diff --git a/azurerm/internal/services/managementgroup/parse/management_group.go b/azurerm/internal/services/managementgroup/parse/management_group.go
index 46dfab265779..f1db83534034 100644
--- a/azurerm/internal/services/managementgroup/parse/management_group.go
+++ b/azurerm/internal/services/managementgroup/parse/management_group.go
@@ -36,3 +36,14 @@ func ManagementGroupID(input string) (*ManagementGroupId, error) {
 
 	return &id, nil
 }
+
+func NewManagementGroupId(managementGroupName string) ManagementGroupId {
+	return ManagementGroupId{
+		Name: managementGroupName,
+	}
+}
+
+func (r ManagementGroupId) ID() string {
+	managemntGroupIdFmt := "/providers/Microsoft.Management/managementGroups/%s"
+	return fmt.Sprintf(managemntGroupIdFmt, r.Name)
+}
diff --git a/azurerm/internal/services/resource/client/client.go b/azurerm/internal/services/resource/client/client.go
index 25f00336ee47..e4bbcf54d77b 100644
--- a/azurerm/internal/services/resource/client/client.go
+++ b/azurerm/internal/services/resource/client/client.go
@@ -2,17 +2,19 @@ package client
 
 import (
 	providers "github.com/Azure/azure-sdk-for-go/profiles/2017-03-09/resources/mgmt/resources"
+	"github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs"
 	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2016-09-01/locks"
 	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2020-06-01/resources"
 	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/common"
 )
 
 type Client struct {
-	DeploymentsClient *resources.DeploymentsClient
-	GroupsClient      *resources.GroupsClient
-	LocksClient       *locks.ManagementLocksClient
-	ProvidersClient   *providers.ProvidersClient
-	ResourcesClient   *resources.Client
+	DeploymentsClient           *resources.DeploymentsClient
+	GroupsClient                *resources.GroupsClient
+	LocksClient                 *locks.ManagementLocksClient
+	ProvidersClient             *providers.ProvidersClient
+	ResourcesClient             *resources.Client
+	TemplateSpecsVersionsClient *templatespecs.VersionsClient
 }
 
 func NewClient(o *common.ClientOptions) *Client {
@@ -32,11 +34,15 @@ func NewClient(o *common.ClientOptions) *Client {
 	resourcesClient := resources.NewClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
 	o.ConfigureClient(&resourcesClient.Client, o.ResourceManagerAuthorizer)
 
