Microsoft.StorageCache amlFilesystems 2024-03-01
Bicep resource definition
The amlFilesystems resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/amlFilesystems resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.StorageCache/amlFilesystems@2024-03-01' = {
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
location: 'string'
name: 'string'
properties: {
encryptionSettings: {
keyEncryptionKey: {
keyUrl: 'string'
sourceVault: {
id: 'string'
filesystemSubnet: 'string'
hsm: {
settings: {
container: 'string'
importPrefix: 'string'
importPrefixesInitial: [
loggingContainer: 'string'
maintenanceWindow: {
dayOfWeek: 'string'
timeOfDayUTC: 'string'
rootSquashSettings: {
mode: 'string'
noSquashNidLists: 'string'
squashGID: int
squashUID: int
storageCapacityTiB: int
sku: {
name: 'string'
tags: {
{customized property}: 'string'
zones: [
Property Values
Name | Description | Value |
keyEncryptionKey | Specifies the location of the encryption key in Key Vault. | KeyVaultKeyReference |
Name | Description | Value |
container | Resource ID of storage container used for hydrating the namespace and archiving from the namespace. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
importPrefix | Only blobs in the non-logging container that start with this path/prefix get imported into the cluster namespace. This is only used during initial creation of the AML file system. It automatically creates an import job resource that can be deleted. | string |
importPrefixesInitial | Only blobs in the non-logging container that start with one of the paths/prefixes in this array get imported into the cluster namespace. This is only used during initial creation of the AML file system and has '/' as the default value. It automatically creates an import job resource that can be deleted. | string[] |
loggingContainer | Resource ID of storage container used for logging events and errors. Must be a separate container in the same storage account as the hydration and archive container. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
Name | Description | Value |
type | The type of identity used for the resource. | 'None' 'UserAssigned' |
userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | UserAssignedIdentities |
Name | Description | Value |
encryptionSettings | Specifies encryption settings of the AML file system. | AmlFilesystemEncryptionSettings |
filesystemSubnet | Subnet used for managing the AML file system and for client-facing operations. This subnet should have at least a /24 subnet mask within the VNET's address space. | string (required) |
hsm | Hydration and archive settings and status | AmlFilesystemPropertiesHsm |
maintenanceWindow | Start time of a 30-minute weekly maintenance window. | AmlFilesystemPropertiesMaintenanceWindow (required) |
rootSquashSettings | Specifies root squash settings of the AML file system. | AmlFilesystemRootSquashSettings |
storageCapacityTiB | The size of the AML file system, in TiB. This might be rounded up. | int (required) |
Name | Description | Value |
settings | Specifies HSM settings of the AML file system. | AmlFilesystemHsmSettings |
Name | Description | Value |
dayOfWeek | Day of the week on which the maintenance window will occur. | 'Friday' 'Monday' 'Saturday' 'Sunday' 'Thursday' 'Tuesday' 'Wednesday' |
timeOfDayUTC | The time of day (in UTC) to start the maintenance window. | string Constraints: Pattern = ^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$ |
Name | Description | Value |
mode | Squash mode of the AML file system. 'All': User and Group IDs on files will be squashed to the provided values for all users on non-trusted systems. 'RootOnly': User and Group IDs on files will be squashed to provided values for solely the root user on non-trusted systems. 'None': No squashing of User and Group IDs is performed for any users on any systems. | 'All' 'None' 'RootOnly' |
noSquashNidLists | Semicolon separated NID IP Address list(s) to be added to the TrustedSystems. | string |
squashGID | Group ID to squash to. | int |
squashUID | User ID to squash to. | int |
Name | Description | Value |
keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
Name | Description | Value |
id | Resource Id. | string |
Name | Description | Value |
identity | The managed identity used by the AML file system, if configured. | AmlFilesystemIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 2 Max length = 80 Pattern = ^[0-9a-zA-Z][-0-9a-zA-Z_]{0,78}[0-9a-zA-Z]$ (required) |
properties | Properties of the AML file system. | AmlFilesystemProperties |
sku | SKU for the resource. | SkuName |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
Name | Description | Value |
name | SKU name for this resource. | string |
Name | Description | Value |
Name | Description | Value |
Name | Description | Value |
ARM template resource definition
The amlFilesystems resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/amlFilesystems resource, add the following JSON to your template.
