Pool - Patch

Updates the properties of the specified Pool.
This only replaces the Pool properties specified in the request. For example, if the Pool has a StartTask associated with it, and a request does not specify a StartTask element, then the Pool keeps the existing StartTask.

PATCH {batchUrl}/pools/{poolId}?api-version=2024-07-01.20.0
PATCH {batchUrl}/pools/{poolId}?timeout={timeout}&api-version=2024-07-01.20.0

URI Parameters

Name In Required Type Description
batchUrl
path True

string

The base URL for all Azure Batch service requests.

poolId
path True

string

The ID of the Pool to update.

api-version
query True

string

Client API Version.

timeout
query

integer

int32

The maximum time that the server can spend processing the request, in seconds. The default is 30 seconds. If the value is larger than 30, the default will be used instead.

Request Header

Media Types: "application/json; odata=minimalmetadata"

Name Required Type Description
client-request-id

string

uuid

The caller-generated request identity, in the form of a GUID with no decoration such as curly braces, e.g. 9C4D50EE-2D56-4CD3-8152-34347DC9F2B0.

return-client-request-id

boolean

Whether the server should return the client-request-id in the response.

ocp-date

string

date-time-rfc1123

The time the request was issued. Client libraries typically set this to the current system clock time; set it explicitly if you are calling the REST API directly.

If-Match

string

An ETag value associated with the version of the resource known to the client. The operation will be performed only if the resource's current ETag on the service exactly matches the value specified by the client.

If-None-Match

string

An ETag value associated with the version of the resource known to the client. The operation will be performed only if the resource's current ETag on the service does not match the value specified by the client.

If-Modified-Since

string

date-time-rfc1123

A timestamp indicating the last modified time of the resource known to the client. The operation will be performed only if the resource on the service has been modified since the specified time.

If-Unmodified-Since

string

date-time-rfc1123

A timestamp indicating the last modified time of the resource known to the client. The operation will be performed only if the resource on the service has not been modified since the specified time.

Request Body

Media Types: "application/json; odata=minimalmetadata"

Name Type Description
applicationPackageReferences

ApplicationPackageReference[]

A list of Packages to be installed on each Compute Node in the Pool.
Changes to Package references affect all new Nodes joining the Pool, but do not affect Compute Nodes that are already in the Pool until they are rebooted or reimaged. If this element is present, it replaces any existing Package references. If you specify an empty collection, then all Package references are removed from the Pool. If omitted, any existing Package references are left unchanged.

certificateReferences

CertificateReference[]

A list of Certificates to be installed on each Compute Node in the Pool.
If this element is present, it replaces any existing Certificate references configured on the Pool. If omitted, any existing Certificate references are left unchanged. For Windows Nodes, the Batch service installs the Certificates to the specified Certificate store and location. For Linux Compute Nodes, the Certificates are stored in a directory inside the Task working directory and an environment variable AZ_BATCH_CERTIFICATES_DIR is supplied to the Task to query for this location. For Certificates with visibility of 'remoteUser', a 'certs' directory is created in the user's home directory (e.g., /home/{user-name}/certs) and Certificates are placed in that directory.

Warning: This property is deprecated and will be removed after February, 2024. Please use the Azure KeyVault Extension instead.

displayName

string

The display name for the Pool.
The display name need not be unique and can contain any Unicode characters up to a maximum length of 1024.

This field can be updated only when the pool is empty.

enableInterNodeCommunication

boolean

Whether the Pool permits direct communication between Compute Nodes.
Enabling inter-node communication limits the maximum size of the Pool due to deployment restrictions on the Compute Nodes of the Pool. This may result in the Pool not reaching its desired size. The default value is false.

This field can be updated only when the pool is empty.

metadata

MetadataItem[]

A list of name-value pairs associated with the Pool as metadata.
If this element is present, it replaces any existing metadata configured on the Pool. If you specify an empty collection, any metadata is removed from the Pool. If omitted, any existing metadata is left unchanged.

mountConfiguration

MountConfiguration[]

Mount storage using specified file system for the entire lifetime of the pool.
Mount the storage using Azure fileshare, NFS, CIFS or Blobfuse based file system.

This field can be updated only when the pool is empty.

networkConfiguration

NetworkConfiguration

The network configuration for the Pool.
This field can be updated only when the pool is empty.

resourceTags

object

The user-specified tags associated with the pool.
The user-defined tags to be associated with the Azure Batch Pool. When specified, these tags are propagated to the backing Azure resources associated with the pool. This property can only be specified when the Batch account was created with the poolAllocationMode property set to 'UserSubscription'.

This field can be updated only when the pool is empty.

startTask

StartTask

A Task to run on each Compute Node as it joins the Pool. The Task runs when the Compute Node is added to the Pool or when the Compute Node is restarted.
If this element is present, it overwrites any existing StartTask. If omitted, any existing StartTask is left unchanged.

targetNodeCommunicationMode

NodeCommunicationMode

The desired node communication mode for the pool.
If this element is present, it replaces the existing targetNodeCommunicationMode configured on the Pool. If omitted, any existing metadata is left unchanged.

taskSchedulingPolicy

TaskSchedulingPolicy

How Tasks are distributed across Compute Nodes in a Pool.
If not specified, the default is spread.

This field can be updated only when the pool is empty.

taskSlotsPerNode

integer

The number of task slots that can be used to run concurrent tasks on a single compute node in the pool.
The default value is 1. The maximum value is the smaller of 4 times the number of cores of the vmSize of the pool or 256.

This field can be updated only when the pool is empty.

upgradePolicy

UpgradePolicy

The upgrade policy for the Pool.
Describes an upgrade policy - automatic, manual, or rolling.

This field can be updated only when the pool is empty.

userAccounts

UserAccount[]

The list of user Accounts to be created on each Compute Node in the Pool.
This field can be updated only when the pool is empty.

virtualMachineConfiguration

VirtualMachineConfiguration

The virtual machine configuration for the Pool.
This property must be specified.

This field can be updated only when the pool is empty.

vmSize

string

The size of virtual machines in the Pool. All VMs in a Pool are the same size.
For information about available sizes of virtual machines in Pools, see Choose a VM size for Compute Nodes in an Azure Batch Pool (https://docs.microsoft.com/azure/batch/batch-pool-vm-sizes).

This field can be updated only when the pool is empty.

Responses

Name Type Description
200 OK

The request to the Batch service was successful.

Headers

  • client-request-id: string
  • request-id: string
  • ETag: string
  • Last-Modified: string
  • DataServiceId: string
Other Status Codes

BatchError

The error from the Batch service.

Security

azure_auth

Microsoft Entra OAuth 2.0 auth code flow

Type: oauth2
Flow: implicit
Authorization URL: https://login.microsoftonline.com/common/oauth2/authorize

Scopes

Name Description
user_impersonation Impersonate your user account

Authorization

Type: apiKey
In: header

Examples

Patch the Pool

Sample request

PATCH account.region.batch.azure.com/pools/poolId?api-version=2024-07-01.20.0



{
  "startTask": {
    "commandLine": "/bin/bash -c 'echo start task'"
  }
}

Sample response

Definitions

Name Description
ApplicationPackageReference

A reference to an Package to be deployed to Compute Nodes.

AutomaticOSUpgradePolicy

The configuration parameters used for performing automatic OS upgrade.

AutoUserScope

The scope for the auto user

AutoUserSpecification

Specifies the parameters for the auto user that runs a Task on the Batch service.

AzureBlobFileSystemConfiguration

Information used to connect to an Azure Storage Container using Blobfuse.

AzureFileShareConfiguration

Information used to connect to an Azure Fileshare.

BatchError

An error response received from the Azure Batch service.

BatchErrorDetail

An item of additional information included in an Azure Batch error response.

CachingType

The type of caching to enable for the disk.