+	templatespecsVersionsClient := templatespecs.NewVersionsClientWithBaseURI(o.ResourceManagerEndpoint, o.SubscriptionId)
+	o.ConfigureClient(&templatespecsVersionsClient.Client, o.ResourceManagerAuthorizer)
+
 	return &Client{
-		GroupsClient:      &groupsClient,
-		DeploymentsClient: &deploymentsClient,
-		LocksClient:       &locksClient,
-		ProvidersClient:   &providersClient,
-		ResourcesClient:   &resourcesClient,
+		GroupsClient:                &groupsClient,
+		DeploymentsClient:           &deploymentsClient,
+		LocksClient:                 &locksClient,
+		ProvidersClient:             &providersClient,
+		ResourcesClient:             &resourcesClient,
+		TemplateSpecsVersionsClient: &templatespecsVersionsClient,
 	}
 }
diff --git a/azurerm/internal/services/resource/management_group_template_deployment_resource.go b/azurerm/internal/services/resource/management_group_template_deployment_resource.go
new file mode 100644
index 000000000000..a65e6b905f8b
--- /dev/null
+++ b/azurerm/internal/services/resource/management_group_template_deployment_resource.go
@@ -0,0 +1,387 @@
+package resource
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2020-06-01/resources"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/location"
+	mgParse "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/managementgroup/parse"
+	mgValidate "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/managementgroup/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tags"
+	azSchema "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func managementGroupTemplateDeploymentResource() *schema.Resource {
+	return &schema.Resource{
+		Create: managementGroupTemplateDeploymentResourceCreate,
+		Read:   managementGroupTemplateDeploymentResourceRead,
+		Update: managementGroupTemplateDeploymentResourceUpdate,
+		Delete: managementGroupTemplateDeploymentResourceDelete,
+		Importer: azSchema.ValidateResourceIDPriorToImport(func(id string) error {
+			_, err := parse.ManagementGroupTemplateDeploymentID(id)
+			return err
+		}),
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(180 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(180 * time.Minute),
+			Delete: schema.DefaultTimeout(180 * time.Minute),
+		},
+
+		// (@jackofallops - lintignore needed as we need to make sure the JSON is usable in `output_content`)
+
+		//lintignore:S033
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.TemplateDeploymentName,
+			},
+
+			"management_group_id": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: mgValidate.ManagementGroupID,
+			},
+
+			"location": location.Schema(),
+
+			"template_content": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				StateFunc: utils.NormalizeJson,
+			},
+
+			"template_spec_version_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				ValidateFunc: validate.TemplateSpecVersionID,
+			},
+
+			// Optional
+			"debug_level": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringInSlice(templateDeploymentDebugLevels, false),
+			},
+
+			"parameters_content": {
+				Type:      schema.TypeString,
+				Optional:  true,
+				Computed:  true,
+				StateFunc: utils.NormalizeJson,
+			},
+
+			"tags": tags.Schema(),
+
+			// Computed
+			"output_content": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				StateFunc: utils.NormalizeJson,
+				// NOTE:  outputs can be strings, ints, objects etc - whilst using a nested object was considered
+				// parsing the JSON using `jsondecode` allows the users to interact with/map objects as required
+			},
+		},
+	}
+}
+
+func managementGroupTemplateDeploymentResourceCreate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	managementGroupId, err := mgParse.ManagementGroupID(d.Get("management_group_id").(string))
+	if err != nil {
+		return err
+	}
+
+	id := parse.NewManagementGroupTemplateDeploymentID(managementGroupId.Name, d.Get("name").(string))
+
+	existing, err := client.GetAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		if !utils.ResponseWasNotFound(existing.Response) {
+			return fmt.Errorf("checking for presence of existing Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+		}
+	}
+	if existing.Properties != nil {
+		return tf.ImportAsExistsError("azurerm_management_group_template_deployment", id.ID())
+	}
+
+	deployment := resources.ScopedDeployment{
+		Location: utils.String(location.Normalize(d.Get("location").(string))),
+		Properties: &resources.DeploymentProperties{
+			DebugSetting: expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string)),
+			Mode:         resources.Incremental,
+		},
+		Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
+	}
+
+	if templateRaw, ok := d.GetOk("template_content"); ok {
+		template, err := expandTemplateDeploymentBody(templateRaw.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+		deployment.Properties.Template = template
+	}
+
+	if templateSpecVersionID, ok := d.GetOk("template_spec_version_id"); ok {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(templateSpecVersionID.(string)),
+		}
+	}
+
+	if v, ok := d.GetOk("parameters_content"); ok && v != "" {
+		parameters, err := expandTemplateDeploymentBody(v.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `parameters_content`: %+v", err)
+		}
+		deployment.Properties.Parameters = parameters
+	}
+
+	log.Printf("[DEBUG] Running validation of Management Group Template Deployment %q..", id.DeploymentName)
+	if err := validateManagementGroupTemplateDeployment(ctx, id, deployment, client); err != nil {
+		return fmt.Errorf("validating Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Validated Management Group Template Deployment %q..", id.DeploymentName)
+
+	log.Printf("[DEBUG] Provisioning Management Group Template Deployment %q..", id.DeploymentName)
+	future, err := client.CreateOrUpdateAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("creating Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deployment of Management Group Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for creation of Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	d.SetId(id.ID())
+	return managementGroupTemplateDeploymentResourceRead(d, meta)
+}
+
+func managementGroupTemplateDeploymentResourceUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.ManagementGroupTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Retrieving Management Group Template Deployment %q..", id.DeploymentName)
+	template, err := client.GetAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("retrieving Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	if template.Properties == nil {
+		return fmt.Errorf("retrieving Management Group Template Deployment %q: `properties` was nil", id.DeploymentName)
+	}
+
+	// the API doesn't have a Patch operation, so we'll need to build one
+	deployment := resources.ScopedDeployment{
+		Location: template.Location,
+		Properties: &resources.DeploymentProperties{
+			DebugSetting: template.Properties.DebugSetting,
+			Mode:         resources.Incremental,
+		},
+		Tags: template.Tags,
+	}
+
+	if d.HasChange("debug_level") {
+		deployment.Properties.DebugSetting = expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string))
+	}
+
+	if d.HasChange("parameters_content") {
+		parameters, err := expandTemplateDeploymentBody(d.Get("parameters_content").(string))
+		if err != nil {
+			return fmt.Errorf("expanding `parameters_content`: %+v", err)
+		}
+		deployment.Properties.Parameters = parameters
+	}
+
+	if d.HasChange("template_content") {
+		templateContents, err := expandTemplateDeploymentBody(d.Get("template_content").(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+
+		deployment.Properties.Template = templateContents
+	} else {
+		// retrieve the existing content and reuse that
+		exportedTemplate, err := client.ExportTemplateAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+		if err != nil {
+			return fmt.Errorf("retrieving Contents for Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+		}
+
+		deployment.Properties.Template = exportedTemplate.Template
+	}
+
+	if d.HasChange("template_spec_version_id") {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(d.Get("template_spec_version_id").(string)),
+		}
+	}
+
+	if d.HasChange("tags") {
+		deployment.Tags = tags.Expand(d.Get("tags").(map[string]interface{}))
+	}
+
+	log.Printf("[DEBUG] Running validation of Management Group Template Deployment %q..", id.DeploymentName)
+	if err := validateManagementGroupTemplateDeployment(ctx, *id, deployment, client); err != nil {
+		return fmt.Errorf("validating Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Validated Management Group Template Deployment %q..", id.DeploymentName)
+
+	log.Printf("[DEBUG] Provisioning Management Group Template Deployment %q)..", id.DeploymentName)
+	future, err := client.CreateOrUpdateAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("creating Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deployment of Management Group Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for creation of Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	return managementGroupTemplateDeploymentResourceRead(d, meta)
+}
+
+func managementGroupTemplateDeploymentResourceRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.ManagementGroupTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resp, err := client.GetAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] Management Group Template Deployment %q was not found - removing from state", id.DeploymentName)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("retrieving Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	templateContents, err := client.ExportTemplateAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("retrieving Template Content for Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	d.Set("name", id.DeploymentName)
+	managementGroupId := mgParse.NewManagementGroupId(id.ManagementGroupName)
+	d.Set("management_group_id", managementGroupId.ID())
+	d.Set("location", location.NormalizeNilable(resp.Location))
+
+	if props := resp.Properties; props != nil {
+		d.Set("debug_level", flattenTemplateDeploymentDebugSetting(props.DebugSetting))
+
+		filteredParams := filterOutTemplateDeploymentParameters(props.Parameters)
+		flattenedParams, err := flattenTemplateDeploymentBody(filteredParams)
+		if err != nil {
+			return fmt.Errorf("flattening `parameters_content`: %+v", err)
+		}
+		d.Set("parameters_content", flattenedParams)
+
+		flattenedOutputs, err := flattenTemplateDeploymentBody(props.Outputs)
+		if err != nil {
+			return fmt.Errorf("flattening `output_content`: %+v", err)
+		}
+		d.Set("output_content", flattenedOutputs)
+
+		templateLinkId := ""
+		if props.TemplateLink != nil {
+			if props.TemplateLink.ID != nil {
+				templateLinkId = *props.TemplateLink.ID
+			}
+		}
+		d.Set("template_spec_version_id", templateLinkId)
+	}
+
+	flattenedTemplate, err := flattenTemplateDeploymentBody(templateContents.Template)
+	if err != nil {
+		return fmt.Errorf("flattening `template_content`: %+v", err)
+	}
+	d.Set("template_content", flattenedTemplate)
+
+	return tags.FlattenAndSet(d, resp.Tags)
+}
+
+func managementGroupTemplateDeploymentResourceDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.ManagementGroupTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	// at this time unfortunately the Resources RP doesn't expose a means of deleting top-level objects
+	// so we're unable to delete these during deletion - this'll need to be detailed in the docs
+
+	log.Printf("[DEBUG] Deleting Management Group Template Deployment %q..", id.DeploymentName)
+	future, err := client.DeleteAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("deleting Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deletion of Management Group Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for deletion of Management Group Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Deleted Management Group Template Deployment %q.", id.DeploymentName)
+
+	return nil
+}
+
+func validateManagementGroupTemplateDeployment(ctx context.Context, id parse.ManagementGroupTemplateDeploymentId, deployment resources.ScopedDeployment, client *resources.DeploymentsClient) error {
+	validationFuture, err := client.ValidateAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("requesting validating: %+v", err)
+	}
+	if err := validationFuture.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for validation: %+v", err)
+	}
+	validationResult, err := validationFuture.Result(*client)
+	if err != nil {
+		return fmt.Errorf("retrieving validation result: %+v", err)
+	}
+	if validationResult.Error != nil {
+		if validationResult.Error.Message != nil {
+			return fmt.Errorf("%s", *validationResult.Error.Message)
+		}
+		return fmt.Errorf("%+v", *validationResult.Error)
+	}
+
+	return nil
+}
diff --git a/azurerm/internal/services/resource/management_group_template_deployment_resource_test.go b/azurerm/internal/services/resource/management_group_template_deployment_resource_test.go
new file mode 100644
index 000000000000..c5ae1e561762
--- /dev/null
+++ b/azurerm/internal/services/resource/management_group_template_deployment_resource_test.go
@@ -0,0 +1,156 @@
+package resource_test
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance/check"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+type ManagementGroupTemplateDeploymentResource struct{}
+
+func TestAccManagementGroupTemplateDeployment_empty(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_management_group_template_deployment", "test")
+	r := ManagementGroupTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.emptyConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+		{
+			// set some tags
+			Config: r.emptyWithTagsConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccManagementGroupTemplateDeployment_templateSpec(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_management_group_template_deployment", "test")
+	r := ManagementGroupTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.templateSpecVersionConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func (ManagementGroupTemplateDeploymentResource) templateSpecVersionConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_management_group" "test" {
+  name = "TestAcc-Deployment-%[1]d"
+}
+
+data "azurerm_template_spec_version" "test" {
+  name                = "acctest-standing-data-empty"
+  resource_group_name = "standing-data-for-acctest"
+  version             = "v1.0.0"
+}
+
+resource "azurerm_management_group_template_deployment" "test" {
+  name                = "acctestMGdeploy-%[1]d"
+  management_group_id = azurerm_management_group.test.id
+  location            = %[2]q
+
+  template_spec_version_id = data.azurerm_template_spec_version.test.id
+
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger)
+}
+
+func (ManagementGroupTemplateDeploymentResource) emptyConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_management_group" "test" {
+  name = "TestAcc-Deployment-%[1]d"
+}
+
+resource "azurerm_management_group_template_deployment" "test" {
+  name                = "acctestMGdeploy-%[1]d"
+  management_group_id = azurerm_management_group.test.id
+  location            = %[2]q
+
+  template_content = <<TEMPLATE
+{
+ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+ "contentVersion": "1.0.0.0",
+ "parameters": {},
+ "variables": {},
+ "resources": []
+}
+TEMPLATE
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
+
+func (ManagementGroupTemplateDeploymentResource) emptyWithTagsConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_management_group" "test" {
+  name = "TestAcc-Deployment-%[1]d"
+}
+
+resource "azurerm_management_group_template_deployment" "test" {
+  name                = "acctestMGdeploy-%[1]d"
+  management_group_id = azurerm_management_group.test.id
+  location            = %q
+  tags = {
+    Hello = "World"
+  }
+
+
+  template_content = <<TEMPLATE
+{
+ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+ "contentVersion": "1.0.0.0",
+ "parameters": {},
+ "variables": {},
+ "resources": []
+}
+TEMPLATE
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
+
+func (t ManagementGroupTemplateDeploymentResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) {
+	id, err := parse.ManagementGroupTemplateDeploymentID(state.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := clients.Resource.DeploymentsClient.GetAtManagementGroupScope(ctx, id.ManagementGroupName, id.DeploymentName)
+	if err != nil {
+		return nil, fmt.Errorf("reading Subscription Template Deployment (%s): %+v", id, err)
+	}
+
+	return utils.Bool(resp.ID != nil), nil
+}
diff --git a/azurerm/internal/services/resource/parse/management_group_template_deployment.go b/azurerm/internal/services/resource/parse/management_group_template_deployment.go
new file mode 100644
index 000000000000..ed9b8599e3cc
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/management_group_template_deployment.go
@@ -0,0 +1,90 @@
+package parse
+
+import (
+	"fmt"
+	"net/url"
+	"strings"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+)
+
+type ManagementGroupTemplateDeploymentId struct {
+	ManagementGroupName string
+	DeploymentName      string
+}
+
+func NewManagementGroupTemplateDeploymentID(managementGroupName, deploymentName string) ManagementGroupTemplateDeploymentId {
+	return ManagementGroupTemplateDeploymentId{
+		ManagementGroupName: managementGroupName,
+		DeploymentName:      deploymentName,
+	}
+}
+
+func (id ManagementGroupTemplateDeploymentId) String() string {
+	segments := []string{
+		fmt.Sprintf("Deployment Name %q", id.DeploymentName),
+		fmt.Sprintf("Management Group Name %q", id.ManagementGroupName),
+	}
+	segmentsStr := strings.Join(segments, " / ")
+	return fmt.Sprintf("%s: (%s)", "Management Group Template Deployment", segmentsStr)
+}
+
+func (id ManagementGroupTemplateDeploymentId) ID() string {
+	fmtString := "/providers/Microsoft.Management/managementGroups/%s/providers/Microsoft.Resources/deployments/%s"
+	return fmt.Sprintf(fmtString, id.ManagementGroupName, id.DeploymentName)
+}
+
+// ManagementGroupTemplateDeploymentID parses a ManagementGroupTemplateDeployment ID into an ManagementGroupTemplateDeploymentId struct
+func ManagementGroupTemplateDeploymentID(input string) (*ManagementGroupTemplateDeploymentId, error) {
+	idURL, err := url.ParseRequestURI(input)
+	if err != nil {
+		return nil, fmt.Errorf("Cannot parse Azure ID: %s", err)
+	}
+
+	path := idURL.Path
+
+	path = strings.TrimPrefix(path, "/")
+	path = strings.TrimSuffix(path, "/")
+
+	components := strings.Split(path, "/")
+
+	if len(components)%2 != 0 {
+		return nil, fmt.Errorf("The number of path segments is not divisible by 2 in %q", path)
+	}
+
+	componentMap := make(map[string]string, len(components)/2)
+	for current := 0; current < len(components); current += 2 {
+		key := components[current]
+		value := components[current+1]
+
+		// Check key/value for empty strings.
+		if key == "" || value == "" {
+			return nil, fmt.Errorf("Key/Value cannot be empty strings. Key: '%s', Value: '%s'", key, value)
+		}
+		componentMap[key] = value
+	}
+
+	// Build up a TargetResourceID from the map
+	id := &azure.ResourceID{}
+	id.Path = componentMap
+
+	if provider, ok := componentMap["providers"]; ok {
+		id.Provider = provider
+		delete(componentMap, "providers")
+	}
+
+	resourceId := ManagementGroupTemplateDeploymentId{}
+
+	if resourceId.ManagementGroupName, err = id.PopSegment("managementGroups"); err != nil {
+		return nil, err
+	}
+	if resourceId.DeploymentName, err = id.PopSegment("deployments"); err != nil {
+		return nil, err
+	}
+
+	if err := id.ValidateNoEmptySegments(input); err != nil {
+		return nil, err
+	}
+
+	return &resourceId, nil
+}
diff --git a/azurerm/internal/services/resource/parse/management_group_template_deployment_test.go b/azurerm/internal/services/resource/parse/management_group_template_deployment_test.go
new file mode 100644
index 000000000000..ebed7878f4a5
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/management_group_template_deployment_test.go
@@ -0,0 +1,94 @@
+package parse
+
+import (
+	"testing"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/resourceid"
+)
+
+var _ resourceid.Formatter = ManagementGroupTemplateDeploymentId{}
+
+func TestManagementGroupTemplateDeploymentIDFormatter(t *testing.T) {
+	actual := NewManagementGroupTemplateDeploymentID("my-management-group-id", "deploy1").ID()
+	expected := "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/deploy1"
+	if actual != expected {
+		t.Fatalf("Expected %q but got %q", expected, actual)
+	}
+}
+
+func TestManagementGroupTemplateDeploymentID(t *testing.T) {
+	testData := []struct {
+		Input    string
+		Error    bool
+		Expected *ManagementGroupTemplateDeploymentId
+	}{
+
+		{
+			// empty
+			Input: "",
+			Error: true,
+		},
+
+		{
+			// missing ManagementGroupName
+			Input: "/providers/Microsoft.Management/",
+			Error: true,
+		},
+
+		{
+			// missing value for ManagementGroupName
+			Input: "/providers/Microsoft.Management/managementGroups/",
+			Error: true,
+		},
+
+		{
+			// missing DeploymentName
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/",
+			Error: true,
+		},
+
+		{
+			// missing value for DeploymentName
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/",
+			Error: true,
+		},
+
+		{
+			// valid
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/deploy1",
+			Expected: &ManagementGroupTemplateDeploymentId{
+				ManagementGroupName: "my-management-group-id",
+				DeploymentName:      "deploy1",
+			},
+		},
+
+		{
+			// upper-cased
+			Input: "/PROVIDERS/MICROSOFT.MANAGEMENT/MANAGEMENTGROUPS/MY-MANAGEMENT-GROUP-ID/PROVIDERS/MICROSOFT.RESOURCES/DEPLOYMENTS/DEPLOY1",
+			Error: true,
+		},
+	}
+
+	for _, v := range testData {
+		t.Logf("[DEBUG] Testing %q", v.Input)
+
+		actual, err := ManagementGroupTemplateDeploymentID(v.Input)
+		if err != nil {
+			if v.Error {
+				continue
+			}
+
+			t.Fatalf("Expect a value but got an error: %s", err)
+		}
+		if v.Error {
+			t.Fatal("Expect an error but didn't get one")
+		}
+
+		if actual.ManagementGroupName != v.Expected.ManagementGroupName {
+			t.Fatalf("Expected %q but got %q for ManagementGroupName", v.Expected.ManagementGroupName, actual.ManagementGroupName)
+		}
+		if actual.DeploymentName != v.Expected.DeploymentName {
+			t.Fatalf("Expected %q but got %q for DeploymentName", v.Expected.DeploymentName, actual.DeploymentName)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/parse/template_spec_version.go b/azurerm/internal/services/resource/parse/template_spec_version.go
new file mode 100644
index 000000000000..29deaf59cfee
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/template_spec_version.go
@@ -0,0 +1,75 @@
+package parse
+
+// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+)
+
+type TemplateSpecVersionId struct {
+	SubscriptionId   string
+	ResourceGroup    string
+	TemplateSpecName string
+	VersionName      string
+}
+
+func NewTemplateSpecVersionID(subscriptionId, resourceGroup, templateSpecName, versionName string) TemplateSpecVersionId {
+	return TemplateSpecVersionId{
+		SubscriptionId:   subscriptionId,
+		ResourceGroup:    resourceGroup,
+		TemplateSpecName: templateSpecName,
+		VersionName:      versionName,
+	}
+}
+
+func (id TemplateSpecVersionId) String() string {
+	segments := []string{
+		fmt.Sprintf("Version Name %q", id.VersionName),
+		fmt.Sprintf("Template Spec Name %q", id.TemplateSpecName),
+		fmt.Sprintf("Resource Group %q", id.ResourceGroup),
+	}
+	segmentsStr := strings.Join(segments, " / ")
+	return fmt.Sprintf("%s: (%s)", "Template Spec Version", segmentsStr)
+}
+
+func (id TemplateSpecVersionId) ID() string {
+	fmtString := "/subscriptions/%s/resourceGroups/%s/providers/Microsoft.Resources/templateSpecs/%s/versions/%s"
+	return fmt.Sprintf(fmtString, id.SubscriptionId, id.ResourceGroup, id.TemplateSpecName, id.VersionName)
+}
+
+// TemplateSpecVersionID parses a TemplateSpecVersion ID into an TemplateSpecVersionId struct
+func TemplateSpecVersionID(input string) (*TemplateSpecVersionId, error) {
+	id, err := azure.ParseAzureResourceID(input)
+	if err != nil {
+		return nil, err
+	}
+
+	resourceId := TemplateSpecVersionId{
+		SubscriptionId: id.SubscriptionID,
+		ResourceGroup:  id.ResourceGroup,
+	}
+
+	if resourceId.SubscriptionId == "" {
+		return nil, fmt.Errorf("ID was missing the 'subscriptions' element")
+	}
+
+	if resourceId.ResourceGroup == "" {
+		return nil, fmt.Errorf("ID was missing the 'resourceGroups' element")
+	}
+
+	if resourceId.TemplateSpecName, err = id.PopSegment("templateSpecs"); err != nil {
+		return nil, err
+	}
+	if resourceId.VersionName, err = id.PopSegment("versions"); err != nil {
+		return nil, err
+	}
+
+	if err := id.ValidateNoEmptySegments(input); err != nil {
+		return nil, err
+	}
+
+	return &resourceId, nil
+}
diff --git a/azurerm/internal/services/resource/parse/template_spec_version_test.go b/azurerm/internal/services/resource/parse/template_spec_version_test.go
new file mode 100644
index 000000000000..9069a7595898
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/template_spec_version_test.go
@@ -0,0 +1,128 @@
+package parse
+
+// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten
+
+import (
+	"testing"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/resourceid"
+)
+
+var _ resourceid.Formatter = TemplateSpecVersionId{}
+
+func TestTemplateSpecVersionIDFormatter(t *testing.T) {
+	actual := NewTemplateSpecVersionID("12345678-1234-9876-4563-123456789012", "templateSpecRG", "templateSpec1", "v1.0").ID()
+	expected := "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/v1.0"
+	if actual != expected {
+		t.Fatalf("Expected %q but got %q", expected, actual)
+	}
+}
+
+func TestTemplateSpecVersionID(t *testing.T) {
+	testData := []struct {
+		Input    string
+		Error    bool
+		Expected *TemplateSpecVersionId
+	}{
+
+		{
+			// empty
+			Input: "",
+			Error: true,
+		},
+
+		{
+			// missing SubscriptionId
+			Input: "/",
+			Error: true,
+		},
+
+		{
+			// missing value for SubscriptionId
+			Input: "/subscriptions/",
+			Error: true,
+		},
+
+		{
+			// missing ResourceGroup
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/",
+			Error: true,
+		},
+
+		{
+			// missing value for ResourceGroup
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/",
+			Error: true,
+		},
+
+		{
+			// missing TemplateSpecName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/",
+			Error: true,
+		},
+
+		{
+			// missing value for TemplateSpecName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/",
+			Error: true,
+		},
+
+		{
+			// missing VersionName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/",
+			Error: true,
+		},
+
+		{
+			// missing value for VersionName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/",
+			Error: true,
+		},
+
+		{
+			// valid
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/v1.0",
+			Expected: &TemplateSpecVersionId{
+				SubscriptionId:   "12345678-1234-9876-4563-123456789012",
+				ResourceGroup:    "templateSpecRG",
+				TemplateSpecName: "templateSpec1",
+				VersionName:      "v1.0",
+			},
+		},
+
+		{
+			// upper-cased
+			Input: "/SUBSCRIPTIONS/12345678-1234-9876-4563-123456789012/RESOURCEGROUPS/TEMPLATESPECRG/PROVIDERS/MICROSOFT.RESOURCES/TEMPLATESPECS/TEMPLATESPEC1/VERSIONS/V1.0",
+			Error: true,
+		},
+	}
+
+	for _, v := range testData {
+		t.Logf("[DEBUG] Testing %q", v.Input)
+
+		actual, err := TemplateSpecVersionID(v.Input)
+		if err != nil {
+			if v.Error {
+				continue
+			}
+
+			t.Fatalf("Expect a value but got an error: %s", err)
+		}
+		if v.Error {
+			t.Fatal("Expect an error but didn't get one")
+		}
+
+		if actual.SubscriptionId != v.Expected.SubscriptionId {
+			t.Fatalf("Expected %q but got %q for SubscriptionId", v.Expected.SubscriptionId, actual.SubscriptionId)
+		}
+		if actual.ResourceGroup != v.Expected.ResourceGroup {
+			t.Fatalf("Expected %q but got %q for ResourceGroup", v.Expected.ResourceGroup, actual.ResourceGroup)
+		}
+		if actual.TemplateSpecName != v.Expected.TemplateSpecName {
+			t.Fatalf("Expected %q but got %q for TemplateSpecName", v.Expected.TemplateSpecName, actual.TemplateSpecName)
+		}
+		if actual.VersionName != v.Expected.VersionName {
+			t.Fatalf("Expected %q but got %q for VersionName", v.Expected.VersionName, actual.VersionName)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/parse/tenant_template_deployment.go b/azurerm/internal/services/resource/parse/tenant_template_deployment.go
new file mode 100644
index 000000000000..29f1ecedf10a
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/tenant_template_deployment.go
@@ -0,0 +1,84 @@
+package parse
+
+import (
+	"fmt"
+	"net/url"
+	"strings"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+)
+
+type TenantTemplateDeploymentId struct {
+	DeploymentName string
+}
+
+func NewTenantTemplateDeploymentID(deploymentName string) TenantTemplateDeploymentId {
+	return TenantTemplateDeploymentId{
+		DeploymentName: deploymentName,
+	}
+}
+
+func (id TenantTemplateDeploymentId) String() string {
+	segments := []string{
+		fmt.Sprintf("Deployment Name %q", id.DeploymentName),
+	}
+	segmentsStr := strings.Join(segments, " / ")
+	return fmt.Sprintf("%s: (%s)", "Tenant Template Deployment", segmentsStr)
+}
+
+func (id TenantTemplateDeploymentId) ID() string {
+	fmtString := "/providers/Microsoft.Resources/deployments/%s"
+	return fmt.Sprintf(fmtString, id.DeploymentName)
+}
+
+// TenantTemplateDeploymentID parses a TenantTemplateDeployment ID into an TenantTemplateDeploymentId struct
+func TenantTemplateDeploymentID(input string) (*TenantTemplateDeploymentId, error) {
+	idURL, err := url.ParseRequestURI(input)
+	if err != nil {
+		return nil, fmt.Errorf("Cannot parse Azure ID: %s", err)
+	}
+
+	path := idURL.Path
+
+	path = strings.TrimPrefix(path, "/")
+	path = strings.TrimSuffix(path, "/")
+
+	components := strings.Split(path, "/")
+
+	if len(components)%2 != 0 {
+		return nil, fmt.Errorf("The number of path segments is not divisible by 2 in %q", path)
+	}
+
+	componentMap := make(map[string]string, len(components)/2)
+	for current := 0; current < len(components); current += 2 {
+		key := components[current]
+		value := components[current+1]
+
+		// Check key/value for empty strings.
+		if key == "" || value == "" {
+			return nil, fmt.Errorf("Key/Value cannot be empty strings. Key: '%s', Value: '%s'", key, value)
+		}
+		componentMap[key] = value
+	}
+
+	// Build up a TargetResourceID from the map
+	id := &azure.ResourceID{}
+	id.Path = componentMap
+
+	if provider, ok := componentMap["providers"]; ok {
+		id.Provider = provider
+		delete(componentMap, "providers")
+	}
+
+	resourceId := TenantTemplateDeploymentId{}
+
+	if resourceId.DeploymentName, err = id.PopSegment("deployments"); err != nil {
+		return nil, err
+	}
+
+	if err := id.ValidateNoEmptySegments(input); err != nil {
+		return nil, err
+	}
+
+	return &resourceId, nil
+}
diff --git a/azurerm/internal/services/resource/parse/tenant_template_deployment_test.go b/azurerm/internal/services/resource/parse/tenant_template_deployment_test.go
new file mode 100644
index 000000000000..fc3587428189
--- /dev/null
+++ b/azurerm/internal/services/resource/parse/tenant_template_deployment_test.go
@@ -0,0 +1,78 @@
+package parse
+
+import (
+	"testing"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/resourceid"
+)
+
+var _ resourceid.Formatter = TenantTemplateDeploymentId{}
+
+func TestTenantTemplateDeploymentIDFormatter(t *testing.T) {
+	actual := NewTenantTemplateDeploymentID("deploy1").ID()
+	expected := "/providers/Microsoft.Resources/deployments/deploy1"
+	if actual != expected {
+		t.Fatalf("Expected %q but got %q", expected, actual)
+	}
+}
+
+func TestTenantTemplateDeploymentID(t *testing.T) {
+	testData := []struct {
+		Input    string
+		Error    bool
+		Expected *TenantTemplateDeploymentId
+	}{
+
+		{
+			// empty
+			Input: "",
+			Error: true,
+		},
+
+		{
+			// missing DeploymentName
+			Input: "/providers/Microsoft.Resources/",
+			Error: true,
+		},
+
+		{
+			// missing value for DeploymentName
+			Input: "/providers/Microsoft.Resources/deployments/",
+			Error: true,
+		},
+
+		{
+			// valid
+			Input: "/providers/Microsoft.Resources/deployments/deploy1",
+			Expected: &TenantTemplateDeploymentId{
+				DeploymentName: "deploy1",
+			},
+		},
+
+		{
+			// upper-cased
+			Input: "/PROVIDERS/MICROSOFT.RESOURCES/DEPLOYMENTS/DEPLOY1",
+			Error: true,
+		},
+	}
+
+	for _, v := range testData {
+		t.Logf("[DEBUG] Testing %q", v.Input)
+
+		actual, err := TenantTemplateDeploymentID(v.Input)
+		if err != nil {
+			if v.Error {
+				continue
+			}
+
+			t.Fatalf("Expect a value but got an error: %s", err)
+		}
+		if v.Error {
+			t.Fatal("Expect an error but didn't get one")
+		}
+
+		if actual.DeploymentName != v.Expected.DeploymentName {
+			t.Fatalf("Expected %q but got %q for DeploymentName", v.Expected.DeploymentName, actual.DeploymentName)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/registration.go b/azurerm/internal/services/resource/registration.go
index e78d8c5dd4b9..0facd2b622ce 100644
--- a/azurerm/internal/services/resource/registration.go
+++ b/azurerm/internal/services/resource/registration.go
@@ -24,19 +24,22 @@ func (r Registration) WebsiteCategories() []string {
 // SupportedDataSources returns the supported Data Sources supported by this Service
 func (r Registration) SupportedDataSources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
-		"azurerm_resources":      dataSourceResources(),
-		"azurerm_resource_group": dataSourceResourceGroup(),
+		"azurerm_resources":             dataSourceResources(),
+		"azurerm_resource_group":        dataSourceResourceGroup(),
+		"azurerm_template_spec_version": dataSourceTemplateSpecVersion(),
 	}
 }
 
