New-AzHDInsightCluster

Creates an Azure HDInsight cluster in the specified resource group for the current subscription.

Syntax

New-AzHDInsightCluster
   [-Location] <String>
   [-ResourceGroupName] <String>
   [-ClusterName] <String>
   [-ClusterSizeInNodes] <Int32>
   [-HttpCredential] <PSCredential>
   [[-StorageAccountResourceId] <String>]
   [[-StorageAccountKey] <String>]
   [-StorageAccountType <StorageType>]
   [-EnableSecureChannel <Boolean>]
   [-Config <AzureHDInsightConfig>]
   [-OozieMetastore <AzureHDInsightMetastore>]
   [-HiveMetastore <AzureHDInsightMetastore>]
   [-AmbariDatabase <AzureHDInsightMetastore>]
   [-AdditionalStorageAccounts <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-Configurations <System.Collections.Generic.Dictionary`2[System.String,System.Collections.Generic.Dictionary`2[System.String,System.String]]>]
   [-ScriptActions <System.Collections.Generic.Dictionary`2[Microsoft.Azure.Management.HDInsight.Models.ClusterNodeType,System.Collections.Generic.List`1[Microsoft.Azure.Commands.HDInsight.Models.Management.AzureHDInsightScriptAction]]>]
   [-StorageContainer <String>]
   [-StorageRootPath <String>]
   [-StorageFileSystem <String>]
   [-Version <String>]
   [-HeadNodeSize <String>]
   [-WorkerNodeSize <String>]
   [-EdgeNodeSize <String>]
   [-KafkaManagementNodeSize <String>]
   [-ZookeeperNodeSize <String>]
   [-ClusterType <String>]
   [-ComponentVersion <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-VirtualNetworkId <String>]
   [-SubnetName <String>]
   [-OSType <String>]
   [-ClusterTier <String>]
   [-SshCredential <PSCredential>]
   [-SshPublicKey <String>]
   [-ObjectId <Guid>]
   [-ApplicationId <Guid>]
   [-CertificatePassword <String>]
   [-AadTenantId <Guid>]
   [-SecurityProfile <AzureHDInsightSecurityProfile>]
   [-DisksPerWorkerNode <Int32>]
   [-MinSupportedTlsVersion <String>]
   [-AssignedIdentity <String>]
   [-StorageAccountManagedIdentity <String>]
   [-EncryptionAlgorithm <String>]
   [-EncryptionKeyName <String>]
   [-EncryptionKeyVersion <String>]
   [-EncryptionVaultUri <String>]
   [-EncryptionInTransit <Boolean>]
   [-EncryptionAtHost <Boolean>]
   [-AutoscaleConfiguration <AzureHDInsightAutoscale>]
   [-EnableIDBroker]
   [-KafkaClientGroupId <String>]
   [-KafkaClientGroupName <String>]
   [-ResourceProviderConnection <String>]
   [-PrivateLink <String>]
   [-PublicIpTagType <String>]
   [-PublicIpTag <String>]
   [-OutboundDependenciesManagedType <String>]
   [-EnableComputeIsolation]
   [-ComputeIsolationHostSku <String>]
   [-Zone <String[]>]
   [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-PrivateLinkConfiguration <AzureHDInsightPrivateLinkConfiguration[]>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzHDInsightCluster
   [-Location] <String>
   [-ResourceGroupName] <String>
   [-ClusterName] <String>
   [-ClusterSizeInNodes] <Int32>
   [-HttpCredential] <PSCredential>
   [[-StorageAccountResourceId] <String>]
   [[-StorageAccountKey] <String>]
   [-StorageAccountType <StorageType>]
   [-EnableSecureChannel <Boolean>]
   [-Config <AzureHDInsightConfig>]
   [-OozieMetastore <AzureHDInsightMetastore>]
   [-HiveMetastore <AzureHDInsightMetastore>]
   [-AmbariDatabase <AzureHDInsightMetastore>]
   [-AdditionalStorageAccounts <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-Configurations <System.Collections.Generic.Dictionary`2[System.String,System.Collections.Generic.Dictionary`2[System.String,System.String]]>]
   [-ScriptActions <System.Collections.Generic.Dictionary`2[Microsoft.Azure.Management.HDInsight.Models.ClusterNodeType,System.Collections.Generic.List`1[Microsoft.Azure.Commands.HDInsight.Models.Management.AzureHDInsightScriptAction]]>]
   [-StorageContainer <String>]
   [-StorageRootPath <String>]
   [-StorageFileSystem <String>]
   [-Version <String>]
   [-HeadNodeSize <String>]
   [-WorkerNodeSize <String>]
   [-EdgeNodeSize <String>]
   [-KafkaManagementNodeSize <String>]
   [-ZookeeperNodeSize <String>]
   [-ClusterType <String>]
