This module deploys an Azure NetApp File.
| Resource Type | API Version |
|---|---|
Microsoft.Authorization/locks |
2020-05-01 |
Microsoft.Authorization/roleAssignments |
2022-04-01 |
Microsoft.NetApp/netAppAccounts |
2022-11-01 |
Microsoft.NetApp/netAppAccounts/capacityPools |
2022-11-01 |
Microsoft.NetApp/netAppAccounts/capacityPools/volumes |
2022-11-01 |
Required parameters
| Parameter Name | Type | Description |
|---|---|---|
name |
string | The name of the NetApp account. |
Conditional parameters
| Parameter Name | Type | Default Value | Description |
|---|---|---|---|
cMKKeyVaultResourceId |
string | '' |
The resource ID of a key vault to reference a customer managed key for encryption from. Required if 'cMKKeyName' is not empty. |
cMKUserAssignedIdentityResourceId |
string | '' |
User assigned identity to use when fetching the customer managed key. Required if 'cMKKeyName' is not empty. |
Optional parameters
| Parameter Name | Type | Default Value | Allowed Values | Description |
|---|---|---|---|---|
capacityPools |
array | [] |
Capacity pools to create. | |
cMKKeyName |
string | '' |
The name of the customer managed key to use for encryption. | |
dnsServers |
string | '' |
Required if domainName is specified. Comma separated list of DNS server IP addresses (IPv4 only) required for the Active Directory (AD) domain join and SMB authentication operations to succeed. | |
domainJoinOU |
string | '' |
Used only if domainName is specified. LDAP Path for the Organization Unit (OU) where SMB Server machine accounts will be created (i.e. 'OU=SecondLevel,OU=FirstLevel'). | |
domainJoinPassword |
securestring | '' |
Required if domainName is specified. Password of the user specified in domainJoinUser parameter. | |
domainJoinUser |
string | '' |
Required if domainName is specified. Username of Active Directory domain administrator, with permissions to create SMB server machine account in the AD domain. | |
domainName |
string | '' |
Fully Qualified Active Directory DNS Domain Name (e.g. 'contoso.com'). | |
enableDefaultTelemetry |
bool | True |
Enable telemetry via a Globally Unique Identifier (GUID). | |
location |
string | [resourceGroup().location] |
Location for all resources. | |
lock |
string | '' |
['', CanNotDelete, ReadOnly] |
Specify the type of lock. |
roleAssignments |
array | [] |
Array of role assignment objects that contain the 'roleDefinitionIdOrName' and 'principalId' to define RBAC role assignments on this resource. In the roleDefinitionIdOrName attribute, you can provide either the display name of the role definition, or its fully qualified ID in the following format: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'. | |
smbServerNamePrefix |
string | '' |
Required if domainName is specified. NetBIOS name of the SMB server. A computer account with this prefix will be registered in the AD and used to mount volumes. | |
tags |
object | {object} |
Tags for all resources. | |
userAssignedIdentities |
object | {object} |
The ID(s) to assign to the resource. |
Create a role assignment for the given resource. If you want to assign a service principal / managed identity that is created in the same deployment, make sure to also specify the 'principalType' parameter and set it to 'ServicePrincipal'. This will ensure the role assignment waits for the principal's propagation in Azure.
Parameter JSON format
"roleAssignments": {
"value": [
{
"roleDefinitionIdOrName": "Reader",
"description": "Reader Role Assignment",
"principalIds": [
"12345678-1234-1234-1234-123456789012", // object 1
"78945612-1234-1234-1234-123456789012" // object 2
]
},
{
"roleDefinitionIdOrName": "/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11",
"principalIds": [
"12345678-1234-1234-1234-123456789012" // object 1
],
"principalType": "ServicePrincipal"
}
]
}Bicep format
roleAssignments: [
{
roleDefinitionIdOrName: 'Reader'
description: 'Reader Role Assignment'
principalIds: [
'12345678-1234-1234-1234-123456789012' // object 1
'78945612-1234-1234-1234-123456789012' // object 2
]
}
{
roleDefinitionIdOrName: '/providers/Microsoft.Authorization/roleDefinitions/c2f4ef07-c644-48eb-af81-4b1b4947fb11'
principalIds: [
'12345678-1234-1234-1234-123456789012' // object 1
]
principalType: 'ServicePrincipal'
}
]
Tag names and tag values can be provided as needed. A tag can be left without a value.