 // SupportedResources returns the supported Resources supported by this Service
 func (r Registration) SupportedResources() map[string]*schema.Resource {
 	return map[string]*schema.Resource{
-		"azurerm_management_lock":                    resourceManagementLock(),
-		"azurerm_resource_group":                     resourceResourceGroup(),
-		"azurerm_resource_group_template_deployment": resourceGroupTemplateDeploymentResource(),
-		"azurerm_subscription_template_deployment":   subscriptionTemplateDeploymentResource(),
-		"azurerm_template_deployment":                resourceTemplateDeployment(),
+		"azurerm_management_lock":                      resourceManagementLock(),
+		"azurerm_management_group_template_deployment": managementGroupTemplateDeploymentResource(),
+		"azurerm_resource_group":                       resourceResourceGroup(),
+		"azurerm_resource_group_template_deployment":   resourceGroupTemplateDeploymentResource(),
+		"azurerm_subscription_template_deployment":     subscriptionTemplateDeploymentResource(),
+		"azurerm_template_deployment":                  resourceTemplateDeployment(),
+		"azurerm_tenant_template_deployment":           tenantTemplateDeploymentResource(),
 	}
 }
 
diff --git a/azurerm/internal/services/resource/resource_group_template_deployment_resource.go b/azurerm/internal/services/resource/resource_group_template_deployment_resource.go
index 268b5825b9c6..1369a927ee1e 100644
--- a/azurerm/internal/services/resource/resource_group_template_deployment_resource.go
+++ b/azurerm/internal/services/resource/resource_group_template_deployment_resource.go
@@ -61,11 +61,26 @@ func resourceGroupTemplateDeploymentResource() *schema.Resource {
 			},
 
 			"template_content": {
-				Type:      schema.TypeString,
-				Required:  true,
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
 				StateFunc: utils.NormalizeJson,
 			},
 
+			"template_spec_version_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				ValidateFunc: validate.TemplateSpecVersionID,
+			},
+
 			// Optional
 			"debug_level": {
 				Type:         schema.TypeString,
@@ -112,19 +127,28 @@ func resourceGroupTemplateDeploymentResourceCreate(d *schema.ResourceData, meta
 		return tf.ImportAsExistsError("azurerm_resource_group_template_deployment", id.ID())
 	}
 
-	template, err := expandTemplateDeploymentBody(d.Get("template_content").(string))
-	if err != nil {
-		return fmt.Errorf("expanding `template_content`: %+v", err)
-	}
 	deployment := resources.Deployment{
 		Properties: &resources.DeploymentProperties{
 			DebugSetting: expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string)),
 			Mode:         resources.DeploymentMode(d.Get("deployment_mode").(string)),
-			Template:     template,
 		},
 		Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
 	}
 
+	if templateRaw, ok := d.GetOk("template_content"); ok {
+		template, err := expandTemplateDeploymentBody(templateRaw.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+		deployment.Properties.Template = template
+	}
+
+	if templateSpecVersionID, ok := d.GetOk("template_spec_version_id"); ok {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(templateSpecVersionID.(string)),
+		}
+	}
+
 	if v, ok := d.GetOk("parameters_content"); ok && v != "" {
 		parameters, err := expandTemplateDeploymentBody(v.(string))
 		if err != nil {
@@ -213,6 +237,12 @@ func resourceGroupTemplateDeploymentResourceUpdate(d *schema.ResourceData, meta
 		deployment.Properties.Template = exportedTemplate.Template
 	}
 
+	if d.HasChange("template_spec_version_id") {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(d.Get("template_spec_version_id").(string)),
+		}
+	}
+
 	if d.HasChange("tags") {
 		deployment.Tags = tags.Expand(d.Get("tags").(map[string]interface{}))
 	}
@@ -282,6 +312,14 @@ func resourceGroupTemplateDeploymentResourceRead(d *schema.ResourceData, meta in
 			return fmt.Errorf("flattening `output_content`: %+v", err)
 		}
 		d.Set("output_content", flattenedOutputs)
+
+		templateLinkId := ""
+		if props.TemplateLink != nil {
+			if props.TemplateLink.ID != nil {
+				templateLinkId = *props.TemplateLink.ID
+			}
+		}
+		d.Set("template_spec_version_id", templateLinkId)
 	}
 
 	flattenedTemplate, err := flattenTemplateDeploymentBody(templateContents.Template)
diff --git a/azurerm/internal/services/resource/resource_group_template_deployment_resource_test.go b/azurerm/internal/services/resource/resource_group_template_deployment_resource_test.go
index ad6c9c744887..ae7d11368220 100644
--- a/azurerm/internal/services/resource/resource_group_template_deployment_resource_test.go
+++ b/azurerm/internal/services/resource/resource_group_template_deployment_resource_test.go
@@ -155,7 +155,7 @@ func TestAccResourceGroupTemplateDeployment_withOutputs(t *testing.T) {
 			Config: r.withOutputsConfig(data),
 			Check: resource.ComposeTestCheckFunc(
 				check.That(data.ResourceName).ExistsInAzure(r),
-				check.That(data.ResourceName).Key("output_content").HasValue("{\"testOutput\":{\"type\":\"String\")"),
+				check.That(data.ResourceName).Key("output_content").HasValue("{\"testOutput\":{\"type\":\"String\",\"value\":\"some-value\"}}"),
 			),
 		},
 		data.ImportStep(),
@@ -228,6 +228,36 @@ func TestAccResourceGroupTemplateDeployment_childItems(t *testing.T) {
 	})
 }
 
+func TestAccResourceGroupTemplateDeployment_templateSpecEmpty(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_resource_group_template_deployment", "test")
+	r := ResourceGroupTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.templateSpecVersionConfigEmpty(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func TestAccResourceGroupTemplateDeployment_templateSpecResources(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_resource_group_template_deployment", "test")
+	r := ResourceGroupTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.templateSpecVersionConfigResources(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func (t ResourceGroupTemplateDeploymentResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) {
 	id, err := parse.ResourceGroupTemplateDeploymentID(state.ID)
 	if err != nil {
@@ -271,6 +301,60 @@ TEMPLATE
 `, data.RandomInteger, data.Locations.Primary, deploymentMode)
 }
 
+func (ResourceGroupTemplateDeploymentResource) templateSpecVersionConfigEmpty(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestrg-%d"
+  location = %q
+}
+
+data "azurerm_template_spec_version" "test" {
+  name                = "acctest-standing-data-empty"
+  resource_group_name = "standing-data-for-acctest"
+  version             = "v1.0.0"
+}
+
+resource "azurerm_resource_group_template_deployment" "test" {
+  name                = "acctest"
+  resource_group_name = azurerm_resource_group.test.name
+  deployment_mode     = "Incremental"
+
+  template_spec_version_id = data.azurerm_template_spec_version.test.id
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
+
+func (ResourceGroupTemplateDeploymentResource) templateSpecVersionConfigResources(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "test" {
+  name     = "acctestrg-%d"
+  location = %q
+}
+
+data "azurerm_template_spec_version" "test" {
+  name                = "acctest-standing-data-for-rg"
+  resource_group_name = "standing-data-for-acctest"
+  version             = "v1.0.0"
+}
+
+resource "azurerm_resource_group_template_deployment" "test" {
+  name                = "acctest"
+  resource_group_name = azurerm_resource_group.test.name
+  deployment_mode     = "Incremental"
+
+  template_spec_version_id = data.azurerm_template_spec_version.test.id
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
+
 func (ResourceGroupTemplateDeploymentResource) emptyWithTagsConfig(data acceptance.TestData, deploymentMode string) string {
 	return fmt.Sprintf(`
 provider "azurerm" {
diff --git a/azurerm/internal/services/resource/resourceids.go b/azurerm/internal/services/resource/resourceids.go
index a30b0f8b68de..703522fafd36 100644
--- a/azurerm/internal/services/resource/resourceids.go
+++ b/azurerm/internal/services/resource/resourceids.go
@@ -3,5 +3,6 @@ package resource
 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=ResourceGroup -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/group1
 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=ResourceGroupTemplateDeployment -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/group1/providers/Microsoft.Resources/deployments/deploy1
 //go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=SubscriptionTemplateDeployment -id=/subscriptions/12345678-1234-9876-4563-123456789012/providers/Microsoft.Resources/deployments/deploy1
+//go:generate go run ../../tools/generator-resource-id/main.go -path=./ -name=TemplateSpecVersion -id=/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/v1.0
 