   [-ComponentVersion <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-VirtualNetworkId <String>]
   [-SubnetName <String>]
   [-OSType <String>]
   [-ClusterTier <String>]
   [-SshCredential <PSCredential>]
   [-SshPublicKey <String>]
   [-ObjectId <Guid>]
   [-ApplicationId <Guid>]
   [-CertificateFilePath <String>]
   [-CertificatePassword <String>]
   [-AadTenantId <Guid>]
   [-SecurityProfile <AzureHDInsightSecurityProfile>]
   [-DisksPerWorkerNode <Int32>]
   [-MinSupportedTlsVersion <String>]
   [-AssignedIdentity <String>]
   [-StorageAccountManagedIdentity <String>]
   [-EncryptionAlgorithm <String>]
   [-EncryptionKeyName <String>]
   [-EncryptionKeyVersion <String>]
   [-EncryptionVaultUri <String>]
   [-EncryptionInTransit <Boolean>]
   [-EncryptionAtHost <Boolean>]
   [-AutoscaleConfiguration <AzureHDInsightAutoscale>]
   [-EnableIDBroker]
   [-KafkaClientGroupId <String>]
   [-KafkaClientGroupName <String>]
   [-ResourceProviderConnection <String>]
   [-PrivateLink <String>]
   [-PublicIpTagType <String>]
   [-PublicIpTag <String>]
   [-OutboundDependenciesManagedType <String>]
   [-EnableComputeIsolation]
   [-ComputeIsolationHostSku <String>]
   [-Zone <String[]>]
   [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-PrivateLinkConfiguration <AzureHDInsightPrivateLinkConfiguration[]>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]
New-AzHDInsightCluster
   [-Location] <String>
   [-ResourceGroupName] <String>
   [-ClusterName] <String>
   [-ClusterSizeInNodes] <Int32>
   [-HttpCredential] <PSCredential>
   [[-StorageAccountResourceId] <String>]
   [[-StorageAccountKey] <String>]
   [-StorageAccountType <StorageType>]
   [-EnableSecureChannel <Boolean>]
   [-Config <AzureHDInsightConfig>]
   [-OozieMetastore <AzureHDInsightMetastore>]
   [-HiveMetastore <AzureHDInsightMetastore>]
   [-AmbariDatabase <AzureHDInsightMetastore>]
   [-AdditionalStorageAccounts <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-Configurations <System.Collections.Generic.Dictionary`2[System.String,System.Collections.Generic.Dictionary`2[System.String,System.String]]>]
   [-ScriptActions <System.Collections.Generic.Dictionary`2[Microsoft.Azure.Management.HDInsight.Models.ClusterNodeType,System.Collections.Generic.List`1[Microsoft.Azure.Commands.HDInsight.Models.Management.AzureHDInsightScriptAction]]>]
   [-StorageContainer <String>]
   [-StorageRootPath <String>]
   [-StorageFileSystem <String>]
   [-Version <String>]
   [-HeadNodeSize <String>]
   [-WorkerNodeSize <String>]
   [-EdgeNodeSize <String>]
   [-KafkaManagementNodeSize <String>]
   [-ZookeeperNodeSize <String>]
   [-ClusterType <String>]
   [-ComponentVersion <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-VirtualNetworkId <String>]
   [-SubnetName <String>]
   [-OSType <String>]
   [-ClusterTier <String>]
   [-SshCredential <PSCredential>]
   [-SshPublicKey <String>]
   [-ObjectId <Guid>]
   [-ApplicationId <Guid>]
   [-CertificateFileContents <Byte[]>]
   [-CertificatePassword <String>]
   [-AadTenantId <Guid>]
   [-SecurityProfile <AzureHDInsightSecurityProfile>]
   [-DisksPerWorkerNode <Int32>]
   [-MinSupportedTlsVersion <String>]
   [-AssignedIdentity <String>]
   [-StorageAccountManagedIdentity <String>]
   [-EncryptionAlgorithm <String>]
   [-EncryptionKeyName <String>]
   [-EncryptionKeyVersion <String>]
   [-EncryptionVaultUri <String>]
   [-EncryptionInTransit <Boolean>]
   [-EncryptionAtHost <Boolean>]
   [-AutoscaleConfiguration <AzureHDInsightAutoscale>]
   [-EnableIDBroker]
   [-KafkaClientGroupId <String>]
   [-KafkaClientGroupName <String>]
   [-ResourceProviderConnection <String>]
   [-PrivateLink <String>]
   [-PublicIpTagType <String>]
   [-PublicIpTag <String>]
   [-OutboundDependenciesManagedType <String>]
   [-EnableComputeIsolation]
   [-ComputeIsolationHostSku <String>]
   [-Zone <String[]>]
   [-Tag <System.Collections.Generic.Dictionary`2[System.String,System.String]>]
   [-PrivateLinkConfiguration <AzureHDInsightPrivateLinkConfiguration[]>]
   [-DefaultProfile <IAzureContextContainer>]
   [<CommonParameters>]

