Docs
PackagesWe recommend using Azure Native.
azure.synapse.Workspace
Explore with Pulumi AI
Manages a Synapse Workspace.
Example Usage
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("exampleAccount", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
AccountKind = "StorageV2",
IsHnsEnabled = true,
});
var exampleDataLakeGen2Filesystem = new Azure.Storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", new()
{
StorageAccountId = exampleAccount.Id,
});
var exampleWorkspace = new Azure.Synapse.Workspace("exampleWorkspace", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
StorageDataLakeGen2FilesystemId = exampleDataLakeGen2Filesystem.Id,
SqlAdministratorLogin = "sqladminuser",
SqlAdministratorLoginPassword = "H@Sh1CoR3!",
AadAdmin = new Azure.Synapse.Inputs.WorkspaceAadAdminArgs
{
Login = "AzureAD Admin",
ObjectId = "00000000-0000-0000-0000-000000000000",
TenantId = "00000000-0000-0000-0000-000000000000",
},
Identity = new Azure.Synapse.Inputs.WorkspaceIdentityArgs
{
Type = "SystemAssigned",
},
Tags =
{
{ "Env", "production" },
},
});
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/synapse"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "exampleAccount", &storage.AccountArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
AccountKind: pulumi.String("StorageV2"),
IsHnsEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
exampleDataLakeGen2Filesystem, err := storage.NewDataLakeGen2Filesystem(ctx, "exampleDataLakeGen2Filesystem", &storage.DataLakeGen2FilesystemArgs{
StorageAccountId: exampleAccount.ID(),
})
if err != nil {
return err
}
_, err = synapse.NewWorkspace(ctx, "exampleWorkspace", &synapse.WorkspaceArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
StorageDataLakeGen2FilesystemId: exampleDataLakeGen2Filesystem.ID(),
SqlAdministratorLogin: pulumi.String("sqladminuser"),
SqlAdministratorLoginPassword: pulumi.String("H@Sh1CoR3!"),
AadAdmin: &synapse.WorkspaceAadAdminTypeArgs{
Login: pulumi.String("AzureAD Admin"),
ObjectId: pulumi.String("00000000-0000-0000-0000-000000000000"),
TenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
},
Identity: &synapse.WorkspaceIdentityArgs{
Type: pulumi.String("SystemAssigned"),
},
Tags: pulumi.StringMap{
"Env": pulumi.String("production"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.DataLakeGen2Filesystem;
import com.pulumi.azure.storage.DataLakeGen2FilesystemArgs;
import com.pulumi.azure.synapse.Workspace;
import com.pulumi.azure.synapse.WorkspaceArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceAadAdminArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.accountKind("StorageV2")
.isHnsEnabled("true")
.build());
var exampleDataLakeGen2Filesystem = new DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", DataLakeGen2FilesystemArgs.builder()
.storageAccountId(exampleAccount.id())
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.storageDataLakeGen2FilesystemId(exampleDataLakeGen2Filesystem.id())
.sqlAdministratorLogin("sqladminuser")
.sqlAdministratorLoginPassword("H@Sh1CoR3!")
.aadAdmin(WorkspaceAadAdminArgs.builder()
.login("AzureAD Admin")
.objectId("00000000-0000-0000-0000-000000000000")
.tenantId("00000000-0000-0000-0000-000000000000")
.build())
.identity(WorkspaceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.tags(Map.of("Env", "production"))
.build());
}
}
import pulumi
import pulumi_azure as azure
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_account = azure.storage.Account("exampleAccount",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
account_tier="Standard",
account_replication_type="LRS",
account_kind="StorageV2",
is_hns_enabled=True)
example_data_lake_gen2_filesystem = azure.storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", storage_account_id=example_account.id)
example_workspace = azure.synapse.Workspace("exampleWorkspace",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
storage_data_lake_gen2_filesystem_id=example_data_lake_gen2_filesystem.id,
sql_administrator_login="sqladminuser",
sql_administrator_login_password="H@Sh1CoR3!",
aad_admin=azure.synapse.WorkspaceAadAdminArgs(
login="AzureAD Admin",
object_id="00000000-0000-0000-0000-000000000000",
tenant_id="00000000-0000-0000-0000-000000000000",
),
identity=azure.synapse.WorkspaceIdentityArgs(
type="SystemAssigned",
),
tags={
"Env": "production",
})
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleAccount = new azure.storage.Account("exampleAccount", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
accountTier: "Standard",
accountReplicationType: "LRS",
accountKind: "StorageV2",
isHnsEnabled: true,
});
const exampleDataLakeGen2Filesystem = new azure.storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", {storageAccountId: exampleAccount.id});
const exampleWorkspace = new azure.synapse.Workspace("exampleWorkspace", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
storageDataLakeGen2FilesystemId: exampleDataLakeGen2Filesystem.id,
sqlAdministratorLogin: "sqladminuser",
sqlAdministratorLoginPassword: "H@Sh1CoR3!",
aadAdmin: {
login: "AzureAD Admin",
objectId: "00000000-0000-0000-0000-000000000000",
tenantId: "00000000-0000-0000-0000-000000000000",
},
identity: {
type: "SystemAssigned",
},
tags: {
Env: "production",
},
});
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
properties:
location: West Europe
exampleAccount:
type: azure:storage:Account
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
accountTier: Standard
accountReplicationType: LRS
accountKind: StorageV2
isHnsEnabled: 'true'
exampleDataLakeGen2Filesystem:
type: azure:storage:DataLakeGen2Filesystem
properties:
storageAccountId: ${exampleAccount.id}
exampleWorkspace:
type: azure:synapse:Workspace
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
storageDataLakeGen2FilesystemId: ${exampleDataLakeGen2Filesystem.id}
sqlAdministratorLogin: sqladminuser
sqlAdministratorLoginPassword: H@Sh1CoR3!