 // ResourceProvider is manually maintained since the generator doesn't support outputting this information at this time
diff --git a/azurerm/internal/services/resource/subscription_template_deployment_resource.go b/azurerm/internal/services/resource/subscription_template_deployment_resource.go
index 2b8a6047f409..e7ab5df9e8ee 100644
--- a/azurerm/internal/services/resource/subscription_template_deployment_resource.go
+++ b/azurerm/internal/services/resource/subscription_template_deployment_resource.go
@@ -52,11 +52,26 @@ func subscriptionTemplateDeploymentResource() *schema.Resource {
 			"location": location.Schema(),
 
 			"template_content": {
-				Type:      schema.TypeString,
-				Required:  true,
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
 				StateFunc: utils.NormalizeJson,
 			},
 
+			"template_spec_version_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				ValidateFunc: validate.TemplateSpecVersionID,
+			},
+
 			// Optional
 			"debug_level": {
 				Type:         schema.TypeString,
@@ -102,20 +117,30 @@ func subscriptionTemplateDeploymentResourceCreate(d *schema.ResourceData, meta i
 	if existing.Properties != nil {
 		return tf.ImportAsExistsError("azurerm_subscription_template_deployment", id.ID())
 	}
-	template, err := expandTemplateDeploymentBody(d.Get("template_content").(string))
-	if err != nil {
-		return fmt.Errorf("expanding `template_content`: %+v", err)
-	}
+
 	deployment := resources.Deployment{
 		Location: utils.String(location.Normalize(d.Get("location").(string))),
 		Properties: &resources.DeploymentProperties{
 			DebugSetting: expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string)),
 			Mode:         resources.Incremental,
-			Template:     template,
 		},
 		Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
 	}
 
+	if templateRaw, ok := d.GetOk("template_content"); ok {
+		template, err := expandTemplateDeploymentBody(templateRaw.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+		deployment.Properties.Template = template
+	}
+
+	if templateSpecVersionID, ok := d.GetOk("template_spec_version_id"); ok {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(templateSpecVersionID.(string)),
+		}
+	}
+
 	if v, ok := d.GetOk("parameters_content"); ok && v != "" {
 		parameters, err := expandTemplateDeploymentBody(v.(string))
 		if err != nil {
@@ -201,6 +226,12 @@ func subscriptionTemplateDeploymentResourceUpdate(d *schema.ResourceData, meta i
 		deployment.Properties.Template = exportedTemplate.Template
 	}
 
+	if d.HasChange("template_spec_version_id") {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(d.Get("template_spec_version_id").(string)),
+		}
+	}
+
 	if d.HasChange("tags") {
 		deployment.Tags = tags.Expand(d.Get("tags").(map[string]interface{}))
 	}
@@ -269,6 +300,14 @@ func subscriptionTemplateDeploymentResourceRead(d *schema.ResourceData, meta int
 			return fmt.Errorf("flattening `output_content`: %+v", err)
 		}
 		d.Set("output_content", flattenedOutputs)
+
+		templateLinkId := ""
+		if props.TemplateLink != nil {
+			if props.TemplateLink.ID != nil {
+				templateLinkId = *props.TemplateLink.ID
+			}
+		}
+		d.Set("template_spec_version_id", templateLinkId)
 	}
 
 	flattenedTemplate, err := flattenTemplateDeploymentBody(templateContents.Template)
diff --git a/azurerm/internal/services/resource/subscription_template_deployment_resource_test.go b/azurerm/internal/services/resource/subscription_template_deployment_resource_test.go
index b4c72d44c1ae..fa9d9ff07a65 100644
--- a/azurerm/internal/services/resource/subscription_template_deployment_resource_test.go
+++ b/azurerm/internal/services/resource/subscription_template_deployment_resource_test.go
@@ -40,6 +40,21 @@ func TestAccSubscriptionTemplateDeployment_empty(t *testing.T) {
 	})
 }
 
+func TestAccSubscriptionTemplateDeployment_templateSpecVersion(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_subscription_template_deployment", "test")
+	r := SubscriptionTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.templateSpecVersionConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
 func TestAccSubscriptionTemplateDeployment_singleItemUpdatingParams(t *testing.T) {
 	data := acceptance.BuildTestData(t, "azurerm_subscription_template_deployment", "test")
 	r := SubscriptionTemplateDeploymentResource{}
@@ -115,7 +130,7 @@ func TestAccSubscriptionTemplateDeployment_withOutputs(t *testing.T) {
 			Config: r.withOutputsConfig(data),
 			Check: resource.ComposeTestCheckFunc(
 				check.That(data.ResourceName).ExistsInAzure(r),
-				check.That(data.ResourceName).Key("output_content").HasValue("{\"testOutput\":{\"type\":\"String\""),
+				check.That(data.ResourceName).Key("output_content").HasValue("{\"testOutput\":{\"type\":\"String\",\"value\":\"some-value\"}}"),
 			),
 		},
 		data.ImportStep(),
@@ -159,6 +174,41 @@ TEMPLATE
 `, data.RandomInteger, data.Locations.Primary)
 }
 