CertificateReference

A reference to a Certificate to be installed on Compute Nodes in a Pool.

CertificateStoreLocation

The location of the Certificate store on the Compute Node into which to install the Certificate.

CertificateVisibility

Which user Accounts on the Compute Node should have access to the private data of the Certificate.

CIFSMountConfiguration

Information used to connect to a CIFS file system.

ComputeNodeFillType

How Tasks are distributed across Compute Nodes in a Pool.

ComputeNodeIdentityReference

The reference to a user assigned identity associated with the Batch pool which a compute node will use.

ContainerConfiguration

The configuration for container-enabled Pools.

ContainerHostBatchBindMountEntry

The entry of path and mount mode you want to mount into task container.

ContainerHostDataPath

The paths which will be mounted to container task's container.

ContainerRegistry

A private container registry.

ContainerType

The container technology to be used.

ContainerWorkingDirectory

The location of the container Task working directory.

DataDisk

Settings which will be used by the data disks associated to Compute Nodes in the Pool. When using attached data disks, you need to mount and format the disks from within a VM to use them.

DiffDiskPlacement

Specifies the ephemeral disk placement for operating system disk for all compute nodes (VMs) in the pool.

DiffDiskSettings

Specifies the ephemeral Disk Settings for the operating system disk used by the compute node (VM).

DiskEncryptionConfiguration

The disk encryption configuration applied on compute nodes in the pool. Disk encryption configuration is not supported on Linux pool created with Azure Compute Gallery Image.

DiskEncryptionTarget

The list of disk targets Batch Service will encrypt on the compute node.

DynamicVNetAssignmentScope

The scope of dynamic vnet assignment.

ElevationLevel

The elevation level of the user.

EnvironmentSetting

An environment variable to be set on a Task process.

ErrorMessage

An error message received in an Azure Batch error response.

ImageReference

A reference to an Azure Virtual Machines Marketplace Image or a Azure Compute Gallery Image. To get the list of all Azure Marketplace Image references verified by Azure Batch, see the 'List Supported Images' operation.

InboundEndpointProtocol

The protocol of the endpoint.

InboundNATPool

A inbound NAT Pool that can be used to address specific ports on Compute Nodes in a Batch Pool externally.

IPAddressProvisioningType

The provisioning type for Public IP Addresses for the Pool.

LinuxUserConfiguration

Properties used to create a user Account on a Linux Compute Node.

LoginMode

The login mode for the user

ManagedDisk
MetadataItem

A name-value pair associated with a Batch service resource.

MountConfiguration

The file system to mount on each node.

NetworkConfiguration

The network configuration for a Pool.

NetworkSecurityGroupRule

A network security group rule to apply to an inbound endpoint.

NetworkSecurityGroupRuleAccess

The action that should be taken for a specified IP address, subnet range or tag.

NFSMountConfiguration

Information used to connect to an NFS file system.

NodeCommunicationMode

Determines how a pool communicates with the Batch service.

NodePlacementConfiguration

Node placement configuration for a pool.

NodePlacementPolicyType

The placement policy for allocating nodes in the pool.

OSDisk

Settings for the operating system disk of the compute node (VM).

PoolEndpointConfiguration

The endpoint configuration for a Pool.

PoolPatchParameter

The set of changes to be made to a Pool.

PublicIPAddressConfiguration

The public IP Address configuration of the networking configuration of a Pool.

ResourceFile

A single file or multiple files to be downloaded to a Compute Node.

RollingUpgradePolicy

The configuration parameters used while performing a rolling upgrade.

SecurityEncryptionTypes

Specifies the EncryptionType of the managed disk. It is set to VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob. Note: It can be set for only Confidential VMs and is required when using Confidential VMs.

SecurityProfile

Specifies the security profile settings for the virtual machine or virtual machine scale set.

SecurityTypes

Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings.

ServiceArtifactReference

Specifies the service artifact reference id used to set same image version for all virtual machines in the scale set when using 'latest' image version.

StartTask

A Task which is run when a Node joins a Pool in the Azure Batch service, or when the Compute Node is rebooted or reimaged.

StorageAccountType

The storage Account type for use in creating data disks or OS disk.

TaskContainerSettings

The container settings for a Task.

TaskSchedulingPolicy

Specifies how Tasks should be distributed across Compute Nodes.

UefiSettings

Specifies the security settings like secure boot and vTPM used while creating the virtual machine.

UpgradeMode

Specifies the mode of an upgrade to virtual machines in the scale set.

Possible values are:

Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.

Automatic - All virtual machines in the scale set are automatically updated at the same time.

Rolling - Scale set performs updates in batches with an optional pause time in between.

UpgradePolicy

Describes an upgrade policy - automatic, manual, or rolling.

UserAccount

Properties used to create a user used to execute Tasks on an Azure Batch Compute Node.

UserIdentity

The definition of the user identity under which the Task is run.

VirtualMachineConfiguration

The configuration for Compute Nodes in a Pool based on the Azure Virtual Machines infrastructure.

VMDiskSecurityProfile

Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs and required when using Confidential VMs.

VMExtension

The configuration for virtual machine extensions.

WindowsConfiguration

Windows operating system settings to apply to the virtual machine.

WindowsUserConfiguration

Properties used to create a user Account on a Windows Compute Node.

ApplicationPackageReference

A reference to an Package to be deployed to Compute Nodes.

Name Type Description
applicationId

string

The ID of the application to deploy.
When creating a pool, the package's application ID must be fully qualified (/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Batch/batchAccounts/{accountName}/applications/{applicationName}).

version

string

The version of the application to deploy. If omitted, the default version is deployed.
If this is omitted on a Pool, and no default version is specified for this application, the request fails with the error code InvalidApplicationPackageReferences and HTTP status code 409. If this is omitted on a Task, and no default version is specified for this application, the Task fails with a pre-processing error.

AutomaticOSUpgradePolicy

The configuration parameters used for performing automatic OS upgrade.

Name Type Description
disableAutomaticRollback

boolean

Whether OS image rollback feature should be disabled.

enableAutomaticOSUpgrade

boolean

Indicates whether OS upgrades should automatically be applied to scale set instances in a rolling fashion when a newer version of the OS image becomes available.

If this is set to true for Windows based pools, WindowsConfiguration.enableAutomaticUpdates cannot be set to true.

osRollingUpgradeDeferral

boolean

Defer OS upgrades on the TVMs if they are running tasks.

useRollingUpgradePolicy

boolean

Indicates whether rolling upgrade policy should be used during Auto OS Upgrade. Auto OS Upgrade will fallback to the default policy if no policy is defined on the VMSS.

AutoUserScope

The scope for the auto user

Name Type Description
pool

string

Specifies that the Task runs as the common auto user Account which is created on every Compute Node in a Pool.

task

string

Specifies that the service should create a new user for the Task.

AutoUserSpecification

Specifies the parameters for the auto user that runs a Task on the Batch service.

Name Type Description
elevationLevel

ElevationLevel

The elevation level of the auto user.
The default value is nonAdmin.

scope

AutoUserScope

The scope for the auto user
The default value is pool. If the pool is running Windows a value of Task should be specified if stricter isolation between tasks is required. For example, if the task mutates the registry in a way which could impact other tasks, or if certificates have been specified on the pool which should not be accessible by normal tasks but should be accessible by StartTasks.

AzureBlobFileSystemConfiguration

Information used to connect to an Azure Storage Container using Blobfuse.