Description

The New-AzHDInsightCluster creates an Azure HDInsight cluster by using the specified parameters or by using a configuration object that is created by using the New-AzHDInsightClusterConfig cmdlet.

The cmdlet may call below Microsoft Graph API according to input parameters:

  • GET /servicePrincipals/{id}

Examples

Example 1: Create an Azure HDInsight cluster

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds

This command creates a cluster in the current subscription.

Example 2: Create cluster with customer-managed key disk encryption

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-cmk-cluster"
$clusterCreds = Get-Credential

# Customer-managed Key info
$assignedIdentity = "your-ami-resource-id"
$encryptionKeyName = "new-key"
$encryptionVaultUri = "https://MyKeyVault.vault.azure.net"
$encryptionKeyVersion = "00000000000000000000000000000000"

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Spark `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -AssignedIdentity $assignedIdentity `
    -EncryptionKeyName $encryptionKeyName `
    -EncryptionVaultUri $encryptionVaultUri `
    -EncryptionKeyVersion $encryptionKeyVersion

Example 3: Create an Azure HDInsight cluster which enables encryption in transit

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -EncryptionInTransit $true
# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Virtual network info
$virtualNetworkId="yourvnetresourceid"
$subnetName="yoursubnetname"

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -VirtualNetworkId $virtualNetworkId -SubnetName $subnetName `
    -ResourceProviderConnection Outbound -PrivateLink Enabled

Example 5: Create an Azure HDInsight cluster which enables encryption at host

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -EncryptionAtHost $true

Example 6: Create an Azure HDInsight cluster which enables autoscale.

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create autoscale configuration
$autoscaleConfiguration=New-AzHDInsightClusterAutoscaleConfiguration `
    -MinWorkerNodeCount 3 -MaxWorkerNodeCount 5

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -AutoscaleConfiguration $autoscaleConfiguration

Example 7: Create an Azure HDInsight cluster with Kafka Rest Proxy.

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Kafka Rest Proxy configuration info
$kafkaClientGroupName = "yourclientgroupname"
$kafkaClientGroupId = "yourclientgroupid"
$kafkaManagementNodeSize = "Standard_D4_v2"
$disksPerWorkerNode = 2

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Kafka `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -KafkaClientGroupId  $kafkaClientGroupId -KafkaClientGroupName $kafkaClientGroupName `
    -KafkaManagementNodeSize $kafkaManagementNodeSize -DisksPerWorkerNode $disksPerWorkerNode

Example 8: Create an Azure HDInsight cluster with Azure Data Lake Gen2 storage.