+func (SubscriptionTemplateDeploymentResource) templateSpecVersionConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+data "azurerm_template_spec_version" "test" {
+  name                = "acctest-standing-data-for-sub"
+  resource_group_name = "standing-data-for-acctest"
+  version             = "v1.0.0"
+}
+
+resource "azurerm_subscription_template_deployment" "test" {
+  name     = "acctestsubdeploy-%d"
+  location = %q
+
+  template_spec_version_id = data.azurerm_template_spec_version.test.id
+
+  parameters_content = <<PARAM
+{
+  "rgName": {
+   "value": "acctest-rg-tspec-%d"
+  },
+  "rgLocation": {
+   "value": %q
+  },
+  "tags": {
+   "value": {}
+  }
+}
+PARAM
+}
+`, data.RandomInteger, data.Locations.Primary, data.RandomInteger, data.Locations.Primary)
+}
+
 func (SubscriptionTemplateDeploymentResource) emptyWithTagsConfig(data acceptance.TestData) string {
 	return fmt.Sprintf(`
 provider "azurerm" {
diff --git a/azurerm/internal/services/resource/template_spec_version_data_source.go b/azurerm/internal/services/resource/template_spec_version_data_source.go
new file mode 100644
index 000000000000..4091764305d5
--- /dev/null
+++ b/azurerm/internal/services/resource/template_spec_version_data_source.go
@@ -0,0 +1,84 @@
+package resource
+
+import (
+	"fmt"
+	"time"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/validate"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tags"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/azure"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func dataSourceTemplateSpecVersion() *schema.Resource {
+	return &schema.Resource{
+		Read: dataSourceTemplateSpecVersionRead,
+
+		Timeouts: &schema.ResourceTimeout{
+			Read: schema.DefaultTimeout(5 * time.Minute),
+		},
+
+		//lintignore:S033
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validate.TemplateSpecName,
+			},
+
+			"resource_group_name": azure.SchemaResourceGroupNameForDataSource(),
+
+			"version": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ValidateFunc: validate.TemplateSpecVersionName,
+			},
+
+			"template_body": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				StateFunc: utils.NormalizeJson,
+			},
+
+			"tags": tags.SchemaDataSource(),
+		},
+	}
+}
+
+func dataSourceTemplateSpecVersionRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.TemplateSpecsVersionsClient
+	subscriptionId := meta.(*clients.Client).Account.SubscriptionId
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id := parse.NewTemplateSpecVersionID(subscriptionId, d.Get("resource_group_name").(string), d.Get("name").(string), d.Get("version").(string))
+
+	resp, err := client.Get(ctx, id.ResourceGroup, id.TemplateSpecName, id.VersionName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			return fmt.Errorf("Templatespec %q, with version name %q (resource group %q) was not found: %+v", id.TemplateSpecName, id.VersionName, id.ResourceGroup, err)
+		}
+		return fmt.Errorf("reading Templatespec %q, with version name %q (resource group %q): %+v", id.TemplateSpecName, id.VersionName, id.ResourceGroup, err)
+	}
+
+	templateBody := "{}"
+	if props := resp.VersionProperties; props != nil && props.Template != nil {
+		templateBodyRaw, err := flattenTemplateDeploymentBody(props.Template)
+		if err != nil {
+			return err
+		}
+
+		templateBody = *templateBodyRaw
+	}
+	d.Set("template_body", templateBody)
+
+	d.SetId(id.ID())
+
+	return tags.FlattenAndSet(d, resp.Tags)
+}
diff --git a/azurerm/internal/services/resource/template_spec_version_data_source_test.go b/azurerm/internal/services/resource/template_spec_version_data_source_test.go
new file mode 100644
index 000000000000..5c43e9b7e89d
--- /dev/null
+++ b/azurerm/internal/services/resource/template_spec_version_data_source_test.go
@@ -0,0 +1,43 @@
+package resource_test
+
+import (
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance/check"
+)
+
+type TemplateSpecVersionDataSource struct {
+}
+
+func TestAccDataSourceTemplateSpecVersion(t *testing.T) {
+	data := acceptance.BuildTestData(t, "data.azurerm_template_spec_version", "test")
+	r := TemplateSpecVersionDataSource{}
+
+	data.DataSourceTest(t, []resource.TestStep{
+		{
+			Config: r.basic(),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).Key("name").HasValue("acctest-standing-data-empty"),
+				check.That(data.ResourceName).Key("version").HasValue("v1.0.0"),
+				check.That(data.ResourceName).Key("template_body").Exists(),
+				check.That(data.ResourceName).Key("tags.%").HasValue("1"),
+			),
+		},
+	})
+}
+
+func (TemplateSpecVersionDataSource) basic() string {
+	return `
+provider "azurerm" {
+  features {}
+}
+
+data "azurerm_template_spec_version" "test" {
+  name                = "acctest-standing-data-empty"
+  resource_group_name = "standing-data-for-acctest"
+  version             = "v1.0.0"
+}
+`
+}
diff --git a/azurerm/internal/services/resource/tenant_template_deployment_resource.go b/azurerm/internal/services/resource/tenant_template_deployment_resource.go
new file mode 100644
index 000000000000..c170ea70f786
--- /dev/null
+++ b/azurerm/internal/services/resource/tenant_template_deployment_resource.go
@@ -0,0 +1,371 @@
+package resource
+
+import (
+	"context"
+	"fmt"
+	"log"
+	"time"
+
+	"github.com/Azure/azure-sdk-for-go/services/resources/mgmt/2020-06-01/resources"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/schema"
+	"github.com/hashicorp/terraform-plugin-sdk/helper/validation"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/helpers/tf"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/location"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/validate"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tags"
+	azSchema "github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/tf/schema"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/timeouts"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+func tenantTemplateDeploymentResource() *schema.Resource {
+	return &schema.Resource{
+		Create: tenantTemplateDeploymentResourceCreate,
+		Read:   tenantTemplateDeploymentResourceRead,
+		Update: tenantTemplateDeploymentResourceUpdate,
+		Delete: tenantTemplateDeploymentResourceDelete,
+		Importer: azSchema.ValidateResourceIDPriorToImport(func(id string) error {
+			_, err := parse.TenantTemplateDeploymentID(id)
+			return err
+		}),
+
+		Timeouts: &schema.ResourceTimeout{
+			Create: schema.DefaultTimeout(180 * time.Minute),
+			Read:   schema.DefaultTimeout(5 * time.Minute),
+			Update: schema.DefaultTimeout(180 * time.Minute),
+			Delete: schema.DefaultTimeout(180 * time.Minute),
+		},
+
+		// (@jackofallops - lintignore needed as we need to make sure the JSON is usable in `output_content`)
+
+		//lintignore:S033
+		Schema: map[string]*schema.Schema{
+			"name": {
+				Type:         schema.TypeString,
+				Required:     true,
+				ForceNew:     true,
+				ValidateFunc: validate.TemplateDeploymentName,
+			},
+
+			"location": location.Schema(),
+
+			"template_content": {
+				Type:     schema.TypeString,
+				Optional: true,
+				Computed: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				StateFunc: utils.NormalizeJson,
+			},
+
+			"template_spec_version_id": {
+				Type:     schema.TypeString,
+				Optional: true,
+				ExactlyOneOf: []string{
+					"template_content",
+					"template_spec_version_id",
+				},
+				ValidateFunc: validate.TemplateSpecVersionID,
+			},
+
+			// Optional
+			"debug_level": {
+				Type:         schema.TypeString,
+				Optional:     true,
+				ValidateFunc: validation.StringInSlice(templateDeploymentDebugLevels, false),
+			},
+
+			"parameters_content": {
+				Type:      schema.TypeString,
+				Optional:  true,
+				Computed:  true,
+				StateFunc: utils.NormalizeJson,
+			},
+
+			"tags": tags.Schema(),
+
+			// Computed
+			"output_content": {
+				Type:      schema.TypeString,
+				Computed:  true,
+				StateFunc: utils.NormalizeJson,
+				// NOTE:  outputs can be strings, ints, objects etc - whilst using a nested object was considered
+				// parsing the JSON using `jsondecode` allows the users to interact with/map objects as required
+			},
+		},
+	}
+}
+
+func tenantTemplateDeploymentResourceCreate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForCreate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id := parse.NewTenantTemplateDeploymentID(d.Get("name").(string))
+
+	existing, err := client.GetAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		if !utils.ResponseWasNotFound(existing.Response) {
+			return fmt.Errorf("checking for presence of existing Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+		}
+	}
+	if existing.Properties != nil {
+		return tf.ImportAsExistsError("azurerm_tenant_template_deployment", id.ID())
+	}
+
+	deployment := resources.ScopedDeployment{
+		Location: utils.String(location.Normalize(d.Get("location").(string))),
+		Properties: &resources.DeploymentProperties{
+			DebugSetting: expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string)),
+			Mode:         resources.Incremental,
+		},
+		Tags: tags.Expand(d.Get("tags").(map[string]interface{})),
+	}
+
+	if templateRaw, ok := d.GetOk("template_content"); ok {
+		template, err := expandTemplateDeploymentBody(templateRaw.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+		deployment.Properties.Template = template
+	}
+
+	if templateSpecVersionID, ok := d.GetOk("template_spec_version_id"); ok {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(templateSpecVersionID.(string)),
+		}
+	}
+
+	if v, ok := d.GetOk("parameters_content"); ok && v != "" {
+		parameters, err := expandTemplateDeploymentBody(v.(string))
+		if err != nil {
+			return fmt.Errorf("expanding `parameters_content`: %+v", err)
+		}
+		deployment.Properties.Parameters = parameters
+	}
+
+	log.Printf("[DEBUG] Running validation of Tenant Template Deployment %q..", id.DeploymentName)
+	if err := validateTenantTemplateDeployment(ctx, id, deployment, client); err != nil {
+		return fmt.Errorf("validating Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Validated Tenant Template Deployment %q..", id.DeploymentName)
+
+	log.Printf("[DEBUG] Provisioning Tenant Template Deployment %q..", id.DeploymentName)
+	future, err := client.CreateOrUpdateAtTenantScope(ctx, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("creating Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deployment of Tenant Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for creation of Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	d.SetId(id.ID())
+	return tenantTemplateDeploymentResourceRead(d, meta)
+}
+
+func tenantTemplateDeploymentResourceUpdate(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForUpdate(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.TenantTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	log.Printf("[DEBUG] Retrieving Tenant Template Deployment %q..", id.DeploymentName)
+	template, err := client.GetAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("retrieving Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	if template.Properties == nil {
+		return fmt.Errorf("retrieving Tenant Template Deployment %q: `properties` was nil", id.DeploymentName)
+	}
+
+	// the API doesn't have a Patch operation, so we'll need to build one
+	deployment := resources.ScopedDeployment{
+		Location: template.Location,
+		Properties: &resources.DeploymentProperties{
+			DebugSetting: template.Properties.DebugSetting,
+			Mode:         resources.Incremental,
+		},
+		Tags: template.Tags,
+	}
+
+	if d.HasChange("debug_level") {
+		deployment.Properties.DebugSetting = expandTemplateDeploymentDebugSetting(d.Get("debug_level").(string))
+	}
+
+	if d.HasChange("parameters_content") {
+		parameters, err := expandTemplateDeploymentBody(d.Get("parameters_content").(string))
+		if err != nil {
+			return fmt.Errorf("expanding `parameters_content`: %+v", err)
+		}
+		deployment.Properties.Parameters = parameters
+	}
+
+	if d.HasChange("template_content") {
+		templateContents, err := expandTemplateDeploymentBody(d.Get("template_content").(string))
+		if err != nil {
+			return fmt.Errorf("expanding `template_content`: %+v", err)
+		}
+
+		deployment.Properties.Template = templateContents
+	} else {
+		// retrieve the existing content and reuse that
+		exportedTemplate, err := client.ExportTemplateAtTenantScope(ctx, id.DeploymentName)
+		if err != nil {
+			return fmt.Errorf("retrieving Contents for Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+		}
+
+		deployment.Properties.Template = exportedTemplate.Template
+	}
+
+	if d.HasChange("template_spec_version_id") {
+		deployment.Properties.TemplateLink = &resources.TemplateLink{
+			ID: utils.String(d.Get("template_spec_version_id").(string)),
+		}
+	}
+
+	if d.HasChange("tags") {
+		deployment.Tags = tags.Expand(d.Get("tags").(map[string]interface{}))
+	}
+
+	log.Printf("[DEBUG] Running validation of Tenant Template Deployment %q..", id.DeploymentName)
+	if err := validateTenantTemplateDeployment(ctx, *id, deployment, client); err != nil {
+		return fmt.Errorf("validating Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Validated Tenant Template Deployment %q..", id.DeploymentName)
+
+	log.Printf("[DEBUG] Provisioning Tenant Template Deployment %q)..", id.DeploymentName)
+	future, err := client.CreateOrUpdateAtTenantScope(ctx, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("creating Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deployment of Tenant Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for creation of Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	return tenantTemplateDeploymentResourceRead(d, meta)
+}
+
+func tenantTemplateDeploymentResourceRead(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForRead(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.TenantTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	resp, err := client.GetAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		if utils.ResponseWasNotFound(resp.Response) {
+			log.Printf("[DEBUG] Tenant Template Deployment %q was not found - removing from state", id.DeploymentName)
+			d.SetId("")
+			return nil
+		}
+
+		return fmt.Errorf("retrieving Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	templateContents, err := client.ExportTemplateAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("retrieving Template Content for Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	d.Set("name", id.DeploymentName)
+	d.Set("location", location.NormalizeNilable(resp.Location))
+
+	if props := resp.Properties; props != nil {
+		d.Set("debug_level", flattenTemplateDeploymentDebugSetting(props.DebugSetting))
+
+		filteredParams := filterOutTemplateDeploymentParameters(props.Parameters)
+		flattenedParams, err := flattenTemplateDeploymentBody(filteredParams)
+		if err != nil {
+			return fmt.Errorf("flattening `parameters_content`: %+v", err)
+		}
+		d.Set("parameters_content", flattenedParams)
+
+		flattenedOutputs, err := flattenTemplateDeploymentBody(props.Outputs)
+		if err != nil {
+			return fmt.Errorf("flattening `output_content`: %+v", err)
+		}
+		d.Set("output_content", flattenedOutputs)
+
+		templateLinkId := ""
+		if props.TemplateLink != nil {
+			if props.TemplateLink.ID != nil {
+				templateLinkId = *props.TemplateLink.ID
+			}
+		}
+		d.Set("template_spec_version_id", templateLinkId)
+	}
+
+	flattenedTemplate, err := flattenTemplateDeploymentBody(templateContents.Template)
+	if err != nil {
+		return fmt.Errorf("flattening `template_content`: %+v", err)
+	}
+	d.Set("template_content", flattenedTemplate)
+
+	return tags.FlattenAndSet(d, resp.Tags)
+}
+
+func tenantTemplateDeploymentResourceDelete(d *schema.ResourceData, meta interface{}) error {
+	client := meta.(*clients.Client).Resource.DeploymentsClient
+	ctx, cancel := timeouts.ForDelete(meta.(*clients.Client).StopContext, d)
+	defer cancel()
+
+	id, err := parse.TenantTemplateDeploymentID(d.Id())
+	if err != nil {
+		return err
+	}
+
+	// at this time unfortunately the Resources RP doesn't expose a means of deleting top-level objects
+	// so we're unable to delete these during deletion - this'll need to be detailed in the docs
+
+	log.Printf("[DEBUG] Deleting Tenant Template Deployment %q..", id.DeploymentName)
+	future, err := client.DeleteAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		return fmt.Errorf("deleting Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+
+	log.Printf("[DEBUG] Waiting for deletion of Tenant Template Deployment %q..", id.DeploymentName)
+	if err := future.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for deletion of Tenant Template Deployment %q: %+v", id.DeploymentName, err)
+	}
+	log.Printf("[DEBUG] Deleted Tenant Template Deployment %q.", id.DeploymentName)
+
+	return nil
+}
+
+func validateTenantTemplateDeployment(ctx context.Context, id parse.TenantTemplateDeploymentId, deployment resources.ScopedDeployment, client *resources.DeploymentsClient) error {
+	validationFuture, err := client.ValidateAtTenantScope(ctx, id.DeploymentName, deployment)
+	if err != nil {
+		return fmt.Errorf("requesting validating: %+v", err)
+	}
+	if err := validationFuture.WaitForCompletionRef(ctx, client.Client); err != nil {
+		return fmt.Errorf("waiting for validation: %+v", err)
+	}
+	validationResult, err := validationFuture.Result(*client)
+	if err != nil {
+		return fmt.Errorf("retrieving validation result: %+v", err)
+	}
+	if validationResult.Error != nil {
+		if validationResult.Error.Message != nil {
+			return fmt.Errorf("%s", *validationResult.Error.Message)
+		}
+		return fmt.Errorf("%+v", *validationResult.Error)
+	}
+
+	return nil
+}
diff --git a/azurerm/internal/services/resource/tenant_template_deployment_resource_test.go b/azurerm/internal/services/resource/tenant_template_deployment_resource_test.go
new file mode 100644
index 000000000000..6ad32e1c9eb5
--- /dev/null