aadAdmin:
login: AzureAD Admin
objectId: 00000000-0000-0000-0000-000000000000
tenantId: 00000000-0000-0000-0000-000000000000
identity:
type: SystemAssigned
tags:
Env: production
Creating A Workspace With Customer Managed Key And Azure AD Admin
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var current = Azure.Core.GetClientConfig.Invoke();
var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
{
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("exampleAccount", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
AccountKind = "StorageV2",
IsHnsEnabled = true,
});
var exampleDataLakeGen2Filesystem = new Azure.Storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", new()
{
StorageAccountId = exampleAccount.Id,
});
var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new()
{
Location = exampleResourceGroup.Location,
ResourceGroupName = exampleResourceGroup.Name,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
SkuName = "standard",
PurgeProtectionEnabled = true,
});
var deployer = new Azure.KeyVault.AccessPolicy("deployer", new()
{
KeyVaultId = exampleKeyVault.Id,
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
KeyPermissions = new[]
{
"Create",
"Get",
"Delete",
"Purge",
"GetRotationPolicy",
},
});
var exampleKey = new Azure.KeyVault.Key("exampleKey", new()
{
KeyVaultId = exampleKeyVault.Id,
KeyType = "RSA",
KeySize = 2048,
KeyOpts = new[]
{
"unwrapKey",
"wrapKey",
},
}, new CustomResourceOptions
{
DependsOn = new[]
{
deployer,
},
});
var exampleWorkspace = new Azure.Synapse.Workspace("exampleWorkspace", new()
{
ResourceGroupName = exampleResourceGroup.Name,
Location = exampleResourceGroup.Location,
StorageDataLakeGen2FilesystemId = exampleDataLakeGen2Filesystem.Id,
SqlAdministratorLogin = "sqladminuser",
SqlAdministratorLoginPassword = "H@Sh1CoR3!",
CustomerManagedKey = new Azure.Synapse.Inputs.WorkspaceCustomerManagedKeyArgs
{
KeyVersionlessId = exampleKey.VersionlessId,
KeyName = "enckey",
},
Identity = new Azure.Synapse.Inputs.WorkspaceIdentityArgs
{
Type = "SystemAssigned",
},
Tags =
{
{ "Env", "production" },
},
});
var workspacePolicy = new Azure.KeyVault.AccessPolicy("workspacePolicy", new()
{
KeyVaultId = exampleKeyVault.Id,
TenantId = exampleWorkspace.Identity.Apply(identity => identity?.TenantId),
ObjectId = exampleWorkspace.Identity.Apply(identity => identity?.PrincipalId),
KeyPermissions = new[]
{
"Get",
"WrapKey",
"UnwrapKey",
},
});
var exampleWorkspaceKey = new Azure.Synapse.WorkspaceKey("exampleWorkspaceKey", new()
{
CustomerManagedKeyVersionlessId = exampleKey.VersionlessId,
SynapseWorkspaceId = exampleWorkspace.Id,
Active = true,
CustomerManagedKeyName = "enckey",
}, new CustomResourceOptions
{
DependsOn = new[]
{
workspacePolicy,
},
});
var exampleWorkspaceAadAdmin = new Azure.Synapse.WorkspaceAadAdmin("exampleWorkspaceAadAdmin", new()
{
SynapseWorkspaceId = exampleWorkspace.Id,
Login = "AzureAD Admin",
ObjectId = "00000000-0000-0000-0000-000000000000",
TenantId = "00000000-0000-0000-0000-000000000000",
}, new CustomResourceOptions
{
DependsOn = new[]
{
exampleWorkspaceKey,
},
});
});
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/synapse"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := core.GetClientConfig(ctx, nil, nil)
if err != nil {
return err
}
exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "exampleAccount", &storage.AccountArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
AccountKind: pulumi.String("StorageV2"),
IsHnsEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
exampleDataLakeGen2Filesystem, err := storage.NewDataLakeGen2Filesystem(ctx, "exampleDataLakeGen2Filesystem", &storage.DataLakeGen2FilesystemArgs{
StorageAccountId: exampleAccount.ID(),
})
if err != nil {
return err
}
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{
Location: exampleResourceGroup.Location,
ResourceGroupName: exampleResourceGroup.Name,
TenantId: *pulumi.String(current.TenantId),
SkuName: pulumi.String("standard"),
PurgeProtectionEnabled: pulumi.Bool(true),
})
if err != nil {
return err
}
deployer, err := keyvault.NewAccessPolicy(ctx, "deployer", &keyvault.AccessPolicyArgs{
KeyVaultId: exampleKeyVault.ID(),
TenantId: *pulumi.String(current.TenantId),
ObjectId: *pulumi.String(current.ObjectId),
KeyPermissions: pulumi.StringArray{
pulumi.String("Create"),
pulumi.String("Get"),
pulumi.String("Delete"),
pulumi.String("Purge"),
pulumi.String("GetRotationPolicy"),
},
})
if err != nil {
return err
}
exampleKey, err := keyvault.NewKey(ctx, "exampleKey", &keyvault.KeyArgs{
KeyVaultId: exampleKeyVault.ID(),
KeyType: pulumi.String("RSA"),
KeySize: pulumi.Int(2048),
KeyOpts: pulumi.StringArray{
pulumi.String("unwrapKey"),
pulumi.String("wrapKey"),
},
}, pulumi.DependsOn([]pulumi.Resource{
deployer,
}))
if err != nil {
return err
}
exampleWorkspace, err := synapse.NewWorkspace(ctx, "exampleWorkspace", &synapse.WorkspaceArgs{
ResourceGroupName: exampleResourceGroup.Name,
Location: exampleResourceGroup.Location,
StorageDataLakeGen2FilesystemId: exampleDataLakeGen2Filesystem.ID(),
SqlAdministratorLogin: pulumi.String("sqladminuser"),
SqlAdministratorLoginPassword: pulumi.String("H@Sh1CoR3!"),
CustomerManagedKey: &synapse.WorkspaceCustomerManagedKeyArgs{
KeyVersionlessId: exampleKey.VersionlessId,
KeyName: pulumi.String("enckey"),
},
Identity: &synapse.WorkspaceIdentityArgs{
Type: pulumi.String("SystemAssigned"),