# Primary storage account info
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageManagedIdentity = "yourstorageusermanagedidentity"
$storageFileSystem = "filesystem01"
$storageAccountType = "AzureDataLakeStorageGen2"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 3 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountManagedIdentity $storageManagedIdentity `
    -StorageFileSystem $storageFileSystem `
    -StorageAccountType $storageAccountType `
    -SshCredential $clusterCreds

Example 9: Create an Azure HDInsight cluster with Enterprise Security Package(ESP), Enable HDInsight ID Broker and using WASB storage.

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountKey = "yourstorageaccountaccesskey"
$storageContainer = "yourcontainer01"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# ESP configuration
$domainResourceId = "your Azure AD Domin Service resource id"
$domainUser = "yourdomainuser"
$domainPassword = ConvertTo-SecureString -String "****" -AsPlainText -Force
$domainCredential = New-Object System.Management.Automation.PSCredential($domainUser, $domainPassword)
$clusterUserGroupDns = "dominusergroup"
$ldapUrls = "ldaps://{your domain name}:636"

$clusterTier = "Premium"
$vnetId = "yourvnetid"
$subnetName = "yoursubnetname"
$assignedIdentity = "your user managed assigned identity resourcee id"

#Create security profile
$config= New-AzHDInsightClusterConfig|Add-AzHDInsightSecurityProfile -DomainResourceId $domainResourceId -DomainUserCredential $domainCredential -LdapsUrls $ldapUrls -ClusterUsersGroupDNs $clusterUserGroupDns

# Create the cluster
New-AzHDInsightCluster `
    -ClusterTier $clusterTier `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 3 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -VirtualNetworkId $vnetId -SubnetName $subnetName `
    -AssignedIdentity $assignedIdentity `
    -SecurityProfile $config.SecurityProfile -EnableIDBroker

Example 10: Create an Azure HDInsight cluster which enables compute isolation.

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential
$workerNodeSize="Standard_E16S_V3" # here is just an example
$headNodeSize="Standard_E8S_V3"
$zookeeperNodeSize="Standard_E2S_V3"

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -WorkerNodeSize $workerNodeSize `
    -HeadNodeSize $headNodeSize `
    -ZookeeperNodeSize $zookeeperNodeSize `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -EnableComputeIsolation
# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Virtual network info
$virtualNetworkId="yourvnetresourceid"
$subnetName="yoursubnetname"

$ipConfigName="ipconfig"
$privateIPAllocationMethod="dynamic" # the only supported IP allocation method for private link IP configuration is dynamic
$subnetId=$vnetId+"/subnets/"+$subnetName
# Create Private IP configuration
$ipConfiguration= New-AzHDInsightIPConfiguration -Name $ipConfigName -PrivateIPAllocationMethod $privateIPAllocationMethod -SubnetId $subnetId -Primary

$privateLinkConfigurationName="plconfig"
$groupId="headnode"
# Create private link configuration
$privateLinkConfiguration= New-AzHDInsightPrivateLinkConfiguration -Name $privateLinkConfigurationName -GroupId $groupId -IPConfiguration $ipConfiguration

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -VirtualNetworkId $virtualNetworkId -SubnetName $subnetName `
    -ResourceProviderConnection Outbound -PrivateLink Enabled -PrivateLinkConfiguration $privateLinkConfiguration

Example 12: Create an Azure HDInsight cluster availability feature

# Primary storage account info
$storageAccountResourceGroupName = "Group"
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageAccountName = "yourstorageacct001"
$storageAccountKey = Get-AzStorageAccountKey `
    -ResourceGroupName $storageAccountResourceGroupName `
    -Name $storageAccountName | Where-Object {$_.KeyName -eq "key1"} | ForEach-Object{$_.Value}
$storageContainer = "container002"

# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential

# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location

# Virtual network info
$virtualNetworkId="yourvnetresourceid"
$subnetName="yoursubnetname"

$databaseUserName="yourusername"
$databasePassword=ConvertTo-SecureString -String "****" -AsPlainText -Force

$sqlserverCredential=New-Object System.Management.Automation.PSCredential($databaseUserName, $databasePassword)
$sqlserver="yoursqlserver.database.windows.net"
$ambariDatabase="ambaridb"
$hiveDatabase ="hivedb"
$oozieDatabase = "ooziedb"

# availability zone feature requires customer ambari database, hive metatastore and oozie metastore
# Create Ambari database
$config=New-AzHDInsightClusterConfig|Add-AzHDInsightMetastore `
-SqlAzureServerName $sqlserver -DatabaseName $ambariDatabase `
-Credential $sqlserverCredential -MetastoreType AmbariDatabase

# Create Hive metastore
$config=$config|Add-AzHDInsightMetastore `
-SqlAzureServerName $sqlserver -DatabaseName $hiveDatabase `
-Credential $sqlserverCredential -MetastoreType HiveMetastore

# Create Oozie metastore
$config=$config|Add-AzHDInsightMetastore `
-SqlAzureServerName $sqlserver -DatabaseName $oozieDatabase `
-Credential $sqlserverCredential -MetastoreType OozieMetastore

# availability zones
$zones="1"

# Create the cluster
New-AzHDInsightCluster `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 4 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountKey $storageAccountKey `
    -StorageContainer $storageContainer `
    -SshCredential $clusterCreds `
    -VirtualNetworkId $virtualNetworkId -SubnetName $subnetName `
    -AmbariDatabase $config.AmbariDatabase -HiveMetastore $config.HiveMetastore -OozieMetastore $config.OozieMetastore -Zone $zones

Example 13: Create an Azure HDInsight cluster with Enterprise Security Package(ESP) and using Azure Data Lake Gen2 storage.

# Primary storage account info
$storageAccountResourceId = "yourstorageaccountresourceid"
$storageManagedIdentity = "yourstorageusermanagedidentity"
$storageFileSystem = "filesystem01"
$storageAccountType = "AzureDataLakeStorageGen2"
# Cluster configuration info
$location = "East US 2"
$clusterResourceGroupName = "Group"
$clusterName = "your-hadoop-002"
$clusterCreds = Get-Credential
# If the cluster's resource group doesn't exist yet, run:
# New-AzResourceGroup -Name $clusterResourceGroupName -Location $location
# ESP configuration
$domainResourceId = "your Azure AD Domin Service resource id"
$domainUser = "yourdomainuser"
$domainPassword = ConvertTo-SecureString -String "****" -AsPlainText -Force
$domainCredential = New-Object System.Management.Automation.PSCredential($domainUser, $domainPassword)
$clusterUserGroupDns = "dominusergroup"
$ldapUrls = "ldaps://{your domain name}:636"
$clusterTier = "Premium"
$vnetId = "yourvnetid"
$subnetName = "yoursubnetname"
$assignedIdentity = "your user managed assigned identity resourcee id"
#Create security profile
$config= New-AzHDInsightClusterConfig|Add-AzHDInsightSecurityProfile -DomainResourceId $domainResourceId -DomainUserCredential $domainCredential -LdapsUrls $ldapUrls -ClusterUsersGroupDNs $clusterUserGroupDns
# Create the cluster
New-AzHDInsightCluster `
    -ClusterTier $clusterTier `
    -ClusterType Hadoop `
    -ClusterSizeInNodes 3 `
    -ResourceGroupName $clusterResourceGroupName `
    -ClusterName $clusterName `
    -HttpCredential $clusterCreds `
    -Location $location `
    -StorageAccountResourceId $storageAccountResourceId `
    -StorageAccountManagedIdentity $storageManagedIdentity `
    -StorageFileSystem $storageFileSystem `
    -StorageAccountType $storageAccountType `
    -SshCredential $clusterCreds `
    -VirtualNetworkId $vnetId -SubnetName $subnetName `
    -AssignedIdentity $assignedIdentity `
    -SecurityProfile $config.SecurityProfile

Parameters

-AadTenantId

Specifies the Microsoft Entra tenant ID that will be used when accessing Azure Data Lake Store.

