diff --git a/schemas/2021-09-01/Microsoft.Storage.json b/schemas/2021-09-01/Microsoft.Storage.json new file mode 100644 index 0000000000..91041b9d53 --- /dev/null +++ b/schemas/2021-09-01/Microsoft.Storage.json @@ -0,0 +1,4602 @@ +{ + "id": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Storage", + "description": "Microsoft Storage Resource Types", + "resourceDefinitions": { + "storageAccounts": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "extendedLocation": { + "oneOf": [ + { + "$ref": "#/definitions/ExtendedLocation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The complex type of the extended location." + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/Identity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Identity for the resource." + }, + "kind": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Storage", + "StorageV2", + "BlobStorage", + "FileStorage", + "BlockBlobStorage" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required. Indicates the type of storage account." + }, + "location": { + "type": "string", + "description": "Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed." + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 24, + "description": "The name of the storage account within the specified resource group. Storage account names must be between 3 and 24 characters in length and use numbers and lower-case letters only." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/StorageAccountPropertiesCreateParameters" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The parameters used to create the storage account." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_managementPolicies_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_inventoryPolicies_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_privateEndpointConnections_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_objectReplicationPolicies_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_localUsers_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_encryptionScopes_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_blobServices_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_fileServices_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_queueServices_childResource" + }, + { + "$ref": "#/definitions/storageAccounts_tableServices_childResource" + } + ] + } + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The SKU of the storage account." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts" + ] + } + }, + "required": [ + "apiVersion", + "kind", + "location", + "name", + "sku", + "type" + ], + "description": "Microsoft.Storage/storageAccounts" + }, + "storageAccounts_blobServices": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob Service within the specified storage account. Blob Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BlobServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Blob service." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_blobServices_containers_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/blobServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices" + }, + "storageAccounts_blobServices_containers": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ContainerProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a container." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_blobServices_containers_immutabilityPolicies_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/blobServices/containers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices/containers" + }, + "storageAccounts_blobServices_containers_immutabilityPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob container immutabilityPolicy within the specified storage account. ImmutabilityPolicy Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ImmutabilityPolicyProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of an ImmutabilityPolicy of a blob container." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies" + }, + "storageAccounts_encryptionScopes": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the encryption scope within the specified storage account. Encryption scope names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionScopeProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of the encryption scope." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/encryptionScopes" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/encryptionScopes" + }, + "storageAccounts_fileServices": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the file Service within the specified storage account. File Service Name must be \"default\"" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FileServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of File services in storage account." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_fileServices_shares_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/fileServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/fileServices" + }, + "storageAccounts_fileServices_shares": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the file share within the specified storage account. File share names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FileShareProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the file share." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/fileServices/shares" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/fileServices/shares" + }, + "storageAccounts_inventoryPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the storage account blob inventory policy. It should always be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BlobInventoryPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account blob inventory policy properties." + }, + "systemData": { + "oneOf": [ + { + "$ref": "#/definitions/SystemData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Metadata pertaining to creation and last modification of the resource." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/inventoryPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/inventoryPolicies" + }, + "storageAccounts_localUsers": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 64, + "description": "The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LocalUserProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account Local User properties." + }, + "systemData": { + "oneOf": [ + { + "$ref": "#/definitions/SystemData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Metadata pertaining to creation and last modification of the resource." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/localUsers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/localUsers" + }, + "storageAccounts_managementPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Storage Account Management Policy. It should always be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ManagementPolicy properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/managementPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/managementPolicies" + }, + "storageAccounts_objectReplicationPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 1, + "description": "For the destination account, provide the value 'default'. Configure the policy on the destination account first. For the source account, provide the value of the policy ID that is returned when you download the policy that was defined on the destination account. The policy is downloaded as a JSON file." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ObjectReplicationPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ObjectReplicationPolicy properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/objectReplicationPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/objectReplicationPolicies" + }, + "storageAccounts_privateEndpointConnections": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection associated with the Azure resource" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of the PrivateEndpointConnectProperties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/privateEndpointConnections" + }, + "storageAccounts_queueServices": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Queue Service within the specified storage account. Queue Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/QueueServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Queue service." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_queueServices_queues_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/queueServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/queueServices" + }, + "storageAccounts_queueServices_queues": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[a-z0-9]([a-z0-9]|(-(?!-))){1,61}[a-z0-9]$", + "minLength": 3, + "maxLength": 63 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A queue name must be unique within a storage account and must be between 3 and 63 characters.The name must comprise of lowercase alphanumeric and dash(-) characters only, it should begin and end with an alphanumeric character and it cannot have two consecutive dash(-) characters." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/QueueProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/queueServices/queues" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/queueServices/queues" + }, + "storageAccounts_tableServices": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Table Service within the specified storage account. Table Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TableServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Table service." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/storageAccounts_tableServices_tables_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/tableServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/tableServices" + }, + "storageAccounts_tableServices_tables": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[A-Za-z][A-Za-z0-9]{2,62}$", + "minLength": 3, + "maxLength": 63 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A table name must be unique within a storage account and must be between 3 and 63 characters.The name must comprise of only alphanumeric characters and it cannot begin with a numeric character." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TableProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Storage/storageAccounts/tableServices/tables" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/tableServices/tables" + } + }, + "definitions": { + "AccessPolicy": { + "type": "object", + "properties": { + "expiryTime": { + "type": "string", + "format": "date-time", + "description": "Expiry time of the access policy" + }, + "permission": { + "type": "string", + "description": "List of abbreviated permissions." + }, + "startTime": { + "type": "string", + "format": "date-time", + "description": "Start time of the access policy" + } + } + }, + "AccountImmutabilityPolicyProperties": { + "type": "object", + "properties": { + "allowProtectedAppendWrites": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property can only be changed for disabled and unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted." + }, + "immutabilityPeriodSinceCreationInDays": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 146000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The immutability period for the blobs in the container since the policy creation, in days." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Unlocked", + "Locked", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The ImmutabilityPolicy state defines the mode of the policy. Disabled state disables the policy, Unlocked state allows increase and decrease of immutability retention time and also allows toggling allowProtectedAppendWrites property, Locked state only allows the increase of the immutability retention time. A policy can only be created in a Disabled or Unlocked state and can be toggled between the two states. Only a policy in an Unlocked state can transition to a Locked state which cannot be reverted." + } + }, + "description": "This defines account-level immutability policy properties." + }, + "ActiveDirectoryProperties": { + "type": "object", + "properties": { + "accountType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Computer" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the Active Directory account type for Azure Storage." + }, + "azureStorageSid": { + "type": "string", + "description": "Specifies the security identifier (SID) for Azure Storage." + }, + "domainGuid": { + "type": "string", + "description": "Specifies the domain GUID." + }, + "domainName": { + "type": "string", + "description": "Specifies the primary domain that the AD DNS server is authoritative for." + }, + "domainSid": { + "type": "string", + "description": "Specifies the security identifier (SID)." + }, + "forestName": { + "type": "string", + "description": "Specifies the Active Directory forest to get." + }, + "netBiosDomainName": { + "type": "string", + "description": "Specifies the NetBIOS domain name." + }, + "samAccountName": { + "type": "string", + "description": "Specifies the Active Directory SAMAccountName for Azure Storage." + } + }, + "required": [ + "azureStorageSid", + "domainGuid", + "domainName", + "domainSid", + "forestName", + "netBiosDomainName" + ], + "description": "Settings properties for Active Directory (AD)." + }, + "AzureFilesIdentityBasedAuthentication": { + "type": "object", + "properties": { + "activeDirectoryProperties": { + "oneOf": [ + { + "$ref": "#/definitions/ActiveDirectoryProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Settings properties for Active Directory (AD)." + }, + "defaultSharePermission": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "StorageFileDataSmbShareReader", + "StorageFileDataSmbShareContributor", + "StorageFileDataSmbShareElevatedContributor" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Default share permission for users using Kerberos authentication if RBAC role is not assigned." + }, + "directoryServiceOptions": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "AADDS", + "AD" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates the directory service used." + } + }, + "required": [ + "directoryServiceOptions" + ], + "description": "Settings for Azure Files identity based authentication." + }, + "BlobInventoryPolicyDefinition": { + "type": "object", + "properties": { + "filters": { + "oneOf": [ + { + "$ref": "#/definitions/BlobInventoryPolicyFilter" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An object that defines the blob inventory rule filter conditions. For 'Blob' definition.objectType all filter properties are applicable, 'blobTypes' is required and others are optional. For 'Container' definition.objectType only prefixMatch is applicable and is optional." + }, + "format": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Csv", + "Parquet" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This is a required field, it specifies the format for the inventory files." + }, + "objectType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Blob", + "Container" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This is a required field. This field specifies the scope of the inventory created either at the blob or container level." + }, + "schedule": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Daily", + "Weekly" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This is a required field. This field is used to schedule an inventory formation." + }, + "schemaFields": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This is a required field. This field specifies the fields and properties of the object to be included in the inventory. The Schema field value 'Name' is always required. The valid values for this field for the 'Blob' definition.objectType include 'Name, Creation-Time, Last-Modified, Content-Length, Content-MD5, BlobType, AccessTier, AccessTierChangeTime, AccessTierInferred, Tags, Expiry-Time, hdi_isfolder, Owner, Group, Permissions, Acl, Snapshot, VersionId, IsCurrentVersion, Metadata, LastAccessTime, Tags, Etag, ContentType, ContentEncoding, ContentLanguage, ContentCRC64, CacheControl, ContentDisposition, LeaseStatus, LeaseState, LeaseDuration, ServerEncrypted, Deleted, DeletionId, DeletedTime, RemainingRetentionDays, ImmutabilityPolicyUntilDate, ImmutabilityPolicyMode, LegalHold, CopyId, CopyStatus, CopySource, CopyProgress, CopyCompletionTime, CopyStatusDescription, CustomerProvidedKeySha256, RehydratePriority, ArchiveStatus, XmsBlobSequenceNumber, EncryptionScope, IncrementalCopy, TagCount'. For Blob object type schema field value 'DeletedTime' is applicable only for Hns enabled accounts. The valid values for 'Container' definition.objectType include 'Name, Last-Modified, Metadata, LeaseStatus, LeaseState, LeaseDuration, PublicAccess, HasImmutabilityPolicy, HasLegalHold, Etag, DefaultEncryptionScope, DenyEncryptionScopeOverride, ImmutableStorageWithVersioningEnabled, Deleted, Version, DeletedTime, RemainingRetentionDays'. Schema field values 'Expiry-Time, hdi_isfolder, Owner, Group, Permissions, Acl, DeletionId' are valid only for Hns enabled accounts.Schema field values 'Tags, TagCount' are only valid for Non-Hns accounts." + } + }, + "required": [ + "format", + "objectType", + "schedule", + "schemaFields" + ], + "description": "An object that defines the blob inventory rule." + }, + "BlobInventoryPolicyFilter": { + "type": "object", + "properties": { + "blobTypes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of predefined enum values. Valid values include blockBlob, appendBlob, pageBlob. Hns accounts does not support pageBlobs. This field is required when definition.objectType property is set to 'Blob'." + }, + "excludePrefix": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of strings with maximum 10 blob prefixes to be excluded from the inventory." + }, + "includeBlobVersions": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Includes blob versions in blob inventory when value is set to true. The definition.schemaFields values 'VersionId and IsCurrentVersion' are required if this property is set to true, else they must be excluded." + }, + "includeDeleted": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "For 'Container' definition.objectType the definition.schemaFields must include 'Deleted, Version, DeletedTime and RemainingRetentionDays'. For 'Blob' definition.objectType and HNS enabled storage accounts the definition.schemaFields must include 'DeletionId, Deleted, DeletedTime and RemainingRetentionDays' and for Hns disabled accounts the definition.schemaFields must include 'Deleted and RemainingRetentionDays', else it must be excluded." + }, + "includeSnapshots": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Includes blob snapshots in blob inventory when value is set to true. The definition.schemaFields value 'Snapshot' is required if this property is set to true, else it must be excluded." + }, + "prefixMatch": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of strings with maximum 10 blob prefixes to be included in the inventory." + } + }, + "description": "An object that defines the blob inventory rule filter conditions. For 'Blob' definition.objectType all filter properties are applicable, 'blobTypes' is required and others are optional. For 'Container' definition.objectType only prefixMatch is applicable and is optional." + }, + "BlobInventoryPolicyProperties": { + "type": "object", + "properties": { + "policy": { + "oneOf": [ + { + "$ref": "#/definitions/BlobInventoryPolicySchema" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account blob inventory policy rules." + } + }, + "required": [ + "policy" + ], + "description": "The storage account blob inventory policy properties." + }, + "BlobInventoryPolicyRule": { + "type": "object", + "properties": { + "definition": { + "oneOf": [ + { + "$ref": "#/definitions/BlobInventoryPolicyDefinition" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An object that defines the blob inventory rule." + }, + "destination": { + "type": "string", + "description": "Container name where blob inventory files are stored. Must be pre-created." + }, + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rule is enabled when set to true." + }, + "name": { + "type": "string", + "description": "A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy." + } + }, + "required": [ + "definition", + "destination", + "enabled", + "name" + ], + "description": "An object that wraps the blob inventory rule. Each rule is uniquely defined by name." + }, + "BlobInventoryPolicySchema": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Policy is enabled if set to true." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/BlobInventoryPolicyRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account blob inventory policy rules. The rule is applied when it is enabled." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Inventory" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The valid value is Inventory" + } + }, + "required": [ + "enabled", + "rules", + "type" + ], + "description": "The storage account blob inventory policy rules." + }, + "BlobServicePropertiesProperties": { + "type": "object", + "properties": { + "automaticSnapshotPolicyEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Deprecated in favor of isVersioningEnabled property." + }, + "changeFeed": { + "oneOf": [ + { + "$ref": "#/definitions/ChangeFeed" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The blob service properties for change feed events." + }, + "containerDeleteRetentionPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/DeleteRetentionPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The service properties for soft delete." + }, + "cors": { + "oneOf": [ + { + "$ref": "#/definitions/CorsRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the CORS rules. You can include up to five CorsRule elements in the request. " + }, + "defaultServiceVersion": { + "type": "string", + "description": "DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions." + }, + "deleteRetentionPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/DeleteRetentionPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The service properties for soft delete." + }, + "isVersioningEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Versioning is enabled if set to true." + }, + "lastAccessTimeTrackingPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/LastAccessTimeTrackingPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The blob service properties for Last access time based tracking policy." + }, + "restorePolicy": { + "oneOf": [ + { + "$ref": "#/definitions/RestorePolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The blob service properties for blob restore policy" + } + }, + "description": "The properties of a storage account’s Blob service." + }, + "ChangeFeed": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether change feed event logging is enabled for the Blob service." + }, + "retentionInDays": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 146000 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates the duration of changeFeed retention in days. Minimum value is 1 day and maximum value is 146000 days (400 years). A null value indicates an infinite retention of the change feed." + } + }, + "description": "The blob service properties for change feed events." + }, + "ContainerProperties": { + "type": "object", + "properties": { + "defaultEncryptionScope": { + "type": "string", + "description": "Default the container to use specified encryption scope for all writes." + }, + "denyEncryptionScopeOverride": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Block override of encryption scope from the container default." + }, + "enableNfsV3AllSquash": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable NFSv3 all squash on blob container." + }, + "enableNfsV3RootSquash": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enable NFSv3 root squash on blob container." + }, + "immutableStorageWithVersioning": { + "oneOf": [ + { + "$ref": "#/definitions/ImmutableStorageWithVersioning" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object level immutability properties of the container." + }, + "metadata": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A name-value pair to associate with the container as metadata." + }, + "publicAccess": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Container", + "Blob", + "None" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether data in the container may be accessed publicly and the level of access." + } + }, + "description": "The properties of a container." + }, + "CorsRule": { + "type": "object", + "properties": { + "allowedHeaders": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required if CorsRule element is present. A list of headers allowed to be part of the cross-origin request." + }, + "allowedMethods": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "DELETE", + "GET", + "HEAD", + "MERGE", + "POST", + "OPTIONS", + "PUT", + "PATCH" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required if CorsRule element is present. A list of HTTP methods that are allowed to be executed by the origin." + }, + "allowedOrigins": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required if CorsRule element is present. A list of origin domains that will be allowed via CORS, or \"*\" to allow all domains" + }, + "exposedHeaders": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required if CorsRule element is present. A list of response headers to expose to CORS clients." + }, + "maxAgeInSeconds": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required if CorsRule element is present. The number of seconds that the client/browser should cache a preflight response." + } + }, + "required": [ + "allowedHeaders", + "allowedMethods", + "allowedOrigins", + "exposedHeaders", + "maxAgeInSeconds" + ], + "description": "Specifies a CORS rule for the Blob service." + }, + "CorsRules": { + "type": "object", + "properties": { + "corsRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/CorsRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The List of CORS rules. You can include up to five CorsRule elements in the request. " + } + }, + "description": "Sets the CORS rules. You can include up to five CorsRule elements in the request. " + }, + "CustomDomain": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source." + }, + "useSubDomainName": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates." + } + }, + "required": [ + "name" + ], + "description": "The custom domain assigned to this storage account. This can be set via Update." + }, + "DateAfterCreation": { + "type": "object", + "properties": { + "daysAfterCreationGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after creation" + }, + "daysAfterLastTierChangeGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterCreationGreaterThan to be set for snapshots and blob version based actions. The blob will be archived if both the conditions are satisfied." + } + }, + "required": [ + "daysAfterCreationGreaterThan" + ], + "description": "Object to define snapshot and version action conditions." + }, + "DateAfterModification": { + "type": "object", + "properties": { + "daysAfterCreationGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after blob creation." + }, + "daysAfterLastAccessTimeGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy" + }, + "daysAfterLastTierChangeGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after last blob tier change time. This property is only applicable for tierToArchive actions and requires daysAfterModificationGreaterThan to be set for baseBlobs based actions. The blob will be archived if both the conditions are satisfied." + }, + "daysAfterModificationGreaterThan": { + "oneOf": [ + { + "type": "number", + "multipleOf": 1, + "minimum": 0 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value indicating the age in days after last modification" + } + }, + "description": "Object to define the base blob action conditions. Properties daysAfterModificationGreaterThan, daysAfterLastAccessTimeGreaterThan and daysAfterCreationGreaterThan are mutually exclusive. The daysAfterLastTierChangeGreaterThan property is only applicable for tierToArchive actions which requires daysAfterModificationGreaterThan to be set, also it cannot be used in conjunction with daysAfterLastAccessTimeGreaterThan or daysAfterCreationGreaterThan." + }, + "DeleteRetentionPolicy": { + "type": "object", + "properties": { + "allowPermanentDelete": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property when set to true allows deletion of the soft deleted blob versions and snapshots. This property cannot be used blob restore policy. This property only applies to blob service and does not apply to containers or file share." + }, + "days": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 365 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates the number of days that the deleted item should be retained. The minimum specified value can be 1 and the maximum value can be 