+++ b/azurerm/internal/services/resource/tenant_template_deployment_resource_test.go
@@ -0,0 +1,107 @@
+package resource_test
+
+import (
+	"context"
+	"fmt"
+	"testing"
+
+	"github.com/hashicorp/terraform-plugin-sdk/helper/resource"
+	"github.com/hashicorp/terraform-plugin-sdk/terraform"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/acceptance/check"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/clients"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/utils"
+)
+
+type TenantTemplateDeploymentResource struct {
+}
+
+func TestAccTenantTemplateDeployment_empty(t *testing.T) {
+	data := acceptance.BuildTestData(t, "azurerm_tenant_template_deployment", "test")
+	if data.Client().IsServicePrincipal {
+		t.Skip("Skipping due to permissions unavailable on tenant scope")
+	}
+	r := TenantTemplateDeploymentResource{}
+
+	data.ResourceTest(t, r, []resource.TestStep{
+		{
+			Config: r.emptyConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+		{
+			// set some tags
+			Config: r.emptyWithTagsConfig(data),
+			Check: resource.ComposeTestCheckFunc(
+				check.That(data.ResourceName).ExistsInAzure(r),
+			),
+		},
+		data.ImportStep(),
+	})
+}
+
+func (t TenantTemplateDeploymentResource) Exists(ctx context.Context, clients *clients.Client, state *terraform.InstanceState) (*bool, error) {
+	id, err := parse.SubscriptionTemplateDeploymentID(state.ID)
+	if err != nil {
+		return nil, err
+	}
+
+	resp, err := clients.Resource.DeploymentsClient.GetAtTenantScope(ctx, id.DeploymentName)
+	if err != nil {
+		return nil, fmt.Errorf("reading Tenant Template Deployment (%s): %+v", id, err)
+	}
+
+	return utils.Bool(resp.ID != nil), nil
+}
+
+func (TenantTemplateDeploymentResource) emptyConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_tenant_template_deployment" "test" {
+  name     = "acctestTenantDeploy-%d"
+  location = %q
+
+  template_content = <<TEMPLATE
+{
+  "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {},
+  "variables": {},
+  "resources": []
+}
+TEMPLATE
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
+
+func (TenantTemplateDeploymentResource) emptyWithTagsConfig(data acceptance.TestData) string {
+	return fmt.Sprintf(`
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_tenant_template_deployment" "test" {
+  name     = "acctestsubdeploy-%d"
+  location = %q
+  tags = {
+    Hello = "World"
+  }
+
+  template_content = <<TEMPLATE
+{
+ "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
+ "contentVersion": "1.0.0.0",
+ "parameters": {},
+ "variables": {},
+ "resources": []
+}
+TEMPLATE
+}
+`, data.RandomInteger, data.Locations.Primary)
+}
diff --git a/azurerm/internal/services/resource/validate/management_group_template_deployment_id.go b/azurerm/internal/services/resource/validate/management_group_template_deployment_id.go
new file mode 100644
index 000000000000..75306dc7e556
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/management_group_template_deployment_id.go
@@ -0,0 +1,21 @@
+package validate
+
+import (
+	"fmt"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+)
+
+func ManagementGroupTemplateDeploymentID(input interface{}, key string) (warnings []string, errors []error) {
+	v, ok := input.(string)
+	if !ok {
+		errors = append(errors, fmt.Errorf("expected %q to be a string", key))
+		return
+	}
+
+	if _, err := parse.ManagementGroupTemplateDeploymentID(v); err != nil {
+		errors = append(errors, err)
+	}
+
+	return
+}
diff --git a/azurerm/internal/services/resource/validate/management_group_template_deployment_id_test.go b/azurerm/internal/services/resource/validate/management_group_template_deployment_id_test.go
new file mode 100644
index 000000000000..b452a0252a5d
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/management_group_template_deployment_id_test.go
@@ -0,0 +1,62 @@
+package validate
+
+import "testing"
+
+func TestManagementGroupTemplateDeploymentID(t *testing.T) {
+	cases := []struct {
+		Input string
+		Valid bool
+	}{
+
+		{
+			// empty
+			Input: "",
+			Valid: false,
+		},
+
+		{
+			// missing ManagementGroupName
+			Input: "/providers/Microsoft.Management/",
+			Valid: false,
+		},
+
+		{
+			// missing value for ManagementGroupName
+			Input: "/providers/Microsoft.Management/managementGroups/",
+			Valid: false,
+		},
+
+		{
+			// missing DeploymentName
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/",
+			Valid: false,
+		},
+
+		{
+			// missing value for DeploymentName
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/",
+			Valid: false,
+		},
+
+		{
+			// valid
+			Input: "/providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/deploy1",
+			Valid: true,
+		},
+
+		{
+			// upper-cased
+			Input: "/PROVIDERS/MICROSOFT.MANAGEMENT/MANAGEMENTGROUPS/MY-MANAGEMENT-GROUP-ID/PROVIDERS/MICROSOFT.RESOURCES/DEPLOYMENTS/DEPLOY1",
+			Valid: false,
+		},
+	}
+	for _, tc := range cases {
+		t.Logf("[DEBUG] Testing Value %s", tc.Input)
+		_, errors := ManagementGroupTemplateDeploymentID(tc.Input, "test")
+		valid := len(errors) == 0
+
+		if tc.Valid != valid {
+			t.Fatalf("Expected %t but got %t", tc.Valid, valid)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_name.go b/azurerm/internal/services/resource/validate/template_spec_name.go
new file mode 100644
index 000000000000..53d220407580
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_name.go
@@ -0,0 +1,18 @@
+package validate
+
+import (
+	"fmt"
+	"regexp"
+)
+
+func TemplateSpecName(input interface{}, key string) (warnings []string, errors []error) {
+	v, ok := input.(string)
+	if !ok {
+		errors = append(errors, fmt.Errorf("expected %q to be a string", key))
+		return
+	}
+	if !regexp.MustCompile(`^[\w\.\-\(\)]{1,64}$`).MatchString(v) {
+		errors = append(errors, fmt.Errorf("%s must only contain alpha-numeric characters, parenthesis, underscores, dashes and periods and be between 1 and 64 characters in length", key))
+	}
+	return
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_name_test.go b/azurerm/internal/services/resource/validate/template_spec_name_test.go
new file mode 100644
index 000000000000..1cf1068ffc11
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_name_test.go
@@ -0,0 +1,51 @@
+package validate
+
+import "testing"
+
+func TestTemplateSpecName(t *testing.T) {
+	cases := []struct {
+		Input string
+		Valid bool
+	}{
+		{
+			// empty
+			Input: "",
+			Valid: false,
+		},
+		{
+			// invalid char
+			Input: "{scwiffy}",
+			Valid: false,
+		},
+		{
+			// too long - 65 chars
+			Input: "01234567890123456789012345678901234567890123456789012345678901234",
+			Valid: false,
+		},
+		{
+			// short alpha
+			Input: "a",
+			Valid: true,
+		},
+		{
+			// valid special
+			Input: "(",
+			Valid: true,
+		},
+		{
+			// sensible value
+			Input: "Production",
+			Valid: true,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Logf("[DEBUG] Testing value %s", tc.Input)
+		_, errors := TemplateSpecName(tc.Input, "test")
+		valid := len(errors) == 0
+
+		if tc.Valid != valid {
+			t.Fatalf("expected %t but got %t", tc.Valid, valid)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_version.go b/azurerm/internal/services/resource/validate/template_spec_version.go
new file mode 100644
index 000000000000..caa6102acd9d
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_version.go
@@ -0,0 +1,18 @@
+package validate
+
+import (
+	"fmt"
+	"regexp"
+)
+
+func TemplateSpecVersionName(input interface{}, key string) (warnings []string, errors []error) {
+	v, ok := input.(string)
+	if !ok {
+		errors = append(errors, fmt.Errorf("expected %q to be a string", key))
+		return
+	}
+	if !regexp.MustCompile(`^[\w\.\-\(\)]{1,64}$`).MatchString(v) {
+		errors = append(errors, fmt.Errorf("%s must only contain alpha-numeric characters, parenthesis, underscores, dashes and periods and be between 1 and 64 characters in length", key))
+	}
+	return
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_version_id.go b/azurerm/internal/services/resource/validate/template_spec_version_id.go
new file mode 100644
index 000000000000..8e88be0512c5
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_version_id.go
@@ -0,0 +1,23 @@
+package validate
+
+// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten
+
+import (
+	"fmt"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+)
+
+func TemplateSpecVersionID(input interface{}, key string) (warnings []string, errors []error) {
+	v, ok := input.(string)
+	if !ok {
+		errors = append(errors, fmt.Errorf("expected %q to be a string", key))
+		return
+	}
+
+	if _, err := parse.TemplateSpecVersionID(v); err != nil {
+		errors = append(errors, err)
+	}
+
+	return
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_version_id_test.go b/azurerm/internal/services/resource/validate/template_spec_version_id_test.go
new file mode 100644
index 000000000000..e291930ed8e7
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_version_id_test.go
@@ -0,0 +1,88 @@
+package validate
+
+// NOTE: this file is generated via 'go:generate' - manual changes will be overwritten
+
+import "testing"
+
+func TestTemplateSpecVersionID(t *testing.T) {
+	cases := []struct {
+		Input string
+		Valid bool
+	}{
+
+		{
+			// empty
+			Input: "",
+			Valid: false,
+		},
+
+		{
+			// missing SubscriptionId
+			Input: "/",
+			Valid: false,
+		},
+
+		{
+			// missing value for SubscriptionId
+			Input: "/subscriptions/",
+			Valid: false,
+		},
+
+		{
+			// missing ResourceGroup
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/",
+			Valid: false,
+		},
+
+		{
+			// missing value for ResourceGroup
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/",
+			Valid: false,
+		},
+
+		{
+			// missing TemplateSpecName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/",
+			Valid: false,
+		},
+
+		{
+			// missing value for TemplateSpecName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/",
+			Valid: false,
+		},
+
+		{
+			// missing VersionName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/",
+			Valid: false,
+		},
+
+		{
+			// missing value for VersionName
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/",
+			Valid: false,
+		},
+
+		{
+			// valid
+			Input: "/subscriptions/12345678-1234-9876-4563-123456789012/resourceGroups/templateSpecRG/providers/Microsoft.Resources/templateSpecs/templateSpec1/versions/v1.0",
+			Valid: true,
+		},
+
+		{
+			// upper-cased
+			Input: "/SUBSCRIPTIONS/12345678-1234-9876-4563-123456789012/RESOURCEGROUPS/TEMPLATESPECRG/PROVIDERS/MICROSOFT.RESOURCES/TEMPLATESPECS/TEMPLATESPEC1/VERSIONS/V1.0",
+			Valid: false,
+		},
+	}
+	for _, tc := range cases {
+		t.Logf("[DEBUG] Testing Value %s", tc.Input)
+		_, errors := TemplateSpecVersionID(tc.Input, "test")
+		valid := len(errors) == 0
+
+		if tc.Valid != valid {
+			t.Fatalf("Expected %t but got %t", tc.Valid, valid)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/validate/template_spec_version_test.go b/azurerm/internal/services/resource/validate/template_spec_version_test.go
new file mode 100644
index 000000000000..1b8262ef043b
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/template_spec_version_test.go
@@ -0,0 +1,51 @@
+package validate
+
+import "testing"
+
+func TestTemplateSpecVersion(t *testing.T) {
+	cases := []struct {
+		Input string
+		Valid bool
+	}{
+		{
+			// empty
+			Input: "",
+			Valid: false,
+		},
+		{
+			// invalid char
+			Input: "{scwiffy}",
+			Valid: false,
+		},
+		{
+			// too long - 65 chars
+			Input: "01234567890123456789012345678901234567890123456789012345678901234",
+			Valid: false,
+		},
+		{
+			// short alpha
+			Input: "a",
+			Valid: true,
+		},
+		{
+			// valid special
+			Input: "(",
+			Valid: true,
+		},
+		{
+			// sensible value
+			Input: "v1.0.0",
+			Valid: true,
+		},
+	}
+
+	for _, tc := range cases {
+		t.Logf("[DEBUG] Testing value %s", tc.Input)
+		_, errors := TemplateSpecVersionName(tc.Input, "test")
+		valid := len(errors) == 0
+
+		if tc.Valid != valid {
+			t.Fatalf("expected %t but got %t", tc.Valid, valid)
+		}
+	}
+}
diff --git a/azurerm/internal/services/resource/validate/tenant_template_deployment_id.go b/azurerm/internal/services/resource/validate/tenant_template_deployment_id.go
new file mode 100644
index 000000000000..fa3123edf845
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/tenant_template_deployment_id.go
@@ -0,0 +1,21 @@
+package validate
+
+import (
+	"fmt"
+
+	"github.com/terraform-providers/terraform-provider-azurerm/azurerm/internal/services/resource/parse"
+)
+
+func TenantTemplateDeploymentID(input interface{}, key string) (warnings []string, errors []error) {
+	v, ok := input.(string)
+	if !ok {
+		errors = append(errors, fmt.Errorf("expected %q to be a string", key))
+		return
+	}
+
+	if _, err := parse.TenantTemplateDeploymentID(v); err != nil {
+		errors = append(errors, err)
+	}
+
+	return
+}
diff --git a/azurerm/internal/services/resource/validate/tenant_template_deployment_id_test.go b/azurerm/internal/services/resource/validate/tenant_template_deployment_id_test.go
new file mode 100644
index 000000000000..a6dce75d8344
--- /dev/null
+++ b/azurerm/internal/services/resource/validate/tenant_template_deployment_id_test.go
@@ -0,0 +1,50 @@
+package validate
+
+import "testing"
+
+func TestTenantTemplateDeploymentID(t *testing.T) {
+	cases := []struct {
+		Input string
+		Valid bool
+	}{
+
+		{
+			// empty
+			Input: "",
+			Valid: false,
+		},
+
+		{
+			// missing DeploymentName
+			Input: "/providers/Microsoft.Resources/",
+			Valid: false,
+		},
+
+		{
+			// missing value for DeploymentName
+			Input: "/providers/Microsoft.Resources/deployments/",
+			Valid: false,
+		},
+
+		{
+			// valid
+			Input: "/providers/Microsoft.Resources/deployments/deploy1",
+			Valid: true,
+		},
+
+		{
+			// upper-cased
+			Input: "/PROVIDERS/MICROSOFT.RESOURCES/DEPLOYMENTS/DEPLOY1",
+			Valid: false,
+		},
+	}
+	for _, tc := range cases {
+		t.Logf("[DEBUG] Testing Value %s", tc.Input)
+		_, errors := TenantTemplateDeploymentID(tc.Input, "test")
+		valid := len(errors) == 0
+
+		if tc.Valid != valid {
+			t.Fatalf("Expected %t but got %t", tc.Valid, valid)
+		}
+	}
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/CHANGELOG.md b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/CHANGELOG.md
new file mode 100644
index 000000000000..f08cecd3bc6f
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/CHANGELOG.md
@@ -0,0 +1,5 @@
+Generated from https://github.com/Azure/azure-rest-api-specs/tree/b08824e05817297a4b2874d8db5e6fc8c29349c9//specification/resources/resource-manager/readme.md tag: `package-templatespecs-2019-06-preview`
+
+Code generator @microsoft.azure/autorest.go@2.1.171
+
+
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/client.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/client.go
new file mode 100644
index 000000000000..f122cb6a39f7
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/client.go
@@ -0,0 +1,53 @@
+// Package templatespecs implements the Azure ARM Templatespecs service API version 2019-06-01-preview.
+//
+// The APIs listed in this specification can be used to manage Template Spec resources through the Azure Resource
+// Manager.
+package templatespecs
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"github.com/Azure/go-autorest/autorest"
+)
+
+const (
+	// DefaultBaseURI is the default URI used for the service Templatespecs
+	DefaultBaseURI = "https://management.azure.com"
+)
+
+// BaseClient is the base client for Templatespecs.
+type BaseClient struct {
+	autorest.Client
+	BaseURI        string
+	SubscriptionID string
+}
+
+// New creates an instance of the BaseClient client.
+func New(subscriptionID string) BaseClient {
+	return NewWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewWithBaseURI creates an instance of the BaseClient client using a custom endpoint.  Use this when interacting with
+// an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
+func NewWithBaseURI(baseURI string, subscriptionID string) BaseClient {
+	return BaseClient{
+		Client:         autorest.NewClientWithUserAgent(UserAgent()),
+		BaseURI:        baseURI,
+		SubscriptionID: subscriptionID,
+	}
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/enums.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/enums.go
new file mode 100644
index 000000000000..3cd5e2d2061d
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/enums.go
@@ -0,0 +1,65 @@
+package templatespecs
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// CreatedByType enumerates the values for created by type.
+type CreatedByType string
+
+const (
+	// Application ...
+	Application CreatedByType = "Application"
+	// Key ...
+	Key CreatedByType = "Key"
+	// ManagedIdentity ...
+	ManagedIdentity CreatedByType = "ManagedIdentity"
+	// User ...
+	User CreatedByType = "User"
+)
+
+// PossibleCreatedByTypeValues returns an array of possible values for the CreatedByType const type.
+func PossibleCreatedByTypeValues() []CreatedByType {
+	return []CreatedByType{Application, Key, ManagedIdentity, User}
+}
+
+// Kind enumerates the values for kind.
+type Kind string
+
+const (
+	// KindTemplate ...
+	KindTemplate Kind = "template"
+	// KindTemplateSpecArtifact ...
+	KindTemplateSpecArtifact Kind = "TemplateSpecArtifact"
+)
+
+// PossibleKindValues returns an array of possible values for the Kind const type.
+func PossibleKindValues() []Kind {
+	return []Kind{KindTemplate, KindTemplateSpecArtifact}
+}
+
+// TemplateSpecExpandKind enumerates the values for template spec expand kind.
+type TemplateSpecExpandKind string
+
+const (
+	// Versions Includes version information with the Template Spec.
+	Versions TemplateSpecExpandKind = "versions"
+)
+
+// PossibleTemplateSpecExpandKindValues returns an array of possible values for the TemplateSpecExpandKind const type.
+func PossibleTemplateSpecExpandKindValues() []TemplateSpecExpandKind {