Name Type Description
accountKey

string

The Azure Storage Account key.
This property is mutually exclusive with both sasKey and identity; exactly one must be specified.

accountName

string

The Azure Storage Account name.

blobfuseOptions

string

Additional command line options to pass to the mount command.
These are 'net use' options in Windows and 'mount' options in Linux.

containerName

string

The Azure Blob Storage Container name.

identityReference

ComputeNodeIdentityReference

The reference to the user assigned identity to use to access containerName
This property is mutually exclusive with both accountKey and sasKey; exactly one must be specified.

relativeMountPath

string

The relative path on the compute node where the file system will be mounted
All file systems are mounted relative to the Batch mounts directory, accessible via the AZ_BATCH_NODE_MOUNTS_DIR environment variable.

sasKey

string

The Azure Storage SAS token.
This property is mutually exclusive with both accountKey and identity; exactly one must be specified.

AzureFileShareConfiguration

Information used to connect to an Azure Fileshare.

Name Type Description
accountKey

string

The Azure Storage account key.

accountName

string

The Azure Storage account name.

azureFileUrl

string

The Azure Files URL.
This is of the form 'https://{account}.file.core.windows.net/'.

mountOptions

string

Additional command line options to pass to the mount command.
These are 'net use' options in Windows and 'mount' options in Linux.

relativeMountPath

string

The relative path on the compute node where the file system will be mounted
All file systems are mounted relative to the Batch mounts directory, accessible via the AZ_BATCH_NODE_MOUNTS_DIR environment variable.

BatchError

An error response received from the Azure Batch service.

Name Type Description
code

string

An identifier for the error. Codes are invariant and are intended to be consumed programmatically.

message

ErrorMessage

A message describing the error, intended to be suitable for display in a user interface.

values

BatchErrorDetail[]

A collection of key-value pairs containing additional details about the error.

BatchErrorDetail

An item of additional information included in an Azure Batch error response.

Name Type Description
key

string

An identifier specifying the meaning of the Value property.

value

string

The additional information included with the error response.

CachingType

The type of caching to enable for the disk.

Name Type Description
none

string

The caching mode for the disk is not enabled.

readonly

string

The caching mode for the disk is read only.

readwrite

string

The caching mode for the disk is read and write.

CertificateReference

A reference to a Certificate to be installed on Compute Nodes in a Pool.

Name Type Description
storeLocation

CertificateStoreLocation

The location of the Certificate store on the Compute Node into which to install the Certificate.
The default value is currentuser. This property is applicable only for Pools configured with Windows Compute Nodes. For Linux Compute Nodes, the Certificates are stored in a directory inside the Task working directory and an environment variable AZ_BATCH_CERTIFICATES_DIR is supplied to the Task to query for this location. For Certificates with visibility of 'remoteUser', a 'certs' directory is created in the user's home directory (e.g., /home/{user-name}/certs) and Certificates are placed in that directory.

storeName

string

The name of the Certificate store on the Compute Node into which to install the Certificate.
This property is applicable only for Pools configured with Windows Compute Nodes. Common store names include: My, Root, CA, Trust, Disallowed, TrustedPeople, TrustedPublisher, AuthRoot, AddressBook, but any custom store name can also be used. The default value is My.

thumbprint

string

The thumbprint of the Certificate.

thumbprintAlgorithm

string

The algorithm with which the thumbprint is associated. This must be sha1.

visibility

CertificateVisibility[]

Which user Accounts on the Compute Node should have access to the private data of the Certificate.
You can specify more than one visibility in this collection. The default is all Accounts.

CertificateStoreLocation

The location of the Certificate store on the Compute Node into which to install the Certificate.

Name Type Description
currentuser

string

Certificates should be installed to the CurrentUser Certificate store.

localmachine

string

Certificates should be installed to the LocalMachine Certificate store.

CertificateVisibility

Which user Accounts on the Compute Node should have access to the private data of the Certificate.

Name Type Description
remoteuser

string

The Certificate should be visible to the user accounts under which users remotely access the Compute Node.

starttask

string

The Certificate should be visible to the user account under which the StartTask is run. Note that if AutoUser Scope is Pool for both the StartTask and a Task, this certificate will be visible to the Task as well.

task

string

The Certificate should be visible to the user accounts under which Job Tasks are run.

CIFSMountConfiguration

Information used to connect to a CIFS file system.

Name Type Description
mountOptions

string

Additional command line options to pass to the mount command.
These are 'net use' options in Windows and 'mount' options in Linux.

password

string

The password to use for authentication against the CIFS file system.

relativeMountPath

string

The relative path on the compute node where the file system will be mounted
All file systems are mounted relative to the Batch mounts directory, accessible via the AZ_BATCH_NODE_MOUNTS_DIR environment variable.

source

string

The URI of the file system to mount.

username

string

The user to use for authentication against the CIFS file system.

ComputeNodeFillType

How Tasks are distributed across Compute Nodes in a Pool.

Name Type Description
pack

string

As many Tasks as possible (taskSlotsPerNode) should be assigned to each Compute Node in the Pool before any Tasks are assigned to the next Compute Node in the Pool.

spread

string

Tasks should be assigned evenly across all Compute Nodes in the Pool.

ComputeNodeIdentityReference

The reference to a user assigned identity associated with the Batch pool which a compute node will use.

Name Type Description
resourceId

string

The ARM resource id of the user assigned identity.

ContainerConfiguration

The configuration for container-enabled Pools.

Name Type Description
containerImageNames

string[]

The collection of container Image names.
This is the full Image reference, as would be specified to "docker pull". An Image will be sourced from the default Docker registry unless the Image is fully qualified with an alternative registry.

containerRegistries

ContainerRegistry[]

Additional private registries from which containers can be pulled.
If any Images must be downloaded from a private registry which requires credentials, then those credentials must be provided here.

type

ContainerType

The container technology to be used.

ContainerHostBatchBindMountEntry

The entry of path and mount mode you want to mount into task container.

Name Type Description
isReadOnly

boolean

Mount this source path as read-only mode or not. Default value is false (read/write mode).
For Linux, if you mount this path as a read/write mode, this does not mean that all users in container have the read/write access for the path, it depends on the access in host VM. If this path is mounted read-only, all users within the container will not be able to modify the path.

source

ContainerHostDataPath

The path which be mounted to container customer can select.

ContainerHostDataPath

The paths which will be mounted to container task's container.

Name Type Description
Applications

string

The applications path.

JobPrep

string

The job-prep task path.

Shared

string

The path for multi-instances task to shared their files.

Startup

string

The path for start task.

Task

string

The task path.

VfsMounts

string

The path contains all virtual file systems are mounted on this node.

ContainerRegistry

A private container registry.

Name Type Description
identityReference

ComputeNodeIdentityReference

The reference to the user assigned identity to use to access an Azure Container Registry instead of username and password.
The reference to a user assigned identity associated with the Batch pool which a compute node will use.

password

string

The password to log into the registry server.

registryServer

string

The registry URL.
If omitted, the default is "docker.io".

username

string

The user name to log into the registry server.

ContainerType

The container technology to be used.

Name Type Description
criCompatible

string

A CRI based technology will be used to launch the containers.

dockerCompatible

string

A Docker compatible container technology will be used to launch the containers.

ContainerWorkingDirectory

The location of the container Task working directory.

Name Type Description
containerImageDefault

string

Use the working directory defined in the container Image. Beware that this directory will not contain the Resource Files downloaded by Batch.

taskWorkingDirectory

string

Use the standard Batch service Task working directory, which will contain the Task Resource Files populated by Batch.

DataDisk

Settings which will be used by the data disks associated to Compute Nodes in the Pool. When using attached data disks, you need to mount and format the disks from within a VM to use them.

Name Type Description
caching

CachingType

The type of caching to be enabled for the data disks.
The default value for caching is readwrite. For information about the caching options see: https://blogs.msdn.microsoft.com/windowsazurestorage/2012/06/27/exploring-windows-azure-drives-disks-and-images/.

diskSizeGB

integer

The initial disk size in gigabytes.

lun

integer

The logical unit number.
The lun is used to uniquely identify each data disk. If attaching multiple disks, each should have a distinct lun. The value must be between 0 and 63, inclusive.

storageAccountType

StorageAccountType

The storage Account type to be used for the data disk.
If omitted, the default is "standard_lrs".

