From 2e3d27c987d68f113546580b98e6c662e4a48903 Mon Sep 17 00:00:00 2001 From: SDKAuto Date: Fri, 6 Oct 2023 19:32:34 +0000 Subject: [PATCH] CodeGen from PR 26098 in Azure/azure-rest-api-specs Merge f6b17e1c928c5943774c6d265708a8f53b8550f6 into 9d5a9025be2589426419f9e4e2a63a3a1fd1b478 --- schemas/2023-05-01-preview/Microsoft.Sql.json | 12277 ++++++++++++++++ schemas/common/autogeneratedResources.json | 252 + 2 files changed, 12529 insertions(+) create mode 100644 schemas/2023-05-01-preview/Microsoft.Sql.json diff --git a/schemas/2023-05-01-preview/Microsoft.Sql.json b/schemas/2023-05-01-preview/Microsoft.Sql.json new file mode 100644 index 0000000000..5de5a2c0b6 --- /dev/null +++ b/schemas/2023-05-01-preview/Microsoft.Sql.json @@ -0,0 +1,12277 @@ +{ + "id": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#", + "$schema": "http://json-schema.org/draft-04/schema#", + "title": "Microsoft.Sql", + "description": "Microsoft Sql Resource Types", + "resourceDefinitions": { + "instancePools": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the instance pool to be created or updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InstancePoolProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an instance pool." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/instancePools" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/instancePools" + }, + "locations_instanceFailoverGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the failover group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/InstanceFailoverGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a instance failover group." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/locations/instanceFailoverGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/locations/instanceFailoverGroups" + }, + "locations_serverTrustGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the server trust group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerTrustGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server trust group." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/locations/serverTrustGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/locations/serverTrustGroups" + }, + "managedInstances": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/ResourceIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the managed instance." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a managed instance." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/managedInstances_distributedAvailabilityGroups_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_childResource" + }, + { + "$ref": "#/definitions/managedInstances_administrators_childResource" + }, + { + "$ref": "#/definitions/managedInstances_advancedThreatProtectionSettings_childResource" + }, + { + "$ref": "#/definitions/managedInstances_azureADOnlyAuthentications_childResource" + }, + { + "$ref": "#/definitions/managedInstances_dtc_childResource" + }, + { + "$ref": "#/definitions/managedInstances_encryptionProtector_childResource" + }, + { + "$ref": "#/definitions/managedInstances_keys_childResource" + }, + { + "$ref": "#/definitions/managedInstances_privateEndpointConnections_childResource" + }, + { + "$ref": "#/definitions/managedInstances_vulnerabilityAssessments_childResource" + }, + { + "$ref": "#/definitions/managedInstances_dnsAliases_childResource" + }, + { + "$ref": "#/definitions/managedInstances_securityAlertPolicies_childResource" + }, + { + "$ref": "#/definitions/managedInstances_serverConfigurationOptions_childResource" + }, + { + "$ref": "#/definitions/managedInstances_serverTrustCertificates_childResource" + }, + { + "$ref": "#/definitions/managedInstances_sqlAgent_childResource" + }, + { + "$ref": "#/definitions/managedInstances_startStopSchedules_childResource" + } + ] + } + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances" + }, + "managedInstances_administrators": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/ActiveDirectory$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceAdministratorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a managed instance administrator." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/administrators" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/administrators" + }, + "managedInstances_advancedThreatProtectionSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/advancedThreatProtectionSettings" + }, + "managedInstances_azureADOnlyAuthentications": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of server azure active directory only authentication." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceAzureADOnlyAuthProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory only authentication for Managed Instance." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/azureADOnlyAuthentications" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/azureADOnlyAuthentications" + }, + "managedInstances_databases": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the database." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedDatabaseProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The managed database's properties." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/managedInstances_databases_backupShortTermRetentionPolicies_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_advancedThreatProtectionSettings_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_securityAlertPolicies_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_transparentDataEncryption_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_vulnerabilityAssessments_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_backupLongTermRetentionPolicies_childResource" + }, + { + "$ref": "#/definitions/managedInstances_databases_ledgerDigestUploads_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases" + }, + "managedInstances_databases_advancedThreatProtectionSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings" + }, + "managedInstances_databases_backupLongTermRetentionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The policy name. Should always be Default." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceLongTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a long term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies" + }, + "managedInstances_databases_backupShortTermRetentionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The policy name. Should always be \"default\"." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a short term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies" + }, + "managedInstances_databases_ledgerDigestUploads": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Ledger Digest Upload Configurations." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedLedgerDigestUploadsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database ledger digest upload settings." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/ledgerDigestUploads" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/ledgerDigestUploads" + }, + "managedInstances_databases_schemas_tables_columns_sensitivityLabels": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The source of the sensitivity label." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SensitivityLabelProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sensitivity label." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/schemas/tables/columns/sensitivityLabels" + }, + "managedInstances_databases_securityAlertPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies" + }, + "managedInstances_databases_transparentDataEncryption": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the transparent data encryption configuration." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedTransparentDataEncryptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a transparent data encryption." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/transparentDataEncryption" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/transparentDataEncryption" + }, + "managedInstances_databases_vulnerabilityAssessments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments" + }, + "managedInstances_databases_vulnerabilityAssessments_rules_baselines": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "master", + "default" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule)." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/rules/baselines" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments/rules/baselines" + }, + "managedInstances_distributedAvailabilityGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The distributed availability group name." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DistributedAvailabilityGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a distributed availability group." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/distributedAvailabilityGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/distributedAvailabilityGroups" + }, + "managedInstances_dnsAliases": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "createDnsRecord": { + "oneOf": [ + { + "type": "boolean", + "default": true + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not DNS record should be created for this alias." + }, + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/dnsAliases" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/managedInstances/dnsAliases" + }, + "managedInstances_dtc": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the managed instance DTC." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceDtcProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of managed instance DTC." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/dtc" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/dtc" + }, + "managedInstances_encryptionProtector": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the encryption protector to be updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceEncryptionProtectorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for an encryption protector execution." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/encryptionProtector" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/encryptionProtector" + }, + "managedInstances_keys": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the managed instance key to be operated on (updated or created)." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceKeyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for a key execution." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/keys" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/keys" + }, + "managedInstances_privateEndpointConnections": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstancePrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a private endpoint connection." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/privateEndpointConnections" + }, + "managedInstances_restorableDroppedDatabases_backupShortTermRetentionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The policy name. Should always be \"default\"." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a short term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/restorableDroppedDatabases/backupShortTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/restorableDroppedDatabases/backupShortTermRetentionPolicies" + }, + "managedInstances_securityAlertPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/securityAlertPolicies" + }, + "managedInstances_serverConfigurationOptions": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/allowPolybaseExport$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the server configuration option." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerConfigurationOptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of server configuration option." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/serverConfigurationOptions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/serverConfigurationOptions" + }, + "managedInstances_serverTrustCertificates": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Name of of the certificate to upload." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerTrustCertificateProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server trust certificate." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/serverTrustCertificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/serverTrustCertificates" + }, + "managedInstances_sqlAgent": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SqlAgentConfigurationProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sql agent configuration properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/sqlAgent" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/sqlAgent" + }, + "managedInstances_startStopSchedules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Name of the managed instance Start/Stop schedule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/StartStopManagedInstanceScheduleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of managed instance's Start/Stop schedule." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/startStopSchedules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/startStopSchedules" + }, + "managedInstances_vulnerabilityAssessments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a managed instance vulnerability assessment." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/managedInstances/vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/vulnerabilityAssessments" + }, + "servers": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/ResourceIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the server." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_auditingSettings_childResource" + }, + { + "$ref": "#/definitions/servers_extendedAuditingSettings_childResource" + }, + { + "$ref": "#/definitions/servers_databases_childResource" + }, + { + "$ref": "#/definitions/servers_elasticPools_childResource" + }, + { + "$ref": "#/definitions/servers_encryptionProtector_childResource" + }, + { + "$ref": "#/definitions/servers_failoverGroups_childResource" + }, + { + "$ref": "#/definitions/servers_firewallRules_childResource" + }, + { + "$ref": "#/definitions/servers_ipv6FirewallRules_childResource" + }, + { + "$ref": "#/definitions/servers_jobAgents_childResource" + }, + { + "$ref": "#/definitions/servers_outboundFirewallRules_childResource" + }, + { + "$ref": "#/definitions/servers_privateEndpointConnections_childResource" + }, + { + "$ref": "#/definitions/servers_advancedThreatProtectionSettings_childResource" + }, + { + "$ref": "#/definitions/servers_administrators_childResource" + }, + { + "$ref": "#/definitions/servers_azureADOnlyAuthentications_childResource" + }, + { + "$ref": "#/definitions/servers_connectionPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_devOpsAuditingSettings_childResource" + }, + { + "$ref": "#/definitions/servers_dnsAliases_childResource" + }, + { + "$ref": "#/definitions/servers_keys_childResource" + }, + { + "$ref": "#/definitions/servers_securityAlertPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_vulnerabilityAssessments_childResource" + }, + { + "$ref": "#/definitions/servers_sqlVulnerabilityAssessments_childResource" + }, + { + "$ref": "#/definitions/servers_syncAgents_childResource" + }, + { + "$ref": "#/definitions/servers_virtualNetworkRules_childResource" + } + ] + } + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers" + }, + "servers_administrators": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/ActiveDirectory$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of server active directory administrator." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdministratorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory administrator." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/administrators" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/administrators" + }, + "servers_advancedThreatProtectionSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/advancedThreatProtectionSettings" + }, + "servers_auditingSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/auditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/auditingSettings" + }, + "servers_azureADOnlyAuthentications": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of server azure active directory only authentication." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureADOnlyAuthProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory only authentication." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/azureADOnlyAuthentications" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/azureADOnlyAuthentications" + }, + "servers_connectionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the connection policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerConnectionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server connection policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/connectionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/connectionPolicies" + }, + "servers_databases": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the database." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The database's properties." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_databases_backupShortTermRetentionPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_databases_auditingSettings_childResource" + }, + { + "$ref": "#/definitions/servers_databases_extendedAuditingSettings_childResource" + }, + { + "$ref": "#/definitions/servers_databases_dataMaskingPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_databases_advancedThreatProtectionSettings_childResource" + }, + { + "$ref": "#/definitions/servers_databases_extensions_childResource" + }, + { + "$ref": "#/definitions/servers_databases_securityAlertPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_databases_vulnerabilityAssessments_childResource" + }, + { + "$ref": "#/definitions/servers_databases_geoBackupPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_databases_ledgerDigestUploads_childResource" + }, + { + "$ref": "#/definitions/servers_databases_backupLongTermRetentionPolicies_childResource" + }, + { + "$ref": "#/definitions/servers_databases_maintenanceWindows_childResource" + }, + { + "$ref": "#/definitions/servers_databases_syncGroups_childResource" + }, + { + "$ref": "#/definitions/servers_databases_transparentDataEncryption_childResource" + }, + { + "$ref": "#/definitions/servers_databases_workloadGroups_childResource" + } + ] + } + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases" + }, + "servers_databases_advancedThreatProtectionSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/advancedThreatProtectionSettings" + }, + "servers_databases_auditingSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/auditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/auditingSettings" + }, + "servers_databases_backupLongTermRetentionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The policy name. Should always be Default." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BaseLongTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a long term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies" + }, + "servers_databases_backupShortTermRetentionPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The policy name. Should always be \"default\"." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BackupShortTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a short term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies" + }, + "servers_databases_dataMaskingPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the database for which the data masking policy applies." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DataMaskingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database data masking policy." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_databases_dataMaskingPolicies_rules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/dataMaskingPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/dataMaskingPolicies" + }, + "servers_databases_dataMaskingPolicies_rules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the data masking rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DataMaskingRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database data masking rule." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/dataMaskingPolicies/rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/dataMaskingPolicies/rules" + }, + "servers_databases_extendedAuditingSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExtendedDatabaseBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an extended database blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/extendedAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/extendedAuditingSettings" + }, + "servers_databases_extensions": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseExtensionsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Contains the database information after a successful Import, Export, or PolybaseImport" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/extensions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/extensions" + }, + "servers_databases_geoBackupPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the Geo backup policy. This should always be 'Default'." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/GeoBackupPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the geo backup policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/geoBackupPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/geoBackupPolicies" + }, + "servers_databases_ledgerDigestUploads": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LedgerDigestUploadsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database ledger digest upload settings." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/ledgerDigestUploads" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/ledgerDigestUploads" + }, + "servers_databases_maintenanceWindows": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/MaintenanceWindowsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Maintenance windows resource properties." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/maintenanceWindows" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/maintenanceWindows" + }, + "servers_databases_schemas_tables_columns_sensitivityLabels": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The source of the sensitivity label." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SensitivityLabelProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sensitivity label." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/schemas/tables/columns/sensitivityLabels" + }, + "servers_databases_securityAlertPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/securityAlertPolicies" + }, + "servers_databases_sqlVulnerabilityAssessments_baselines": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineListInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_databases_sqlVulnerabilityAssessments_baselines_rules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines" + }, + "servers_databases_sqlVulnerabilityAssessments_baselines_rules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The vulnerability assessment rule ID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines/rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines/rules" + }, + "servers_databases_syncGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sync group." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_databases_syncGroups_syncMembers_childResource" + } + ] + } + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/syncGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/syncGroups" + }, + "servers_databases_syncGroups_syncMembers": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync member." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncMemberProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sync member." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/syncGroups/syncMembers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/syncGroups/syncMembers" + }, + "servers_databases_transparentDataEncryption": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the transparent data encryption configuration." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TransparentDataEncryptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a transparent data encryption." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/transparentDataEncryption" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/transparentDataEncryption" + }, + "servers_databases_vulnerabilityAssessments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments" + }, + "servers_databases_vulnerabilityAssessments_rules_baselines": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "enum": [ + "master", + "default" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment rule baseline (default implies a baseline on a database level rule and master for server level rule)." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/vulnerabilityAssessments/rules/baselines" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments/rules/baselines" + }, + "servers_databases_workloadGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the workload group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/WorkloadGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Workload group definition. For more information look at sys.workload_management_workload_groups (DMV)." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_databases_workloadGroups_workloadClassifiers_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/workloadGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/workloadGroups" + }, + "servers_databases_workloadGroups_workloadClassifiers": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the workload classifier to create/update." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/WorkloadClassifierProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Workload classifier definition. For more information look at sys.workload_management_workload_classifiers (DMV)." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers" + }, + "servers_devOpsAuditingSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/Default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerDevOpsAuditSettingsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server DevOps audit settings." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/devOpsAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/devOpsAuditingSettings" + }, + "servers_dnsAliases": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the server dns alias." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/dnsAliases" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/dnsAliases" + }, + "servers_elasticPools": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the elastic pool." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ElasticPoolProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an elastic pool" + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/elasticPools" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/elasticPools" + }, + "servers_encryptionProtector": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/current$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the encryption protector to be updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionProtectorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for an encryption protector execution." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/encryptionProtector" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/encryptionProtector" + }, + "servers_extendedAuditingSettings": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an extended server blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/extendedAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/extendedAuditingSettings" + }, + "servers_failoverGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the failover group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FailoverGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a failover group." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/failoverGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/failoverGroups" + }, + "servers_firewallRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/firewallRules$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/firewallRules" + ] + }, + "values": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FirewallRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/firewallRules" + }, + "servers_ipv6FirewallRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the firewall rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/IPv6ServerFirewallRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of an IPv6 server firewall rule." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/ipv6FirewallRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/ipv6FirewallRules" + }, + "servers_jobAgents": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/JobAgentIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the job agent to be created or updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobAgentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job agent." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_jobAgents_credentials_childResource" + }, + { + "$ref": "#/definitions/servers_jobAgents_privateEndpoints_childResource" + }, + { + "$ref": "#/definitions/servers_jobAgents_targetGroups_childResource" + }, + { + "$ref": "#/definitions/servers_jobAgents_jobs_childResource" + } + ] + } + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents" + }, + "servers_jobAgents_credentials": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the credential." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobCredentialProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job credential." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/credentials" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/credentials" + }, + "servers_jobAgents_jobs": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the job to get." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_jobAgents_jobs_executions_childResource" + }, + { + "$ref": "#/definitions/servers_jobAgents_jobs_steps_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/jobs" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs" + }, + "servers_jobAgents_jobs_executions": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The job execution id to create the job execution under." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/jobs/executions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs/executions" + }, + "servers_jobAgents_jobs_steps": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the job step." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobStepProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job step." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/jobs/steps" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs/steps" + }, + "servers_jobAgents_privateEndpoints": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobPrivateEndpointProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of job agent private endpoint." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/privateEndpoints" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/privateEndpoints" + }, + "servers_jobAgents_targetGroups": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the target group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobTargetGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of job target group." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/jobAgents/targetGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/targetGroups" + }, + "servers_keys": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the server key to be operated on (updated or created). The key name is required to be in the format of 'vault_key_version'. For example, if the keyId is https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion, then the server key name should be formatted as: YourVaultName_YourKeyName_YourKeyVersion" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerKeyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for a server key execution." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/keys" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/keys" + }, + "servers_outboundFirewallRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/outboundFirewallRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/outboundFirewallRules" + }, + "servers_privateEndpointConnections": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a private endpoint connection." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/privateEndpointConnections" + }, + "servers_securityAlertPolicies": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the threat detection policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/securityAlertPolicies" + }, + "servers_sqlVulnerabilityAssessments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the SQL Vulnerability Assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SqlVulnerabilityAssessmentPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_sqlVulnerabilityAssessments_baselines_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/sqlVulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments" + }, + "servers_sqlVulnerabilityAssessments_baselines": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineListInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "resources": { + "type": "array", + "items": { + "oneOf": [ + { + "$ref": "#/definitions/servers_sqlVulnerabilityAssessments_baselines_rules_childResource" + } + ] + } + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines" + }, + "servers_sqlVulnerabilityAssessments_baselines_rules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The vulnerability assessment rule ID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines/rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines/rules" + }, + "servers_syncAgents": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync agent." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncAgentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Azure SQL Database sync agent." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/syncAgents" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/syncAgents" + }, + "servers_virtualNetworkRules": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the virtual network rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a virtual network rule." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/virtualNetworkRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/virtualNetworkRules" + }, + "servers_vulnerabilityAssessments": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^.*/default$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "Microsoft.Sql/servers/vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/vulnerabilityAssessments" + } + }, + "definitions": { + "AdministratorProperties": { + "type": "object", + "properties": { + "administratorType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ActiveDirectory" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of the sever administrator." + }, + "login": { + "type": "string", + "description": "Login name of the server administrator." + }, + "sid": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SID (object ID) of the server administrator." + }, + "tenantId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Tenant ID of the administrator." + } + }, + "required": [ + "administratorType", + "login", + "sid" + ], + "description": "Properties of a active directory administrator." + }, + "AdvancedThreatProtectionProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "New", + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the Advanced Threat Protection, whether it is enabled or disabled or a state has not been applied yet on the specific database or server." + } + }, + "required": [ + "state" + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "AzureADOnlyAuthProperties": { + "type": "object", + "properties": { + "azureADOnlyAuthentication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory only Authentication enabled." + } + }, + "required": [ + "azureADOnlyAuthentication" + ], + "description": "Properties of a active directory only authentication." + }, + "BackupShortTermRetentionPolicyProperties": { + "type": "object", + "properties": { + "diffBackupIntervalInHours": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The differential backup interval in hours. This is how many interval hours between each differential backup will be supported. This is only applicable to live databases but not dropped databases." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The backup retention period in days. This is how many days Point-in-Time Restore will be supported." + } + }, + "description": "Properties of a short term retention policy" + }, + "BaseLongTermRetentionPolicyProperties": { + "type": "object", + "properties": { + "monthlyRetention": { + "type": "string", + "description": "The monthly retention policy for an LTR backup in an ISO 8601 format." + }, + "weeklyRetention": { + "type": "string", + "description": "The weekly retention policy for an LTR backup in an ISO 8601 format." + }, + "weekOfYear": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The week of year to take the yearly backup in an ISO 8601 format." + }, + "yearlyRetention": { + "type": "string", + "description": "The yearly retention policy for an LTR backup in an ISO 8601 format." + } + }, + "description": "Properties of a long term retention policy" + }, + "DatabaseBlobAuditingPolicyProperties": { + "type": "object", + "properties": { + "auditActionsAndGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)" + }, + "isAzureMonitorTargetEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isManagedIdentityInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether Managed Identity is used to access blob storage" + }, + "isStorageSecondaryKeyInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key." + }, + "queueDelayMs": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the audit logs in the storage account." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)" + }, + "storageAccountSubscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the blob storage subscription Id." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required." + } + }, + "required": [ + "state" + ], + "description": "Properties of a database blob auditing policy." + }, + "DatabaseExtensionsProperties": { + "type": "object", + "properties": { + "administratorLogin": { + "type": "string", + "description": "Administrator login name." + }, + "administratorLoginPassword": { + "type": "string", + "description": "Administrator login password." + }, + "authenticationType": { + "type": "string", + "description": "Authentication type: SQL authentication or AD password." + }, + "databaseEdition": { + "type": "string", + "description": "Database edition for the newly created database in the case of an import operation." + }, + "maxSizeBytes": { + "type": "string", + "description": "Database max size in bytes for the newly created database in the case of an import operation." + }, + "networkIsolation": { + "oneOf": [ + { + "$ref": "#/definitions/NetworkIsolationSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Contains the ARM resources for which to create private endpoint connection." + }, + "operationMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "PolybaseImport", + "Import", + "Export" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Operation mode of the operation: Import, Export, or PolybaseImport." + }, + "serviceObjectiveName": { + "type": "string", + "description": "Database service level objective for the newly created database in the case of an import operation." + }, + "storageKey": { + "type": "string", + "description": "Storage key for the storage account." + }, + "storageKeyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SharedAccessKey", + "StorageAccessKey" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Storage key type: StorageAccessKey or SharedAccessKey." + }, + "storageUri": { + "type": "string", + "description": "Storage Uri for the storage account." + } + }, + "required": [ + "operationMode", + "storageKey", + "storageKeyType", + "storageUri" + ], + "description": "Contains the database information after a successful Import, Export, or PolybaseImport" + }, + "DatabaseIdentity": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identity type." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/DatabaseUserIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The resource ids of the user assigned identities to use" + } + }, + "description": "Azure Active Directory identity configuration for a resource." + }, + "DatabaseKey": { + "type": "object", + "properties": {}, + "description": "Database level key used for encryption at rest." + }, + "DatabaseProperties": { + "type": "object", + "properties": { + "autoPauseDelay": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled" + }, + "availabilityZone": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NoPreference", + "1", + "2", + "3" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the availability zone the database is pinned to." + }, + "catalogCollation": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DATABASE_DEFAULT", + "SQL_Latin1_General_CP1_CI_AS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Collation of the metadata catalog." + }, + "collation": { + "type": "string", + "description": "The collation of the database." + }, + "createMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "Copy", + "Secondary", + "PointInTimeRestore", + "Restore", + "Recovery", + "RestoreExternalBackup", + "RestoreExternalBackupSecondary", + "RestoreLongTermRetentionBackup", + "OnlineSecondary" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the mode of database creation.\r\n\r\nDefault: regular database creation.\r\n\r\nCopy: creates a database as a copy of an existing database. sourceDatabaseId must be specified as the resource ID of the source database.\r\n\r\nSecondary: creates a database as a secondary replica of an existing database. sourceDatabaseId must be specified as the resource ID of the existing primary database.\r\n\r\nPointInTimeRestore: Creates a database by restoring a point in time backup of an existing database. sourceDatabaseId must be specified as the resource ID of the existing database, and restorePointInTime must be specified.\r\n\r\nRecovery: Creates a database by restoring a geo-replicated backup. sourceDatabaseId must be specified as the recoverable database resource ID to restore.\r\n\r\nRestore: Creates a database by restoring a backup of a deleted database. sourceDatabaseId must be specified. If sourceDatabaseId is the database's original resource ID, then sourceDatabaseDeletionDate must be specified. Otherwise sourceDatabaseId must be the restorable dropped database resource ID and sourceDatabaseDeletionDate is ignored. restorePointInTime may also be specified to restore from an earlier point in time.\r\n\r\nRestoreLongTermRetentionBackup: Creates a database by restoring from a long term retention vault. recoveryServicesRecoveryPointResourceId must be specified as the recovery point resource ID.\r\n\r\nCopy, Secondary, and RestoreLongTermRetentionBackup are not supported for DataWarehouse edition." + }, + "elasticPoolId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the elastic pool containing this database." + }, + "encryptionProtector": { + "type": "string", + "description": "The azure key vault URI of the database if it's configured with per Database Customer Managed Keys." + }, + "encryptionProtectorAutoRotation": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The flag to enable or disable auto rotation of database encryption protector AKV key." + }, + "federatedClientId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Client id used for cross tenant per database CMK scenario" + }, + "freeLimitExhaustionBehavior": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AutoPause", + "BillOverUsage" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the behavior when monthly free limits are exhausted for the free database.\r\n\r\nAutoPause: The database will be auto paused upon exhaustion of free limits for remainder of the month.\r\n\r\nBillForUsage: The database will continue to be online upon exhaustion of free limits and any overage will be billed." + }, + "highAvailabilityReplicaCount": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The number of secondary replicas associated with the database that are used to provide high availability. Not applicable to a Hyperscale database within an elastic pool." + }, + "isLedgerOn": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not this database is a ledger database, which means all tables in the database are ledger tables. Note: the value of this property cannot be changed after the database has been created." + }, + "keys": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/DatabaseKey" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The resource ids of the user assigned identities to use" + }, + "licenseType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LicenseIncluded", + "BasePrice" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The license type to apply for this database. `LicenseIncluded` if you need a license, or `BasePrice` if you have a license and are eligible for the Azure Hybrid Benefit." + }, + "longTermRetentionBackupResourceId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the long term retention backup associated with create operation of this database." + }, + "maintenanceConfigurationId": { + "type": "string", + "description": "Maintenance configuration id assigned to the database. This configuration defines the period when the maintenance updates will occur." + }, + "manualCutover": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not customer controlled manual cutover needs to be done during Update Database operation to Hyperscale tier.\r\n\r\nThis property is only applicable when scaling database from Business Critical/General Purpose/Premium/Standard tier to Hyperscale tier.\r\n\r\nWhen manualCutover is specified, the scaling operation will wait for user input to trigger cutover to Hyperscale database.\r\n\r\nTo trigger cutover, please provide 'performCutover' parameter when the Scaling operation is in Waiting state." + }, + "maxSizeBytes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The max size of the database expressed in bytes." + }, + "minCapacity": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Minimal capacity that database will always have allocated, if not paused" + }, + "performCutover": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "To trigger customer controlled manual cutover during the wait state while Scaling operation is in progress.\r\n\r\nThis property parameter is only applicable for scaling operations that are initiated along with 'manualCutover' parameter.\r\n\r\nThis property is only applicable when scaling database from Business Critical/General Purpose/Premium/Standard tier to Hyperscale tier is already in progress.\r\n\r\nWhen performCutover is specified, the scaling operation will trigger cutover and perform role-change to Hyperscale database." + }, + "preferredEnclaveType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "VBS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of enclave requested on the database i.e. Default or VBS enclaves." + }, + "readScale": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The state of read-only routing. If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica in the same region. Not applicable to a Hyperscale database within an elastic pool." + }, + "recoverableDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the recoverable database associated with create operation of this database." + }, + "recoveryServicesRecoveryPointId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the recovery point associated with create operation of this database." + }, + "requestedBackupStorageRedundancy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Geo", + "Local", + "Zone", + "GeoZone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account type to be used to store backups for this database." + }, + "restorableDroppedDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the restorable dropped database associated with create operation of this database." + }, + "restorePointInTime": { + "type": "string", + "format": "date-time", + "description": "Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database." + }, + "sampleName": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AdventureWorksLT", + "WideWorldImportersStd", + "WideWorldImportersFull" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The name of the sample schema to apply when creating this database." + }, + "secondaryType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Geo", + "Named", + "Standby" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The secondary type of the database if it is a secondary. Valid values are Geo, Named and Standby." + }, + "sourceDatabaseDeletionDate": { + "type": "string", + "format": "date-time", + "description": "Specifies the time that the database was deleted." + }, + "sourceDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the source database associated with create operation of this database." + }, + "sourceResourceId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the source associated with the create operation of this database.\r\n\r\nThis property is only supported for DataWarehouse edition and allows to restore across subscriptions.\r\n\r\nWhen sourceResourceId is specified, sourceDatabaseId, recoverableDatabaseId, restorableDroppedDatabaseId and sourceDatabaseDeletionDate must not be specified and CreateMode must be PointInTimeRestore, Restore or Recover.\r\n\r\nWhen createMode is PointInTimeRestore, sourceResourceId must be the resource ID of the existing database or existing sql pool, and restorePointInTime must be specified.\r\n\r\nWhen createMode is Restore, sourceResourceId must be the resource ID of restorable dropped database or restorable dropped sql pool.\r\n\r\nWhen createMode is Recover, sourceResourceId must be the resource ID of recoverable database or recoverable sql pool.\r\n\r\nWhen source subscription belongs to a different tenant than target subscription, “x-ms-authorization-auxiliary” header must contain authentication token for the source tenant. For more details about “x-ms-authorization-auxiliary” header see https://docs.microsoft.com/en-us/azure/azure-resource-manager/management/authenticate-multi-tenant " + }, + "useFreeLimit": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not the database uses free monthly limits. Allowed on one database in a subscription." + }, + "zoneRedundant": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones." + } + }, + "description": "The database's properties." + }, + "DatabaseSqlVulnerabilityAssessmentRuleBaselineInputProperties": { + "type": "object", + "properties": { + "latestScan": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The latest scan flag" + }, + "results": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string" + } + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The rule baseline result" + } + }, + "required": [ + "latestScan", + "results" + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "DatabaseSqlVulnerabilityAssessmentRuleBaselineListInputProperties": { + "type": "object", + "properties": { + "latestScan": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The latest scan flag" + }, + "results": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "array", + "items": { + "type": "array", + "items": { + "type": "string" + } + } + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The rule baseline result list" + } + }, + "required": [ + "latestScan", + "results" + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "DatabaseUserIdentity": { + "type": "object", + "properties": {}, + "description": "Azure Active Directory identity configuration for a resource." + }, + "DatabaseVulnerabilityAssessmentProperties": { + "type": "object", + "properties": { + "recurringScans": { + "oneOf": [ + { + "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a Vulnerability Assessment recurring scans." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + }, + "storageContainerPath": { + "type": "string", + "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/). It is required if server level vulnerability assessment policy doesn't set" + }, + "storageContainerSasKey": { + "type": "string", + "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + } + }, + "description": "Properties of a database Vulnerability Assessment." + }, + "DatabaseVulnerabilityAssessmentRuleBaselineItem": { + "type": "object", + "properties": { + "result": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The rule baseline result" + } + }, + "required": [ + "result" + ], + "description": "Properties for an Azure SQL Database Vulnerability Assessment rule baseline's result." + }, + "DatabaseVulnerabilityAssessmentRuleBaselineProperties": { + "type": "object", + "properties": { + "baselineResults": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentRuleBaselineItem" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The rule baseline result" + } + }, + "required": [ + "baselineResults" + ], + "description": "Properties of a database Vulnerability Assessment rule baseline." + }, + "DataMaskingPolicyProperties": { + "type": "object", + "properties": { + "dataMaskingState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The state of the data masking policy." + }, + "exemptPrincipals": { + "type": "string", + "description": "The list of the exempt principals. Specifies the semicolon-separated list of database users for which the data masking policy does not apply. The specified users receive data results without masking for all of the database queries." + } + }, + "required": [ + "dataMaskingState" + ], + "description": "The properties of a database data masking policy." + }, + "DataMaskingRuleProperties": { + "type": "object", + "properties": { + "aliasName": { + "type": "string", + "description": "The alias name. This is a legacy parameter and is no longer used." + }, + "columnName": { + "type": "string", + "description": "The column name on which the data masking rule is applied." + }, + "maskingFunction": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "CCN", + "Email", + "Number", + "SSN", + "Text" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The masking function that is used for the data masking rule." + }, + "numberFrom": { + "type": "string", + "description": "The numberFrom property of the masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "numberTo": { + "type": "string", + "description": "The numberTo property of the data masking rule. Required if maskingFunction is set to Number, otherwise this parameter will be ignored." + }, + "prefixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked in the beginning of the string. Otherwise, this parameter will be ignored." + }, + "replacementString": { + "type": "string", + "description": "If maskingFunction is set to Text, the character to use for masking the unexposed part of the string. Otherwise, this parameter will be ignored." + }, + "ruleState": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The rule state. Used to delete a rule. To delete an existing rule, specify the schemaName, tableName, columnName, maskingFunction, and specify ruleState as disabled. However, if the rule doesn't already exist, the rule will be created with ruleState set to enabled, regardless of the provided value of ruleState." + }, + "schemaName": { + "type": "string", + "description": "The schema name on which the data masking rule is applied." + }, + "suffixSize": { + "type": "string", + "description": "If maskingFunction is set to Text, the number of characters to show unmasked at the end of the string. Otherwise, this parameter will be ignored." + }, + "tableName": { + "type": "string", + "description": "The table name on which the data masking rule is applied." + } + }, + "required": [ + "columnName", + "maskingFunction", + "schemaName", + "tableName" + ], + "description": "The properties of a database data masking rule." + }, + "DistributedAvailabilityGroupDatabase": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The name of the database in link" + } + }, + "description": "Database specific information" + }, + "DistributedAvailabilityGroupProperties": { + "type": "object", + "properties": { + "databases": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/DistributedAvailabilityGroupDatabase" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Databases in the distributed availability group" + }, + "failoverMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "Manual" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The link failover mode - can be Manual if intended to be used for two-way failover with a supported SQL Server, or None for one-way failover to Azure." + }, + "instanceAvailabilityGroupName": { + "type": "string", + "description": "Managed instance side availability group name" + }, + "instanceLinkRole": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Primary", + "Secondary" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Managed instance side link role." + }, + "partnerAvailabilityGroupName": { + "type": "string", + "description": "SQL server side availability group name" + }, + "partnerEndpoint": { + "type": "string", + "description": "SQL server side endpoint - IP or DNS resolvable name" + }, + "replicationMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Async", + "Sync" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Replication mode of the link." + }, + "seedingMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Automatic", + "Manual" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Database seeding mode – can be Automatic (default), or Manual for supported scenarios." + } + }, + "description": "The properties of a distributed availability group." + }, + "ElasticPoolPerDatabaseSettings": { + "type": "object", + "properties": { + "autoPauseDelay": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Auto Pause Delay for per database within pool" + }, + "maxCapacity": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The maximum capacity any one database can consume." + }, + "minCapacity": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The minimum capacity all databases are guaranteed." + } + }, + "description": "Per database settings of an elastic pool." + }, + "ElasticPoolProperties": { + "type": "object", + "properties": { + "autoPauseDelay": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Time in minutes after which elastic pool is automatically paused. A value of -1 means that automatic pause is disabled" + }, + "availabilityZone": { + "oneOf": [ + { + "type": "string", + "enum": [ + "NoPreference", + "1", + "2", + "3" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the availability zone the pool's primary replica is pinned to." + }, + "highAvailabilityReplicaCount": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The number of secondary replicas associated with the elastic pool that are used to provide high availability. Applicable only to Hyperscale elastic pools." + }, + "licenseType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LicenseIncluded", + "BasePrice" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The license type to apply for this elastic pool." + }, + "maintenanceConfigurationId": { + "type": "string", + "description": "Maintenance configuration id assigned to the elastic pool. This configuration defines the period when the maintenance updates will will occur." + }, + "maxSizeBytes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage limit for the database elastic pool in bytes." + }, + "minCapacity": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Minimal capacity that serverless pool will not shrink below, if not paused" + }, + "perDatabaseSettings": { + "oneOf": [ + { + "$ref": "#/definitions/ElasticPoolPerDatabaseSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Per database settings of an elastic pool." + }, + "preferredEnclaveType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "VBS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of enclave requested on the elastic pool." + }, + "zoneRedundant": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not this elastic pool is zone redundant, which means the replicas of this elastic pool will be spread across multiple availability zones." + } + }, + "description": "Properties of an elastic pool" + }, + "EncryptionProtectorProperties": { + "type": "object", + "properties": { + "autoRotationEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Key auto rotation opt-in flag. Either true or false." + }, + "serverKeyName": { + "type": "string", + "description": "The name of the server key." + }, + "serverKeyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ServiceManaged", + "AzureKeyVault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The encryption protector type like 'ServiceManaged', 'AzureKeyVault'." + } + }, + "required": [ + "serverKeyType" + ], + "description": "Properties for an encryption protector execution." + }, + "ExtendedDatabaseBlobAuditingPolicyProperties": { + "type": "object", + "properties": { + "auditActionsAndGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)" + }, + "isAzureMonitorTargetEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isManagedIdentityInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether Managed Identity is used to access blob storage" + }, + "isStorageSecondaryKeyInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key." + }, + "predicateExpression": { + "type": "string", + "description": "Specifies condition of where clause when creating an audit." + }, + "queueDelayMs": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the audit logs in the storage account." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)" + }, + "storageAccountSubscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the blob storage subscription Id." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required." + } + }, + "required": [ + "state" + ], + "description": "Properties of an extended database blob auditing policy." + }, + "ExtendedServerBlobAuditingPolicyProperties": { + "type": "object", + "properties": { + "auditActionsAndGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)" + }, + "isAzureMonitorTargetEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isDevopsAuditEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isManagedIdentityInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether Managed Identity is used to access blob storage" + }, + "isStorageSecondaryKeyInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key." + }, + "predicateExpression": { + "type": "string", + "description": "Specifies condition of where clause when creating an audit." + }, + "queueDelayMs": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the audit logs in the storage account." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)" + }, + "storageAccountSubscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the blob storage subscription Id." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required." + } + }, + "required": [ + "state" + ], + "description": "Properties of an extended server blob auditing policy." + }, + "FailoverGroupProperties": { + "type": "object", + "properties": { + "databases": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of databases in the failover group." + }, + "partnerServers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PartnerInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of partner server information for the failover group." + }, + "readOnlyEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/FailoverGroupReadOnlyEndpoint" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Read-only endpoint of the failover group instance." + }, + "readWriteEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/FailoverGroupReadWriteEndpoint" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Read-write endpoint of the failover group instance." + } + }, + "required": [ + "partnerServers", + "readWriteEndpoint" + ], + "description": "Properties of a failover group." + }, + "FailoverGroupReadOnlyEndpoint": { + "type": "object", + "properties": { + "failoverPolicy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Failover policy of the read-only endpoint for the failover group." + }, + "targetServer": { + "type": "string", + "format": "arm-id", + "description": "The target partner server where the read-only endpoint points to." + } + }, + "description": "Read-only endpoint of the failover group instance." + }, + "FailoverGroupReadWriteEndpoint": { + "type": "object", + "properties": { + "failoverPolicy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Manual", + "Automatic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required." + }, + "failoverWithDataLossGracePeriodMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required." + } + }, + "required": [ + "failoverPolicy" + ], + "description": "Read-write endpoint of the failover group instance." + }, + "FirewallRule": { + "type": "object", + "properties": { + "name": { + "type": "string", + "description": "Resource name." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerFirewallRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server firewall rule." + } + }, + "description": "A server firewall rule." + }, + "GeoBackupPolicyProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The state of the geo backup policy." + } + }, + "required": [ + "state" + ], + "description": "The properties of the geo backup policy." + }, + "InstanceFailoverGroupProperties": { + "type": "object", + "properties": { + "managedInstancePairs": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ManagedInstancePairInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of managed instance pairs in the failover group." + }, + "partnerRegions": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/PartnerRegionInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Partner region information for the failover group." + }, + "readOnlyEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/InstanceFailoverGroupReadOnlyEndpoint" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Read-only endpoint of the failover group instance." + }, + "readWriteEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/InstanceFailoverGroupReadWriteEndpoint" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Read-write endpoint of the failover group instance." + }, + "secondaryType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Geo", + "Standby" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of the geo-secondary instance. Set 'Standby' if the instance is used as a DR option only." + } + }, + "required": [ + "managedInstancePairs", + "partnerRegions", + "readWriteEndpoint" + ], + "description": "Properties of a instance failover group." + }, + "InstanceFailoverGroupReadOnlyEndpoint": { + "type": "object", + "properties": { + "failoverPolicy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Disabled", + "Enabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Failover policy of the read-only endpoint for the failover group." + } + }, + "description": "Read-only endpoint of the failover group instance." + }, + "InstanceFailoverGroupReadWriteEndpoint": { + "type": "object", + "properties": { + "failoverPolicy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Manual", + "Automatic" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Failover policy of the read-write endpoint for the failover group. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required." + }, + "failoverWithDataLossGracePeriodMinutes": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Grace period before failover with data loss is attempted for the read-write endpoint. If failoverPolicy is Automatic then failoverWithDataLossGracePeriodMinutes is required." + } + }, + "required": [ + "failoverPolicy" + ], + "description": "Read-write endpoint of the failover group instance." + }, + "InstancePoolProperties": { + "type": "object", + "properties": { + "licenseType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LicenseIncluded", + "BasePrice" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The license type. Possible values are 'LicenseIncluded' (price for SQL license is included) and 'BasePrice' (without SQL license price)." + }, + "maintenanceConfigurationId": { + "type": "string", + "format": "arm-id", + "description": "Specifies maintenance configuration id to apply to this managed instance." + }, + "subnetId": { + "type": "string", + "description": "Resource ID of the subnet to place this instance pool in." + }, + "vCores": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Count of vCores belonging to this instance pool." + } + }, + "required": [ + "licenseType", + "subnetId", + "vCores" + ], + "description": "Properties of an instance pool." + }, + "IPv6ServerFirewallRuleProperties": { + "type": "object", + "properties": { + "endIPv6Address": { + "type": "string", + "description": "The end IP address of the firewall rule. Must be IPv6 format. Must be greater than or equal to startIpAddress." + }, + "startIPv6Address": { + "type": "string", + "description": "The start IP address of the firewall rule. Must be IPv6 format." + } + }, + "description": "The properties of an IPv6 server firewall rule." + }, + "JobAgentIdentity": { + "type": "object", + "properties": { + "tenantId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The job agent identity tenant id" + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssignedUserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The job agent identity type." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/JobAgentUserAssignedIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The resource ids of the user assigned identities to use" + } + }, + "required": [ + "type" + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "JobAgentProperties": { + "type": "object", + "properties": { + "databaseId": { + "type": "string", + "format": "arm-id", + "description": "Resource ID of the database to store job metadata in." + } + }, + "required": [ + "databaseId" + ], + "description": "Properties of a job agent." + }, + "JobAgentUserAssignedIdentity": { + "type": "object", + "properties": {}, + "description": "Azure Active Directory identity configuration for a resource." + }, + "JobCredentialProperties": { + "type": "object", + "properties": { + "password": { + "type": "string", + "description": "The credential password." + }, + "username": { + "type": "string", + "description": "The credential user name." + } + }, + "required": [ + "password", + "username" + ], + "description": "Properties of a job credential." + }, + "JobPrivateEndpointProperties": { + "type": "object", + "properties": { + "targetServerAzureResourceId": { + "type": "string", + "format": "arm-id", + "description": "ARM resource id of the server the private endpoint will target." + } + }, + "required": [ + "targetServerAzureResourceId" + ], + "description": "Properties of job agent private endpoint." + }, + "JobProperties": { + "type": "object", + "properties": { + "description": { + "type": "string", + "default": "", + "description": "User-defined description of the job." + }, + "schedule": { + "oneOf": [ + { + "$ref": "#/definitions/JobSchedule" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Scheduling properties of a job." + } + }, + "description": "Properties of a job." + }, + "JobSchedule": { + "type": "object", + "properties": { + "enabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not the schedule is enabled." + }, + "endTime": { + "type": "string", + "default": "9999-12-31T03:59:59-08:00", + "format": "date-time", + "description": "Schedule end time." + }, + "interval": { + "type": "string", + "description": "Value of the schedule's recurring interval, if the ScheduleType is recurring. ISO8601 duration format." + }, + "startTime": { + "type": "string", + "default": "0001-01-01T16:00:00-08:00", + "format": "date-time", + "description": "Schedule start time." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Once", + "Recurring" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Schedule interval type." + } + }, + "description": "Scheduling properties of a job." + }, + "JobStepAction": { + "type": "object", + "properties": { + "source": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Inline" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The source of the action to execute." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TSql" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of action being executed by the job step." + }, + "value": { + "type": "string", + "description": "The action value, for example the text of the T-SQL script to execute." + } + }, + "required": [ + "value" + ], + "description": "The action to be executed by a job step." + }, + "JobStepExecutionOptions": { + "type": "object", + "properties": { + "initialRetryIntervalSeconds": { + "oneOf": [ + { + "type": "integer", + "default": "1" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Initial delay between retries for job step execution." + }, + "maximumRetryIntervalSeconds": { + "oneOf": [ + { + "type": "integer", + "default": "120" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The maximum amount of time to wait between retries for job step execution." + }, + "retryAttempts": { + "oneOf": [ + { + "type": "integer", + "default": "10" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Maximum number of times the job step will be reattempted if the first attempt fails." + }, + "retryIntervalBackoffMultiplier": { + "oneOf": [ + { + "type": "number", + "default": 2 + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The backoff multiplier for the time between retries." + }, + "timeoutSeconds": { + "oneOf": [ + { + "type": "integer", + "default": "43200" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Execution timeout for the job step." + } + }, + "description": "The execution options of a job step." + }, + "JobStepOutput": { + "type": "object", + "properties": { + "credential": { + "type": "string", + "description": "The resource ID of the credential to use to connect to the output destination." + }, + "databaseName": { + "type": "string", + "description": "The output destination database." + }, + "resourceGroupName": { + "type": "string", + "description": "The output destination resource group." + }, + "schemaName": { + "type": "string", + "default": "dbo", + "description": "The output destination schema." + }, + "serverName": { + "type": "string", + "description": "The output destination server name." + }, + "subscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The output destination subscription id." + }, + "tableName": { + "type": "string", + "description": "The output destination table." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "SqlDatabase" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The output destination type." + } + }, + "required": [ + "databaseName", + "serverName", + "tableName" + ], + "description": "The output configuration of a job step." + }, + "JobStepProperties": { + "type": "object", + "properties": { + "action": { + "oneOf": [ + { + "$ref": "#/definitions/JobStepAction" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The action to be executed by a job step." + }, + "credential": { + "type": "string", + "description": "The resource ID of the job credential that will be used to connect to the targets." + }, + "executionOptions": { + "oneOf": [ + { + "$ref": "#/definitions/JobStepExecutionOptions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The execution options of a job step." + }, + "output": { + "oneOf": [ + { + "$ref": "#/definitions/JobStepOutput" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The output configuration of a job step." + }, + "stepId": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The job step's index within the job. If not specified when creating the job step, it will be created as the last step. If not specified when updating the job step, the step id is not modified." + }, + "targetGroup": { + "type": "string", + "description": "The resource ID of the target group that the job step will be executed on." + } + }, + "required": [ + "action", + "targetGroup" + ], + "description": "Properties of a job step." + }, + "JobTarget": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "The target database name." + }, + "elasticPoolName": { + "type": "string", + "description": "The target elastic pool name." + }, + "membershipType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Include", + "Exclude" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether the target is included or excluded from the group." + }, + "refreshCredential": { + "type": "string", + "description": "The resource ID of the credential that is used during job execution to connect to the target and determine the list of databases inside the target." + }, + "serverName": { + "type": "string", + "description": "The target server name." + }, + "shardMapName": { + "type": "string", + "description": "The target shard map." + }, + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "TargetGroup", + "SqlDatabase", + "SqlElasticPool", + "SqlShardMap", + "SqlServer" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The target type." + } + }, + "required": [ + "type" + ], + "description": "A job target, for example a specific database or a container of databases that is evaluated during job execution." + }, + "JobTargetGroupProperties": { + "type": "object", + "properties": { + "members": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/JobTarget" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Members of the target group." + } + }, + "required": [ + "members" + ], + "description": "Properties of job target group." + }, + "LedgerDigestUploadsProperties": { + "type": "object", + "properties": { + "digestStorageEndpoint": { + "type": "string", + "description": "The digest storage endpoint, which must be either an Azure blob storage endpoint or an URI for Azure Confidential Ledger." + } + }, + "description": "The properties of a database ledger digest upload settings." + }, + "MaintenanceWindowsProperties": { + "type": "object", + "properties": { + "timeRanges": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/MaintenanceWindowTimeRange" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "description": "Maintenance windows resource properties." + }, + "MaintenanceWindowTimeRange": { + "type": "object", + "properties": { + "dayOfWeek": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Sunday", + "Monday", + "Tuesday", + "Wednesday", + "Thursday", + "Friday", + "Saturday" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Day of maintenance window." + }, + "duration": { + "type": "string", + "description": "Duration of maintenance window in minutes." + }, + "startTime": { + "type": "string", + "description": "Start time minutes offset from 12am." + } + }, + "description": "Maintenance window time range." + }, + "ManagedBackupShortTermRetentionPolicyProperties": { + "type": "object", + "properties": { + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The backup retention period in days. This is how many days Point-in-Time Restore will be supported." + } + }, + "description": "Properties of a short term retention policy" + }, + "ManagedDatabaseProperties": { + "type": "object", + "properties": { + "autoCompleteRestore": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether to auto complete restore of this managed database." + }, + "catalogCollation": { + "oneOf": [ + { + "type": "string", + "enum": [ + "DATABASE_DEFAULT", + "SQL_Latin1_General_CP1_CI_AS" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Collation of the metadata catalog." + }, + "collation": { + "type": "string", + "description": "Collation of the managed database." + }, + "createMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "RestoreExternalBackup", + "PointInTimeRestore", + "Recovery", + "RestoreLongTermRetentionBackup" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Managed database create mode. PointInTimeRestore: Create a database by restoring a point in time backup of an existing database. SourceDatabaseName, SourceManagedInstanceName and PointInTime must be specified. RestoreExternalBackup: Create a database by restoring from external backup files. Collation, StorageContainerUri and StorageContainerSasToken must be specified. Recovery: Creates a database by restoring a geo-replicated backup. RecoverableDatabaseId must be specified as the recoverable database resource ID to restore. RestoreLongTermRetentionBackup: Create a database by restoring from a long term retention backup (longTermRetentionBackupResourceId required)." + }, + "crossSubscriptionRestorableDroppedDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The restorable cross-subscription dropped database resource id to restore when creating this database." + }, + "crossSubscriptionSourceDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the cross-subscription source database associated with create operation of this database." + }, + "crossSubscriptionTargetManagedInstanceId": { + "type": "string", + "description": "Target managed instance id used in cross-subscription restore." + }, + "isLedgerOn": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not this database is a ledger database, which means all tables in the database are ledger tables. Note: the value of this property cannot be changed after the database has been created." + }, + "lastBackupName": { + "type": "string", + "description": "Last backup file name for restore of this managed database." + }, + "longTermRetentionBackupResourceId": { + "type": "string", + "format": "arm-id", + "description": "The name of the Long Term Retention backup to be used for restore of this managed database." + }, + "recoverableDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the recoverable database associated with create operation of this database." + }, + "restorableDroppedDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The restorable dropped database resource id to restore when creating this database." + }, + "restorePointInTime": { + "type": "string", + "format": "date-time", + "description": "Conditional. If createMode is PointInTimeRestore, this value is required. Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database." + }, + "sourceDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the source database associated with create operation of this database." + }, + "storageContainerIdentity": { + "type": "string", + "description": "Conditional. If createMode is RestoreExternalBackup, this value is used. Specifies the identity used for storage container authentication. Can be 'SharedAccessSignature' or 'ManagedIdentity'; if not specified 'SharedAccessSignature' is assumed." + }, + "storageContainerSasToken": { + "type": "string", + "description": "Conditional. If createMode is RestoreExternalBackup and storageContainerIdentity is not ManagedIdentity, this value is required. Specifies the storage container sas token." + }, + "storageContainerUri": { + "type": "string", + "description": "Conditional. If createMode is RestoreExternalBackup, this value is required. Specifies the uri of the storage container where backups for this restore are stored." + } + }, + "description": "The managed database's properties." + }, + "ManagedInstanceAdministratorProperties": { + "type": "object", + "properties": { + "administratorType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ActiveDirectory" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of the managed instance administrator." + }, + "login": { + "type": "string", + "description": "Login name of the managed instance administrator." + }, + "sid": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SID (object ID) of the managed instance administrator." + }, + "tenantId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Tenant ID of the managed instance administrator." + } + }, + "required": [ + "administratorType", + "login", + "sid" + ], + "description": "The properties of a managed instance administrator." + }, + "ManagedInstanceAzureADOnlyAuthProperties": { + "type": "object", + "properties": { + "azureADOnlyAuthentication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory only Authentication enabled." + } + }, + "required": [ + "azureADOnlyAuthentication" + ], + "description": "Properties of a active directory only authentication for Managed Instance." + }, + "ManagedInstanceDtcProperties": { + "type": "object", + "properties": { + "dtcEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Active status of managed instance DTC." + }, + "externalDnsSuffixSearchList": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "External dns suffix search list of managed instance DTC." + }, + "securitySettings": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceDtcSecuritySettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Security Settings of managed instance DTC." + } + }, + "description": "The properties of managed instance DTC." + }, + "ManagedInstanceDtcSecuritySettings": { + "type": "object", + "properties": { + "snaLu6point2TransactionsEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow SNA LU 6.2 Transactions to managed instance DTC." + }, + "transactionManagerCommunicationSettings": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceDtcTransactionManagerCommunicationSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Transaction Manager Communication Settings of managed instance DTC." + }, + "xaTransactionsDefaultTimeout": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Default timeout for XA Transactions (in seconds)." + }, + "xaTransactionsEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow XA Transactions to managed instance DTC." + }, + "xaTransactionsMaximumTimeout": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Maximum timeout for XA Transactions (in seconds)." + } + }, + "description": "The Security Settings of managed instance DTC." + }, + "ManagedInstanceDtcTransactionManagerCommunicationSettings": { + "type": "object", + "properties": { + "allowInboundEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow Inbound traffic to managed instance DTC." + }, + "allowOutboundEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Allow Outbound traffic of managed instance DTC." + }, + "authentication": { + "type": "string", + "description": "Authentication type of managed instance DTC." + } + }, + "description": "The Transaction Manager Communication Settings of managed instance DTC." + }, + "ManagedInstanceEncryptionProtectorProperties": { + "type": "object", + "properties": { + "autoRotationEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Key auto rotation opt-in flag. Either true or false." + }, + "serverKeyName": { + "type": "string", + "description": "The name of the managed instance key." + }, + "serverKeyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ServiceManaged", + "AzureKeyVault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The encryption protector type like 'ServiceManaged', 'AzureKeyVault'." + } + }, + "required": [ + "serverKeyType" + ], + "description": "Properties for an encryption protector execution." + }, + "ManagedInstanceExternalAdministrator": { + "type": "object", + "properties": { + "administratorType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ActiveDirectory" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of the sever administrator." + }, + "azureADOnlyAuthentication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory only Authentication enabled." + }, + "login": { + "type": "string", + "description": "Login name of the server administrator." + }, + "principalType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Group", + "Application" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Principal Type of the sever administrator." + }, + "sid": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SID (object ID) of the server administrator." + }, + "tenantId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Tenant ID of the administrator." + } + }, + "description": "Properties of a active directory administrator." + }, + "ManagedInstanceKeyProperties": { + "type": "object", + "properties": { + "serverKeyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ServiceManaged", + "AzureKeyVault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The key type like 'ServiceManaged', 'AzureKeyVault'." + }, + "uri": { + "type": "string", + "description": "The URI of the key. If the ServerKeyType is AzureKeyVault, then the URI is required." + } + }, + "required": [ + "serverKeyType" + ], + "description": "Properties for a key execution." + }, + "ManagedInstanceLongTermRetentionPolicyProperties": { + "type": "object", + "properties": { + "backupStorageAccessTier": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Hot", + "Archive" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The BackupStorageAccessTier for the LTR backups." + }, + "monthlyRetention": { + "type": "string", + "description": "The monthly retention policy for an LTR backup." + }, + "weeklyRetention": { + "type": "string", + "description": "The weekly retention policy for an LTR backup." + }, + "weekOfYear": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The week of year to take the yearly backup." + }, + "yearlyRetention": { + "type": "string", + "description": "The yearly retention policy for an LTR backup." + } + }, + "description": "Properties of a long term retention policy" + }, + "ManagedInstancePairInfo": { + "type": "object", + "properties": { + "partnerManagedInstanceId": { + "type": "string", + "description": "Id of Partner Managed Instance in pair." + }, + "primaryManagedInstanceId": { + "type": "string", + "description": "Id of Primary Managed Instance in pair." + } + }, + "description": "Pairs of Managed Instances in the failover group." + }, + "ManagedInstancePrivateEndpointConnectionProperties": { + "type": "object", + "properties": { + "privateEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstancePrivateEndpointProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "privateLinkServiceConnectionState": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstancePrivateLinkServiceConnectionStateProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "description": "Properties of a private endpoint connection." + }, + "ManagedInstancePrivateEndpointProperty": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource id of the private endpoint." + } + } + }, + "ManagedInstancePrivateLinkServiceConnectionStateProperty": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The private link service connection description." + }, + "status": { + "type": "string", + "description": "The private link service connection status." + } + }, + "required": [ + "description", + "status" + ] + }, + "ManagedInstanceProperties": { + "type": "object", + "properties": { + "administratorLogin": { + "type": "string", + "description": "Administrator username for the managed instance. Can only be specified when the managed instance is being created (and is required for creation)." + }, + "administratorLoginPassword": { + "type": "string", + "description": "The administrator login password (required for managed instance creation)." + }, + "administrators": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceExternalAdministrator" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory administrator." + }, + "authenticationMetadata": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AzureAD", + "Paired", + "Windows" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The managed instance's authentication metadata lookup mode." + }, + "collation": { + "type": "string", + "description": "Collation of the managed instance." + }, + "databaseFormat": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AlwaysUpToDate", + "SQLServer2022" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the internal format of instance databases specific to the SQL engine version." + }, + "dnsZonePartner": { + "type": "string", + "format": "arm-id", + "description": "The resource id of another managed instance whose DNS zone this managed instance will share after creation." + }, + "hybridSecondaryUsage": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Active", + "Passive" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Hybrid secondary usage. Possible values are 'Active' (default value) and 'Passive' (customer uses the secondary as Passive DR)." + }, + "instancePoolId": { + "type": "string", + "description": "The Id of the instance pool this managed server belongs to." + }, + "isGeneralPurposeV2": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not this is a GPv2 variant of General Purpose edition." + }, + "keyId": { + "type": "string", + "description": "A CMK URI of the key to use for encryption." + }, + "licenseType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "LicenseIncluded", + "BasePrice" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The license type. Possible values are 'LicenseIncluded' (regular price inclusive of a new SQL license) and 'BasePrice' (discounted AHB price for bringing your own SQL licenses)." + }, + "maintenanceConfigurationId": { + "type": "string", + "description": "Specifies maintenance configuration id to apply to this managed instance." + }, + "managedInstanceCreateMode": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "PointInTimeRestore" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the mode of database creation.\r\n\r\nDefault: Regular instance creation.\r\n\r\nRestore: Creates an instance by restoring a set of backups to specific point in time. RestorePointInTime and SourceManagedInstanceId must be specified." + }, + "minimalTlsVersion": { + "type": "string", + "description": "Minimal TLS version. Allowed values: 'None', '1.0', '1.1', '1.2'" + }, + "pricingModel": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Regular", + "Freemium" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Weather or not Managed Instance is freemium." + }, + "primaryUserAssignedIdentityId": { + "type": "string", + "format": "arm-id", + "description": "The resource id of a user assigned identity to be used by default." + }, + "proxyOverride": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Proxy", + "Redirect", + "Default" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Connection type used for connecting to the instance." + }, + "publicDataEndpointEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not the public data endpoint is enabled." + }, + "requestedBackupStorageRedundancy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Geo", + "Local", + "Zone", + "GeoZone" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The storage account type to be used to store backups for this instance. The options are Local (LocallyRedundantStorage), Zone (ZoneRedundantStorage), Geo (GeoRedundantStorage) and GeoZone(GeoZoneRedundantStorage)." + }, + "restorePointInTime": { + "type": "string", + "format": "date-time", + "description": "Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database." + }, + "servicePrincipal": { + "oneOf": [ + { + "$ref": "#/definitions/ServicePrincipal" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The managed instance's service principal configuration for a resource." + }, + "sourceManagedInstanceId": { + "type": "string", + "format": "arm-id", + "description": "The resource identifier of the source managed instance associated with create operation of this instance." + }, + "storageIOps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Storage IOps. Minimum value: 120. Maximum value: 120000. Increments of 1 IOps allowed only. Maximum value depends on the selected hardware family and number of vCores." + }, + "storageSizeInGB": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Storage size in GB. Minimum value: 32. Maximum value: 16384. Increments of 32 GB allowed only. Maximum value depends on the selected hardware family and number of vCores." + }, + "storageThroughputMBps": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Storage throughput in MBps. Minimum value: 25. Maximum value: 4000. Increments of 1 MBps allowed only. Maximum value depends on the selected hardware family and number of vCores." + }, + "subnetId": { + "type": "string", + "format": "arm-id", + "description": "Subnet resource ID for the managed instance." + }, + "timezoneId": { + "type": "string", + "description": "Id of the timezone. Allowed values are timezones supported by Windows.\r\nWindows keeps details on supported timezones, including the id, in registry under\r\nKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Time Zones.\r\nYou can get those registry values via SQL Server by querying SELECT name AS timezone_id FROM sys.time_zone_info.\r\nList of Ids can also be obtained by executing [System.TimeZoneInfo]::GetSystemTimeZones() in PowerShell.\r\nAn example of valid timezone id is \"Pacific Standard Time\" or \"W. Europe Standard Time\"." + }, + "vCores": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The number of vCores. Allowed values: 8, 16, 24, 32, 40, 64, 80." + }, + "zoneRedundant": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not the multi-az is enabled." + } + }, + "description": "The properties of a managed instance." + }, + "managedInstances_administrators_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "ActiveDirectory" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceAdministratorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a managed instance administrator." + }, + "type": { + "type": "string", + "enum": [ + "administrators" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/administrators" + }, + "managedInstances_advancedThreatProtectionSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/advancedThreatProtectionSettings" + }, + "managedInstances_azureADOnlyAuthentications_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of server azure active directory only authentication." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceAzureADOnlyAuthProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory only authentication for Managed Instance." + }, + "type": { + "type": "string", + "enum": [ + "azureADOnlyAuthentications" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/azureADOnlyAuthentications" + }, + "managedInstances_databases_advancedThreatProtectionSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/advancedThreatProtectionSettings" + }, + "managedInstances_databases_backupLongTermRetentionPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The policy name. Should always be Default." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceLongTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a long term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "backupLongTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/backupLongTermRetentionPolicies" + }, + "managedInstances_databases_backupShortTermRetentionPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The policy name. Should always be \"default\"." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedBackupShortTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a short term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "backupShortTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/backupShortTermRetentionPolicies" + }, + "managedInstances_databases_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the database." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedDatabaseProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The managed database's properties." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "databases" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases" + }, + "managedInstances_databases_ledgerDigestUploads_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the Ledger Digest Upload Configurations." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedLedgerDigestUploadsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database ledger digest upload settings." + }, + "type": { + "type": "string", + "enum": [ + "ledgerDigestUploads" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/ledgerDigestUploads" + }, + "managedInstances_databases_securityAlertPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/securityAlertPolicies" + }, + "managedInstances_databases_transparentDataEncryption_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the transparent data encryption configuration." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedTransparentDataEncryptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a transparent data encryption." + }, + "type": { + "type": "string", + "enum": [ + "transparentDataEncryption" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/transparentDataEncryption" + }, + "managedInstances_databases_vulnerabilityAssessments_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/databases/vulnerabilityAssessments" + }, + "managedInstances_distributedAvailabilityGroups_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The distributed availability group name." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DistributedAvailabilityGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a distributed availability group." + }, + "type": { + "type": "string", + "enum": [ + "distributedAvailabilityGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/distributedAvailabilityGroups" + }, + "managedInstances_dnsAliases_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "createDnsRecord": { + "oneOf": [ + { + "type": "boolean", + "default": true + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not DNS record should be created for this alias." + }, + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "dnsAliases" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/managedInstances/dnsAliases" + }, + "managedInstances_dtc_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the managed instance DTC." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceDtcProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of managed instance DTC." + }, + "type": { + "type": "string", + "enum": [ + "dtc" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/dtc" + }, + "managedInstances_encryptionProtector_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the encryption protector to be updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceEncryptionProtectorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for an encryption protector execution." + }, + "type": { + "type": "string", + "enum": [ + "encryptionProtector" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/encryptionProtector" + }, + "managedInstances_keys_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the managed instance key to be operated on (updated or created)." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceKeyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for a key execution." + }, + "type": { + "type": "string", + "enum": [ + "keys" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/keys" + }, + "managedInstances_privateEndpointConnections_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstancePrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a private endpoint connection." + }, + "type": { + "type": "string", + "enum": [ + "privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/privateEndpointConnections" + }, + "managedInstances_securityAlertPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/securityAlertPolicies" + }, + "managedInstances_serverConfigurationOptions_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "allowPolybaseExport" + ], + "description": "The name of the server configuration option." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerConfigurationOptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of server configuration option." + }, + "type": { + "type": "string", + "enum": [ + "serverConfigurationOptions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/serverConfigurationOptions" + }, + "managedInstances_serverTrustCertificates_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "Name of of the certificate to upload." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerTrustCertificateProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server trust certificate." + }, + "type": { + "type": "string", + "enum": [ + "serverTrustCertificates" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/serverTrustCertificates" + }, + "managedInstances_sqlAgent_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SqlAgentConfigurationProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sql agent configuration properties." + }, + "type": { + "type": "string", + "enum": [ + "sqlAgent" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/sqlAgent" + }, + "managedInstances_startStopSchedules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "Name of the managed instance Start/Stop schedule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/StartStopManagedInstanceScheduleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of managed instance's Start/Stop schedule." + }, + "type": { + "type": "string", + "enum": [ + "startStopSchedules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/startStopSchedules" + }, + "managedInstances_vulnerabilityAssessments_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ManagedInstanceVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a managed instance vulnerability assessment." + }, + "type": { + "type": "string", + "enum": [ + "vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/managedInstances/vulnerabilityAssessments" + }, + "ManagedInstanceVulnerabilityAssessmentProperties": { + "type": "object", + "properties": { + "recurringScans": { + "oneOf": [ + { + "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a Vulnerability Assessment recurring scans." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + }, + "storageContainerPath": { + "type": "string", + "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/)." + }, + "storageContainerSasKey": { + "type": "string", + "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + } + }, + "required": [ + "storageContainerPath" + ], + "description": "Properties of a managed instance vulnerability assessment." + }, + "ManagedLedgerDigestUploadsProperties": { + "type": "object", + "properties": { + "digestStorageEndpoint": { + "type": "string", + "description": "The digest storage endpoint, which must be either an Azure blob storage endpoint or an URI for Azure Confidential Ledger." + } + }, + "description": "The properties of a database ledger digest upload settings." + }, + "ManagedTransparentDataEncryptionProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the transparent data encryption." + } + }, + "required": [ + "state" + ], + "description": "Properties of a transparent data encryption." + }, + "NetworkIsolationSettings": { + "type": "object", + "properties": { + "sqlServerResourceId": { + "type": "string", + "format": "arm-id", + "description": "The resource id for the SQL server which is the target of this request. If set, private endpoint connection will be created for the SQL server. Must match server which is target of the operation." + }, + "storageAccountResourceId": { + "type": "string", + "format": "arm-id", + "description": "The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for StorageUri parameter." + } + }, + "description": "Contains the ARM resources for which to create private endpoint connection." + }, + "PartnerInfo": { + "type": "object", + "properties": { + "id": { + "type": "string", + "format": "arm-id", + "description": "Resource identifier of the partner server." + } + }, + "required": [ + "id" + ], + "description": "Partner server information for the failover group." + }, + "PartnerRegionInfo": { + "type": "object", + "properties": { + "location": { + "type": "string", + "description": "Geo location of the partner managed instances." + } + }, + "description": "Partner region information for the failover group." + }, + "PrivateEndpointConnectionProperties": { + "type": "object", + "properties": { + "privateEndpoint": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "privateLinkServiceConnectionState": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateLinkServiceConnectionStateProperty" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "description": "Properties of a private endpoint connection." + }, + "PrivateEndpointProperty": { + "type": "object", + "properties": { + "id": { + "type": "string", + "description": "Resource id of the private endpoint." + } + } + }, + "PrivateLinkServiceConnectionStateProperty": { + "type": "object", + "properties": { + "description": { + "type": "string", + "description": "The private link service connection description." + }, + "status": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Approved", + "Pending", + "Rejected", + "Disconnected" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The private link service connection status." + } + }, + "required": [ + "description", + "status" + ] + }, + "ResourceIdentity": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned", + "UserAssigned", + "SystemAssigned,UserAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The identity type. Set this to 'SystemAssigned' in order to automatically create and assign an Azure Active Directory principal for the resource." + }, + "userAssignedIdentities": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "$ref": "#/definitions/UserIdentity" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The resource ids of the user assigned identities to use" + } + }, + "description": "Azure Active Directory identity configuration for a resource." + }, + "ScheduleItem": { + "type": "object", + "properties": { + "startDay": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Sunday", + "Monday", + "Tuesday", + "Wednesday", + "Thursday", + "Friday", + "Saturday" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Start day." + }, + "startTime": { + "type": "string", + "description": "Start time." + }, + "stopDay": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Sunday", + "Monday", + "Tuesday", + "Wednesday", + "Thursday", + "Friday", + "Saturday" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Stop day." + }, + "stopTime": { + "type": "string", + "description": "Stop time." + } + }, + "required": [ + "startDay", + "startTime", + "stopDay", + "stopTime" + ], + "description": "Schedule info describing when the server should be started or stopped." + }, + "SecurityAlertPolicyProperties": { + "type": "object", + "properties": { + "disabledAlerts": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force" + }, + "emailAccountAdmins": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies that the alert is sent to the account administrators." + }, + "emailAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies an array of e-mail addresses to which the alert is sent." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the Threat Detection audit logs." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "New", + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the Threat Detection audit storage account." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs." + } + }, + "required": [ + "state" + ], + "description": "Properties of a security alert policy." + }, + "SecurityAlertsPolicyProperties": { + "type": "object", + "properties": { + "disabledAlerts": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action, Brute_Force" + }, + "emailAccountAdmins": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies that the alert is sent to the account administrators." + }, + "emailAddresses": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies an array of e-mail addresses to which the alert is sent." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the Threat Detection audit logs." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the policy, whether it is enabled or disabled or a policy has not been applied yet on the specific database." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the Threat Detection audit storage account." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs." + } + }, + "required": [ + "state" + ], + "description": "Properties of a security alert policy." + }, + "SensitivityLabelProperties": { + "type": "object", + "properties": { + "clientClassificationSource": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "Native", + "Recommended", + "MIP" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "informationType": { + "type": "string", + "description": "The information type." + }, + "informationTypeId": { + "type": "string", + "description": "The information type ID." + }, + "labelId": { + "type": "string", + "description": "The label ID." + }, + "labelName": { + "type": "string", + "description": "The label name." + }, + "rank": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "Low", + "Medium", + "High", + "Critical" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "description": "Properties of a sensitivity label." + }, + "ServerBlobAuditingPolicyProperties": { + "type": "object", + "properties": { + "auditActionsAndGroups": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the Actions-Groups and Actions to audit.\r\n\r\nThe recommended set of action groups to use is the following combination - this will audit all the queries and stored procedures executed against the database, as well as successful and failed logins:\r\n\r\nBATCH_COMPLETED_GROUP,\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP,\r\nFAILED_DATABASE_AUTHENTICATION_GROUP.\r\n\r\nThis above combination is also the set that is configured by default when enabling auditing from the Azure portal.\r\n\r\nThe supported action groups to audit are (note: choose only specific groups that cover your auditing needs. Using unnecessary groups could lead to very large quantities of audit records):\r\n\r\nAPPLICATION_ROLE_CHANGE_PASSWORD_GROUP\r\nBACKUP_RESTORE_GROUP\r\nDATABASE_LOGOUT_GROUP\r\nDATABASE_OBJECT_CHANGE_GROUP\r\nDATABASE_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_OBJECT_PERMISSION_CHANGE_GROUP\r\nDATABASE_OPERATION_GROUP\r\nDATABASE_PERMISSION_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_CHANGE_GROUP\r\nDATABASE_PRINCIPAL_IMPERSONATION_GROUP\r\nDATABASE_ROLE_MEMBER_CHANGE_GROUP\r\nFAILED_DATABASE_AUTHENTICATION_GROUP\r\nSCHEMA_OBJECT_ACCESS_GROUP\r\nSCHEMA_OBJECT_CHANGE_GROUP\r\nSCHEMA_OBJECT_OWNERSHIP_CHANGE_GROUP\r\nSCHEMA_OBJECT_PERMISSION_CHANGE_GROUP\r\nSUCCESSFUL_DATABASE_AUTHENTICATION_GROUP\r\nUSER_CHANGE_PASSWORD_GROUP\r\nBATCH_STARTED_GROUP\r\nBATCH_COMPLETED_GROUP\r\nDBCC_GROUP\r\nDATABASE_OWNERSHIP_CHANGE_GROUP\r\nDATABASE_CHANGE_GROUP\r\nLEDGER_OPERATION_GROUP\r\n\r\nThese are groups that cover all sql statements and stored procedures executed against the database, and should not be used in combination with other groups as this will result in duplicate audit logs.\r\n\r\nFor more information, see [Database-Level Audit Action Groups](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-action-groups).\r\n\r\nFor Database auditing policy, specific Actions can also be specified (note that Actions cannot be specified for Server auditing policy). The supported actions to audit are:\r\nSELECT\r\nUPDATE\r\nINSERT\r\nDELETE\r\nEXECUTE\r\nRECEIVE\r\nREFERENCES\r\n\r\nThe general form for defining an action to be audited is:\r\n{action} ON {object} BY {principal}\r\n\r\nNote that in the above format can refer to an object like a table, view, or stored procedure, or an entire database or schema. For the latter cases, the forms DATABASE::{db_name} and SCHEMA::{schema_name} are used, respectively.\r\n\r\nFor example:\r\nSELECT on dbo.myTable by public\r\nSELECT on DATABASE::myDatabase by public\r\nSELECT on SCHEMA::mySchema by public\r\n\r\nFor more information, see [Database-Level Audit Actions](https://docs.microsoft.com/en-us/sql/relational-databases/security/auditing/sql-server-audit-action-groups-and-actions#database-level-audit-actions)" + }, + "isAzureMonitorTargetEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'SQLSecurityAuditEvents' diagnostic logs category on the database should be also created.\r\nNote that for server level audit you should use the 'master' database as {databaseName}.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/{databaseName}/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isDevopsAuditEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of devops audit. If state is Enabled, devops logs will be sent to Azure Monitor.\r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled', 'IsAzureMonitorTargetEnabled' as true and 'IsDevopsAuditEnabled' as true\r\n\r\nWhen using REST API to configure auditing, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should also be created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isManagedIdentityInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether Managed Identity is used to access blob storage" + }, + "isStorageSecondaryKeyInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether storageAccountAccessKey value is the storage's secondary key." + }, + "queueDelayMs": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the amount of time in milliseconds that can elapse before audit actions are forced to be processed.\r\nThe default minimum value is 1000 (1 second). The maximum is 2,147,483,647." + }, + "retentionDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the number of days to keep in the audit logs in the storage account." + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)" + }, + "storageAccountSubscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the blob storage subscription Id." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required." + } + }, + "required": [ + "state" + ], + "description": "Properties of a server blob auditing policy." + }, + "ServerConfigurationOptionProperties": { + "type": "object", + "properties": { + "serverConfigurationOptionValue": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Value of the server configuration option." + } + }, + "required": [ + "serverConfigurationOptionValue" + ], + "description": "The properties of server configuration option." + }, + "ServerConnectionPolicyProperties": { + "type": "object", + "properties": { + "connectionType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Default", + "Redirect", + "Proxy" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The server connection type." + } + }, + "required": [ + "connectionType" + ], + "description": "The properties of a server connection policy." + }, + "ServerDevOpsAuditSettingsProperties": { + "type": "object", + "properties": { + "isAzureMonitorTargetEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether DevOps audit events are sent to Azure Monitor. \r\nIn order to send the events to Azure Monitor, specify 'State' as 'Enabled' and 'IsAzureMonitorTargetEnabled' as true.\r\n\r\nWhen using REST API to configure DevOps audit, Diagnostic Settings with 'DevOpsOperationsAudit' diagnostic logs category on the master database should be also created.\r\n\r\nDiagnostic Settings URI format:\r\nPUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroup}/providers/Microsoft.Sql/servers/{serverName}/databases/master/providers/microsoft.insights/diagnosticSettings/{settingsName}?api-version=2017-05-01-preview\r\n\r\nFor more information, see [Diagnostic Settings REST API](https://go.microsoft.com/fwlink/?linkid=2033207)\r\nor [Diagnostic Settings PowerShell](https://go.microsoft.com/fwlink/?linkid=2033043)\r\n" + }, + "isManagedIdentityInUse": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies whether Managed Identity is used to access blob storage" + }, + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the audit. If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled are required." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the auditing storage account. \r\nIf state is Enabled and storageEndpoint is specified, not specifying the storageAccountAccessKey will use SQL server system-assigned managed identity to access the storage.\r\nPrerequisites for using managed identity authentication:\r\n1. Assign SQL Server a system-assigned managed identity in Azure Active Directory (AAD).\r\n2. Grant SQL Server identity access to the storage account by adding 'Storage Blob Data Contributor' RBAC role to the server identity.