Type:Guid
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AdditionalStorageAccounts

Specifies the additional Azure Storage accounts for the cluster. You can alternatively use the Add-AzHDInsightStorage cmdlet.

Type:Dictionary<TKey,TValue>[System.String,System.String]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AmbariDatabase

Gets or sets the database for ambari.

Type:AzureHDInsightMetastore
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ApplicationId

Gets or sets the Service Principal Application Id for accessing Azure Data Lake.

Type:Guid
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AssignedIdentity

Gets or sets the assigned identity.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AutoscaleConfiguration

Gets or sets the autoscale configuration

Type:AzureHDInsightAutoscale
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CertificateFileContents

Specifies file contents of the certificate that will be used when accessing Azure Data Lake Store.

Type:Byte[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CertificateFilePath

Specifies the file path to the certificate that will be used to authenticate as the Service Principal. The cluster will use this when accessing Azure Data Lake Store.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-CertificatePassword

Specifies the password for the certificate that will be used to authenticate as the Service Principal. The cluster will use this when accessing Azure Data Lake Store.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ClusterName

Specifies the name of the cluster.

Type:String
Position:2
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ClusterSizeInNodes

Specifies the number of Worker nodes for the cluster.

Type:Int32
Position:3
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ClusterTier

Specifies the HDInsight cluster tier. By default, this is Standard. The Premium tier can only be used with Linux clusters, and it enables the use of some new features.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ClusterType

Specifies the type of cluster to create. Options are: Hadoop, HBase, Storm, Spark, INTERACTIVEHIVE, Kafka, and RServer

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ComponentVersion

Type:Dictionary<TKey,TValue>[System.String,System.String]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ComputeIsolationHostSku

Gets or sets the dedicated host sku for compute isolation.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Config

Specifies the cluster object to be used to create the cluster. This object can be created by using the New-AzHDInsightClusterConfig cmdlet.

Type:AzureHDInsightConfig
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Configurations

Specifies the configurations of this HDInsight cluster. You can alternatively use the Add-AzHDInsightConfigValues cmdlet.

Type:Dictionary<TKey,TValue>[System.String,System.Collections.Generic.Dictionary`2[System.String,System.String]]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DisksPerWorkerNode

Specifies the number of disks for worker node role in the cluster.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EdgeNodeSize

Specifies the size of the virtual machine for the edge node. Use Get-AzVMSize for acceptable VM sizes, and see HDInsight's pricing page. This parameter is valid only for RServer clusters.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableComputeIsolation

Enables HDInsight compute isolation feature.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableIDBroker

Enables HDInsight Identity Broker feature.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableSecureChannel

Enable secure channel or not, it's an optional field.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionAlgorithm

Gets or sets the encryption algorithm.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionAtHost

Gets or sets the flag which indicates whether enable encryption at host or not.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionInTransit

Gets or sets the flag which indicates whether enable encryption in transit or not.

Type:Nullable<T>[Boolean]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionKeyName

Gets or sets the encryption key name.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionKeyVersion

Gets or sets the encryption key version.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EncryptionVaultUri

Gets or sets the encryption vault uri.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-HeadNodeSize

Specifies the size of the virtual machine for the Head node. Use Get-AzVMSize for acceptable VM sizes, and see HDInsight's pricing page.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-HiveMetastore

Specifies the SQL Database to store Hive metadata. You can alternatively use the Add-AzHDInsightMetastore cmdlet.

Type:AzureHDInsightMetastore
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-HttpCredential

Specifies the cluster login (HTTP) credentials for the cluster.

Type:PSCredential
Position:4
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-KafkaClientGroupId

Gets or sets the client group id for Kafka Rest Proxy access.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-KafkaClientGroupName

Gets or sets the client group name for Kafka Rest Proxy access.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-KafkaManagementNodeSize

Gets or sets the size of the Kafka Management Node.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Location

Specifies the location for the cluster.