DiffDiskPlacement

Specifies the ephemeral disk placement for operating system disk for all compute nodes (VMs) in the pool.

Name Type Description
CacheDisk

string

The Ephemeral OS Disk is stored on the VM cache.

DiffDiskSettings

Specifies the ephemeral Disk Settings for the operating system disk used by the compute node (VM).

Name Type Description
placement

DiffDiskPlacement

Specifies the ephemeral disk placement for operating system disk for all VMs in the pool.
This property can be used by user in the request to choose the location e.g., cache disk space for Ephemeral OS disk provisioning. For more information on Ephemeral OS disk size requirements, please refer to Ephemeral OS disk size requirements for Windows VMs at https://docs.microsoft.com/azure/virtual-machines/windows/ephemeral-os-disks#size-requirements and Linux VMs at https://docs.microsoft.com/azure/virtual-machines/linux/ephemeral-os-disks#size-requirements.

DiskEncryptionConfiguration

The disk encryption configuration applied on compute nodes in the pool. Disk encryption configuration is not supported on Linux pool created with Azure Compute Gallery Image.

Name Type Description
targets

DiskEncryptionTarget[]

The list of disk targets Batch Service will encrypt on the compute node.
The list of disk targets Batch Service will encrypt on the compute node.

DiskEncryptionTarget

The list of disk targets Batch Service will encrypt on the compute node.

Name Type Description
osdisk

string

The OS Disk on the compute node is encrypted.

temporarydisk

string

The temporary disk on the compute node is encrypted. On Linux this encryption applies to other partitions (such as those on mounted data disks) when encryption occurs at boot time.

DynamicVNetAssignmentScope

The scope of dynamic vnet assignment.

Name Type Description
job

string

Dynamic VNet assignment is done per-job.

none

string

No dynamic VNet assignment is enabled.

ElevationLevel

The elevation level of the user.

Name Type Description
admin

string

The user is a user with elevated access and operates with full Administrator permissions.

nonadmin

string

The user is a standard user without elevated access.

EnvironmentSetting

An environment variable to be set on a Task process.

Name Type Description
name

string

The name of the environment variable.

value

string

The value of the environment variable.

ErrorMessage

An error message received in an Azure Batch error response.

Name Type Description
lang

string

The language code of the error message

value

string

The text of the message.

ImageReference

A reference to an Azure Virtual Machines Marketplace Image or a Azure Compute Gallery Image. To get the list of all Azure Marketplace Image references verified by Azure Batch, see the 'List Supported Images' operation.

Name Type Description
communityGalleryImageId

string

The community gallery image unique identifier
This property is mutually exclusive with other properties and can be fetched from community gallery image GET call.

exactVersion

string

The specific version of the platform image or marketplace image used to create the node. This read-only field differs from 'version' only if the value specified for 'version' when the pool was created was 'latest'.

offer

string

The offer type of the Azure Virtual Machines Marketplace Image.
For example, UbuntuServer or WindowsServer.

publisher

string

The publisher of the Azure Virtual Machines Marketplace Image.
For example, Canonical or MicrosoftWindowsServer.

sharedGalleryImageId

string

The shared gallery image unique identifier
This property is mutually exclusive with other properties and can be fetched from shared gallery image GET call.

sku

string

The SKU of the Azure Virtual Machines Marketplace Image.
For example, 18.04-LTS or 2019-Datacenter.

version

string

The version of the Azure Virtual Machines Marketplace Image.
A value of 'latest' can be specified to select the latest version of an Image. If omitted, the default is 'latest'.

virtualMachineImageId

string

The ARM resource identifier of the Azure Compute Gallery Image. Compute Nodes in the Pool will be created using this Image Id. This is of the form /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{galleryName}/images/{imageDefinitionName}/versions/{VersionId} or /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{galleryName}/images/{imageDefinitionName} for always defaulting to the latest image version.
This property is mutually exclusive with other ImageReference properties. The Azure Compute Gallery Image must have replicas in the same region and must be in the same subscription as the Azure Batch account. If the image version is not specified in the imageId, the latest version will be used. For information about the firewall settings for the Batch Compute Node agent to communicate with the Batch service see https://docs.microsoft.com/azure/batch/nodes-and-pools#virtual-network-vnet-and-firewall-configuration.

InboundEndpointProtocol

The protocol of the endpoint.

Name Type Description
tcp

string

Use TCP for the endpoint.

udp

string

Use UDP for the endpoint.

InboundNATPool

A inbound NAT Pool that can be used to address specific ports on Compute Nodes in a Batch Pool externally.

Name Type Description
backendPort

integer

The port number on the Compute Node.
This must be unique within a Batch Pool. Acceptable values are between 1 and 65535 except for 29876 and 29877 as these are reserved. If any reserved values are provided the request fails with HTTP status code 400.

frontendPortRangeEnd

integer

The last port number in the range of external ports that will be used to provide inbound access to the backendPort on individual Compute Nodes.
Acceptable values range between 1 and 65534 except ports from 50000 to 55000 which are reserved by the Batch service. All ranges within a Pool must be distinct and cannot overlap. Each range must contain at least 40 ports. If any reserved or overlapping values are provided the request fails with HTTP status code 400.

frontendPortRangeStart

integer

The first port number in the range of external ports that will be used to provide inbound access to the backendPort on individual Compute Nodes.
Acceptable values range between 1 and 65534 except ports from 50000 to 55000 which are reserved. All ranges within a Pool must be distinct and cannot overlap. Each range must contain at least 40 ports. If any reserved or overlapping values are provided the request fails with HTTP status code 400.

name

string

The name of the endpoint.
The name must be unique within a Batch Pool, can contain letters, numbers, underscores, periods, and hyphens. Names must start with a letter or number, must end with a letter, number, or underscore, and cannot exceed 77 characters. If any invalid values are provided the request fails with HTTP status code 400.

networkSecurityGroupRules

NetworkSecurityGroupRule[]

A list of network security group rules that will be applied to the endpoint.
The maximum number of rules that can be specified across all the endpoints on a Batch Pool is 25. If no network security group rules are specified, a default rule will be created to allow inbound access to the specified backendPort. If the maximum number of network security group rules is exceeded the request fails with HTTP status code 400.

protocol

InboundEndpointProtocol

The protocol of the endpoint.

IPAddressProvisioningType

The provisioning type for Public IP Addresses for the Pool.

Name Type Description
batchmanaged

string

A public IP will be created and managed by Batch. There may be multiple public IPs depending on the size of the Pool.

nopublicipaddresses

string

No public IP Address will be created.

usermanaged

string

Public IPs are provided by the user and will be used to provision the Compute Nodes.

LinuxUserConfiguration

Properties used to create a user Account on a Linux Compute Node.

Name Type Description
gid

integer

The group ID for the user Account.
The uid and gid properties must be specified together or not at all. If not specified the underlying operating system picks the gid.

sshPrivateKey

string

The SSH private key for the user Account.
The private key must not be password protected. The private key is used to automatically configure asymmetric-key based authentication for SSH between Compute Nodes in a Linux Pool when the Pool's enableInterNodeCommunication property is true (it is ignored if enableInterNodeCommunication is false). It does this by placing the key pair into the user's .ssh directory. If not specified, password-less SSH is not configured between Compute Nodes (no modification of the user's .ssh directory is done).

uid

integer

The user ID of the user Account.
The uid and gid properties must be specified together or not at all. If not specified the underlying operating system picks the uid.