},
Tags: pulumi.StringMap{
"Env": pulumi.String("production"),
},
})
if err != nil {
return err
}
workspacePolicy, err := keyvault.NewAccessPolicy(ctx, "workspacePolicy", &keyvault.AccessPolicyArgs{
KeyVaultId: exampleKeyVault.ID(),
TenantId: exampleWorkspace.Identity.ApplyT(func(identity synapse.WorkspaceIdentity) (*string, error) {
return &identity.TenantId, nil
}).(pulumi.StringPtrOutput),
ObjectId: exampleWorkspace.Identity.ApplyT(func(identity synapse.WorkspaceIdentity) (*string, error) {
return &identity.PrincipalId, nil
}).(pulumi.StringPtrOutput),
KeyPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("WrapKey"),
pulumi.String("UnwrapKey"),
},
})
if err != nil {
return err
}
exampleWorkspaceKey, err := synapse.NewWorkspaceKey(ctx, "exampleWorkspaceKey", &synapse.WorkspaceKeyArgs{
CustomerManagedKeyVersionlessId: exampleKey.VersionlessId,
SynapseWorkspaceId: exampleWorkspace.ID(),
Active: pulumi.Bool(true),
CustomerManagedKeyName: pulumi.String("enckey"),
}, pulumi.DependsOn([]pulumi.Resource{
workspacePolicy,
}))
if err != nil {
return err
}
_, err = synapse.NewWorkspaceAadAdmin(ctx, "exampleWorkspaceAadAdmin", &synapse.WorkspaceAadAdminArgs{
SynapseWorkspaceId: exampleWorkspace.ID(),
Login: pulumi.String("AzureAD Admin"),
ObjectId: pulumi.String("00000000-0000-0000-0000-000000000000"),
TenantId: pulumi.String("00000000-0000-0000-0000-000000000000"),
}, pulumi.DependsOn([]pulumi.Resource{
exampleWorkspaceKey,
}))
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.DataLakeGen2Filesystem;
import com.pulumi.azure.storage.DataLakeGen2FilesystemArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.synapse.Workspace;
import com.pulumi.azure.synapse.WorkspaceArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceCustomerManagedKeyArgs;
import com.pulumi.azure.synapse.inputs.WorkspaceIdentityArgs;
import com.pulumi.azure.synapse.WorkspaceKey;
import com.pulumi.azure.synapse.WorkspaceKeyArgs;
import com.pulumi.azure.synapse.WorkspaceAadAdmin;
import com.pulumi.azure.synapse.WorkspaceAadAdminArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.accountKind("StorageV2")
.isHnsEnabled("true")
.build());
var exampleDataLakeGen2Filesystem = new DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", DataLakeGen2FilesystemArgs.builder()
.storageAccountId(exampleAccount.id())
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("standard")
.purgeProtectionEnabled(true)
.build());
var deployer = new AccessPolicy("deployer", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Create",
"Get",
"Delete",
"Purge",
"GetRotationPolicy")
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"unwrapKey",
"wrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(deployer)
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.resourceGroupName(exampleResourceGroup.name())
.location(exampleResourceGroup.location())
.storageDataLakeGen2FilesystemId(exampleDataLakeGen2Filesystem.id())
.sqlAdministratorLogin("sqladminuser")
.sqlAdministratorLoginPassword("H@Sh1CoR3!")
.customerManagedKey(WorkspaceCustomerManagedKeyArgs.builder()
.keyVersionlessId(exampleKey.versionlessId())
.keyName("enckey")
.build())
.identity(WorkspaceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.tags(Map.of("Env", "production"))
.build());
var workspacePolicy = new AccessPolicy("workspacePolicy", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(exampleWorkspace.identity().applyValue(identity -> identity.tenantId()))
.objectId(exampleWorkspace.identity().applyValue(identity -> identity.principalId()))
.keyPermissions(
"Get",
"WrapKey",
"UnwrapKey")
.build());
var exampleWorkspaceKey = new WorkspaceKey("exampleWorkspaceKey", WorkspaceKeyArgs.builder()
.customerManagedKeyVersionlessId(exampleKey.versionlessId())
.synapseWorkspaceId(exampleWorkspace.id())
.active(true)
.customerManagedKeyName("enckey")
.build(), CustomResourceOptions.builder()
.dependsOn(workspacePolicy)
.build());
var exampleWorkspaceAadAdmin = new WorkspaceAadAdmin("exampleWorkspaceAadAdmin", WorkspaceAadAdminArgs.builder()
.synapseWorkspaceId(exampleWorkspace.id())
.login("AzureAD Admin")
.objectId("00000000-0000-0000-0000-000000000000")
.tenantId("00000000-0000-0000-0000-000000000000")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleWorkspaceKey)
.build());
}
}
import pulumi
import pulumi_azure as azure
current = azure.core.get_client_config()
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_account = azure.storage.Account("exampleAccount",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
account_tier="Standard",
account_replication_type="LRS",
account_kind="StorageV2",
is_hns_enabled=True)
example_data_lake_gen2_filesystem = azure.storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", storage_account_id=example_account.id)
example_key_vault = azure.keyvault.KeyVault("exampleKeyVault",
location=example_resource_group.location,
resource_group_name=example_resource_group.name,
tenant_id=current.tenant_id,
sku_name="standard",
purge_protection_enabled=True)
deployer = azure.keyvault.AccessPolicy("deployer",
key_vault_id=example_key_vault.id,
tenant_id=current.tenant_id,
object_id=current.object_id,
key_permissions=[
"Create",
"Get",
"Delete",
"Purge",
"GetRotationPolicy",
])
example_key = azure.keyvault.Key("exampleKey",
key_vault_id=example_key_vault.id,
key_type="RSA",
key_size=2048,
key_opts=[