365." + }, + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether DeleteRetentionPolicy is enabled." + } + }, + "description": "The service properties for soft delete." + }, + "Encryption": { + "type": "object", + "properties": { + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Encryption identity for the storage account." + }, + "keySource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Microsoft.Storage", + "Microsoft.Keyvault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault." + }, + "keyvaultproperties": { + "oneOf": [ + { + "$ref": "#/definitions/KeyVaultProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of key vault." + }, + "requireInfrastructureEncryption": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest." + }, + "services": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A list of services that support encryption." + } + }, + "required": [ + "keySource" + ], + "description": "The encryption settings on the storage account." + }, + "EncryptionIdentity": { + "type": "object", + "properties": { + "federatedIdentityClientId": { + "type": "string", + "description": "ClientId of the multi-tenant application to be used in conjunction with the user-assigned identity for cross-tenant customer-managed-keys server-side encryption on the storage account." + }, + "userAssignedIdentity": { + "type": "string", + "description": "Resource identifier of the UserAssigned identity to be associated with server-side encryption on the storage account." + } + }, + "description": "Encryption identity for the storage account." + }, + "EncryptionScopeKeyVaultProperties": { + "type": "object", + "properties": { + "keyUri": { + "type": "string", + "description": "The object identifier for a key vault key object. When applied, the encryption scope will use the key referenced by the identifier to enable customer-managed key support on this encryption scope." + } + }, + "description": "The key vault properties for the encryption scope. This is a required field if encryption scope 'source' attribute is set to 'Microsoft.KeyVault'." + }, + "EncryptionScopeProperties": { + "type": "object", + "properties": { + "keyVaultProperties": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionScopeKeyVaultProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The key vault properties for the encryption scope. This is a required field if encryption scope 'source' attribute is set to 'Microsoft.KeyVault'." + }, + "requireInfrastructureEncryption": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest." + }, + "source": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Microsoft.Storage", + "Microsoft.KeyVault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The provider for the encryption scope. Possible values (case-insensitive): Microsoft.Storage, Microsoft.KeyVault." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The state of the encryption scope. Possible values (case-insensitive): Enabled, Disabled." + } + }, + "description": "Properties of the encryption scope." + }, + "EncryptionService": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean indicating whether or not the service encrypts the data as it is stored. Encryption at rest is enabled by default today and cannot be disabled." + }, + "keyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Service", + "Account" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Encryption key type to be used for the encryption service. 'Account' key type implies that an account-scoped encryption key will be used. 'Service' key type implies that a default service key is used." + } + }, + "description": "A service that allows server-side encryption to be used." + }, + "EncryptionServices": { + "type": "object", + "properties": { + "blob": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionService" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A service that allows server-side encryption to be used." + }, + "file": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionService" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A service that allows server-side encryption to be used." + }, + "queue": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionService" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A service that allows server-side encryption to be used." + }, + "table": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionService" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A service that allows server-side encryption to be used." + } + }, + "description": "A list of services that support encryption." + }, + "ExtendedLocation": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "The name of the extended location." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "EdgeZone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of the extended location." + } + }, + "description": "The complex type of the extended location." + }, + "FileServicePropertiesProperties": { + "type": "object", + "properties": { + "cors": { + "oneOf": [ + { + "$ref": "#/definitions/CorsRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the CORS rules. You can include up to five CorsRule elements in the request. " + }, + "protocolSettings": { + "oneOf": [ + { + "$ref": "#/definitions/ProtocolSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Protocol settings for file service" + }, + "shareDeleteRetentionPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/DeleteRetentionPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The service properties for soft delete." + } + }, + "description": "The properties of File services in storage account." + }, + "FileShareProperties": { + "type": "object", + "properties": { + "accessTier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TransactionOptimized", + "Hot", + "Cool", + "Premium" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Access tier for specific share. GpV2 account can choose between TransactionOptimized (default), Hot, and Cool. FileStorage account can choose Premium." + }, + "enabledProtocols": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SMB", + "NFS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The authentication protocol that is used for the file share. Can only be specified when creating a share." + }, + "metadata": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A name-value pair to associate with the share as metadata." + }, + "rootSquash": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NoRootSquash", + "RootSquash", + "AllSquash" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The property is for NFS share only. The default is NoRootSquash." + }, + "shareQuota": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 102400 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The maximum size of the share, in gigabytes. Must be greater than 0, and less than or equal to 5TB (5120). For Large File Shares, the maximum size is 102400." + }, + "signedIdentifiers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SignedIdentifier" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of stored access policies specified on the share." + } + }, + "description": "The properties of the file share." + }, + "Identity": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identity type." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/UserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Gets or sets a list of key value pairs that describe the set of User Assigned identities that will be used with this storage account. The key is the ARM resource identifier of the identity. Only 1 User Assigned identity is permitted here." + } + }, + "required": [ + "type" + ], + "description": "Identity for the resource." + }, + "ImmutabilityPolicyProperty": { + "type": "object", + "properties": { + "allowProtectedAppendWrites": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API." + }, + "allowProtectedAppendWritesAll": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to both 'Append and Bock Blobs' while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API. The 'allowProtectedAppendWrites' and 'allowProtectedAppendWritesAll' properties are mutually exclusive." + }, + "immutabilityPeriodSinceCreationInDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The immutability period for the blobs in the container since the policy creation, in days." + } + }, + "description": "The properties of an ImmutabilityPolicy of a blob container." + }, + "ImmutableStorageAccount": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean flag which enables account-level immutability. All the containers under such an account have object-level immutability enabled by default." + }, + "immutabilityPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/AccountImmutabilityPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This defines account-level immutability policy properties." + } + }, + "description": "This property enables and defines account-level immutability. Enabling the feature auto-enables Blob Versioning." + }, + "ImmutableStorageWithVersioning": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This is an immutable property, when set to true it enables object level immutability at the container level." + } + }, + "description": "Object level immutability properties of the container." + }, + "IPRule": { + "type": "object", + "properties": { + "action": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The action of IP ACL rule." + }, + "value": { + "type": "string", + "description": "Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed." + } + }, + "required": [ + "value" + ], + "description": "IP rule with specific IP or IP range in CIDR format." + }, + "KeyPolicy": { + "type": "object", + "properties": { + "keyExpirationPeriodInDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The