"type": "Microsoft.StorageCache/amlFilesystems",
"apiVersion": "2024-03-01",
"name": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
"location": "string",
"properties": {
"encryptionSettings": {
"keyEncryptionKey": {
"keyUrl": "string",
"sourceVault": {
"id": "string"
"filesystemSubnet": "string",
"hsm": {
"settings": {
"container": "string",
"importPrefix": "string",
"importPrefixesInitial": [ "string" ],
"loggingContainer": "string"
"maintenanceWindow": {
"dayOfWeek": "string",
"timeOfDayUTC": "string"
"rootSquashSettings": {
"mode": "string",
"noSquashNidLists": "string",
"squashGID": "int",
"squashUID": "int"
"storageCapacityTiB": "int"
"sku": {
"name": "string"
"tags": {
"{customized property}": "string"
"zones": [ "string" ]
Property Values
Name | Description | Value |
keyEncryptionKey | Specifies the location of the encryption key in Key Vault. | KeyVaultKeyReference |
Name | Description | Value |
container | Resource ID of storage container used for hydrating the namespace and archiving from the namespace. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
importPrefix | Only blobs in the non-logging container that start with this path/prefix get imported into the cluster namespace. This is only used during initial creation of the AML file system. It automatically creates an import job resource that can be deleted. | string |
importPrefixesInitial | Only blobs in the non-logging container that start with one of the paths/prefixes in this array get imported into the cluster namespace. This is only used during initial creation of the AML file system and has '/' as the default value. It automatically creates an import job resource that can be deleted. | string[] |
loggingContainer | Resource ID of storage container used for logging events and errors. Must be a separate container in the same storage account as the hydration and archive container. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
Name | Description | Value |
type | The type of identity used for the resource. | 'None' 'UserAssigned' |
userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | UserAssignedIdentities |
Name | Description | Value |
encryptionSettings | Specifies encryption settings of the AML file system. | AmlFilesystemEncryptionSettings |
filesystemSubnet | Subnet used for managing the AML file system and for client-facing operations. This subnet should have at least a /24 subnet mask within the VNET's address space. | string (required) |
hsm | Hydration and archive settings and status | AmlFilesystemPropertiesHsm |
maintenanceWindow | Start time of a 30-minute weekly maintenance window. | AmlFilesystemPropertiesMaintenanceWindow (required) |
rootSquashSettings | Specifies root squash settings of the AML file system. | AmlFilesystemRootSquashSettings |
storageCapacityTiB | The size of the AML file system, in TiB. This might be rounded up. | int (required) |
Name | Description | Value |
settings | Specifies HSM settings of the AML file system. | AmlFilesystemHsmSettings |
Name | Description | Value |
dayOfWeek | Day of the week on which the maintenance window will occur. | 'Friday' 'Monday' 'Saturday' 'Sunday' 'Thursday' 'Tuesday' 'Wednesday' |
timeOfDayUTC | The time of day (in UTC) to start the maintenance window. | string Constraints: Pattern = ^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$ |
Name | Description | Value |
mode | Squash mode of the AML file system. 'All': User and Group IDs on files will be squashed to the provided values for all users on non-trusted systems. 'RootOnly': User and Group IDs on files will be squashed to provided values for solely the root user on non-trusted systems. 'None': No squashing of User and Group IDs is performed for any users on any systems. | 'All' 'None' 'RootOnly' |
noSquashNidLists | Semicolon separated NID IP Address list(s) to be added to the TrustedSystems. | string |
squashGID | Group ID to squash to. | int |
squashUID | User ID to squash to. | int |
Name | Description | Value |
keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
Name | Description | Value |
id | Resource Id. | string |
Name | Description | Value |
apiVersion | The api version | '2024-03-01' |
identity | The managed identity used by the AML file system, if configured. | AmlFilesystemIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 2 Max length = 80 Pattern = ^[0-9a-zA-Z][-0-9a-zA-Z_]{0,78}[0-9a-zA-Z]$ (required) |
properties | Properties of the AML file system. | AmlFilesystemProperties |
sku | SKU for the resource. | SkuName |
tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
type | The resource type | 'Microsoft.StorageCache/amlFilesystems' |
zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
Name | Description | Value |
name | SKU name for this resource. | string |
Name | Description | Value |
Name | Description | Value |
Name | Description | Value |
Usage Examples
Terraform (AzAPI provider) resource definition
The amlFilesystems resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.StorageCache/amlFilesystems resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.StorageCache/amlFilesystems@2024-03-01"
name = "string"