"unwrapKey",
"wrapKey",
],
opts=pulumi.ResourceOptions(depends_on=[deployer]))
example_workspace = azure.synapse.Workspace("exampleWorkspace",
resource_group_name=example_resource_group.name,
location=example_resource_group.location,
storage_data_lake_gen2_filesystem_id=example_data_lake_gen2_filesystem.id,
sql_administrator_login="sqladminuser",
sql_administrator_login_password="H@Sh1CoR3!",
customer_managed_key=azure.synapse.WorkspaceCustomerManagedKeyArgs(
key_versionless_id=example_key.versionless_id,
key_name="enckey",
),
identity=azure.synapse.WorkspaceIdentityArgs(
type="SystemAssigned",
),
tags={
"Env": "production",
})
workspace_policy = azure.keyvault.AccessPolicy("workspacePolicy",
key_vault_id=example_key_vault.id,
tenant_id=example_workspace.identity.tenant_id,
object_id=example_workspace.identity.principal_id,
key_permissions=[
"Get",
"WrapKey",
"UnwrapKey",
])
example_workspace_key = azure.synapse.WorkspaceKey("exampleWorkspaceKey",
customer_managed_key_versionless_id=example_key.versionless_id,
synapse_workspace_id=example_workspace.id,
active=True,
customer_managed_key_name="enckey",
opts=pulumi.ResourceOptions(depends_on=[workspace_policy]))
example_workspace_aad_admin = azure.synapse.WorkspaceAadAdmin("exampleWorkspaceAadAdmin",
synapse_workspace_id=example_workspace.id,
login="AzureAD Admin",
object_id="00000000-0000-0000-0000-000000000000",
tenant_id="00000000-0000-0000-0000-000000000000",
opts=pulumi.ResourceOptions(depends_on=[example_workspace_key]))
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const current = azure.core.getClientConfig({});
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleAccount = new azure.storage.Account("exampleAccount", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
accountTier: "Standard",
accountReplicationType: "LRS",
accountKind: "StorageV2",
isHnsEnabled: true,
});
const exampleDataLakeGen2Filesystem = new azure.storage.DataLakeGen2Filesystem("exampleDataLakeGen2Filesystem", {storageAccountId: exampleAccount.id});
const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", {
location: exampleResourceGroup.location,
resourceGroupName: exampleResourceGroup.name,
tenantId: current.then(current => current.tenantId),
skuName: "standard",
purgeProtectionEnabled: true,
});
const deployer = new azure.keyvault.AccessPolicy("deployer", {
keyVaultId: exampleKeyVault.id,
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
keyPermissions: [
"Create",
"Get",
"Delete",
"Purge",
"GetRotationPolicy",
],
});
const exampleKey = new azure.keyvault.Key("exampleKey", {
keyVaultId: exampleKeyVault.id,
keyType: "RSA",
keySize: 2048,
keyOpts: [
"unwrapKey",
"wrapKey",
],
}, {
dependsOn: [deployer],
});
const exampleWorkspace = new azure.synapse.Workspace("exampleWorkspace", {
resourceGroupName: exampleResourceGroup.name,
location: exampleResourceGroup.location,
storageDataLakeGen2FilesystemId: exampleDataLakeGen2Filesystem.id,
sqlAdministratorLogin: "sqladminuser",
sqlAdministratorLoginPassword: "H@Sh1CoR3!",
customerManagedKey: {
keyVersionlessId: exampleKey.versionlessId,
keyName: "enckey",
},
identity: {
type: "SystemAssigned",
},
tags: {
Env: "production",
},
});
const workspacePolicy = new azure.keyvault.AccessPolicy("workspacePolicy", {
keyVaultId: exampleKeyVault.id,
tenantId: exampleWorkspace.identity.apply(identity => identity?.tenantId),
objectId: exampleWorkspace.identity.apply(identity => identity?.principalId),
keyPermissions: [
"Get",
"WrapKey",
"UnwrapKey",
],
});
const exampleWorkspaceKey = new azure.synapse.WorkspaceKey("exampleWorkspaceKey", {
customerManagedKeyVersionlessId: exampleKey.versionlessId,
synapseWorkspaceId: exampleWorkspace.id,
active: true,
customerManagedKeyName: "enckey",
}, {
dependsOn: [workspacePolicy],
});
const exampleWorkspaceAadAdmin = new azure.synapse.WorkspaceAadAdmin("exampleWorkspaceAadAdmin", {
synapseWorkspaceId: exampleWorkspace.id,
login: "AzureAD Admin",
objectId: "00000000-0000-0000-0000-000000000000",
tenantId: "00000000-0000-0000-0000-000000000000",
}, {
dependsOn: [exampleWorkspaceKey],
});
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
properties:
location: West Europe
exampleAccount:
type: azure:storage:Account
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
accountTier: Standard
accountReplicationType: LRS
accountKind: StorageV2
isHnsEnabled: 'true'
exampleDataLakeGen2Filesystem:
type: azure:storage:DataLakeGen2Filesystem
properties:
storageAccountId: ${exampleAccount.id}
exampleKeyVault:
type: azure:keyvault:KeyVault
properties:
location: ${exampleResourceGroup.location}
resourceGroupName: ${exampleResourceGroup.name}
tenantId: ${current.tenantId}
skuName: standard
purgeProtectionEnabled: true
deployer:
type: azure:keyvault:AccessPolicy
properties:
keyVaultId: ${exampleKeyVault.id}
tenantId: ${current.tenantId}
objectId: ${current.objectId}
keyPermissions:
- Create
- Get
- Delete
- Purge
- GetRotationPolicy
exampleKey:
type: azure:keyvault:Key
properties:
keyVaultId: ${exampleKeyVault.id}
keyType: RSA
keySize: 2048
keyOpts:
- unwrapKey
- wrapKey
options:
dependson:
- ${deployer}
exampleWorkspace:
type: azure:synapse:Workspace
properties:
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
storageDataLakeGen2FilesystemId: ${exampleDataLakeGen2Filesystem.id}
sqlAdministratorLogin: sqladminuser
sqlAdministratorLoginPassword: H@Sh1CoR3!