LoginMode

The login mode for the user

Name Type Description
batch

string

The LOGON32_LOGON_BATCH Win32 login mode. The batch login mode is recommended for long running parallel processes.

interactive

string

The LOGON32_LOGON_INTERACTIVE Win32 login mode. UAC is enabled on Windows Pools. If this option is used with an elevated user identity in a Windows Pool, the user session will not be elevated unless the application executed by the Task command line is configured to always require administrative privilege or to always require maximum privilege.

ManagedDisk

Name Type Description
securityProfile

VMDiskSecurityProfile

Specifies the security profile settings for the managed disk.
Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs and required when using Confidential VMs.

storageAccountType

StorageAccountType

The storage account type for managed disk.

MetadataItem

A name-value pair associated with a Batch service resource.

Name Type Description
name

string

The name of the metadata item.

value

string

The value of the metadata item.

MountConfiguration

The file system to mount on each node.

Name Type Description
azureBlobFileSystemConfiguration

AzureBlobFileSystemConfiguration

The Azure Storage Container to mount using blob FUSE on each node.
This property is mutually exclusive with all other properties.

azureFileShareConfiguration

AzureFileShareConfiguration

The Azure File Share to mount on each node.
This property is mutually exclusive with all other properties.

cifsMountConfiguration

CIFSMountConfiguration

The CIFS/SMB file system to mount on each node.
This property is mutually exclusive with all other properties.

nfsMountConfiguration

NFSMountConfiguration

The NFS file system to mount on each node.
This property is mutually exclusive with all other properties.

NetworkConfiguration

The network configuration for a Pool.

Name Type Description
dynamicVNetAssignmentScope

DynamicVNetAssignmentScope

The scope of dynamic vnet assignment.

enableAcceleratedNetworking

boolean

Whether this pool should enable accelerated networking.
Accelerated networking enables single root I/O virtualization (SR-IOV) to a VM, which may lead to improved networking performance. For more details, see: https://learn.microsoft.com/azure/virtual-network/accelerated-networking-overview.

endpointConfiguration

PoolEndpointConfiguration

The configuration for endpoints on Compute Nodes in the Batch Pool.

publicIPAddressConfiguration

PublicIPAddressConfiguration

The Public IPAddress configuration for Compute Nodes in the Batch Pool.
The public IP Address configuration of the networking configuration of a Pool.

subnetId

string

The ARM resource identifier of the virtual network subnet which the Compute Nodes of the Pool will join. This is of the form /subscriptions/{subscription}/resourceGroups/{group}/providers/{provider}/virtualNetworks/{network}/subnets/{subnet}.
The virtual network must be in the same region and subscription as the Azure Batch Account. The specified subnet should have enough free IP addresses to accommodate the number of Compute Nodes in the Pool. If the subnet doesn't have enough free IP addresses, the Pool will partially allocate Nodes and a resize error will occur. The 'MicrosoftAzureBatch' service principal must have the 'Classic Virtual Machine Contributor' Role-Based Access Control (RBAC) role for the specified VNet. The specified subnet must allow communication from the Azure Batch service to be able to schedule Tasks on the Nodes. This can be verified by checking if the specified VNet has any associated Network Security Groups (NSG). If communication to the Nodes in the specified subnet is denied by an NSG, then the Batch service will set the state of the Compute Nodes to unusable. Only ARM virtual networks ('Microsoft.Network/virtualNetworks') are supported. If the specified VNet has any associated Network Security Groups (NSG), then a few reserved system ports must be enabled for inbound communication, including ports 29876 and 29877. Also enable outbound connections to Azure Storage on port 443. For more details see: https://docs.microsoft.com/azure/batch/nodes-and-pools#virtual-network-vnet-and-firewall-configuration

NetworkSecurityGroupRule

A network security group rule to apply to an inbound endpoint.

Name Type Description
access

NetworkSecurityGroupRuleAccess

The action that should be taken for a specified IP address, subnet range or tag.

priority

integer

The priority for this rule.
Priorities within a Pool must be unique and are evaluated in order of priority. The lower the number the higher the priority. For example, rules could be specified with order numbers of 150, 250, and 350. The rule with the order number of 150 takes precedence over the rule that has an order of 250. Allowed priorities are 150 to 4096. If any reserved or duplicate values are provided the request fails with HTTP status code 400.

sourceAddressPrefix

string

The source address prefix or tag to match for the rule.
Valid values are a single IP address (i.e. 10.10.10.10), IP subnet (i.e. 192.168.1.0/24), default tag, or * (for all addresses). If any other values are provided the request fails with HTTP status code 400.

sourcePortRanges

string[]

The source port ranges to match for the rule.
Valid values are '' (for all ports 0 - 65535), a specific port (i.e. 22), or a port range (i.e. 100-200). The ports must be in the range of 0 to 65535. Each entry in this collection must not overlap any other entry (either a range or an individual port). If any other values are provided the request fails with HTTP status code 400. The default value is ''.

NetworkSecurityGroupRuleAccess

The action that should be taken for a specified IP address, subnet range or tag.

Name Type Description
allow

string

Allow access.

deny

string

Deny access.

NFSMountConfiguration

Information used to connect to an NFS file system.

Name Type Description
mountOptions

string

Additional command line options to pass to the mount command.
These are 'net use' options in Windows and 'mount' options in Linux.

relativeMountPath

string

The relative path on the compute node where the file system will be mounted
All file systems are mounted relative to the Batch mounts directory, accessible via the AZ_BATCH_NODE_MOUNTS_DIR environment variable.

source

string

The URI of the file system to mount.

NodeCommunicationMode

Determines how a pool communicates with the Batch service.

Name Type Description
classic

string

Nodes using the classic communication mode require inbound TCP communication on ports 29876 and 29877 from the "BatchNodeManagement.{region}" service tag and outbound TCP communication on port 443 to the "Storage.region" and "BatchNodeManagement.{region}" service tags.

default

string

The node communication mode is automatically set by the Batch service.

simplified

string

Nodes using the simplified communication mode require outbound TCP communication on port 443 to the "BatchNodeManagement.{region}" service tag. No open inbound ports are required.

NodePlacementConfiguration

Node placement configuration for a pool.

Name Type Description
policy

NodePlacementPolicyType

Node placement Policy type on Batch Pools.
Allocation policy used by Batch Service to provision the nodes. If not specified, Batch will use the regional policy.

NodePlacementPolicyType

The placement policy for allocating nodes in the pool.

Name Type Description
regional

string

All nodes in the pool will be allocated in the same region.

zonal

string

Nodes in the pool will be spread across different availability zones with best effort balancing.

OSDisk

Settings for the operating system disk of the compute node (VM).

Name Type Description
caching

CachingType

Specifies the caching requirements. Possible values are: None, ReadOnly, ReadWrite. The default values are: None for Standard storage. ReadOnly for Premium storage.
The default value for caching is none. For information about the caching options see: https://blogs.msdn.microsoft.com/windowsazurestorage/2012/06/27/exploring-windows-azure-drives-disks-and-images/.

diskSizeGB

integer

The initial disk size in GB when creating new OS disk.

ephemeralOSDiskSettings

DiffDiskSettings

Specifies the ephemeral Disk Settings for the operating system disk used by the compute node (VM).

managedDisk

ManagedDisk

The managed disk parameters.

writeAcceleratorEnabled

boolean

Specifies whether writeAccelerator should be enabled or disabled on the disk.

PoolEndpointConfiguration

The endpoint configuration for a Pool.

Name Type Description
inboundNATPools

InboundNATPool[]

A list of inbound NAT Pools that can be used to address specific ports on an individual Compute Node externally.
The maximum number of inbound NAT Pools per Batch Pool is 5. If the maximum number of inbound NAT Pools is exceeded the request fails with HTTP status code 400. This cannot be specified if the IPAddressProvisioningType is NoPublicIPAddresses.

PoolPatchParameter

The set of changes to be made to a Pool.