Type:String
Position:0
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-MinSupportedTlsVersion

Gets or sets the minimal supported TLS version.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ObjectId

Specifies the Microsoft Entra object ID (a GUID) of the Microsoft Entra service principal that represents the cluster. The cluster will use this when accessing Azure Data Lake Store.

Type:Guid
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-OozieMetastore

Specifies the SQL Database to store Oozie metadata. You can alternatively use the Add-AzHDInsightMetastore cmdlet.

Type:AzureHDInsightMetastore
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-OSType

Specifies the operating system for the cluster. Options are: Windows, Linux

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-OutboundDependenciesManagedType

A value to describe how the outbound dependencies of a HDInsight cluster are managed. 'Managed' means that the outbound dependencies are managed by the HDInsight service. 'External' means that the outbound dependencies are managed by a customer specific solution.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Gets or sets the private link type.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PrivateLinkConfiguration

Gets or sets the private link configuration.

Type:AzureHDInsightPrivateLinkConfiguration[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PublicIpTag

Gets or sets value of the IpTag associated with the public IP. Example HDInsight, SQL, Storage etc

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-PublicIpTagType

Gets or sets the ipTag type: Example FirstPartyUsage.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResourceGroupName

Specifies the name of the resource group.

Type:String
Position:1
Default value:None
Required:True
Accept pipeline input:False
Accept wildcard characters:False

-ResourceProviderConnection

Gets or sets the resource provider connection type.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ScriptActions

Specifies the script actions to run on the cluster at the end of cluster creation. You can alternatively use Add-AzHDInsightScriptAction.

Type:Dictionary<TKey,TValue>[Microsoft.Azure.Management.HDInsight.Models.ClusterNodeType,System.Collections.Generic.List`1[AzureHDInsightScriptAction]]
Accepted values:HeadNode, WorkerNode, ZookeeperNode, EdgeNode
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SecurityProfile

Specifies the security related properties used to create a secure cluster. You can alternatively use the Add-AzHDInsightSecurityProfile cmdlet.

Type:AzureHDInsightSecurityProfile
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SshCredential

Specifies the SSH credential to be used for SSH connections. This is only for Linux clusters.

Type:PSCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SshPublicKey

Specifies the public key to be used for SSH connections. This is only for Linux clusters.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageAccountKey

Gets or sets the Storage Account Access Key for the Storage Account.

Type:String
Position:6
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageAccountManagedIdentity

Gets or sets the storage account managed identity.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageAccountResourceId

Gets or sets the Storage Resource Id for the Storage Account.

Type:String
Position:5
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageAccountType

Gets or sets the type of the storage account.

Type:Nullable<T>[StorageType]
Accepted values:AzureStorage, AzureDataLakeStore, AzureDataLakeStorageGen2
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageContainer

Gets or sets the StorageContainer name for the default Azure Storage Account

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageFileSystem

Gets or sets the file system for the default Azure Data Lake Storage Gen2 account.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-StorageRootPath

Gets or sets the path to the root of the cluster in the default Data Lake Store Account.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-SubnetName

Gets or sets the subnet name for this HDInsight cluster.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Tag

Gets or sets the cluster tags.

Type:Dictionary<TKey,TValue>[System.String,System.String]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Version

Specifies the HDI version of the HDInsight cluster.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-VirtualNetworkId

Specifies the ID of the virtual network into which to provision the cluster.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WorkerNodeSize

Specifies the size of the virtual machine for the Worker node. Use Get-AzVMSize for acceptable VM sizes, and see HDInsight's pricing page.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Zone

Gets or sets the availability zones.

Type:String[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ZookeeperNodeSize

Specifies the size of the virtual machine for the Zookeeper node. Use Get-AzVMSize for acceptable VM sizes, and see HDInsight's pricing page. This parameter is valid only for HBase or Storm clusters.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

AzureHDInsightConfig

Outputs

AzureHDInsightCluster

Notes

Keywords: azure, azurerm, arm, resource, management, manager, hadoop, hdinsight, hd, insight