identity = {
type = "string"
userAssignedIdentities = {
{customized property} = {
location = "string"
sku = {
name = "string"
tags = {
{customized property} = "string"
zones = [
body = jsonencode({
properties = {
encryptionSettings = {
keyEncryptionKey = {
keyUrl = "string"
sourceVault = {
id = "string"
filesystemSubnet = "string"
hsm = {
settings = {
container = "string"
importPrefix = "string"
importPrefixesInitial = [
loggingContainer = "string"
maintenanceWindow = {
dayOfWeek = "string"
timeOfDayUTC = "string"
rootSquashSettings = {
mode = "string"
noSquashNidLists = "string"
squashGID = int
squashUID = int
storageCapacityTiB = int
Property Values
Name | Description | Value |
keyEncryptionKey | Specifies the location of the encryption key in Key Vault. | KeyVaultKeyReference |
Name | Description | Value |
container | Resource ID of storage container used for hydrating the namespace and archiving from the namespace. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
importPrefix | Only blobs in the non-logging container that start with this path/prefix get imported into the cluster namespace. This is only used during initial creation of the AML file system. It automatically creates an import job resource that can be deleted. | string |
importPrefixesInitial | Only blobs in the non-logging container that start with one of the paths/prefixes in this array get imported into the cluster namespace. This is only used during initial creation of the AML file system and has '/' as the default value. It automatically creates an import job resource that can be deleted. | string[] |
loggingContainer | Resource ID of storage container used for logging events and errors. Must be a separate container in the same storage account as the hydration and archive container. The resource provider must have permission to create SAS tokens on the storage account. | string (required) |
Name | Description | Value |
type | The type of identity used for the resource. | 'None' 'UserAssigned' |
userAssignedIdentities | A dictionary where each key is a user assigned identity resource ID, and each key's value is an empty dictionary. | UserAssignedIdentities |
Name | Description | Value |
encryptionSettings | Specifies encryption settings of the AML file system. | AmlFilesystemEncryptionSettings |
filesystemSubnet | Subnet used for managing the AML file system and for client-facing operations. This subnet should have at least a /24 subnet mask within the VNET's address space. | string (required) |
hsm | Hydration and archive settings and status | AmlFilesystemPropertiesHsm |
maintenanceWindow | Start time of a 30-minute weekly maintenance window. | AmlFilesystemPropertiesMaintenanceWindow (required) |
rootSquashSettings | Specifies root squash settings of the AML file system. | AmlFilesystemRootSquashSettings |
storageCapacityTiB | The size of the AML file system, in TiB. This might be rounded up. | int (required) |
Name | Description | Value |
settings | Specifies HSM settings of the AML file system. | AmlFilesystemHsmSettings |
Name | Description | Value |
dayOfWeek | Day of the week on which the maintenance window will occur. | 'Friday' 'Monday' 'Saturday' 'Sunday' 'Thursday' 'Tuesday' 'Wednesday' |
timeOfDayUTC | The time of day (in UTC) to start the maintenance window. | string Constraints: Pattern = ^([0-9]|0[0-9]|1[0-9]|2[0-3]):[0-5][0-9]$ |
Name | Description | Value |
mode | Squash mode of the AML file system. 'All': User and Group IDs on files will be squashed to the provided values for all users on non-trusted systems. 'RootOnly': User and Group IDs on files will be squashed to provided values for solely the root user on non-trusted systems. 'None': No squashing of User and Group IDs is performed for any users on any systems. | 'All' 'None' 'RootOnly' |
noSquashNidLists | Semicolon separated NID IP Address list(s) to be added to the TrustedSystems. | string |
squashGID | Group ID to squash to. | int |
squashUID | User ID to squash to. | int |
Name | Description | Value |
keyUrl | The URL referencing a key encryption key in key vault. | string (required) |
sourceVault | Describes a resource Id to source key vault. | KeyVaultKeyReferenceSourceVault (required) |
Name | Description | Value |
id | Resource Id. | string |
Name | Description | Value |
identity | The managed identity used by the AML file system, if configured. | AmlFilesystemIdentity |
location | The geo-location where the resource lives | string (required) |
name | The resource name | string Constraints: Min length = 2 Max length = 80 Pattern = ^[0-9a-zA-Z][-0-9a-zA-Z_]{0,78}[0-9a-zA-Z]$ (required) |
properties | Properties of the AML file system. | AmlFilesystemProperties |
sku | SKU for the resource. | SkuName |
tags | Resource tags | Dictionary of tag names and values. |
type | The resource type | "Microsoft.StorageCache/amlFilesystems@2024-03-01" |
zones | Availability zones for resources. This field should only contain a single element in the array. | string[] |
Name | Description | Value |
name | SKU name for this resource. | string |
Name | Description | Value |
Name | Description | Value |
Name | Description | Value |