customerManagedKey:
keyVersionlessId: ${exampleKey.versionlessId}
keyName: enckey
identity:
type: SystemAssigned
tags:
Env: production
workspacePolicy:
type: azure:keyvault:AccessPolicy
properties:
keyVaultId: ${exampleKeyVault.id}
tenantId: ${exampleWorkspace.identity.tenantId}
objectId: ${exampleWorkspace.identity.principalId}
keyPermissions:
- Get
- WrapKey
- UnwrapKey
exampleWorkspaceKey:
type: azure:synapse:WorkspaceKey
properties:
customerManagedKeyVersionlessId: ${exampleKey.versionlessId}
synapseWorkspaceId: ${exampleWorkspace.id}
active: true
customerManagedKeyName: enckey
options:
dependson:
- ${workspacePolicy}
exampleWorkspaceAadAdmin:
type: azure:synapse:WorkspaceAadAdmin
properties:
synapseWorkspaceId: ${exampleWorkspace.id}
login: AzureAD Admin
objectId: 00000000-0000-0000-0000-000000000000
tenantId: 00000000-0000-0000-0000-000000000000
options:
dependson:
- ${exampleWorkspaceKey}
variables:
current:
fn::invoke:
Function: azure:core:getClientConfig
Arguments: {}
Create Workspace Resource
new Workspace(name: string, args: WorkspaceArgs, opts?: CustomResourceOptions);@overload
def Workspace(resource_name: str,
opts: Optional[ResourceOptions] = None,
aad_admin: Optional[WorkspaceAadAdminArgs] = None,
azure_devops_repo: Optional[WorkspaceAzureDevopsRepoArgs] = None,
compute_subnet_id: Optional[str] = None,
customer_managed_key: Optional[WorkspaceCustomerManagedKeyArgs] = None,
data_exfiltration_protection_enabled: Optional[bool] = None,
github_repo: Optional[WorkspaceGithubRepoArgs] = None,
identity: Optional[WorkspaceIdentityArgs] = None,
linking_allowed_for_aad_tenant_ids: Optional[Sequence[str]] = None,
location: Optional[str] = None,
managed_resource_group_name: Optional[str] = None,
managed_virtual_network_enabled: Optional[bool] = None,
name: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
purview_id: Optional[str] = None,
resource_group_name: Optional[str] = None,
sql_aad_admin: Optional[WorkspaceSqlAadAdminArgs] = None,
sql_administrator_login: Optional[str] = None,
sql_administrator_login_password: Optional[str] = None,
sql_identity_control_enabled: Optional[bool] = None,
storage_data_lake_gen2_filesystem_id: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None)
@overload
def Workspace(resource_name: str,
args: WorkspaceArgs,
opts: Optional[ResourceOptions] = None)func NewWorkspace(ctx *Context, name string, args WorkspaceArgs, opts ...ResourceOption) (*Workspace, error)public Workspace(string name, WorkspaceArgs args, CustomResourceOptions? opts = null)
public Workspace(String name, WorkspaceArgs args)
public Workspace(String name, WorkspaceArgs args, CustomResourceOptions options)
type: azure:synapse:Workspace
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WorkspaceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args WorkspaceArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args WorkspaceArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args WorkspaceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args WorkspaceArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Workspace Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Workspace resource accepts the following input properties:
- Resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- Azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- Compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- Customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- Data
Exfiltration boolProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- Github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- Identity
Workspace
Identity An
identityblock as defined below.- Linking
Allowed List<string>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- Location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- Managed
Virtual boolNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- Name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- Purview
Id string The ID of purview account.
- Sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- Sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- Sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- Sql
Identity boolControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Dictionary<string, string>
A mapping of tags which should be assigned to the Synapse Workspace.
- Resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Aad
Admin WorkspaceAad Admin Type Args An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- Azure
Devops WorkspaceRepo Azure Devops Repo Args An
azure_devops_repoblock as defined below.- Compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- Customer
Managed WorkspaceKey Customer Managed Key Args A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- Data
Exfiltration boolProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- Github
Repo WorkspaceGithub Repo Args A
github_repoblock as defined below.- Identity
Workspace
Identity Args An
identityblock as defined below.- Linking
Allowed []stringFor Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- Location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- Managed
Virtual boolNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- Name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- Purview
Id string The ID of purview account.
- Sql
Aad WorkspaceAdmin Sql Aad Admin Type Args An
sql_aad_adminblock as defined below.- Sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- Sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- Sql
Identity boolControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- map[string]string
A mapping of tags which should be assigned to the Synapse Workspace.
- resource
Group StringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- storage
Data StringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- compute
Subnet StringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration BooleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- identity
Workspace
Identity An
identityblock as defined below.- linking
Allowed List<String>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location String
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource StringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual BooleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name String
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id String The ID of purview account.
- sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- sql
Administrator StringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator StringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity BooleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Map<String,String>
A mapping of tags which should be assigned to the Synapse Workspace.
- resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration booleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- identity
Workspace
Identity An
identityblock as defined below.- linking
Allowed string[]For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual booleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network booleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id string The ID of purview account.
- sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity booleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- {[key: string]: string}
A mapping of tags which should be assigned to the Synapse Workspace.