Name Type Description
applicationPackageReferences

ApplicationPackageReference[]

A list of Packages to be installed on each Compute Node in the Pool.
Changes to Package references affect all new Nodes joining the Pool, but do not affect Compute Nodes that are already in the Pool until they are rebooted or reimaged. If this element is present, it replaces any existing Package references. If you specify an empty collection, then all Package references are removed from the Pool. If omitted, any existing Package references are left unchanged.

certificateReferences

CertificateReference[]

A list of Certificates to be installed on each Compute Node in the Pool.
If this element is present, it replaces any existing Certificate references configured on the Pool. If omitted, any existing Certificate references are left unchanged. For Windows Nodes, the Batch service installs the Certificates to the specified Certificate store and location. For Linux Compute Nodes, the Certificates are stored in a directory inside the Task working directory and an environment variable AZ_BATCH_CERTIFICATES_DIR is supplied to the Task to query for this location. For Certificates with visibility of 'remoteUser', a 'certs' directory is created in the user's home directory (e.g., /home/{user-name}/certs) and Certificates are placed in that directory.

Warning: This property is deprecated and will be removed after February, 2024. Please use the Azure KeyVault Extension instead.

displayName

string

The display name for the Pool.
The display name need not be unique and can contain any Unicode characters up to a maximum length of 1024.

This field can be updated only when the pool is empty.

enableInterNodeCommunication

boolean

Whether the Pool permits direct communication between Compute Nodes.
Enabling inter-node communication limits the maximum size of the Pool due to deployment restrictions on the Compute Nodes of the Pool. This may result in the Pool not reaching its desired size. The default value is false.

This field can be updated only when the pool is empty.

metadata

MetadataItem[]

A list of name-value pairs associated with the Pool as metadata.
If this element is present, it replaces any existing metadata configured on the Pool. If you specify an empty collection, any metadata is removed from the Pool. If omitted, any existing metadata is left unchanged.

mountConfiguration

MountConfiguration[]

Mount storage using specified file system for the entire lifetime of the pool.
Mount the storage using Azure fileshare, NFS, CIFS or Blobfuse based file system.

This field can be updated only when the pool is empty.

networkConfiguration

NetworkConfiguration

The network configuration for the Pool.
This field can be updated only when the pool is empty.

resourceTags

object

The user-specified tags associated with the pool.
The user-defined tags to be associated with the Azure Batch Pool. When specified, these tags are propagated to the backing Azure resources associated with the pool. This property can only be specified when the Batch account was created with the poolAllocationMode property set to 'UserSubscription'.

This field can be updated only when the pool is empty.

startTask

StartTask

A Task to run on each Compute Node as it joins the Pool. The Task runs when the Compute Node is added to the Pool or when the Compute Node is restarted.
If this element is present, it overwrites any existing StartTask. If omitted, any existing StartTask is left unchanged.

targetNodeCommunicationMode

NodeCommunicationMode

The desired node communication mode for the pool.
If this element is present, it replaces the existing targetNodeCommunicationMode configured on the Pool. If omitted, any existing metadata is left unchanged.

taskSchedulingPolicy

TaskSchedulingPolicy

How Tasks are distributed across Compute Nodes in a Pool.
If not specified, the default is spread.

This field can be updated only when the pool is empty.

taskSlotsPerNode

integer

The number of task slots that can be used to run concurrent tasks on a single compute node in the pool.
The default value is 1. The maximum value is the smaller of 4 times the number of cores of the vmSize of the pool or 256.

This field can be updated only when the pool is empty.

upgradePolicy

UpgradePolicy

The upgrade policy for the Pool.
Describes an upgrade policy - automatic, manual, or rolling.

This field can be updated only when the pool is empty.

userAccounts

UserAccount[]

The list of user Accounts to be created on each Compute Node in the Pool.
This field can be updated only when the pool is empty.

virtualMachineConfiguration

VirtualMachineConfiguration

The virtual machine configuration for the Pool.
This property must be specified.

This field can be updated only when the pool is empty.

vmSize

string

The size of virtual machines in the Pool. All VMs in a Pool are the same size.
For information about available sizes of virtual machines in Pools, see Choose a VM size for Compute Nodes in an Azure Batch Pool (https://docs.microsoft.com/azure/batch/batch-pool-vm-sizes).

This field can be updated only when the pool is empty.

PublicIPAddressConfiguration

The public IP Address configuration of the networking configuration of a Pool.

Name Type Description
ipAddressIds

string[]

The list of public IPs which the Batch service will use when provisioning Compute Nodes.
The number of IPs specified here limits the maximum size of the Pool - 100 dedicated nodes or 100 Spot/Low-priority nodes can be allocated for each public IP. For example, a pool needing 250 dedicated VMs would need at least 3 public IPs specified. Each element of this collection is of the form: /subscriptions/{subscription}/resourceGroups/{group}/providers/Microsoft.Network/publicIPAddresses/{ip}.

provision

IPAddressProvisioningType

The provisioning type for Public IP Addresses for the Pool.
The default value is BatchManaged.

ResourceFile

A single file or multiple files to be downloaded to a Compute Node.

Name Type Description
autoStorageContainerName

string

The storage container name in the auto storage Account.
The autoStorageContainerName, storageContainerUrl and httpUrl properties are mutually exclusive and one of them must be specified.

blobPrefix

string

The blob prefix to use when downloading blobs from an Azure Storage container. Only the blobs whose names begin with the specified prefix will be downloaded.
The property is valid only when autoStorageContainerName or storageContainerUrl is used. This prefix can be a partial filename or a subdirectory. If a prefix is not specified, all the files in the container will be downloaded.

fileMode

string

The file permission mode attribute in octal format.
This property applies only to files being downloaded to Linux Compute Nodes. It will be ignored if it is specified for a resourceFile which will be downloaded to a Windows Compute Node. If this property is not specified for a Linux Compute Node, then a default value of 0770 is applied to the file.

filePath

string

The location on the Compute Node to which to download the file(s), relative to the Task's working directory.
If the httpUrl property is specified, the filePath is required and describes the path which the file will be downloaded to, including the filename. Otherwise, if the autoStorageContainerName or storageContainerUrl property is specified, filePath is optional and is the directory to download the files to. In the case where filePath is used as a directory, any directory structure already associated with the input data will be retained in full and appended to the specified filePath directory. The specified relative path cannot break out of the Task's working directory (for example by using '..').

httpUrl

string

The URL of the file to download.
The autoStorageContainerName, storageContainerUrl and httpUrl properties are mutually exclusive and one of them must be specified. If the URL points to Azure Blob Storage, it must be readable from compute nodes. There are three ways to get such a URL for a blob in Azure storage: include a Shared Access Signature (SAS) granting read permissions on the blob, use a managed identity with read permission, or set the ACL for the blob or its container to allow public access.

identityReference

ComputeNodeIdentityReference

The reference to the user assigned identity to use to access Azure Blob Storage specified by storageContainerUrl or httpUrl
The reference to a user assigned identity associated with the Batch pool which a compute node will use.

storageContainerUrl

string

The URL of the blob container within Azure Blob Storage.
The autoStorageContainerName, storageContainerUrl and httpUrl properties are mutually exclusive and one of them must be specified. This URL must be readable and listable from compute nodes. There are three ways to get such a URL for a container in Azure storage: include a Shared Access Signature (SAS) granting read and list permissions on the container, use a managed identity with read and list permissions, or set the ACL for the container to allow public access.

RollingUpgradePolicy

The configuration parameters used while performing a rolling upgrade.