\r\nFor more information, see [Auditing to storage using Managed Identity authentication](https://go.microsoft.com/fwlink/?linkid=2114355)" + }, + "storageAccountSubscriptionId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the blob storage subscription Id." + }, + "storageEndpoint": { + "type": "string", + "description": "Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). If state is Enabled, storageEndpoint or isAzureMonitorTargetEnabled is required." + } + }, + "required": [ + "state" + ], + "description": "Properties of a server DevOps audit settings." + }, + "ServerExternalAdministrator": { + "type": "object", + "properties": { + "administratorType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ActiveDirectory" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Type of the sever administrator." + }, + "azureADOnlyAuthentication": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory only Authentication enabled." + }, + "login": { + "type": "string", + "description": "Login name of the server administrator." + }, + "principalType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "User", + "Group", + "Application" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Principal Type of the sever administrator." + }, + "sid": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SID (object ID) of the server administrator." + }, + "tenantId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Tenant ID of the administrator." + } + }, + "description": "Properties of a active directory administrator." + }, + "ServerFirewallRuleProperties": { + "type": "object", + "properties": { + "endIpAddress": { + "type": "string", + "description": "The end IP address of the firewall rule. Must be IPv4 format. Must be greater than or equal to startIpAddress. Use value '0.0.0.0' for all Azure-internal IP addresses." + }, + "startIpAddress": { + "type": "string", + "description": "The start IP address of the firewall rule. Must be IPv4 format. Use value '0.0.0.0' for all Azure-internal IP addresses." + } + }, + "description": "The properties of a server firewall rule." + }, + "ServerInfo": { + "type": "object", + "properties": { + "serverId": { + "type": "string", + "description": "Server Id." + } + }, + "required": [ + "serverId" + ], + "description": "Server info for the server trust group." + }, + "ServerKeyProperties": { + "type": "object", + "properties": { + "serverKeyType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "ServiceManaged", + "AzureKeyVault" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The server key type like 'ServiceManaged', 'AzureKeyVault'." + }, + "uri": { + "type": "string", + "description": "The URI of the server key. If the ServerKeyType is AzureKeyVault, then the URI is required. The AKV URI is required to be in this format: 'https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion'" + } + }, + "required": [ + "serverKeyType" + ], + "description": "Properties for a server key execution." + }, + "ServerProperties": { + "type": "object", + "properties": { + "administratorLogin": { + "type": "string", + "description": "Administrator username for the server. Once created it cannot be changed." + }, + "administratorLoginPassword": { + "type": "string", + "description": "The administrator login password (required for server creation)." + }, + "administrators": { + "oneOf": [ + { + "$ref": "#/definitions/ServerExternalAdministrator" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory administrator." + }, + "federatedClientId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The Client id used for cross tenant CMK scenario" + }, + "isIPv6Enabled": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not to enable IPv6 support for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'." + }, + "keyId": { + "type": "string", + "description": "A CMK URI of the key to use for encryption." + }, + "minimalTlsVersion": { + "type": "string", + "description": "Minimal TLS version. Allowed values: 'None', '1.0', '1.1', '1.2'" + }, + "primaryUserAssignedIdentityId": { + "type": "string", + "format": "arm-id", + "description": "The resource id of a user assigned identity to be used by default." + }, + "publicNetworkAccess": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled", + "SecuredByPerimeter" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not public endpoint access is allowed for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled' or 'SecuredByPerimeter'." + }, + "restrictOutboundNetworkAccess": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether or not to restrict outbound network access for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'." + }, + "version": { + "type": "string", + "description": "The version of the server." + } + }, + "description": "The properties of a server." + }, + "servers_administrators_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "ActiveDirectory" + ], + "description": "The name of server active directory administrator." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdministratorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory administrator." + }, + "type": { + "type": "string", + "enum": [ + "administrators" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/administrators" + }, + "servers_advancedThreatProtectionSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/advancedThreatProtectionSettings" + }, + "servers_auditingSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "auditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/auditingSettings" + }, + "servers_azureADOnlyAuthentications_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of server azure active directory only authentication." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AzureADOnlyAuthProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a active directory only authentication." + }, + "type": { + "type": "string", + "enum": [ + "azureADOnlyAuthentications" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/azureADOnlyAuthentications" + }, + "servers_connectionPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the connection policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerConnectionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a server connection policy." + }, + "type": { + "type": "string", + "enum": [ + "connectionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/connectionPolicies" + }, + "servers_databases_advancedThreatProtectionSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the Advanced Threat Protection state." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/AdvancedThreatProtectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Advanced Threat Protection state." + }, + "type": { + "type": "string", + "enum": [ + "advancedThreatProtectionSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/advancedThreatProtectionSettings" + }, + "servers_databases_auditingSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "auditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/auditingSettings" + }, + "servers_databases_backupLongTermRetentionPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The policy name. Should always be Default." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BaseLongTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a long term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "backupLongTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/backupLongTermRetentionPolicies" + }, + "servers_databases_backupShortTermRetentionPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The policy name. Should always be \"default\"." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/BackupShortTermRetentionPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a short term retention policy" + }, + "type": { + "type": "string", + "enum": [ + "backupShortTermRetentionPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/backupShortTermRetentionPolicies" + }, + "servers_databases_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the database." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The database's properties." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "databases" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases" + }, + "servers_databases_dataMaskingPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the database for which the data masking policy applies." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DataMaskingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database data masking policy." + }, + "type": { + "type": "string", + "enum": [ + "dataMaskingPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/dataMaskingPolicies" + }, + "servers_databases_dataMaskingPolicies_rules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the data masking rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DataMaskingRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database data masking rule." + }, + "type": { + "type": "string", + "enum": [ + "rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/dataMaskingPolicies/rules" + }, + "servers_databases_extendedAuditingSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExtendedDatabaseBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an extended database blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "extendedAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/extendedAuditingSettings" + }, + "servers_databases_extensions_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseExtensionsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Contains the database information after a successful Import, Export, or PolybaseImport" + }, + "type": { + "type": "string", + "enum": [ + "extensions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/extensions" + }, + "servers_databases_geoBackupPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ], + "description": "The name of the Geo backup policy. This should always be 'Default'." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/GeoBackupPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of the geo backup policy." + }, + "type": { + "type": "string", + "enum": [ + "geoBackupPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/geoBackupPolicies" + }, + "servers_databases_ledgerDigestUploads_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/LedgerDigestUploadsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of a database ledger digest upload settings." + }, + "type": { + "type": "string", + "enum": [ + "ledgerDigestUploads" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/ledgerDigestUploads" + }, + "servers_databases_maintenanceWindows_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/MaintenanceWindowsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Maintenance windows resource properties." + }, + "type": { + "type": "string", + "enum": [ + "maintenanceWindows" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/maintenanceWindows" + }, + "servers_databases_securityAlertPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the security alert policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/securityAlertPolicies" + }, + "servers_databases_sqlVulnerabilityAssessments_baselines_rules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The vulnerability assessment rule ID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/sqlVulnerabilityAssessments/baselines/rules" + }, + "servers_databases_syncGroups_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sync group." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "type": { + "type": "string", + "enum": [ + "syncGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/syncGroups" + }, + "servers_databases_syncGroups_syncMembers_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync member." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncMemberProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a sync member." + }, + "type": { + "type": "string", + "enum": [ + "syncMembers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/syncGroups/syncMembers" + }, + "servers_databases_transparentDataEncryption_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the transparent data encryption configuration." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/TransparentDataEncryptionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a transparent data encryption." + }, + "type": { + "type": "string", + "enum": [ + "transparentDataEncryption" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/transparentDataEncryption" + }, + "servers_databases_vulnerabilityAssessments_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/vulnerabilityAssessments" + }, + "servers_databases_workloadGroups_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the workload group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/WorkloadGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Workload group definition. For more information look at sys.workload_management_workload_groups (DMV)." + }, + "type": { + "type": "string", + "enum": [ + "workloadGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/workloadGroups" + }, + "servers_databases_workloadGroups_workloadClassifiers_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the workload classifier to create/update." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/WorkloadClassifierProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Workload classifier definition. For more information look at sys.workload_management_workload_classifiers (DMV)." + }, + "type": { + "type": "string", + "enum": [ + "workloadClassifiers" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/databases/workloadGroups/workloadClassifiers" + }, + "servers_devOpsAuditingSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "Default" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerDevOpsAuditSettingsProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server DevOps audit settings." + }, + "type": { + "type": "string", + "enum": [ + "devOpsAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/devOpsAuditingSettings" + }, + "servers_dnsAliases_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the server dns alias." + }, + "type": { + "type": "string", + "enum": [ + "dnsAliases" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/dnsAliases" + }, + "servers_elasticPools_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the elastic pool." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ElasticPoolProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an elastic pool" + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "elasticPools" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/elasticPools" + }, + "servers_encryptionProtector_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "current" + ], + "description": "The name of the encryption protector to be updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/EncryptionProtectorProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for an encryption protector execution." + }, + "type": { + "type": "string", + "enum": [ + "encryptionProtector" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/encryptionProtector" + }, + "servers_extendedAuditingSettings_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the blob auditing policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ExtendedServerBlobAuditingPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an extended server blob auditing policy." + }, + "type": { + "type": "string", + "enum": [ + "extendedAuditingSettings" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/extendedAuditingSettings" + }, + "servers_failoverGroups_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the failover group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/FailoverGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a failover group." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "failoverGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/failoverGroups" + }, + "servers_firewallRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "firewallRules" + ] + }, + "type": { + "type": "string", + "enum": [ + "firewallRules" + ] + }, + "values": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/FirewallRule" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/firewallRules" + }, + "servers_ipv6FirewallRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the firewall rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/IPv6ServerFirewallRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The properties of an IPv6 server firewall rule." + }, + "type": { + "type": "string", + "enum": [ + "ipv6FirewallRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/ipv6FirewallRules" + }, + "servers_jobAgents_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "identity": { + "oneOf": [ + { + "$ref": "#/definitions/JobAgentIdentity" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Azure Active Directory identity configuration for a resource." + }, + "location": { + "type": "string", + "description": "Resource location." + }, + "name": { + "type": "string", + "description": "The name of the job agent to be created or updated." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobAgentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job agent." + }, + "sku": { + "oneOf": [ + { + "$ref": "#/definitions/Sku" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "An ARM Resource SKU." + }, + "tags": { + "oneOf": [ + { + "type": "object", + "additionalProperties": { + "type": "string" + }, + "properties": {} + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Resource tags." + }, + "type": { + "type": "string", + "enum": [ + "jobAgents" + ] + } + }, + "required": [ + "apiVersion", + "location", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents" + }, + "servers_jobAgents_credentials_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the credential." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobCredentialProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job credential." + }, + "type": { + "type": "string", + "enum": [ + "credentials" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/credentials" + }, + "servers_jobAgents_jobs_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the job to get." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job." + }, + "type": { + "type": "string", + "enum": [ + "jobs" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs" + }, + "servers_jobAgents_jobs_executions_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The job execution id to create the job execution under." + }, + "type": { + "type": "string", + "enum": [ + "executions" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs/executions" + }, + "servers_jobAgents_jobs_steps_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the job step." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobStepProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a job step." + }, + "type": { + "type": "string", + "enum": [ + "steps" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/jobs/steps" + }, + "servers_jobAgents_privateEndpoints_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobPrivateEndpointProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of job agent private endpoint." + }, + "type": { + "type": "string", + "enum": [ + "privateEndpoints" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/privateEndpoints" + }, + "servers_jobAgents_targetGroups_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the target group." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/JobTargetGroupProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of job target group." + }, + "type": { + "type": "string", + "enum": [ + "targetGroups" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/jobAgents/targetGroups" + }, + "servers_keys_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the server key to be operated on (updated or created). The key name is required to be in the format of 'vault_key_version'. For example, if the keyId is https://YourVaultName.vault.azure.net/keys/YourKeyName/YourKeyVersion, then the server key name should be formatted as: YourVaultName_YourKeyName_YourKeyVersion" + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerKeyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties for a server key execution." + }, + "type": { + "type": "string", + "enum": [ + "keys" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/keys" + }, + "servers_outboundFirewallRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string" + }, + "type": { + "type": "string", + "enum": [ + "outboundFirewallRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "type" + ], + "description": "Microsoft.Sql/servers/outboundFirewallRules" + }, + "servers_privateEndpointConnections_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the private endpoint connection." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/PrivateEndpointConnectionProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a private endpoint connection." + }, + "type": { + "type": "string", + "enum": [ + "privateEndpointConnections" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/privateEndpointConnections" + }, + "servers_securityAlertPolicies_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the threat detection policy." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SecurityAlertsPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a security alert policy." + }, + "type": { + "type": "string", + "enum": [ + "securityAlertPolicies" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/securityAlertPolicies" + }, + "servers_sqlVulnerabilityAssessments_baselines_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ] + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineListInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "baselines" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines" + }, + "servers_sqlVulnerabilityAssessments_baselines_rules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The vulnerability assessment rule ID." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/DatabaseSqlVulnerabilityAssessmentRuleBaselineInputProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a database Sql Vulnerability Assessment rule baseline." + }, + "type": { + "type": "string", + "enum": [ + "rules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments/baselines/rules" + }, + "servers_sqlVulnerabilityAssessments_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the SQL Vulnerability Assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SqlVulnerabilityAssessmentPolicyProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ] + }, + "type": { + "type": "string", + "enum": [ + "sqlVulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/sqlVulnerabilityAssessments" + }, + "servers_syncAgents_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the sync agent." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/SyncAgentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of an Azure SQL Database sync agent." + }, + "type": { + "type": "string", + "enum": [ + "syncAgents" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/syncAgents" + }, + "servers_virtualNetworkRules_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "description": "The name of the virtual network rule." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/VirtualNetworkRuleProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a virtual network rule." + }, + "type": { + "type": "string", + "enum": [ + "virtualNetworkRules" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/virtualNetworkRules" + }, + "servers_vulnerabilityAssessments_childResource": { + "type": "object", + "properties": { + "apiVersion": { + "type": "string", + "enum": [ + "2023-05-01-preview" + ] + }, + "name": { + "type": "string", + "enum": [ + "default" + ], + "description": "The name of the vulnerability assessment." + }, + "properties": { + "oneOf": [ + { + "$ref": "#/definitions/ServerVulnerabilityAssessmentProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a server Vulnerability Assessment." + }, + "type": { + "type": "string", + "enum": [ + "vulnerabilityAssessments" + ] + } + }, + "required": [ + "apiVersion", + "name", + "properties", + "type" + ], + "description": "Microsoft.Sql/servers/vulnerabilityAssessments" + }, + "ServerTrustCertificateProperties": { + "type": "object", + "properties": { + "publicBlob": { + "type": "string", + "description": "The certificate public blob" + } + }, + "description": "The properties of a server trust certificate." + }, + "ServerTrustGroupProperties": { + "type": "object", + "properties": { + "groupMembers": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ServerInfo" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Group members information for the server trust group." + }, + "trustScopes": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string", + "enum": [ + "GlobalTransactions", + "ServiceBroker" + ] + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Trust scope of the server trust group." + } + }, + "required": [ + "groupMembers", + "trustScopes" + ], + "description": "Properties of a server trust group." + }, + "ServerVulnerabilityAssessmentProperties": { + "type": "object", + "properties": { + "recurringScans": { + "oneOf": [ + { + "$ref": "#/definitions/VulnerabilityAssessmentRecurringScansProperties" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of a Vulnerability Assessment recurring scans." + }, + "storageAccountAccessKey": { + "type": "string", + "description": "Specifies the identifier key of the storage account for vulnerability assessment scan results. If 'StorageContainerSasKey' isn't specified, storageAccountAccessKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + }, + "storageContainerPath": { + "type": "string", + "description": "A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/)." + }, + "storageContainerSasKey": { + "type": "string", + "description": "A shared access signature (SAS Key) that has write access to the blob container specified in 'storageContainerPath' parameter. If 'storageAccountAccessKey' isn't specified, StorageContainerSasKey is required. Applies only if the storage account is not behind a Vnet or a firewall" + } + }, + "required": [ + "storageContainerPath" + ], + "description": "Properties of a server Vulnerability Assessment." + }, + "ServicePrincipal": { + "type": "object", + "properties": { + "type": { + "oneOf": [ + { + "type": "string", + "enum": [ + "None", + "SystemAssigned" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Service principal type." + } + }, + "description": "The managed instance's service principal configuration for a resource." + }, + "Sku": { + "type": "object", + "properties": { + "capacity": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Capacity of the particular SKU." + }, + "family": { + "type": "string", + "description": "If the service has different generations of hardware, for the same SKU, then that can be captured here." + }, + "name": { + "type": "string", + "description": "The name of the SKU, typically, a letter + Number code, e.g. P3." + }, + "size": { + "type": "string", + "description": "Size of the particular SKU" + }, + "tier": { + "type": "string", + "description": "The tier or edition of the particular SKU, e.g. Basic, Premium." + } + }, + "required": [ + "name" + ], + "description": "An ARM Resource SKU." + }, + "SqlAgentConfigurationProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The state of Sql Agent." + } + }, + "description": "Sql agent configuration properties." + }, + "SqlVulnerabilityAssessmentPolicyProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the SQL Vulnerability Assessment, whether it is enabled or disabled or a state has not been applied yet on the specific database or server." + } + } + }, + "StartStopManagedInstanceScheduleProperties": { + "type": "object", + "properties": { + "description": { + "type": "string", + "default": "", + "description": "The description of the schedule." + }, + "scheduleList": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/ScheduleItem" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Schedule list." + }, + "timeZoneId": { + "type": "string", + "default": "UTC", + "description": "The time zone of the schedule." + } + }, + "required": [ + "scheduleList" + ], + "description": "Properties of managed instance's Start/Stop schedule." + }, + "SyncAgentProperties": { + "type": "object", + "properties": { + "syncDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "ARM resource id of the sync database in the sync agent." + } + }, + "description": "Properties of an Azure SQL Database sync agent." + }, + "SyncGroupProperties": { + "type": "object", + "properties": { + "conflictLoggingRetentionInDays": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Conflict logging retention period." + }, + "conflictResolutionPolicy": { + "oneOf": [ + { + "type": "string", + "enum": [ + "HubWin", + "MemberWin" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Conflict resolution policy of the sync group." + }, + "enableConflictLogging": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "If conflict logging is enabled." + }, + "hubDatabasePassword": { + "type": "string", + "description": "Password for the sync group hub database credential." + }, + "hubDatabaseUserName": { + "type": "string", + "description": "User name for the sync group hub database credential." + }, + "interval": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sync interval of the sync group." + }, + "schema": { + "oneOf": [ + { + "$ref": "#/definitions/SyncGroupSchema" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Properties of sync group schema." + }, + "syncDatabaseId": { + "type": "string", + "format": "arm-id", + "description": "ARM resource id of the sync database in the sync group." + }, + "usePrivateLinkConnection": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "If use private link connection is enabled." + } + }, + "description": "Properties of a sync group." + }, + "SyncGroupSchema": { + "type": "object", + "properties": { + "masterSyncMemberName": { + "type": "string", + "description": "Name of master sync member where the schema is from." + }, + "tables": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SyncGroupSchemaTable" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of tables in sync group schema." + } + }, + "description": "Properties of sync group schema." + }, + "SyncGroupSchemaTable": { + "type": "object", + "properties": { + "columns": { + "oneOf": [ + { + "type": "array", + "items": { + "$ref": "#/definitions/SyncGroupSchemaTableColumn" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "List of columns in sync group schema." + }, + "quotedName": { + "type": "string", + "description": "Quoted name of sync group schema table." + } + }, + "description": "Properties of table in sync group schema." + }, + "SyncGroupSchemaTableColumn": { + "type": "object", + "properties": { + "dataSize": { + "type": "string", + "description": "Data size of the column." + }, + "dataType": { + "type": "string", + "description": "Data type of the column." + }, + "quotedName": { + "type": "string", + "description": "Quoted name of sync group table column." + } + }, + "description": "Properties of column in sync group table." + }, + "SyncMemberProperties": { + "type": "object", + "properties": { + "databaseName": { + "type": "string", + "description": "Database name of the member database in the sync member." + }, + "databaseType": { + "oneOf": [ + { + "type": "string", + "enum": [ + "AzureSqlDatabase", + "SqlServerDatabase" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Database type of the sync member." + }, + "password": { + "type": "string", + "description": "Password of the member database in the sync member." + }, + "serverName": { + "type": "string", + "description": "Server name of the member database in the sync member" + }, + "sqlServerDatabaseId": { + "oneOf": [ + { + "type": "string", + "pattern": "^[0-9a-fA-F]{8}(-[0-9a-fA-F]{4}){3}-[0-9a-fA-F]{12}$" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "SQL Server database id of the sync member." + }, + "syncAgentId": { + "type": "string", + "format": "arm-id", + "description": "ARM resource id of the sync agent in the sync member." + }, + "syncDirection": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Bidirectional", + "OneWayMemberToHub", + "OneWayHubToMember" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Sync direction of the sync member." + }, + "syncMemberAzureDatabaseResourceId": { + "type": "string", + "format": "arm-id", + "description": "ARM resource id of the sync member logical database, for sync members in Azure." + }, + "usePrivateLinkConnection": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Whether to use private link connection." + }, + "userName": { + "type": "string", + "description": "User name of the member database in the sync member." + } + }, + "description": "Properties of a sync member." + }, + "TransparentDataEncryptionProperties": { + "type": "object", + "properties": { + "state": { + "oneOf": [ + { + "type": "string", + "enum": [ + "Enabled", + "Disabled" + ] + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies the state of the transparent data encryption." + } + }, + "required": [ + "state" + ], + "description": "Properties of a transparent data encryption." + }, + "UserIdentity": { + "type": "object", + "properties": {}, + "description": "Azure Active Directory identity configuration for a resource." + }, + "VirtualNetworkRuleProperties": { + "type": "object", + "properties": { + "ignoreMissingVnetServiceEndpoint": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Create firewall rule before the virtual network has vnet service endpoint enabled." + }, + "virtualNetworkSubnetId": { + "type": "string", + "format": "arm-id", + "description": "The ARM resource id of the virtual network subnet." + } + }, + "required": [ + "virtualNetworkSubnetId" + ], + "description": "Properties of a virtual network rule." + }, + "VulnerabilityAssessmentRecurringScansProperties": { + "type": "object", + "properties": { + "emails": { + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies an array of e-mail addresses to which the scan notification is sent." + }, + "emailSubscriptionAdmins": { + "oneOf": [ + { + "type": "boolean", + "default": true + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Specifies that the schedule scan notification will be is sent to the subscription administrators." + }, + "isEnabled": { + "oneOf": [ + { + "type": "boolean" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "Recurring scans state." + } + }, + "description": "Properties of a Vulnerability Assessment recurring scans." + }, + "WorkloadClassifierProperties": { + "type": "object", + "properties": { + "context": { + "type": "string", + "description": "The workload classifier context." + }, + "endTime": { + "type": "string", + "description": "The workload classifier end time for classification." + }, + "importance": { + "type": "string", + "description": "The workload classifier importance." + }, + "label": { + "type": "string", + "description": "The workload classifier label." + }, + "memberName": { + "type": "string", + "description": "The workload classifier member name." + }, + "startTime": { + "type": "string", + "description": "The workload classifier start time for classification." + } + }, + "required": [ + "memberName" + ], + "description": "Workload classifier definition. For more information look at sys.workload_management_workload_classifiers (DMV)." + }, + "WorkloadGroupProperties": { + "type": "object", + "properties": { + "importance": { + "type": "string", + "description": "The workload group importance level." + }, + "maxResourcePercent": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The workload group cap percentage resource." + }, + "maxResourcePercentPerRequest": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The workload group request maximum grant percentage." + }, + "minResourcePercent": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The workload group minimum percentage resource." + }, + "minResourcePercentPerRequest": { + "oneOf": [ + { + "type": "number" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The workload group request minimum grant percentage." + }, + "queryExecutionTimeout": { + "oneOf": [ + { + "type": "integer" + }, + { + "$ref": "https://schema.management.azure.com/schemas/common/definitions.json#/definitions/expression" + } + ], + "description": "The workload group query execution timeout." + } + }, + "required": [ + "maxResourcePercent", + "minResourcePercent", + "minResourcePercentPerRequest" + ], + "description": "Workload group definition. For more information look at sys.workload_management_workload_groups (DMV)." + } + } +} \ No newline at end of file diff --git a/schemas/common/autogeneratedResources.json b/schemas/common/autogeneratedResources.json index f12fc41d9d..97ae360b34 100644 --- a/schemas/common/autogeneratedResources.json +++ b/schemas/common/autogeneratedResources.json @@ -35233,6 +35233,258 @@ { "$ref": "https://schema.management.azure.com/schemas/2023-02-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_vulnerabilityAssessments" }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/instancePools" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/locations_instanceFailoverGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/locations_serverTrustGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_administrators" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_advancedThreatProtectionSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_azureADOnlyAuthentications" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_advancedThreatProtectionSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_backupLongTermRetentionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_backupShortTermRetentionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_ledgerDigestUploads" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_schemas_tables_columns_sensitivityLabels" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_securityAlertPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_transparentDataEncryption" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_vulnerabilityAssessments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_databases_vulnerabilityAssessments_rules_baselines" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_distributedAvailabilityGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_dnsAliases" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_dtc" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_encryptionProtector" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_keys" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_privateEndpointConnections" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_restorableDroppedDatabases_backupShortTermRetentionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_securityAlertPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_serverConfigurationOptions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_serverTrustCertificates" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_sqlAgent" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_startStopSchedules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/managedInstances_vulnerabilityAssessments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_administrators" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_advancedThreatProtectionSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_auditingSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_azureADOnlyAuthentications" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_connectionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_advancedThreatProtectionSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_auditingSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_backupLongTermRetentionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_backupShortTermRetentionPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_dataMaskingPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_dataMaskingPolicies_rules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_extendedAuditingSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_extensions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_geoBackupPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_ledgerDigestUploads" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_maintenanceWindows" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_schemas_tables_columns_sensitivityLabels" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_securityAlertPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_sqlVulnerabilityAssessments_baselines" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_sqlVulnerabilityAssessments_baselines_rules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_syncGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_syncGroups_syncMembers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_transparentDataEncryption" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_vulnerabilityAssessments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_vulnerabilityAssessments_rules_baselines" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_workloadGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_databases_workloadGroups_workloadClassifiers" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_devOpsAuditingSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_dnsAliases" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_elasticPools" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_encryptionProtector" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_extendedAuditingSettings" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_failoverGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_firewallRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_ipv6FirewallRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_credentials" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_jobs" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_jobs_executions" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_jobs_steps" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_privateEndpoints" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_jobAgents_targetGroups" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_keys" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_outboundFirewallRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_privateEndpointConnections" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_securityAlertPolicies" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_sqlVulnerabilityAssessments" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_sqlVulnerabilityAssessments_baselines" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_sqlVulnerabilityAssessments_baselines_rules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_syncAgents" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_virtualNetworkRules" + }, + { + "$ref": "https://schema.management.azure.com/schemas/2023-05-01-preview/Microsoft.Sql.json#/resourceDefinitions/servers_vulnerabilityAssessments" + }, { "$ref": "https://schema.management.azure.com/schemas/2017-03-01-preview/Microsoft.SqlVirtualMachine.json#/resourceDefinitions/sqlVirtualMachineGroups" },