- resource_
group_ strname Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- storage_
data_ strlake_ gen2_ filesystem_ id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- aad_
admin WorkspaceAad Admin Args An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure_
devops_ Workspacerepo Azure Devops Repo Args An
azure_devops_repoblock as defined below.- compute_
subnet_ strid Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- customer_
managed_ Workspacekey Customer Managed Key Args A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data_
exfiltration_ boolprotection_ enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github_
repo WorkspaceGithub Repo Args A
github_repoblock as defined below.- identity
Workspace
Identity Args An
identityblock as defined below.- linking_
allowed_ Sequence[str]for_ aad_ tenant_ ids Allowed AAD Tenant Ids For Linking.
- location str
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed_
resource_ strgroup_ name Workspace managed resource group. Changing this forces a new resource to be created.
- managed_
virtual_ boolnetwork_ enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name str
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public_
network_ boolaccess_ enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview_
id str The ID of purview account.
- sql_
aad_ Workspaceadmin Sql Aad Admin Args An
sql_aad_adminblock as defined below.- sql_
administrator_ strlogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql_
administrator_ strlogin_ password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql_
identity_ boolcontrol_ enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Mapping[str, str]
A mapping of tags which should be assigned to the Synapse Workspace.
- resource
Group StringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- storage
Data StringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- aad
Admin Property Map An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops Property MapRepo An
azure_devops_repoblock as defined below.- compute
Subnet StringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- customer
Managed Property MapKey A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration BooleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo Property Map A
github_repoblock as defined below.- identity Property Map
An
identityblock as defined below.- linking
Allowed List<String>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location String
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource StringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual BooleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name String
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id String The ID of purview account.
- sql
Aad Property MapAdmin An
sql_aad_adminblock as defined below.- sql
Administrator StringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator StringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity BooleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Map<String>
A mapping of tags which should be assigned to the Synapse Workspace.
Outputs
All input properties are implicitly available as output properties. Additionally, the Workspace resource produces the following output properties:
- Connectivity
Endpoints Dictionary<string, string> A list of Connectivity endpoints for this Synapse Workspace.
- Id string
The provider-assigned unique ID for this managed resource.
- Connectivity
Endpoints map[string]string A list of Connectivity endpoints for this Synapse Workspace.
- Id string
The provider-assigned unique ID for this managed resource.
- connectivity
Endpoints Map<String,String> A list of Connectivity endpoints for this Synapse Workspace.
- id String
The provider-assigned unique ID for this managed resource.
- connectivity
Endpoints {[key: string]: string} A list of Connectivity endpoints for this Synapse Workspace.
- id string
The provider-assigned unique ID for this managed resource.
- connectivity_
endpoints Mapping[str, str] A list of Connectivity endpoints for this Synapse Workspace.
- id str
The provider-assigned unique ID for this managed resource.
- connectivity
Endpoints Map<String> A list of Connectivity endpoints for this Synapse Workspace.
- id String
The provider-assigned unique ID for this managed resource.
Look up Existing Workspace Resource
Get an existing Workspace resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: WorkspaceState, opts?: CustomResourceOptions): Workspace@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aad_admin: Optional[WorkspaceAadAdminArgs] = None,
azure_devops_repo: Optional[WorkspaceAzureDevopsRepoArgs] = None,
compute_subnet_id: Optional[str] = None,
connectivity_endpoints: Optional[Mapping[str, str]] = None,
customer_managed_key: Optional[WorkspaceCustomerManagedKeyArgs] = None,
data_exfiltration_protection_enabled: Optional[bool] = None,
github_repo: Optional[WorkspaceGithubRepoArgs] = None,
identity: Optional[WorkspaceIdentityArgs] = None,
linking_allowed_for_aad_tenant_ids: Optional[Sequence[str]] = None,
location: Optional[str] = None,
managed_resource_group_name: Optional[str] = None,
managed_virtual_network_enabled: Optional[bool] = None,
name: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
purview_id: Optional[str] = None,
resource_group_name: Optional[str] = None,
sql_aad_admin: Optional[WorkspaceSqlAadAdminArgs] = None,
sql_administrator_login: Optional[str] = None,
sql_administrator_login_password: Optional[str] = None,
sql_identity_control_enabled: Optional[bool] = None,
storage_data_lake_gen2_filesystem_id: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None) -> Workspacefunc GetWorkspace(ctx *Context, name string, id IDInput, state *WorkspaceState, opts ...ResourceOption) (*Workspace, error)public static Workspace Get(string name, Input<string> id, WorkspaceState? state, CustomResourceOptions? opts = null)public static Workspace get(String name, Output<String> id, WorkspaceState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- Azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- Compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- Connectivity
Endpoints Dictionary<string, string> A list of Connectivity endpoints for this Synapse Workspace.
- Customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- Data
Exfiltration boolProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- Github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- Identity
Workspace
Identity An
identityblock as defined below.- Linking
Allowed List<string>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- Location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- Managed
Virtual boolNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- Name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- Purview
Id string The ID of purview account.
- Resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- Sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- Sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- Sql
Identity boolControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Dictionary<string, string>
A mapping of tags which should be assigned to the Synapse Workspace.
- Aad
Admin WorkspaceAad Admin Type Args An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- Azure
Devops WorkspaceRepo Azure Devops Repo Args An
azure_devops_repoblock as defined below.- Compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- Connectivity
Endpoints map[string]string A list of Connectivity endpoints for this Synapse Workspace.
- Customer
Managed WorkspaceKey Customer Managed Key Args A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- Data
Exfiltration boolProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- Github
Repo WorkspaceGithub Repo Args A
github_repoblock as defined below.- Identity
Workspace
Identity Args An
identityblock as defined below.- Linking
Allowed []stringFor Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- Location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- Managed
Virtual boolNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- Name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- Public
Network boolAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- Purview
Id string The ID of purview account.
- Resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- Sql
Aad WorkspaceAdmin Sql Aad Admin Type Args An
sql_aad_adminblock as defined below.- Sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- Sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- Sql
Identity boolControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- Storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- map[string]string
A mapping of tags which should be assigned to the Synapse Workspace.
- aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- compute
Subnet StringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- connectivity
Endpoints Map<String,String> A list of Connectivity endpoints for this Synapse Workspace.
- customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration BooleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- identity
Workspace
Identity An
identityblock as defined below.- linking
Allowed List<String>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location String
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource StringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual BooleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name String
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id String The ID of purview account.
- resource
Group StringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- sql
Administrator StringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator StringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity BooleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- storage
Data StringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Map<String,String>
A mapping of tags which should be assigned to the Synapse Workspace.
- aad
Admin WorkspaceAad Admin An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops WorkspaceRepo Azure Devops Repo An
azure_devops_repoblock as defined below.- compute
Subnet stringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- connectivity
Endpoints {[key: string]: string} A list of Connectivity endpoints for this Synapse Workspace.
- customer
Managed WorkspaceKey Customer Managed Key A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration booleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo WorkspaceGithub Repo A
github_repoblock as defined below.- identity
Workspace
Identity An
identityblock as defined below.- linking
Allowed string[]For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location string
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource stringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual booleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name string
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network booleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id string The ID of purview account.
- resource
Group stringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- sql
Aad WorkspaceAdmin Sql Aad Admin An
sql_aad_adminblock as defined below.- sql
Administrator stringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator stringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity booleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- storage
Data stringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- {[key: string]: string}
A mapping of tags which should be assigned to the Synapse Workspace.
- aad_
admin WorkspaceAad Admin Args An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure_
devops_ Workspacerepo Azure Devops Repo Args An
azure_devops_repoblock as defined below.- compute_
subnet_ strid Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- connectivity_
endpoints Mapping[str, str] A list of Connectivity endpoints for this Synapse Workspace.
- customer_
managed_ Workspacekey Customer Managed Key Args A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data_
exfiltration_ boolprotection_ enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github_
repo WorkspaceGithub Repo Args A
github_repoblock as defined below.- identity
Workspace
Identity Args An
identityblock as defined below.- linking_
allowed_ Sequence[str]for_ aad_ tenant_ ids Allowed AAD Tenant Ids For Linking.
- location str
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed_
resource_ strgroup_ name Workspace managed resource group. Changing this forces a new resource to be created.
- managed_
virtual_ boolnetwork_ enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name str
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public_
network_ boolaccess_ enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview_
id str The ID of purview account.
- resource_
group_ strname Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- sql_
aad_ Workspaceadmin Sql Aad Admin Args An
sql_aad_adminblock as defined below.- sql_
administrator_ strlogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql_
administrator_ strlogin_ password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql_
identity_ boolcontrol_ enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- storage_
data_ strlake_ gen2_ filesystem_ id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Mapping[str, str]
A mapping of tags which should be assigned to the Synapse Workspace.
- aad
Admin Property Map An
aad_adminblock as defined below. Conflicts withcustomer_managed_key.- azure
Devops Property MapRepo An
azure_devops_repoblock as defined below.- compute
Subnet StringId Subnet ID used for computes in workspace Changing this forces a new resource to be created.
- connectivity
Endpoints Map<String> A list of Connectivity endpoints for this Synapse Workspace.
- customer
Managed Property MapKey A
customer_managed_keyblock as defined below. Conflicts withaad_admin.- data
Exfiltration BooleanProtection Enabled Is data exfiltration protection enabled in this workspace? If set to
true,managed_virtual_network_enabledmust also be set totrue. Changing this forces a new resource to be created.- github
Repo Property Map A
github_repoblock as defined below.- identity Property Map
An
identityblock as defined below.- linking
Allowed List<String>For Aad Tenant Ids Allowed AAD Tenant Ids For Linking.
- location String
Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.
- managed
Resource StringGroup Name Workspace managed resource group. Changing this forces a new resource to be created.
- managed
Virtual BooleanNetwork Enabled Is Virtual Network enabled for all computes in this workspace? Changing this forces a new resource to be created.
- name String
Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.
- public
Network BooleanAccess Enabled Whether public network access is allowed for the Cognitive Account. Defaults to
true.- purview
Id String The ID of purview account.
- resource
Group StringName Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.
- sql
Aad Property MapAdmin An
sql_aad_adminblock as defined below.- sql
Administrator StringLogin Specifies The login name of the SQL administrator. Changing this forces a new resource to be created. If this is not provided
aad_adminorcustomer_managed_keymust be provided.- sql
Administrator StringLogin Password The Password associated with the
sql_administrator_loginfor the SQL administrator. If this is not providedaad_adminorcustomer_managed_keymust be provided.- sql
Identity BooleanControl Enabled Are pipelines (running as workspace's system assigned identity) allowed to access SQL pools?
- storage
Data StringLake Gen2Filesystem Id Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.
- Map<String>
A mapping of tags which should be assigned to the Synapse Workspace.
Supporting Types
WorkspaceAadAdmin, WorkspaceAadAdminArgs
WorkspaceAzureDevopsRepo, WorkspaceAzureDevopsRepoArgs
- Account
Name string Specifies the Azure DevOps account name.
- Branch
Name string Specifies the collaboration branch of the repository to get code from.
- Project
Name string Specifies the name of the Azure DevOps project.
- Repository
Name string Specifies the name of the git repository.
- Root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- Last
Commit stringId The last commit ID.
- Tenant
Id string the ID of the tenant for the Azure DevOps account.
- Account
Name string Specifies the Azure DevOps account name.
- Branch
Name string Specifies the collaboration branch of the repository to get code from.
- Project
Name string Specifies the name of the Azure DevOps project.
- Repository
Name string Specifies the name of the git repository.
- Root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- Last
Commit stringId The last commit ID.