key expiration period in days." + } + }, + "required": [ + "keyExpirationPeriodInDays" + ], + "description": "KeyPolicy assigned to the storage account." + }, + "KeyVaultProperties": { + "type": "object", + "properties": { + "keyname": { + "type": "string", + "description": "The name of KeyVault key." + }, + "keyvaulturi": { + "type": "string", + "description": "The Uri of KeyVault." + }, + "keyversion": { + "type": "string", + "description": "The version of KeyVault key." + } + }, + "description": "Properties of key vault." + }, + "LastAccessTimeTrackingPolicy": { + "type": "object", + "properties": { + "blobType": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of predefined supported blob types. Only blockBlob is the supported value. This field is currently read only" + }, + "enable": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "When set to true last access time based tracking is enabled." + }, + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AccessTimeTracking" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Name of the policy. The valid value is AccessTimeTracking. This field is currently read only." + }, + "trackingGranularityInDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The field specifies blob object tracking granularity in days, typically how often the blob object should be tracked.This field is currently read only with value as 1" + } + }, + "required": [ + "enable" + ], + "description": "The blob service properties for Last access time based tracking policy." + }, + "LocalUserProperties": { + "type": "object", + "properties": { + "hasSharedKey": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether shared key exists. Set it to false to remove existing shared key." + }, + "hasSshKey": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether ssh key exists. Set it to false to remove existing SSH key." + }, + "hasSshPassword": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether ssh password exists. Set it to false to remove existing SSH password." + }, + "homeDirectory": { + "type": "string", + "description": "Optional, local user home directory." + }, + "permissionScopes": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PermissionScope" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The permission scopes of the local user." + }, + "sshAuthorizedKeys": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SshPublicKey" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Optional, local user ssh authorized keys for SFTP." + } + }, + "description": "The Storage Account Local User properties." + }, + "ManagementPolicyAction": { + "type": "object", + "properties": { + "baseBlob": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyBaseBlob" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Management policy action for base blob." + }, + "snapshot": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicySnapShot" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Management policy action for snapshot." + }, + "version": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyVersion" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Management policy action for blob version." + } + }, + "description": "Actions are applied to the filtered blobs when the execution condition is met." + }, + "ManagementPolicyBaseBlob": { + "type": "object", + "properties": { + "delete": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterModification" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define the base blob action conditions. Properties daysAfterModificationGreaterThan, daysAfterLastAccessTimeGreaterThan and daysAfterCreationGreaterThan are mutually exclusive. The daysAfterLastTierChangeGreaterThan property is only applicable for tierToArchive actions which requires daysAfterModificationGreaterThan to be set, also it cannot be used in conjunction with daysAfterLastAccessTimeGreaterThan or daysAfterCreationGreaterThan." + }, + "enableAutoTierToHotFromCool": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property enables auto tiering of a blob from cool to hot on a blob access. This property requires tierToCool.daysAfterLastAccessTimeGreaterThan." + }, + "tierToArchive": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterModification" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define the base blob action conditions. Properties daysAfterModificationGreaterThan, daysAfterLastAccessTimeGreaterThan and daysAfterCreationGreaterThan are mutually exclusive. The daysAfterLastTierChangeGreaterThan property is only applicable for tierToArchive actions which requires daysAfterModificationGreaterThan to be set, also it cannot be used in conjunction with daysAfterLastAccessTimeGreaterThan or daysAfterCreationGreaterThan." + }, + "tierToCool": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterModification" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define the base blob action conditions. Properties daysAfterModificationGreaterThan, daysAfterLastAccessTimeGreaterThan and daysAfterCreationGreaterThan are mutually exclusive. The daysAfterLastTierChangeGreaterThan property is only applicable for tierToArchive actions which requires daysAfterModificationGreaterThan to be set, also it cannot be used in conjunction with daysAfterLastAccessTimeGreaterThan or daysAfterCreationGreaterThan." + } + }, + "description": "Management policy action for base blob." + }, + "ManagementPolicyDefinition": { + "type": "object", + "properties": { + "actions": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Actions are applied to the filtered blobs when the execution condition is met." + }, + "filters": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyFilter" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Filters limit rule actions to a subset of blobs within the storage account. If multiple filters are defined, a logical AND is performed on all filters. " + } + }, + "required": [ + "actions" + ], + "description": "An object that defines the Lifecycle rule. Each definition is made up with a filters set and an actions set." + }, + "ManagementPolicyFilter": { + "type": "object", + "properties": { + "blobIndexMatch": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TagFilter" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of blob index tag based filters, there can be at most 10 tag filters" + }, + "blobTypes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of predefined enum values. Currently blockBlob supports all tiering and delete actions. Only delete actions are supported for appendBlob." + }, + "prefixMatch": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An array of strings for prefixes to be match." + } + }, + "required": [ + "blobTypes" + ], + "description": "Filters limit rule actions to a subset of blobs within the storage account. If multiple filters are defined, a logical AND is performed on all filters. " + }, + "ManagementPolicyProperties": { + "type": "object", + "properties": { + "policy": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicySchema" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts." + } + }, + "required": [ + "policy" + ], + "description": "The Storage Account ManagementPolicy properties." + }, + "ManagementPolicyRule": { + "type": "object", + "properties": { + "definition": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyDefinition" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An object that defines the Lifecycle rule. Each definition is made up with a filters set and an actions set." + }, + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Rule is enabled if set to true." + }, + "name": { + "type": "string", + "description": "A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Lifecycle" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The valid value is Lifecycle" + } + }, + "required": [ + "definition", + "name", + "type" + ], + "description": "An object that wraps the Lifecycle rule. Each rule is uniquely defined by name." + }, + "ManagementPolicySchema": { + "type": "object", + "properties": { + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ManagementPolicyRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts." + } + }, + "required": [ + "rules" + ], + "description": "The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts." + }, + "ManagementPolicySnapShot": { + "type": "object", + "properties": { + "delete": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + }, + "tierToArchive": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + }, + "tierToCool": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + } + }, + "description": "Management policy action for snapshot." + }, + "ManagementPolicyVersion": { + "type": "object", + "properties": { + "delete": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + }, + "tierToArchive": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + }, + "tierToCool": { + "oneOf": [ + { + "$ref": "#/definitions/DateAfterCreation" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Object to define snapshot and version action conditions." + } + }, + "description": "Management policy action for blob version." + }, + "Multichannel": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether multichannel is enabled" + } + }, + "description": "Multichannel setting. Applies to Premium FileStorage only." + }, + "NetworkRuleSet": { + "type": "object", + "properties": { + "bypass": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "Logging", + "Metrics", + "AzureServices" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Possible values are any combination of Logging|Metrics|AzureServices (For example, \"Logging, Metrics\"), or