Name Type Description
enableCrossZoneUpgrade

boolean

Allow VMSS to ignore AZ boundaries when constructing upgrade batches. Take into consideration the Update Domain and maxBatchInstancePercent to determine the batch size. This field is able to be set to true or false only when using NodePlacementConfiguration as Zonal.

maxBatchInstancePercent

integer

The maximum percent of total virtual machine instances that will be upgraded simultaneously by the rolling upgrade in one batch. As this is a maximum, unhealthy instances in previous or future batches can cause the percentage of instances in a batch to decrease to ensure higher reliability. The value of this field should be between 5 and 100, inclusive. If both maxBatchInstancePercent and maxUnhealthyInstancePercent are assigned with value, the value of maxBatchInstancePercent should not be more than maxUnhealthyInstancePercent.

maxUnhealthyInstancePercent

integer

The maximum percentage of the total virtual machine instances in the scale set that can be simultaneously unhealthy, either as a result of being upgraded, or by being found in an unhealthy state by the virtual machine health checks before the rolling upgrade aborts. This constraint will be checked prior to starting any batch. The value of this field should be between 5 and 100, inclusive. If both maxBatchInstancePercent and maxUnhealthyInstancePercent are assigned with value, the value of maxBatchInstancePercent should not be more than maxUnhealthyInstancePercent.

maxUnhealthyUpgradedInstancePercent

integer

The maximum percentage of upgraded virtual machine instances that can be found to be in an unhealthy state. This check will happen after each batch is upgraded. If this percentage is ever exceeded, the rolling update aborts. The value of this field should be between 0 and 100, inclusive.

pauseTimeBetweenBatches

string

The wait time between completing the update for all virtual machines in one batch and starting the next batch. The time duration should be specified in ISO 8601 format.

prioritizeUnhealthyInstances

boolean

Upgrade all unhealthy instances in a scale set before any healthy instances.

rollbackFailedInstancesOnPolicyBreach

boolean

Rollback failed instances to previous model if the Rolling Upgrade policy is violated.

SecurityEncryptionTypes

Specifies the EncryptionType of the managed disk. It is set to VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob. Note: It can be set for only Confidential VMs and is required when using Confidential VMs.

Name Type Description
NonPersistedTPM

string

VMGuestStateOnly

string

SecurityProfile

Specifies the security profile settings for the virtual machine or virtual machine scale set.

Name Type Description
encryptionAtHost

boolean

This property can be used by user in the request to enable or disable the Host Encryption for the virtual machine or virtual machine scale set. This will enable the encryption for all the disks including Resource/Temp disk at host itself. For more information on encryption at host requirements, please refer to https://learn.microsoft.com/azure/virtual-machines/disk-encryption#supported-vm-sizes.

securityType

SecurityTypes

Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings.

uefiSettings

UefiSettings

Specifies the security settings like secure boot and vTPM used while creating the virtual machine.
Specifies the security settings like secure boot and vTPM used while creating the virtual machine.

SecurityTypes

Specifies the SecurityType of the virtual machine. It has to be set to any specified value to enable UefiSettings.

Name Type Description
confidentialVM

string

Azure confidential computing offers confidential VMs are for tenants with high security and confidentiality requirements. These VMs provide a strong, hardware-enforced boundary to help meet your security needs. You can use confidential VMs for migrations without making changes to your code, with the platform protecting your VM's state from being read or modified.

trustedLaunch

string

Trusted launch protects against advanced and persistent attack techniques.

ServiceArtifactReference

Specifies the service artifact reference id used to set same image version for all virtual machines in the scale set when using 'latest' image version.

Name Type Description
id

string

The service artifact reference id of ServiceArtifactReference
The service artifact reference id in the form of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{galleryName}/serviceArtifacts/{serviceArtifactName}/vmArtifactsProfiles/{vmArtifactsProfilesName}

StartTask

A Task which is run when a Node joins a Pool in the Azure Batch service, or when the Compute Node is rebooted or reimaged.

Name Type Description
commandLine

string

The command line of the StartTask.
The command line does not run under a shell, and therefore cannot take advantage of shell features such as environment variable expansion. If you want to take advantage of such features, you should invoke the shell in the command line, for example using "cmd /c MyCommand" in Windows or "/bin/sh -c MyCommand" in Linux. If the command line refers to file paths, it should use a relative path (relative to the Task working directory), or use the Batch provided environment variable (https://docs.microsoft.com/azure/batch/batch-compute-node-environment-variables).

containerSettings

TaskContainerSettings

The settings for the container under which the StartTask runs.
When this is specified, all directories recursively below the AZ_BATCH_NODE_ROOT_DIR (the root of Azure Batch directories on the node) are mapped into the container, all Task environment variables are mapped into the container, and the Task command line is executed in the container. Files produced in the container outside of AZ_BATCH_NODE_ROOT_DIR might not be reflected to the host disk, meaning that Batch file APIs will not be able to access those files.

environmentSettings

EnvironmentSetting[]

A list of environment variable settings for the StartTask.

maxTaskRetryCount

integer

The maximum number of times the Task may be retried.
The Batch service retries a Task if its exit code is nonzero. Note that this value specifically controls the number of retries. The Batch service will try the Task once, and may then retry up to this limit. For example, if the maximum retry count is 3, Batch tries the Task up to 4 times (one initial try and 3 retries). If the maximum retry count is 0, the Batch service does not retry the Task. If the maximum retry count is -1, the Batch service retries the Task without limit, however this is not recommended for a start task or any task. The default value is 0 (no retries).

resourceFiles

ResourceFile[]

A list of files that the Batch service will download to the Compute Node before running the command line. There is a maximum size for the list of resource files. When the max size is exceeded, the request will fail and the response error code will be RequestEntityTooLarge. If this occurs, the collection of ResourceFiles must be reduced in size. This can be achieved using .zip files, Application Packages, or Docker Containers.
Files listed under this element are located in the Task's working directory.

userIdentity

UserIdentity

The user identity under which the StartTask runs.
If omitted, the Task runs as a non-administrative user unique to the Task.

waitForSuccess

boolean

Whether the Batch service should wait for the StartTask to complete successfully (that is, to exit with exit code 0) before scheduling any Tasks on the Compute Node.
If true and the StartTask fails on a Node, the Batch service retries the StartTask up to its maximum retry count (maxTaskRetryCount). If the Task has still not completed successfully after all retries, then the Batch service marks the Node unusable, and will not schedule Tasks to it. This condition can be detected via the Compute Node state and failure info details. If false, the Batch service will not wait for the StartTask to complete. In this case, other Tasks can start executing on the Compute Node while the StartTask is still running; and even if the StartTask fails, new Tasks will continue to be scheduled on the Compute Node. The default is true.

StorageAccountType

The storage Account type for use in creating data disks or OS disk.

Name Type Description
premium_lrs

string

The data disk / OS disk should use premium locally redundant storage.

standard_lrs

string

The data disk / OS disk should use standard locally redundant storage.

standardssd_lrs

string

The data disk / OS disk should use standard SSD locally redundant storage.

TaskContainerSettings

The container settings for a Task.

Name Type Description
containerHostBatchBindMounts

ContainerHostBatchBindMountEntry[]

The paths you want to mounted to container task.
If this array is null or be not present, container task will mount entire temporary disk drive in windows (or AZ_BATCH_NODE_ROOT_DIR in Linux). It won't' mount any data paths into container if this array is set as empty.

containerRunOptions

string

Additional options to the container create command.
These additional options are supplied as arguments to the "docker create" command, in addition to those controlled by the Batch Service.

imageName

string

The Image to use to create the container in which the Task will run.
This is the full Image reference, as would be specified to "docker pull". If no tag is provided as part of the Image name, the tag ":latest" is used as a default.

registry

ContainerRegistry

The private registry which contains the container Image.
This setting can be omitted if was already provided at Pool creation.

workingDirectory

ContainerWorkingDirectory

The location of the container Task working directory.
The default is 'taskWorkingDirectory'.

TaskSchedulingPolicy

Specifies how Tasks should be distributed across Compute Nodes.