Parameter JSON format
"tags": {
"value": {
"Environment": "Non-Prod",
"Contact": "test.user@testcompany.com",
"PurchaseOrder": "1234",
"CostCenter": "7890",
"ServiceName": "DeploymentValidation",
"Role": "DeploymentValidation"
}
}Bicep format
tags: {
Environment: 'Non-Prod'
Contact: 'test.user@testcompany.com'
PurchaseOrder: '1234'
CostCenter: '7890'
ServiceName: 'DeploymentValidation'
Role: 'DeploymentValidation'
}
You can specify multiple user assigned identities to a resource by providing additional resource IDs using the following format:
Parameter JSON format
"userAssignedIdentities": {
"value": {
"/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-001": {},
"/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-002": {}
}
}Bicep format
userAssignedIdentities: {
'/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-001': {}
'/subscriptions/[[subscriptionId]]/resourcegroups/validation-rg/providers/Microsoft.ManagedIdentity/userAssignedIdentities/adp-sxx-az-msi-x-002': {}
}
| Output Name | Type | Description |
|---|---|---|
location |
string | The location the resource was deployed into. |
name |
string | The name of the NetApp account. |
resourceGroupName |
string | The name of the Resource Group the NetApp account was created in. |
resourceId |
string | The Resource ID of the NetApp account. |
None
The following module usage examples are retrieved from the content of the files hosted in the module's .test folder.
Note: The name of each example is based on the name of the file from which it is taken.
Note: Each example lists all the required parameters first, followed by the rest - each in alphabetical order.
via Bicep module
module netAppAccount './net-app/net-app-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-nanaamin'
params: {
// Required parameters
name: 'nanaamin001'
// Non-required parameters
enableDefaultTelemetry: '<enableDefaultTelemetry>'
}
}
via JSON Parameter file
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
// Required parameters
"name": {
"value": "nanaamin001"
},
// Non-required parameters
"enableDefaultTelemetry": {
"value": "<enableDefaultTelemetry>"
}
}
}
via Bicep module
module netAppAccount './net-app/net-app-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-nanaanfs3'
params: {
// Required parameters
name: 'nanaanfs3001'
// Non-required parameters
capacityPools: [
{
name: 'nanaanfs3-cp-001'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
serviceLevel: 'Premium'
size: 4398046511104
volumes: [
{
exportPolicyRules: [
{
allowedClients: '0.0.0.0/0'
nfsv3: true
nfsv41: false
ruleIndex: 1
unixReadOnly: false
unixReadWrite: true
}
]
name: 'nanaanfs3-vol-001'
protocolTypes: [
'NFSv3'
]
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
subnetResourceId: '<subnetResourceId>'
usageThreshold: 107374182400
}
{
name: 'nanaanfs3-vol-002'
protocolTypes: [
'NFSv3'
]
subnetResourceId: '<subnetResourceId>'
usageThreshold: 107374182400
}
]
}
{
name: 'nanaanfs3-cp-002'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
serviceLevel: 'Premium'
size: 4398046511104
volumes: []
}
]
enableDefaultTelemetry: '<enableDefaultTelemetry>'
lock: 'CanNotDelete'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
tags: {
Contact: 'test.user@testcompany.com'
CostCenter: '7890'
Environment: 'Non-Prod'
PurchaseOrder: '1234'
Role: 'DeploymentValidation'
ServiceName: 'DeploymentValidation'
}
}
}
via JSON Parameter file
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
// Required parameters
"name": {
"value": "nanaanfs3001"
},
// Non-required parameters
"capacityPools": {
"value": [
{
"name": "nanaanfs3-cp-001",
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"serviceLevel": "Premium",
"size": 4398046511104,
"volumes": [
{
"exportPolicyRules": [
{
"allowedClients": "0.0.0.0/0",
"nfsv3": true,
"nfsv41": false,
"ruleIndex": 1,
"unixReadOnly": false,
"unixReadWrite": true
}
],
"name": "nanaanfs3-vol-001",
"protocolTypes": [
"NFSv3"
],
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"subnetResourceId": "<subnetResourceId>",
"usageThreshold": 107374182400
},
{
"name": "nanaanfs3-vol-002",
"protocolTypes": [
"NFSv3"
],
"subnetResourceId": "<subnetResourceId>",
