Azure Cognitive Services Account Customer Managed Key
This page shows how to write Terraform and Azure Resource Manager for Cognitive Services Account Customer Managed Key and write them securely.
azurerm_cognitive_account_customer_managed_key (Terraform)
The Account Customer Managed Key in Cognitive Services can be configured in Terraform with the resource name azurerm_cognitive_account_customer_managed_key
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
An example could not be found in GitHub.
Parameters
The following arguments are supported:
cognitive_account_id
- (Required) The ID of the Cognitive Account. Changing this forces a new resource to be created.key_vault_key_id
- (Required) The ID of the Key Vault Key which should be used to Encrypt the data in this Cognitive Account.identity_client_id
- (Optional) The Client ID of the User Assigned Identity that has access to the key. This property only needs to be specified when there're multiple identities attached to the Cognitive Account.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Cognitive Account.
Explanation in Terraform Registry
Manages a Customer Managed Key for a Cognitive Services Account.
Microsoft.CognitiveServices/accounts (Azure Resource Manager)
The accounts in Microsoft.CognitiveServices can be configured in Azure Resource Manager with the resource name Microsoft.CognitiveServices/accounts
. The following sections describe how to use the resource and its parameters.
Example Usage from GitHub
{
"contentVersion": "1.0.0.0",
"parameters": {
"workbookDisplayName": {
"type": "string",
{
"contentVersion": "1.0.0.0",
"parameters": {
"workbookDisplayName": {
"type": "string",
{
"contentVersion": "1.0.0.0",
"parameters": {
"workbookDisplayName": {
"type": "string",
{
"contentVersion": "1.0.0.0",
"parameters": {
"workbookDisplayName": {
"type": "string",
Parameters
apiVersion
required - stringidentity
optionaltype
optional - stringThe identity type.
userAssignedIdentities
optional - undefinedThe list of user assigned identities associated with the resource. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}
kind
optional - stringThe kind (type) of cognitive service account.
location
optional - stringThe geo-location where the resource lives
name
required - stringThe name of Cognitive Services account.
properties
requiredallowedFqdnList
optional - arrayapiProperties
optionalaadClientId
optional - string(Metrics Advisor Only) The Azure AD Client Id (Application Id).
aadTenantId
optional - string(Metrics Advisor Only) The Azure AD Tenant Id.
additionalProperties
optional - objectUnmatched properties from the message are deserialized this collection
eventHubConnectionString
optional - string(Personalization Only) The flag to enable statistics of Bing Search.
qnaAzureSearchEndpointId
optional - string(QnAMaker Only) The Azure Search endpoint id of QnAMaker.
qnaAzureSearchEndpointKey
optional - string(QnAMaker Only) The Azure Search endpoint key of QnAMaker.
qnaRuntimeEndpoint
optional - string(QnAMaker Only) The runtime endpoint of QnAMaker.
statisticsEnabled
optional - boolean(Bing Search Only) The flag to enable statistics of Bing Search.
storageAccountConnectionString
optional - string(Personalization Only) The storage account connection string.
superUser
optional - string(Metrics Advisor Only) The super user of Metrics Advisor.
websiteName
optional - string(Metrics Advisor Only) The website name of Metrics Advisor.
customSubDomainName
optional - stringOptional subdomain name used for token-based authentication.
disableLocalAuth
optional - booleanencryption
optionalkeySource
optional - stringEnumerates the possible value of keySource for Encryption.
keyVaultProperties
optionalidentityClientId
optional - stringkeyName
optional - stringName of the Key from KeyVault
keyVaultUri
optional - stringUri of KeyVault
keyVersion
optional - stringVersion of the Key from KeyVault
migrationToken
optional - stringResource migration token.
networkAcls
optionaldefaultAction
optional - stringThe default action when no rule from ipRules and from virtualNetworkRules match. This is only used after the bypass property has been evaluated.
ipRules
optional arrayvalue
required - stringAn IPv4 address range in CIDR notation, such as '124.56.78.91' (simple IP address) or '124.56.78.0/24' (all addresses that start with 124.56.78).
virtualNetworkRules
optional arrayid
required - stringFull resource id of a vnet subnet, such as '/subscriptions/subid/resourceGroups/rg1/providers/Microsoft.Network/virtualNetworks/test-vnet/subnets/subnet1'.
ignoreMissingVnetServiceEndpoint
optional - booleanIgnore missing vnet service endpoint or not.
state
optional - stringGets the state of virtual network rule.
publicNetworkAccess
optional - stringWhether or not public endpoint access is allowed for this account. Value is optional but if passed in, must be 'Enabled' or 'Disabled'.
restore
optional - booleanrestrictOutboundNetworkAccess
optional - booleanuserOwnedStorage
optional arrayidentityClientId
optional - stringresourceId
optional - stringFull resource id of a Microsoft.Storage resource.
sku
optionalcapacity
optional - integerIf the SKU supports scale out/in then the capacity integer should be included. If scale out/in is not possible for the resource this may be omitted.
family
optional - stringIf the service has different generations of hardware, for the same SKU, then that can be captured here.
name
required - stringThe name of the SKU. Ex - P3. It is typically a letter+number code
size
optional - stringThe SKU size. When the name field is the combination of tier and some other value, this would be the standalone code.
tier
optional - stringThis field is required to be implemented by the Resource Provider if the service has more than one tier, but is not required on a PUT.
tags
optional - stringResource tags.
type
required - string