Name Type Description
nodeFillType

ComputeNodeFillType

How Tasks are distributed across Compute Nodes in a Pool.
If not specified, the default is spread.

UefiSettings

Specifies the security settings like secure boot and vTPM used while creating the virtual machine.

Name Type Description
secureBootEnabled

boolean

Specifies whether secure boot should be enabled on the virtual machine.

vTpmEnabled

boolean

Specifies whether vTPM should be enabled on the virtual machine.

UpgradeMode

Specifies the mode of an upgrade to virtual machines in the scale set.

Possible values are:

Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.

Automatic - All virtual machines in the scale set are automatically updated at the same time.

Rolling - Scale set performs updates in batches with an optional pause time in between.

Name Type Description
automatic

string

All virtual machines in the scale set are automatically updated at the same time.

manual

string

You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.

rolling

string

The existing instances in a scale set are brought down in batches to be upgraded. Once the upgraded batch is complete, the instances will begin taking traffic again and the next batch will begin. This continues until all instances brought up-to-date.

UpgradePolicy

Describes an upgrade policy - automatic, manual, or rolling.

Name Type Description
automaticOSUpgradePolicy

AutomaticOSUpgradePolicy

Configuration parameters used for performing automatic OS Upgrade.
The configuration parameters used for performing automatic OS upgrade.

mode

UpgradeMode

Specifies the mode of an upgrade to virtual machines in the scale set.

Possible values are:

Manual - You control the application of updates to virtual machines in the scale set. You do this by using the manualUpgrade action.

Automatic - All virtual machines in the scale set are automatically updated at the same time.

Rolling - Scale set performs updates in batches with an optional pause time in between.

rollingUpgradePolicy

RollingUpgradePolicy

The configuration parameters used while performing a rolling upgrade.
The configuration parameters used while performing a rolling upgrade.

UserAccount

Properties used to create a user used to execute Tasks on an Azure Batch Compute Node.

Name Type Description
elevationLevel

ElevationLevel

The elevation level of the user Account.
The default value is nonAdmin.

linuxUserConfiguration

LinuxUserConfiguration

The Linux-specific user configuration for the user Account.
This property is ignored if specified on a Windows Pool. If not specified, the user is created with the default options.

name

string

The name of the user Account. Names can contain any Unicode characters up to a maximum length of 20.

password

string

The password for the user Account.

windowsUserConfiguration

WindowsUserConfiguration

The Windows-specific user configuration for the user Account.
This property can only be specified if the user is on a Windows Pool. If not specified and on a Windows Pool, the user is created with the default options.

UserIdentity

The definition of the user identity under which the Task is run.

Name Type Description
autoUser

AutoUserSpecification

The auto user under which the Task is run.
The userName and autoUser properties are mutually exclusive; you must specify one but not both.

username

string

The name of the user identity under which the Task is run.
The userName and autoUser properties are mutually exclusive; you must specify one but not both.

VirtualMachineConfiguration

The configuration for Compute Nodes in a Pool based on the Azure Virtual Machines infrastructure.

Name Type Description
containerConfiguration

ContainerConfiguration

The container configuration for the Pool.
If specified, setup is performed on each Compute Node in the Pool to allow Tasks to run in containers. All regular Tasks and Job manager Tasks run on this Pool must specify the containerSettings property, and all other Tasks may specify it.

dataDisks

DataDisk[]

The configuration for data disks attached to the Compute Nodes in the Pool.
This property must be specified if the Compute Nodes in the Pool need to have empty data disks attached to them. This cannot be updated. Each Compute Node gets its own disk (the disk is not a file share). Existing disks cannot be attached, each attached disk is empty. When the Compute Node is removed from the Pool, the disk and all data associated with it is also deleted. The disk is not formatted after being attached, it must be formatted before use - for more information see https://docs.microsoft.com/azure/virtual-machines/linux/classic/attach-disk#initialize-a-new-data-disk-in-linux and https://docs.microsoft.com/azure/virtual-machines/windows/attach-disk-ps#add-an-empty-data-disk-to-a-virtual-machine.

diskEncryptionConfiguration

DiskEncryptionConfiguration

The disk encryption configuration for the pool.
If specified, encryption is performed on each node in the pool during node provisioning.

extensions

VMExtension[]

The virtual machine extension for the pool.
If specified, the extensions mentioned in this configuration will be installed on each node.

imageReference

ImageReference

A reference to the Azure Virtual Machines Marketplace Image or the custom Virtual Machine Image to use.

licenseType

string

The type of on-premises license to be used when deploying the operating system.
This only applies to Images that contain the Windows operating system, and should only be used when you hold valid on-premises licenses for the Compute Nodes which will be deployed. If omitted, no on-premises licensing discount is applied. Values are:

Windows_Server - The on-premises license is for Windows Server. Windows_Client - The on-premises license is for Windows Client.

nodeAgentSKUId

string

The SKU of the Batch Compute Node agent to be provisioned on Compute Nodes in the Pool.
The Batch Compute Node agent is a program that runs on each Compute Node in the Pool, and provides the command-and-control interface between the Compute Node and the Batch service. There are different implementations of the Compute Node agent, known as SKUs, for different operating systems. You must specify a Compute Node agent SKU which matches the selected Image reference. To get the list of supported Compute Node agent SKUs along with their list of verified Image references, see the 'List supported Compute Node agent SKUs' operation.

nodePlacementConfiguration

NodePlacementConfiguration

The node placement configuration for the pool.
This configuration will specify rules on how nodes in the pool will be physically allocated.

osDisk

OSDisk

Settings for the operating system disk of the Virtual Machine.

securityProfile

SecurityProfile

Specifies the security profile settings for the virtual machine or virtual machine scale set.
Specifies the security profile settings for the virtual machine or virtual machine scale set.

serviceArtifactReference

ServiceArtifactReference

Specifies the service artifact reference id used to set same image version for all virtual machines in the scale set when using 'latest' image version.
The service artifact reference id in the form of /subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Compute/galleries/{galleryName}/serviceArtifacts/{serviceArtifactName}/vmArtifactsProfiles/{vmArtifactsProfilesName}

windowsConfiguration

WindowsConfiguration

Windows operating system settings on the virtual machine.
This property must not be specified if the imageReference property specifies a Linux OS Image.

VMDiskSecurityProfile

Specifies the security profile settings for the managed disk. Note: It can only be set for Confidential VMs and required when using Confidential VMs.

Name Type Description
securityEncryptionType

SecurityEncryptionTypes

Specifies the EncryptionType of the managed disk. It is set to VMGuestStateOnly for encryption of just the VMGuestState blob, and NonPersistedTPM for not persisting firmware state in the VMGuestState blob. Note: It can be set for only Confidential VMs and is required when using Confidential VMs.

VMExtension

The configuration for virtual machine extensions.

Name Type Description
autoUpgradeMinorVersion

boolean

Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.

enableAutomaticUpgrade

boolean

Indicates whether the extension should be automatically upgraded by the platform if there is a newer version of the extension available.

name

string

The name of the virtual machine extension.

protectedSettings

object

The extension can contain either protectedSettings or protectedSettingsFromKeyVault or no protected settings at all.

provisionAfterExtensions

string[]

The collection of extension names.
Collection of extension names after which this extension needs to be provisioned.

publisher

string

The name of the extension handler publisher.

settings

object

JSON formatted public settings for the extension.

type

string

The type of the extension.

typeHandlerVersion

string

The version of script handler.

WindowsConfiguration

Windows operating system settings to apply to the virtual machine.

Name Type Description
enableAutomaticUpdates

boolean

Whether automatic updates are enabled on the virtual machine.
If omitted, the default value is true.

WindowsUserConfiguration

Properties used to create a user Account on a Windows Compute Node.

Name Type Description
loginMode

LoginMode

The login mode for the user
The default is 'batch'.