"usageThreshold": 107374182400
}
]
},
{
"name": "nanaanfs3-cp-002",
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"serviceLevel": "Premium",
"size": 4398046511104,
"volumes": []
}
]
},
"enableDefaultTelemetry": {
"value": "<enableDefaultTelemetry>"
},
"lock": {
"value": "CanNotDelete"
},
"roleAssignments": {
"value": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
]
},
"tags": {
"value": {
"Contact": "test.user@testcompany.com",
"CostCenter": "7890",
"Environment": "Non-Prod",
"PurchaseOrder": "1234",
"Role": "DeploymentValidation",
"ServiceName": "DeploymentValidation"
}
}
}
}
via Bicep module
module netAppAccount './net-app/net-app-account/main.bicep' = {
name: '${uniqueString(deployment().name, location)}-test-naanfs41'
params: {
// Required parameters
name: 'naanfs41001'
// Non-required parameters
capacityPools: [
{
name: 'naanfs41-cp-001'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
serviceLevel: 'Premium'
size: 4398046511104
volumes: [
{
exportPolicyRules: [
{
allowedClients: '0.0.0.0/0'
nfsv3: false
nfsv41: true
ruleIndex: 1
unixReadOnly: false
unixReadWrite: true
}
]
name: 'naanfs41-vol-001'
protocolTypes: [
'NFSv4.1'
]
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
subnetResourceId: '<subnetResourceId>'
usageThreshold: 107374182400
}
{
exportPolicyRules: [
{
allowedClients: '0.0.0.0/0'
nfsv3: false
nfsv41: true
ruleIndex: 1
unixReadOnly: false
unixReadWrite: true
}
]
name: 'naanfs41-vol-002'
protocolTypes: [
'NFSv4.1'
]
subnetResourceId: '<subnetResourceId>'
usageThreshold: 107374182400
}
]
}
{
name: 'naanfs41-cp-002'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
serviceLevel: 'Premium'
size: 4398046511104
volumes: []
}
]
cMKKeyName: '<cMKKeyName>'
cMKKeyVaultResourceId: '<cMKKeyVaultResourceId>'
cMKUserAssignedIdentityResourceId: '<cMKUserAssignedIdentityResourceId>'
enableDefaultTelemetry: '<enableDefaultTelemetry>'
roleAssignments: [
{
principalIds: [
'<managedIdentityPrincipalId>'
]
principalType: 'ServicePrincipal'
roleDefinitionIdOrName: 'Reader'
}
]
tags: {
Contact: 'test.user@testcompany.com'
CostCenter: '7890'
Environment: 'Non-Prod'
PurchaseOrder: '1234'
Role: 'DeploymentValidation'
ServiceName: 'DeploymentValidation'
}
userAssignedIdentities: {
'<managedIdentityResourceId>': {}
}
}
}
via JSON Parameter file
{
"$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
"contentVersion": "1.0.0.0",
"parameters": {
// Required parameters
"name": {
"value": "naanfs41001"
},
// Non-required parameters
"capacityPools": {
"value": [
{
"name": "naanfs41-cp-001",
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"serviceLevel": "Premium",
"size": 4398046511104,
"volumes": [
{
"exportPolicyRules": [
{
"allowedClients": "0.0.0.0/0",
"nfsv3": false,
"nfsv41": true,
"ruleIndex": 1,
"unixReadOnly": false,
"unixReadWrite": true
}
],
"name": "naanfs41-vol-001",
"protocolTypes": [
"NFSv4.1"
],
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"subnetResourceId": "<subnetResourceId>",
"usageThreshold": 107374182400
},
{
"exportPolicyRules": [
{
"allowedClients": "0.0.0.0/0",
"nfsv3": false,
"nfsv41": true,
"ruleIndex": 1,
"unixReadOnly": false,
"unixReadWrite": true
}
],
"name": "naanfs41-vol-002",
"protocolTypes": [
"NFSv4.1"
],
"subnetResourceId": "<subnetResourceId>",
"usageThreshold": 107374182400
}
]
},
{
"name": "naanfs41-cp-002",
"roleAssignments": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
],
"serviceLevel": "Premium",
"size": 4398046511104,
"volumes": []
}
]
},
"cMKKeyName": {
"value": "<cMKKeyName>"
},
"cMKKeyVaultResourceId": {
"value": "<cMKKeyVaultResourceId>"
},
"cMKUserAssignedIdentityResourceId": {
"value": "<cMKUserAssignedIdentityResourceId>"
},
"enableDefaultTelemetry": {
"value": "<enableDefaultTelemetry>"
},
"roleAssignments": {
"value": [
{
"principalIds": [
"<managedIdentityPrincipalId>"
],
"principalType": "ServicePrincipal",
"roleDefinitionIdOrName": "Reader"
}
]
},
"tags": {
"value": {
"Contact": "test.user@testcompany.com",
"CostCenter": "7890",
"Environment": "Non-Prod",
"PurchaseOrder": "1234",
"Role": "DeploymentValidation",
"ServiceName": "DeploymentValidation"
}
},
"userAssignedIdentities": {
"value": {
"<managedIdentityResourceId>": {}
}
}
}
}