- Tenant
Id string the ID of the tenant for the Azure DevOps account.
- account
Name String Specifies the Azure DevOps account name.
- branch
Name String Specifies the collaboration branch of the repository to get code from.
- project
Name String Specifies the name of the Azure DevOps project.
- repository
Name String Specifies the name of the git repository.
- root
Folder String Specifies the root folder within the repository. Set to
/for the top level.- last
Commit StringId The last commit ID.
- tenant
Id String the ID of the tenant for the Azure DevOps account.
- account
Name string Specifies the Azure DevOps account name.
- branch
Name string Specifies the collaboration branch of the repository to get code from.
- project
Name string Specifies the name of the Azure DevOps project.
- repository
Name string Specifies the name of the git repository.
- root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- last
Commit stringId The last commit ID.
- tenant
Id string the ID of the tenant for the Azure DevOps account.
- account_
name str Specifies the Azure DevOps account name.
- branch_
name str Specifies the collaboration branch of the repository to get code from.
- project_
name str Specifies the name of the Azure DevOps project.
- repository_
name str Specifies the name of the git repository.
- root_
folder str Specifies the root folder within the repository. Set to
/for the top level.- last_
commit_ strid The last commit ID.
- tenant_
id str the ID of the tenant for the Azure DevOps account.
- account
Name String Specifies the Azure DevOps account name.
- branch
Name String Specifies the collaboration branch of the repository to get code from.
- project
Name String Specifies the name of the Azure DevOps project.
- repository
Name String Specifies the name of the git repository.
- root
Folder String Specifies the root folder within the repository. Set to
/for the top level.- last
Commit StringId The last commit ID.
- tenant
Id String the ID of the tenant for the Azure DevOps account.
WorkspaceCustomerManagedKey, WorkspaceCustomerManagedKeyArgs
- Key
Versionless stringId The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- Key
Name string An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
- Key
Versionless stringId The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- Key
Name string An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
- key
Versionless StringId The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- key
Name String An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
- key
Versionless stringId The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- key
Name string An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
- key_
versionless_ strid The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- key_
name str An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
- key
Versionless StringId The Azure Key Vault Key Versionless ID to be used as the Customer Managed Key (CMK) for double encryption (e.g.
https://example-keyvault.vault.azure.net/type/cmk/).- key
Name String An identifier for the key. Name needs to match the name of the key used with the
azure.synapse.WorkspaceKeyresource. Defaults to "cmk" if not specified.
WorkspaceGithubRepo, WorkspaceGithubRepoArgs
- Account
Name string Specifies the GitHub account name.
- Branch
Name string Specifies the collaboration branch of the repository to get code from.
- Repository
Name string Specifies the name of the git repository.
- Root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- Git
Url string Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- Last
Commit stringId The last commit ID.
- Account
Name string Specifies the GitHub account name.
- Branch
Name string Specifies the collaboration branch of the repository to get code from.
- Repository
Name string Specifies the name of the git repository.
- Root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- Git
Url string Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- Last
Commit stringId The last commit ID.
- account
Name String Specifies the GitHub account name.
- branch
Name String Specifies the collaboration branch of the repository to get code from.
- repository
Name String Specifies the name of the git repository.
- root
Folder String Specifies the root folder within the repository. Set to
/for the top level.- git
Url String Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- last
Commit StringId The last commit ID.
- account
Name string Specifies the GitHub account name.
- branch
Name string Specifies the collaboration branch of the repository to get code from.
- repository
Name string Specifies the name of the git repository.
- root
Folder string Specifies the root folder within the repository. Set to
/for the top level.- git
Url string Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- last
Commit stringId The last commit ID.
- account_
name str Specifies the GitHub account name.
- branch_
name str Specifies the collaboration branch of the repository to get code from.
- repository_
name str Specifies the name of the git repository.
- root_
folder str Specifies the root folder within the repository. Set to
/for the top level.- git_
url str Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- last_
commit_ strid The last commit ID.
- account
Name String Specifies the GitHub account name.
- branch
Name String Specifies the collaboration branch of the repository to get code from.
- repository
Name String Specifies the name of the git repository.
- root
Folder String Specifies the root folder within the repository. Set to
/for the top level.- git
Url String Specifies the GitHub Enterprise host name. For example: https://github.mydomain.com.
Note: You must log in to the Synapse UI to complete the authentication to the GitHub repository.
- last
Commit StringId The last commit ID.
WorkspaceIdentity, WorkspaceIdentityArgs
- Type string
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- Identity
Ids List<string> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- Principal
Id string The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- Tenant
Id string The tenant id of the Azure AD Administrator of this Synapse Workspace.
- Type string
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- Identity
Ids []string Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- Principal
Id string The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- Tenant
Id string The tenant id of the Azure AD Administrator of this Synapse Workspace.
- type String
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id String The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- tenant
Id String The tenant id of the Azure AD Administrator of this Synapse Workspace.
- type string
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- identity
Ids string[] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id string The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- tenant
Id string The tenant id of the Azure AD Administrator of this Synapse Workspace.
- type str
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- identity_
ids Sequence[str] Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal_
id str The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- tenant_
id str The tenant id of the Azure AD Administrator of this Synapse Workspace.
- type String
Specifies the type of Managed Service Identity that should be associated with this Synapse Workspace. Possible values are
SystemAssigned,UserAssignedandSystemAssigned, UserAssigned(to enable both).- identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.
NOTE: This is required when
typeis set toUserAssignedorSystemAssigned, UserAssigned.- principal
Id String The Principal ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
- tenant
Id String The tenant id of the Azure AD Administrator of this Synapse Workspace.
WorkspaceSqlAadAdmin, WorkspaceSqlAadAdminArgs
Import
Synapse Workspace can be imported using the resource id, e.g.
$ pulumi import azure:synapse/workspace:Workspace example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Synapse/workspaces/workspace1
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
azurermTerraform Provider.