+	return []TemplateSpecExpandKind{Versions}
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/models.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/models.go
new file mode 100644
index 000000000000..4fd6aee75d37
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/models.go
@@ -0,0 +1,897 @@
+package templatespecs
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/date"
+	"github.com/Azure/go-autorest/autorest/to"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// The package's fully qualified name.
+const fqdn = "github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs"
+
+// BasicArtifact represents a Template Spec artifact.
+type BasicArtifact interface {
+	AsTemplateArtifact() (*TemplateArtifact, bool)
+	AsArtifact() (*Artifact, bool)
+}
+
+// Artifact represents a Template Spec artifact.
+type Artifact struct {
+	// Path - A filesystem safe relative path of the artifact.
+	Path *string `json:"path,omitempty"`
+	// Kind - Possible values include: 'KindTemplateSpecArtifact', 'KindTemplate'
+	Kind Kind `json:"kind,omitempty"`
+}
+
+func unmarshalBasicArtifact(body []byte) (BasicArtifact, error) {
+	var m map[string]interface{}
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return nil, err
+	}
+
+	switch m["kind"] {
+	case string(KindTemplate):
+		var ta TemplateArtifact
+		err := json.Unmarshal(body, &ta)
+		return ta, err
+	default:
+		var a Artifact
+		err := json.Unmarshal(body, &a)
+		return a, err
+	}
+}
+func unmarshalBasicArtifactArray(body []byte) ([]BasicArtifact, error) {
+	var rawMessages []*json.RawMessage
+	err := json.Unmarshal(body, &rawMessages)
+	if err != nil {
+		return nil, err
+	}
+
+	aArray := make([]BasicArtifact, len(rawMessages))
+
+	for index, rawMessage := range rawMessages {
+		a, err := unmarshalBasicArtifact(*rawMessage)
+		if err != nil {
+			return nil, err
+		}
+		aArray[index] = a
+	}
+	return aArray, nil
+}
+
+// MarshalJSON is the custom marshaler for Artifact.
+func (a Artifact) MarshalJSON() ([]byte, error) {
+	a.Kind = KindTemplateSpecArtifact
+	objectMap := make(map[string]interface{})
+	if a.Path != nil {
+		objectMap["path"] = a.Path
+	}
+	if a.Kind != "" {
+		objectMap["kind"] = a.Kind
+	}
+	return json.Marshal(objectMap)
+}
+
+// AsTemplateArtifact is the BasicArtifact implementation for Artifact.
+func (a Artifact) AsTemplateArtifact() (*TemplateArtifact, bool) {
+	return nil, false
+}
+
+// AsArtifact is the BasicArtifact implementation for Artifact.
+func (a Artifact) AsArtifact() (*Artifact, bool) {
+	return &a, true
+}
+
+// AsBasicArtifact is the BasicArtifact implementation for Artifact.
+func (a Artifact) AsBasicArtifact() (BasicArtifact, bool) {
+	return &a, true
+}
+
+// AzureResourceBase common properties for all Azure resources.
+type AzureResourceBase struct {
+	// ID - READ-ONLY; String Id used to locate any resource on Azure.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; Name of this resource.
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; Type of this resource.
+	Type *string `json:"type,omitempty"`
+	// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
+	SystemData *SystemData `json:"systemData,omitempty"`
+}
+
+// Error template Specs error response.
+type Error struct {
+	Error *ErrorResponse `json:"error,omitempty"`
+}
+
+// ErrorAdditionalInfo the resource management error additional info.
+type ErrorAdditionalInfo struct {
+	// Type - READ-ONLY; The additional info type.
+	Type *string `json:"type,omitempty"`
+	// Info - READ-ONLY; The additional info.
+	Info interface{} `json:"info,omitempty"`
+}
+
+// ErrorResponse common error response for all Azure Resource Manager APIs to return error details for
+// failed operations. (This also follows the OData error response format.)
+type ErrorResponse struct {
+	// Code - READ-ONLY; The error code.
+	Code *string `json:"code,omitempty"`
+	// Message - READ-ONLY; The error message.
+	Message *string `json:"message,omitempty"`
+	// Target - READ-ONLY; The error target.
+	Target *string `json:"target,omitempty"`
+	// Details - READ-ONLY; The error details.
+	Details *[]ErrorResponse `json:"details,omitempty"`
+	// AdditionalInfo - READ-ONLY; The error additional info.
+	AdditionalInfo *[]ErrorAdditionalInfo `json:"additionalInfo,omitempty"`
+}
+
+// ListResult list of Template Specs.
+type ListResult struct {
+	autorest.Response `json:"-"`
+	// Value - An array of Template Specs.
+	Value *[]TemplateSpec `json:"value,omitempty"`
+	// NextLink - READ-ONLY; The URL to use for getting the next set of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for ListResult.
+func (lr ListResult) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if lr.Value != nil {
+		objectMap["value"] = lr.Value
+	}
+	return json.Marshal(objectMap)
+}
+
+// ListResultIterator provides access to a complete listing of TemplateSpec values.
+type ListResultIterator struct {
+	i    int
+	page ListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *ListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/ListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *ListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter ListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter ListResultIterator) Response() ListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter ListResultIterator) Value() TemplateSpec {
+	if !iter.page.NotDone() {
+		return TemplateSpec{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the ListResultIterator type.
+func NewListResultIterator(page ListResultPage) ListResultIterator {
+	return ListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (lr ListResult) IsEmpty() bool {
+	return lr.Value == nil || len(*lr.Value) == 0
+}
+
+// hasNextLink returns true if the NextLink is not empty.
+func (lr ListResult) hasNextLink() bool {
+	return lr.NextLink != nil && len(*lr.NextLink) != 0
+}
+
+// listResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (lr ListResult) listResultPreparer(ctx context.Context) (*http.Request, error) {
+	if !lr.hasNextLink() {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(lr.NextLink)))
+}
+
+// ListResultPage contains a page of TemplateSpec values.
+type ListResultPage struct {
+	fn func(context.Context, ListResult) (ListResult, error)
+	lr ListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *ListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/ListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	for {
+		next, err := page.fn(ctx, page.lr)
+		if err != nil {
+			return err
+		}
+		page.lr = next
+		if !next.hasNextLink() || !next.IsEmpty() {
+			break
+		}
+	}
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *ListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page ListResultPage) NotDone() bool {
+	return !page.lr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page ListResultPage) Response() ListResult {
+	return page.lr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page ListResultPage) Values() []TemplateSpec {
+	if page.lr.IsEmpty() {
+		return nil
+	}
+	return *page.lr.Value
+}
+
+// Creates a new instance of the ListResultPage type.
+func NewListResultPage(cur ListResult, getNextPage func(context.Context, ListResult) (ListResult, error)) ListResultPage {
+	return ListResultPage{
+		fn: getNextPage,
+		lr: cur,
+	}
+}
+
+// Properties template Spec properties.
+type Properties struct {
+	// Description - Template Spec description.
+	Description *string `json:"description,omitempty"`
+	// DisplayName - Template Spec display name.
+	DisplayName *string `json:"displayName,omitempty"`
+	// Versions - READ-ONLY; High-level information about the versions within this Template Spec. The keys are the version names. Only populated if the $expand query parameter is set to 'versions'.
+	Versions map[string]*VersionInfo `json:"versions"`
+}
+
+// MarshalJSON is the custom marshaler for Properties.
+func (p Properties) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if p.Description != nil {
+		objectMap["description"] = p.Description
+	}
+	if p.DisplayName != nil {
+		objectMap["displayName"] = p.DisplayName
+	}
+	return json.Marshal(objectMap)
+}
+
+// SystemData metadata pertaining to creation and last modification of the resource.
+type SystemData struct {
+	// CreatedBy - The identity that created the resource.
+	CreatedBy *string `json:"createdBy,omitempty"`
+	// CreatedByType - The type of identity that created the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
+	CreatedByType CreatedByType `json:"createdByType,omitempty"`
+	// CreatedAt - The timestamp of resource creation (UTC).
+	CreatedAt *date.Time `json:"createdAt,omitempty"`
+	// LastModifiedBy - The identity that last modified the resource.
+	LastModifiedBy *string `json:"lastModifiedBy,omitempty"`
+	// LastModifiedByType - The type of identity that last modified the resource. Possible values include: 'User', 'Application', 'ManagedIdentity', 'Key'
+	LastModifiedByType CreatedByType `json:"lastModifiedByType,omitempty"`
+	// LastModifiedAt - The type of identity that last modified the resource.
+	LastModifiedAt *date.Time `json:"lastModifiedAt,omitempty"`
+}
+
+// TemplateArtifact represents a Template Spec artifact containing an embedded Azure Resource Manager
+// template.
+type TemplateArtifact struct {
+	// Template - The Azure Resource Manager template.
+	Template interface{} `json:"template,omitempty"`
+	// Path - A filesystem safe relative path of the artifact.
+	Path *string `json:"path,omitempty"`
+	// Kind - Possible values include: 'KindTemplateSpecArtifact', 'KindTemplate'
+	Kind Kind `json:"kind,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for TemplateArtifact.
+func (ta TemplateArtifact) MarshalJSON() ([]byte, error) {
+	ta.Kind = KindTemplate
+	objectMap := make(map[string]interface{})
+	if ta.Template != nil {
+		objectMap["template"] = ta.Template
+	}
+	if ta.Path != nil {
+		objectMap["path"] = ta.Path
+	}
+	if ta.Kind != "" {
+		objectMap["kind"] = ta.Kind
+	}
+	return json.Marshal(objectMap)
+}
+
+// AsTemplateArtifact is the BasicArtifact implementation for TemplateArtifact.
+func (ta TemplateArtifact) AsTemplateArtifact() (*TemplateArtifact, bool) {
+	return &ta, true
+}
+
+// AsArtifact is the BasicArtifact implementation for TemplateArtifact.
+func (ta TemplateArtifact) AsArtifact() (*Artifact, bool) {
+	return nil, false
+}
+
+// AsBasicArtifact is the BasicArtifact implementation for TemplateArtifact.
+func (ta TemplateArtifact) AsBasicArtifact() (BasicArtifact, bool) {
+	return &ta, true
+}
+
+// TemplateSpec template Spec object.
+type TemplateSpec struct {
+	autorest.Response `json:"-"`
+	// Location - The location of the Template Spec. It cannot be changed after Template Spec creation. It must be one of the supported Azure locations.
+	Location *string `json:"location,omitempty"`
+	// Properties - Template Spec properties.
+	*Properties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// ID - READ-ONLY; String Id used to locate any resource on Azure.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; Name of this resource.
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; Type of this resource.
+	Type *string `json:"type,omitempty"`
+	// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
+	SystemData *SystemData `json:"systemData,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for TemplateSpec.
+func (ts TemplateSpec) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if ts.Location != nil {
+		objectMap["location"] = ts.Location
+	}
+	if ts.Properties != nil {
+		objectMap["properties"] = ts.Properties
+	}
+	if ts.Tags != nil {
+		objectMap["tags"] = ts.Tags
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for TemplateSpec struct.
+func (ts *TemplateSpec) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				ts.Location = &location
+			}
+		case "properties":
+			if v != nil {
+				var properties Properties
+				err = json.Unmarshal(*v, &properties)
+				if err != nil {
+					return err
+				}
+				ts.Properties = &properties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				ts.Tags = tags
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				ts.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				ts.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				ts.Type = &typeVar
+			}
+		case "systemData":
+			if v != nil {
+				var systemData SystemData
+				err = json.Unmarshal(*v, &systemData)
+				if err != nil {
+					return err
+				}
+				ts.SystemData = &systemData
+			}
+		}
+	}
+
+	return nil
+}
+
+// UpdateModel template Spec properties to be updated (only tags are currently supported).
+type UpdateModel struct {
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// ID - READ-ONLY; String Id used to locate any resource on Azure.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; Name of this resource.
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; Type of this resource.
+	Type *string `json:"type,omitempty"`
+	// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
+	SystemData *SystemData `json:"systemData,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for UpdateModel.
+func (um UpdateModel) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if um.Tags != nil {
+		objectMap["tags"] = um.Tags
+	}
+	return json.Marshal(objectMap)
+}
+
+// VersionInfo high-level information about a Template Spec version.
+type VersionInfo struct {
+	// Description - READ-ONLY; Template Spec version description.
+	Description *string `json:"description,omitempty"`
+	// TimeCreated - READ-ONLY; The timestamp of when the version was created.
+	TimeCreated *date.Time `json:"timeCreated,omitempty"`
+	// TimeModified - READ-ONLY; The timestamp of when the version was last modified.
+	TimeModified *date.Time `json:"timeModified,omitempty"`
+}
+
+// VersionProperties template Spec Version properties.
+type VersionProperties struct {
+	// Artifacts - An array of Template Spec artifacts.
+	Artifacts *[]BasicArtifact `json:"artifacts,omitempty"`
+	// Description - Template Spec version description.
+	Description *string `json:"description,omitempty"`
+	// Template - The Azure Resource Manager template content.
+	Template interface{} `json:"template,omitempty"`
+}
+
+// UnmarshalJSON is the custom unmarshaler for VersionProperties struct.
+func (vp *VersionProperties) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "artifacts":
+			if v != nil {
+				artifacts, err := unmarshalBasicArtifactArray(*v)
+				if err != nil {
+					return err
+				}
+				vp.Artifacts = &artifacts
+			}
+		case "description":
+			if v != nil {
+				var description string
+				err = json.Unmarshal(*v, &description)
+				if err != nil {
+					return err
+				}
+				vp.Description = &description
+			}
+		case "template":
+			if v != nil {
+				var templateVar interface{}
+				err = json.Unmarshal(*v, &templateVar)
+				if err != nil {
+					return err
+				}
+				vp.Template = templateVar
+			}
+		}
+	}
+
+	return nil
+}
+
+// VersionsListResult list of Template Specs versions
+type VersionsListResult struct {
+	autorest.Response `json:"-"`
+	// Value - An array of Template Spec versions.
+	Value *[]VersionTemplatespecs `json:"value,omitempty"`
+	// NextLink - READ-ONLY; The URL to use for getting the next set of results.
+	NextLink *string `json:"nextLink,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for VersionsListResult.
+func (vlr VersionsListResult) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if vlr.Value != nil {
+		objectMap["value"] = vlr.Value
+	}
+	return json.Marshal(objectMap)
+}
+
+// VersionsListResultIterator provides access to a complete listing of VersionTemplatespecs values.
+type VersionsListResultIterator struct {
+	i    int
+	page VersionsListResultPage
+}
+
+// NextWithContext advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+func (iter *VersionsListResultIterator) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsListResultIterator.NextWithContext")
+		defer func() {
+			sc := -1
+			if iter.Response().Response.Response != nil {
+				sc = iter.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	iter.i++
+	if iter.i < len(iter.page.Values()) {
+		return nil
+	}
+	err = iter.page.NextWithContext(ctx)
+	if err != nil {
+		iter.i--
+		return err
+	}
+	iter.i = 0
+	return nil
+}
+
+// Next advances to the next value.  If there was an error making
+// the request the iterator does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (iter *VersionsListResultIterator) Next() error {
+	return iter.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the enumeration should be started or is not yet complete.
+func (iter VersionsListResultIterator) NotDone() bool {
+	return iter.page.NotDone() && iter.i < len(iter.page.Values())
+}
+
+// Response returns the raw server response from the last page request.
+func (iter VersionsListResultIterator) Response() VersionsListResult {
+	return iter.page.Response()
+}
+
+// Value returns the current value or a zero-initialized value if the
+// iterator has advanced beyond the end of the collection.
+func (iter VersionsListResultIterator) Value() VersionTemplatespecs {
+	if !iter.page.NotDone() {
+		return VersionTemplatespecs{}
+	}
+	return iter.page.Values()[iter.i]
+}
+
+// Creates a new instance of the VersionsListResultIterator type.
+func NewVersionsListResultIterator(page VersionsListResultPage) VersionsListResultIterator {
+	return VersionsListResultIterator{page: page}
+}
+
+// IsEmpty returns true if the ListResult contains no values.
+func (vlr VersionsListResult) IsEmpty() bool {
+	return vlr.Value == nil || len(*vlr.Value) == 0
+}
+
+// hasNextLink returns true if the NextLink is not empty.
+func (vlr VersionsListResult) hasNextLink() bool {
+	return vlr.NextLink != nil && len(*vlr.NextLink) != 0
+}
+
+// versionsListResultPreparer prepares a request to retrieve the next set of results.