None to bypass none of those traffics." + }, + "defaultAction": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow", + "Deny" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the default action of allow or deny when no other rules match." + }, + "ipRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/IPRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the IP ACL rules" + }, + "resourceAccessRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ResourceAccessRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the resource access rules" + }, + "virtualNetworkRules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/VirtualNetworkRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the virtual network rules" + } + }, + "required": [ + "defaultAction" + ], + "description": "Network rule set" + }, + "ObjectReplicationPolicyFilter": { + "type": "object", + "properties": { + "minCreationTime": { + "type": "string", + "description": "Blobs created after the time will be replicated to the destination. It must be in datetime format 'yyyy-MM-ddTHH:mm:ssZ'. Example: 2020-02-19T16:05:00Z" + }, + "prefixMatch": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Optional. Filters the results to replicate only blobs whose names begin with the specified prefix." + } + }, + "description": "Filters limit replication to a subset of blobs within the storage account. A logical OR is performed on values in the filter. If multiple filters are defined, a logical AND is performed on all filters." + }, + "ObjectReplicationPolicyProperties": { + "type": "object", + "properties": { + "destinationAccount": { + "type": "string", + "description": "Required. Destination account name. It should be full resource id if allowCrossTenantReplication set to false." + }, + "rules": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ObjectReplicationPolicyRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account object replication rules." + }, + "sourceAccount": { + "type": "string", + "description": "Required. Source account name. It should be full resource id if allowCrossTenantReplication set to false." + } + }, + "required": [ + "destinationAccount", + "sourceAccount" + ], + "description": "The Storage Account ObjectReplicationPolicy properties." + }, + "ObjectReplicationPolicyRule": { + "type": "object", + "properties": { + "destinationContainer": { + "type": "string", + "description": "Required. Destination container name." + }, + "filters": { + "oneOf": [ + { + "$ref": "#/definitions/ObjectReplicationPolicyFilter" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Filters limit replication to a subset of blobs within the storage account. A logical OR is performed on values in the filter. If multiple filters are defined, a logical AND is performed on all filters." + }, + "ruleId": { + "type": "string", + "description": "Rule Id is auto-generated for each new rule on destination account. It is required for put policy on source account." + }, + "sourceContainer": { + "type": "string", + "description": "Required. Source container name." + } + }, + "required": [ + "destinationContainer", + "sourceContainer" + ], + "description": "The replication policy rule between two containers." + }, + "PermissionScope": { + "type": "object", + "properties": { + "permissions": { + "type": "string", + "description": "The permissions for the local user. Possible values include: Read (r), Write (w), Delete (d), List (l), and Create (c)." + }, + "resourceName": { + "type": "string", + "description": "The name of resource, normally the container name or the file share name, used by the local user." + }, + "service": { + "type": "string", + "description": "The service used by the local user, e.g. blob, file." + } + }, + "required": [ + "permissions", + "resourceName", + "service" + ] + }, + "PrivateEndpoint": { + "type": "object", + "properties": {}, + "description": "The Private Endpoint resource." + }, + "PrivateEndpointConnectionProperties": { + "type": "object", + "properties": { + "privateEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpoint" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Private Endpoint resource." + }, + "privateLinkServiceConnectionState": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceConnectionState" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A collection of information about the state of the connection between service consumer and provider." + }, + "provisioningState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Succeeded", + "Creating", + "Deleting", + "Failed" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The provisioning state of the private endpoint connection resource." + } + }, + "required": [ + "privateLinkServiceConnectionState" + ], + "description": "Properties of the PrivateEndpointConnectProperties." + }, + "PrivateLinkServiceConnectionState": { + "type": "object", + "properties": { + "actionRequired": { + "type": "string", + "description": "A message indicating if changes on the service provider require any updates on the consumer." + }, + "description": { + "type": "string", + "description": "The reason for approval/rejection of the connection." + }, + "status": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Pending", + "Approved", + "Rejected" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether the connection has been Approved/Rejected/Removed by the owner of the service." + } + }, + "description": "A collection of information about the state of the connection between service consumer and provider." + }, + "ProtocolSettings": { + "type": "object", + "properties": { + "smb": { + "oneOf": [ + { + "$ref": "#/definitions/SmbSetting" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Setting for SMB protocol" + } + }, + "description": "Protocol settings for file service" + }, + "QueueProperties": { + "type": "object", + "properties": { + "metadata": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A name-value pair that represents queue metadata." + } + } + }, + "QueueServicePropertiesProperties": { + "type": "object", + "properties": { + "cors": { + "oneOf": [ + { + "$ref": "#/definitions/CorsRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the CORS rules. You can include up to five CorsRule elements in the request. " + } + }, + "description": "The properties of a storage account’s Queue service." + }, + "ResourceAccessRule": { + "type": "object", + "properties": { + "resourceId": { + "type": "string", + "description": "Resource Id" + }, + "tenantId": { + "type": "string", + "description": "Tenant Id" + } + }, + "description": "Resource Access Rule." + }, + "RestorePolicyProperties": { + "type": "object", + "properties": { + "days": { + "oneOf": [ + { + "type": "integer", + "minimum": 1, + "maximum": 365 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "how long this blob can be restored. It should be great than zero and less than DeleteRetentionPolicy.days." + }, + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Blob restore is enabled if set to true." + } + }, + "required": [ + "enabled" + ], + "description": "The blob service properties for blob restore policy" + }, + "RoutingPreference": { + "type": "object", + "properties": { + "publishInternetEndpoints": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean flag which indicates whether internet routing storage endpoints are to be published" + }, + "publishMicrosoftEndpoints": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean flag which indicates whether microsoft routing storage endpoints are to be published" + }, + "routingChoice": { + "oneOf": [ + { + "type": "string", + "enum": [ + "MicrosoftRouting", + "InternetRouting" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Routing Choice defines the kind of network routing opted by the user." + } + }, + "description": "Routing preference defines the type of network, either microsoft or internet routing to be used to deliver the user data, the default option is microsoft routing" + }, + "SasPolicy": { + "type": "object", + "properties": { + "expirationAction": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Log" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The SAS expiration action. Can only be Log." + }, + "sasExpirationPeriod": { + "type": "string", + "description": "The SAS expiration period, DD.HH:MM:SS." + } + }, + "required": [ + "expirationAction", + "sasExpirationPeriod" + ], + "description": "SasPolicy assigned to the storage account." + }, + "SignedIdentifier": { + "type": "object", + "properties": { + "accessPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/AccessPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "id": { + "type": "string", + "description": "An unique identifier of the stored access policy." + } + } + }, + "Sku": { + "type": "object", + "properties": { + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard_LRS", + "Standard_GRS", + "Standard_RAGRS", + "Standard_ZRS", + "Premium_LRS", + "Premium_ZRS", + "Standard_GZRS", + "Standard_RAGZRS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "tier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard", + "Premium" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "required": [ + "name" + ], + "description": "The SKU of the storage account." + }, + "SmbSetting": { + "type": "object", + "properties": { + "authenticationMethods": { + "type": "string", + "description": "SMB authentication methods supported by server. Valid values are NTLMv2, Kerberos. Should be passed as a string with delimiter ';'." + }, + "channelEncryption": { + "type": "string", + "description": "SMB channel encryption supported by server. Valid values are AES-128-CCM, AES-128-GCM, AES-256-GCM. Should