| oneLakeWorkspaceName | [Required] OneLake workspace name. | string Constraints: Min length = 1 Pattern = [a-zA-Z0-9_] (required) |
| serviceDataAccessAuthIdentity | Indicates which identity to use to authenticate service data access to customer's storage. | 'None' 'WorkspaceSystemAssignedIdentity' 'WorkspaceUserAssignedIdentity' |
ResourceBaseProperties
| Name | Description | Value |
|---|
ResourceBaseTags
| Name | Description | Value |
|---|
SasDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| credentialsType | [Required] Credential type used to authentication with storage. | 'Sas' (required) |
| secrets | [Required] Storage container secrets. | SasDatastoreSecrets (required) |
SasDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| sasToken | Storage container SAS token. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |
ServicePrincipalDatastoreCredentials
| Name | Description | Value |
|---|---|---|
| authorityUrl | Authority URL used for authentication. | string |
| clientId | [Required] Service principal client ID. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
| credentialsType | [Required] Credential type used to authentication with storage. | 'ServicePrincipal' (required) |
| resourceUrl | Resource the service principal has access to. | string |
| secrets | [Required] Service principal secrets. | ServicePrincipalDatastoreSecrets (required) |
| tenantId | [Required] ID of the tenant to which the service principal belongs. | string Constraints: Min length = 36 Max length = 36 Pattern = ^[0-9a-fA-F]{8}-([0-9a-fA-F]{4}-){3}[0-9a-fA-F]{12}$ (required) |
ServicePrincipalDatastoreSecrets
| Name | Description | Value |
|---|---|---|
| clientSecret | Service principal secret. | string |
| secretsType | [Required] Credential type used to authentication with storage. | 'AccountKey' 'Certificate' 'Sas' 'ServicePrincipal' (required) |