be passed as a string with delimiter ';'." + }, + "kerberosTicketEncryption": { + "type": "string", + "description": "Kerberos ticket encryption supported by server. Valid values are RC4-HMAC, AES-256. Should be passed as a string with delimiter ';'" + }, + "multichannel": { + "oneOf": [ + { + "$ref": "#/definitions/Multichannel" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Multichannel setting. Applies to Premium FileStorage only." + }, + "versions": { + "type": "string", + "description": "SMB protocol versions supported by server. Valid values are SMB2.1, SMB3.0, SMB3.1.1. Should be passed as a string with delimiter ';'." + } + }, + "description": "Setting for SMB protocol" + }, + "SshPublicKey": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "Optional. It is used to store the function/usage of the key" + }, + "key": { + "type": "string", + "description": "Ssh public key base64 encoded. The format should be: ' ', e.g. ssh-rsa AAAABBBB" + } + } + }, + "StorageAccountPropertiesCreateParameters": { + "type": "object", + "properties": { + "accessTier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Hot", + "Cool", + "Premium" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Required for storage accounts where kind = BlobStorage. The access tier is used for billing. The 'Premium' access tier is the default value for premium block blobs storage account type and it cannot be changed for the premium block blobs storage account type." + }, + "allowBlobPublicAccess": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property." + }, + "allowCrossTenantReplication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property." + }, + "allowedCopyScope": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PrivateLink", + "AAD" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Restrict copy to and from Storage Accounts within an AAD tenant or with Private Links to the same VNet." + }, + "allowSharedKeyAccess": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true." + }, + "azureFilesIdentityBasedAuthentication": { + "oneOf": [ + { + "$ref": "#/definitions/AzureFilesIdentityBasedAuthentication" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Settings for Azure Files identity based authentication." + }, + "customDomain": { + "oneOf": [ + { + "$ref": "#/definitions/CustomDomain" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The custom domain assigned to this storage account. This can be set via Update." + }, + "defaultToOAuthAuthentication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A boolean flag which indicates whether the default authentication is OAuth or not. The default interpretation is false for this property." + }, + "dnsEndpointType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Standard", + "AzureDnsZone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allows you to specify the type of endpoint. Set this to AzureDNSZone to create a large number of accounts in a single subscription, which creates accounts in an Azure DNS Zone and the endpoint URL will have an alphanumeric DNS Zone identifier." + }, + "encryption": { + "oneOf": [ + { + "$ref": "#/definitions/Encryption" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The encryption settings on the storage account." + }, + "immutableStorageWithVersioning": { + "oneOf": [ + { + "$ref": "#/definitions/ImmutableStorageAccount" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "This property enables and defines account-level immutability. Enabling the feature auto-enables Blob Versioning." + }, + "isHnsEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Account HierarchicalNamespace enabled if sets to true." + }, + "isLocalUserEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enables local users feature, if set to true" + }, + "isNfsV3Enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "NFS 3.0 protocol support enabled if set to true." + }, + "isSftpEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Enables Secure File Transfer Protocol, if set to true" + }, + "keyPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/KeyPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "KeyPolicy assigned to the storage account." + }, + "largeFileSharesState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled." + }, + "minimumTlsVersion": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TLS1_0", + "TLS1_1", + "TLS1_2" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property." + }, + "networkAcls": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkRuleSet" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Network rule set" + }, + "publicNetworkAccess": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow or disallow public network access to Storage Account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'." + }, + "routingPreference": { + "oneOf": [ + { + "$ref": "#/definitions/RoutingPreference" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Routing preference defines the type of network, either microsoft or internet routing to be used to deliver the user data, the default option is microsoft routing" + }, + "sasPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/SasPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SasPolicy assigned to the storage account." + }, + "supportsHttpsTrafficOnly": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01." + } + }, + "description": "The parameters used to create the storage account." + }, + "storageAccounts_blobServices_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob Service within the specified storage account. Blob Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BlobServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Blob service." + }, + "type": { + "type": "string", + "enum": [ + "blobServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices" + }, + "storageAccounts_blobServices_containers_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the blob container within the specified storage account. Blob container names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ContainerProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a container." + }, + "type": { + "type": "string", + "enum": [ + "containers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices/containers" + }, + "storageAccounts_blobServices_containers_immutabilityPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob container immutabilityPolicy within the specified storage account. ImmutabilityPolicy Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ImmutabilityPolicyProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of an ImmutabilityPolicy of a blob container." + }, + "type": { + "type": "string", + "enum": [ + "immutabilityPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/blobServices/containers/immutabilityPolicies" + }, + "storageAccounts_encryptionScopes_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the encryption scope within the specified storage account. Encryption scope names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionScopeProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of the encryption scope." + }, + "type": { + "type": "string", + "enum": [ + "encryptionScopes" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/encryptionScopes" + }, + "storageAccounts_fileServices_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the file Service within the specified storage account. File Service Name must be \"default\"" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FileServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of File services in storage account." + }, + "type": { + "type": "string", + "enum": [ + "fileServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/fileServices" + }, + "storageAccounts_fileServices_shares_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 63, + "description": "The name of the file share within the specified storage account. File share names must be between 3 and 63 characters in length and use numbers, lower-case letters and dash (-) only. Every dash (-) character must be immediately preceded and followed by a letter or number." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FileShareProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the file share." + }, + "type": { + "type": "string", + "enum": [ + "shares" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/fileServices/shares" + }, + "storageAccounts_inventoryPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the storage account blob inventory policy. It should always be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BlobInventoryPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account blob inventory policy properties." + }, + "systemData": { + "oneOf": [ + { + "$ref": "#/definitions/SystemData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Metadata pertaining to creation and last modification of the resource." + }, + "type": { + "type": "string", + "enum": [ + "inventoryPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/inventoryPolicies" + }, + "storageAccounts_localUsers_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 3, + "maxLength": 64, + "description": "The name of local user. The username must contain lowercase letters and numbers only. It must be unique only within the storage account." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LocalUserProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account Local User properties." + }, + "systemData": { + "oneOf": [ + { + "$ref": "#/definitions/SystemData" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Metadata pertaining to creation and last modification of the resource." + }, + "type": { + "type": "string", + "enum": [ + "localUsers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/localUsers" + }, + "storageAccounts_managementPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the Storage Account Management Policy. It should always be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagementPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ManagementPolicy properties." + }, + "type": { + "type": "string", + "enum": [ + "managementPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/managementPolicies" + }, + "storageAccounts_objectReplicationPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "minLength": 1, + "description": "For the destination account, provide the value 'default'. Configure the policy on the destination account first. For the source account, provide the value of the policy ID that is returned when you download the policy that was defined on the destination account. The policy is downloaded as a JSON file." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ObjectReplicationPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Storage Account ObjectReplicationPolicy properties." + }, + "type": { + "type": "string", + "enum": [ + "objectReplicationPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/objectReplicationPolicies" + }, + "storageAccounts_privateEndpointConnections_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection associated with the Azure resource" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of the PrivateEndpointConnectProperties." + }, + "type": { + "type": "string", + "enum": [ + "privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/privateEndpointConnections" + }, + "storageAccounts_queueServices_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the Queue Service within the specified storage account. Queue Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/QueueServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Queue service." + }, + "type": { + "type": "string", + "enum": [ + "queueServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/queueServices" + }, + "storageAccounts_queueServices_queues_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[a-z0-9]([a-z0-9]|(-(?!-))){1,61}[a-z0-9]$", + "minLength": 3, + "maxLength": 63 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A queue name must be unique within a storage account and must be between 3 and 63 characters.The name must comprise of lowercase alphanumeric and dash(-) characters only, it should begin and end with an alphanumeric character and it cannot have two consecutive dash(-) characters." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/QueueProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "queues" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/queueServices/queues" + }, + "storageAccounts_tableServices_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the Table Service within the specified storage account. Table Service Name must be 'default'" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TableServicePropertiesProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a storage account’s Table service." + }, + "type": { + "type": "string", + "enum": [ + "tableServices" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/tableServices" + }, + "storageAccounts_tableServices_tables_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2021-09-01" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[A-Za-z][A-Za-z0-9]{2,62}$", + "minLength": 3, + "maxLength": 63 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "A table name must be unique within a storage account and must be between 3 and 63 characters.The name must comprise of only alphanumeric characters and it cannot begin with a numeric character." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TableProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "tables" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Storage/storageAccounts/tableServices/tables" + }, + "SystemData": { + "type": "object", + "properties": { + "createdAt": { + "type": "string", + "format": "date-time", + "description": "The timestamp of resource creation (UTC)." + }, + "createdBy": { + "type": "string", + "description": "The identity that created the resource." + }, + "createdByType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Application", + "ManagedIdentity", + "Key" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of identity that created the resource." + }, + "lastModifiedAt": { + "type": "string", + "format": "date-time", + "description": "The timestamp of resource last modification (UTC)" + }, + "lastModifiedBy": { + "type": "string", + "description": "The identity that last modified the resource." + }, + "lastModifiedByType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Application", + "ManagedIdentity", + "Key" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The type of identity that last modified the resource." + } + }, + "description": "Metadata pertaining to creation and last modification of the resource." + }, + "TableAccessPolicy": { + "type": "object", + "properties": { + "expiryTime": { + "type": "string", + "format": "date-time", + "description": "Expiry time of the access policy" + }, + "permission": { + "type": "string", + "description": "Required. List of abbreviated permissions. Supported permission values include 'r','a','u','d'" + }, + "startTime": { + "type": "string", + "format": "date-time", + "description": "Start time of the access policy" + } + }, + "required": [ + "permission" + ], + "description": "Table Access Policy Properties Object." + }, + "TableProperties": { + "type": "object", + "properties": { + "signedIdentifiers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/TableSignedIdentifier" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of stored access policies specified on the table." + } + } + }, + "TableServicePropertiesProperties": { + "type": "object", + "properties": { + "cors": { + "oneOf": [ + { + "$ref": "#/definitions/CorsRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sets the CORS rules. You can include up to five CorsRule elements in the request. " + } + }, + "description": "The properties of a storage account’s Table service." + }, + "TableSignedIdentifier": { + "type": "object", + "properties": { + "accessPolicy": { + "oneOf": [ + { + "$ref": "#/definitions/TableAccessPolicy" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Table Access Policy Properties Object." + }, + "id": { + "type": "string", + "description": "unique-64-character-value of the stored access policy." + } + }, + "required": [ + "id" + ], + "description": "Object to set Table Access Policy." + }, + "TagFilter": { + "type": "object", + "properties": { + "name": { + "type": "string", + "minLength": 1, + "maxLength": 128, + "description": "This is the filter tag name, it can have 1 - 128 characters" + }, + "op": { + "type": "string", + "description": "This is the comparison operator which is used for object comparison and filtering. Only == (equality operator) is currently supported" + }, + "value": { + "type": "string", + "minLength": 0, + "maxLength": 256, + "description": "This is the filter tag value field used for tag based filtering, it can have 0 - 256 characters" + } + }, + "required": [ + "name", + "op", + "value" + ], + "description": "Blob index tag based filtering for blob objects" + }, + "UserAssignedIdentity": { + "type": "object", + "properties": {}, + "description": "UserAssignedIdentity for the resource." + }, + "VirtualNetworkRule": { + "type": "object", + "properties": { + "action": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Allow" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The action of virtual network rule." + }, + "id": { + "type": "string", + "description": "Resource ID of a subnet, for example: /subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Provisioning", + "Deprovisioning", + "Succeeded", + "Failed", + "NetworkSourceDeleted" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Gets the state of virtual network rule." + } + }, + "required": [ + "id" + ], + "description": "Virtual Network rule." + } + } +} \ No newline at end of file diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index 30b8242c98..344da0b20b 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -14875,6 +14875,54 @@ { "$ref": "https://schema.management.azure.com/schemas/2021-08-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_tableServices_tables" }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_blobServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_blobServices_containers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_blobServices_containers_immutabilityPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_encryptionScopes" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_fileServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_fileServices_shares" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_inventoryPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_localUsers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_managementPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_objectReplicationPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_privateEndpointConnections" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_queueServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_queueServices_queues" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_tableServices" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2021-09-01/Microsoft.Storage.json#/resourceDefinitions/storageAccounts_tableServices_tables" + }, { "$ref": "https://schema.management.azure.com/schemas/2019-08-01-preview/Microsoft.StorageCache.json#/resourceDefinitions/caches" },