+// It returns nil if no more results exist.
+func (vlr VersionsListResult) versionsListResultPreparer(ctx context.Context) (*http.Request, error) {
+	if !vlr.hasNextLink() {
+		return nil, nil
+	}
+	return autorest.Prepare((&http.Request{}).WithContext(ctx),
+		autorest.AsJSON(),
+		autorest.AsGet(),
+		autorest.WithBaseURL(to.String(vlr.NextLink)))
+}
+
+// VersionsListResultPage contains a page of VersionTemplatespecs values.
+type VersionsListResultPage struct {
+	fn  func(context.Context, VersionsListResult) (VersionsListResult, error)
+	vlr VersionsListResult
+}
+
+// NextWithContext advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+func (page *VersionsListResultPage) NextWithContext(ctx context.Context) (err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsListResultPage.NextWithContext")
+		defer func() {
+			sc := -1
+			if page.Response().Response.Response != nil {
+				sc = page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	for {
+		next, err := page.fn(ctx, page.vlr)
+		if err != nil {
+			return err
+		}
+		page.vlr = next
+		if !next.hasNextLink() || !next.IsEmpty() {
+			break
+		}
+	}
+	return nil
+}
+
+// Next advances to the next page of values.  If there was an error making
+// the request the page does not advance and the error is returned.
+// Deprecated: Use NextWithContext() instead.
+func (page *VersionsListResultPage) Next() error {
+	return page.NextWithContext(context.Background())
+}
+
+// NotDone returns true if the page enumeration should be started or is not yet complete.
+func (page VersionsListResultPage) NotDone() bool {
+	return !page.vlr.IsEmpty()
+}
+
+// Response returns the raw server response from the last page request.
+func (page VersionsListResultPage) Response() VersionsListResult {
+	return page.vlr
+}
+
+// Values returns the slice of values for the current page or nil if there are no values.
+func (page VersionsListResultPage) Values() []VersionTemplatespecs {
+	if page.vlr.IsEmpty() {
+		return nil
+	}
+	return *page.vlr.Value
+}
+
+// Creates a new instance of the VersionsListResultPage type.
+func NewVersionsListResultPage(cur VersionsListResult, getNextPage func(context.Context, VersionsListResult) (VersionsListResult, error)) VersionsListResultPage {
+	return VersionsListResultPage{
+		fn:  getNextPage,
+		vlr: cur,
+	}
+}
+
+// VersionTemplatespecs template Spec Version object.
+type VersionTemplatespecs struct {
+	autorest.Response `json:"-"`
+	// Location - The location of the Template Spec Version. It must match the location of the parent Template Spec.
+	Location *string `json:"location,omitempty"`
+	// VersionProperties - Template Spec Version properties.
+	*VersionProperties `json:"properties,omitempty"`
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// ID - READ-ONLY; String Id used to locate any resource on Azure.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; Name of this resource.
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; Type of this resource.
+	Type *string `json:"type,omitempty"`
+	// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
+	SystemData *SystemData `json:"systemData,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for VersionTemplatespecs.
+func (vt VersionTemplatespecs) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if vt.Location != nil {
+		objectMap["location"] = vt.Location
+	}
+	if vt.VersionProperties != nil {
+		objectMap["properties"] = vt.VersionProperties
+	}
+	if vt.Tags != nil {
+		objectMap["tags"] = vt.Tags
+	}
+	return json.Marshal(objectMap)
+}
+
+// UnmarshalJSON is the custom unmarshaler for VersionTemplatespecs struct.
+func (vt *VersionTemplatespecs) UnmarshalJSON(body []byte) error {
+	var m map[string]*json.RawMessage
+	err := json.Unmarshal(body, &m)
+	if err != nil {
+		return err
+	}
+	for k, v := range m {
+		switch k {
+		case "location":
+			if v != nil {
+				var location string
+				err = json.Unmarshal(*v, &location)
+				if err != nil {
+					return err
+				}
+				vt.Location = &location
+			}
+		case "properties":
+			if v != nil {
+				var versionProperties VersionProperties
+				err = json.Unmarshal(*v, &versionProperties)
+				if err != nil {
+					return err
+				}
+				vt.VersionProperties = &versionProperties
+			}
+		case "tags":
+			if v != nil {
+				var tags map[string]*string
+				err = json.Unmarshal(*v, &tags)
+				if err != nil {
+					return err
+				}
+				vt.Tags = tags
+			}
+		case "id":
+			if v != nil {
+				var ID string
+				err = json.Unmarshal(*v, &ID)
+				if err != nil {
+					return err
+				}
+				vt.ID = &ID
+			}
+		case "name":
+			if v != nil {
+				var name string
+				err = json.Unmarshal(*v, &name)
+				if err != nil {
+					return err
+				}
+				vt.Name = &name
+			}
+		case "type":
+			if v != nil {
+				var typeVar string
+				err = json.Unmarshal(*v, &typeVar)
+				if err != nil {
+					return err
+				}
+				vt.Type = &typeVar
+			}
+		case "systemData":
+			if v != nil {
+				var systemData SystemData
+				err = json.Unmarshal(*v, &systemData)
+				if err != nil {
+					return err
+				}
+				vt.SystemData = &systemData
+			}
+		}
+	}
+
+	return nil
+}
+
+// VersionUpdateModel template Spec Version properties to be updated (only tags are currently supported).
+type VersionUpdateModel struct {
+	// Tags - Resource tags.
+	Tags map[string]*string `json:"tags"`
+	// ID - READ-ONLY; String Id used to locate any resource on Azure.
+	ID *string `json:"id,omitempty"`
+	// Name - READ-ONLY; Name of this resource.
+	Name *string `json:"name,omitempty"`
+	// Type - READ-ONLY; Type of this resource.
+	Type *string `json:"type,omitempty"`
+	// SystemData - READ-ONLY; Azure Resource Manager metadata containing createdBy and modifiedBy information.
+	SystemData *SystemData `json:"systemData,omitempty"`
+}
+
+// MarshalJSON is the custom marshaler for VersionUpdateModel.
+func (vum VersionUpdateModel) MarshalJSON() ([]byte, error) {
+	objectMap := make(map[string]interface{})
+	if vum.Tags != nil {
+		objectMap["tags"] = vum.Tags
+	}
+	return json.Marshal(objectMap)
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/templatespecs.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/templatespecs.go
new file mode 100644
index 000000000000..2539e043fbb4
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/templatespecs.go
@@ -0,0 +1,662 @@
+package templatespecs
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// Client is the the APIs listed in this specification can be used to manage Template Spec resources through the Azure
+// Resource Manager.
+type Client struct {
+	BaseClient
+}
+
+// NewClient creates an instance of the Client client.
+func NewClient(subscriptionID string) Client {
+	return NewClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewClientWithBaseURI creates an instance of the Client client using a custom endpoint.  Use this when interacting
+// with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
+func NewClientWithBaseURI(baseURI string, subscriptionID string) Client {
+	return Client{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a Template Spec.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpec - template Spec supplied to the operation.
+func (client Client) CreateOrUpdate(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpec TemplateSpec) (result TemplateSpec, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpec,
+			Constraints: []validation.Constraint{{Target: "templateSpec.Location", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "templateSpec.Properties", Name: validation.Null, Rule: false,
+					Chain: []validation.Constraint{{Target: "templateSpec.Properties.Description", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "templateSpec.Properties.Description", Name: validation.MaxLength, Rule: 4096, Chain: nil}}},
+						{Target: "templateSpec.Properties.DisplayName", Name: validation.Null, Rule: false,
+							Chain: []validation.Constraint{{Target: "templateSpec.Properties.DisplayName", Name: validation.MaxLength, Rule: 64, Chain: nil}}},
+					}}}}}); err != nil {
+		return result, validation.NewError("templatespecs.Client", "CreateOrUpdate", err.Error())
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, templateSpecName, templateSpec)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CreateOrUpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "CreateOrUpdate", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "CreateOrUpdate", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client Client) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpec TemplateSpec) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":  autorest.Encode("path", templateSpecName),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}", pathParameters),
+		autorest.WithJSON(templateSpec),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client Client) CreateOrUpdateResponder(resp *http.Response) (result TemplateSpec, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a Template Spec by name. When operation completes, status code 200 returned without content.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+func (client Client) Delete(ctx context.Context, resourceGroupName string, templateSpecName string) (result autorest.Response, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.Delete")
+		defer func() {
+			sc := -1
+			if result.Response != nil {
+				sc = result.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.Client", "Delete", err.Error())
+	}
+
+	req, err := client.DeletePreparer(ctx, resourceGroupName, templateSpecName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = resp
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Delete", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client Client) DeletePreparer(ctx context.Context, resourceGroupName string, templateSpecName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":  autorest.Encode("path", templateSpecName),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) DeleteSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client Client) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a Template Spec with a given name.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// expand - allows for expansion of additional Template Spec details in the response. Optional.
+func (client Client) Get(ctx context.Context, resourceGroupName string, templateSpecName string, expand TemplateSpecExpandKind) (result TemplateSpec, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.Client", "Get", err.Error())
+	}
+
+	req, err := client.GetPreparer(ctx, resourceGroupName, templateSpecName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Get", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client Client) GetPreparer(ctx context.Context, resourceGroupName string, templateSpecName string, expand TemplateSpecExpandKind) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":  autorest.Encode("path", templateSpecName),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(string(expand)) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) GetSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client Client) GetResponder(resp *http.Response) (result TemplateSpec, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// ListByResourceGroup lists all the Template Specs within the specified resource group.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// expand - allows for expansion of additional Template Spec details in the response. Optional.
+func (client Client) ListByResourceGroup(ctx context.Context, resourceGroupName string, expand TemplateSpecExpandKind) (result ListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.lr.Response.Response != nil {
+				sc = result.lr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.Client", "ListByResourceGroup", err.Error())
+	}
+
+	result.fn = client.listByResourceGroupNextResults
+	req, err := client.ListByResourceGroupPreparer(ctx, resourceGroupName, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListByResourceGroup", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.lr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListByResourceGroup", resp, "Failure sending request")
+		return
+	}
+
+	result.lr, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListByResourceGroup", resp, "Failure responding to request")
+		return
+	}
+	if result.lr.hasNextLink() && result.lr.IsEmpty() {
+		err = result.NextWithContext(ctx)
+		return
+	}
+
+	return
+}
+
+// ListByResourceGroupPreparer prepares the ListByResourceGroup request.
+func (client Client) ListByResourceGroupPreparer(ctx context.Context, resourceGroupName string, expand TemplateSpecExpandKind) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(string(expand)) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListByResourceGroupSender sends the ListByResourceGroup request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) ListByResourceGroupSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListByResourceGroupResponder handles the response to the ListByResourceGroup request. The method always
+// closes the http.Response Body.
+func (client Client) ListByResourceGroupResponder(resp *http.Response) (result ListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listByResourceGroupNextResults retrieves the next set of results, if any.
+func (client Client) listByResourceGroupNextResults(ctx context.Context, lastResults ListResult) (result ListResult, err error) {
+	req, err := lastResults.listResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "templatespecs.Client", "listByResourceGroupNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListByResourceGroupSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "templatespecs.Client", "listByResourceGroupNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListByResourceGroupResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "listByResourceGroupNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListByResourceGroupComplete enumerates all values, automatically crossing page boundaries as required.
+func (client Client) ListByResourceGroupComplete(ctx context.Context, resourceGroupName string, expand TemplateSpecExpandKind) (result ListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.ListByResourceGroup")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListByResourceGroup(ctx, resourceGroupName, expand)
+	return
+}
+
+// ListBySubscription lists all the Template Specs within the specified subscriptions.
+// Parameters:
+// expand - allows for expansion of additional Template Spec details in the response. Optional.
+func (client Client) ListBySubscription(ctx context.Context, expand TemplateSpecExpandKind) (result ListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.ListBySubscription")
+		defer func() {
+			sc := -1
+			if result.lr.Response.Response != nil {
+				sc = result.lr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.fn = client.listBySubscriptionNextResults
+	req, err := client.ListBySubscriptionPreparer(ctx, expand)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListBySubscription", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListBySubscriptionSender(req)
+	if err != nil {
+		result.lr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListBySubscription", resp, "Failure sending request")
+		return
+	}
+
+	result.lr, err = client.ListBySubscriptionResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "ListBySubscription", resp, "Failure responding to request")
+		return
+	}
+	if result.lr.hasNextLink() && result.lr.IsEmpty() {
+		err = result.NextWithContext(ctx)
+		return
+	}
+
+	return
+}
+
+// ListBySubscriptionPreparer prepares the ListBySubscription request.
+func (client Client) ListBySubscriptionPreparer(ctx context.Context, expand TemplateSpecExpandKind) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"subscriptionId": autorest.Encode("path", client.SubscriptionID),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+	if len(string(expand)) > 0 {
+		queryParameters["$expand"] = autorest.Encode("query", expand)
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/providers/Microsoft.Resources/templateSpecs/", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListBySubscriptionSender sends the ListBySubscription request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) ListBySubscriptionSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListBySubscriptionResponder handles the response to the ListBySubscription request. The method always
+// closes the http.Response Body.
+func (client Client) ListBySubscriptionResponder(resp *http.Response) (result ListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listBySubscriptionNextResults retrieves the next set of results, if any.
+func (client Client) listBySubscriptionNextResults(ctx context.Context, lastResults ListResult) (result ListResult, err error) {
+	req, err := lastResults.listResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "templatespecs.Client", "listBySubscriptionNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListBySubscriptionSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "templatespecs.Client", "listBySubscriptionNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListBySubscriptionResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "listBySubscriptionNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListBySubscriptionComplete enumerates all values, automatically crossing page boundaries as required.
+func (client Client) ListBySubscriptionComplete(ctx context.Context, expand TemplateSpecExpandKind) (result ListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.ListBySubscription")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.ListBySubscription(ctx, expand)
+	return
+}
+
+// Update updates Template Spec tags with specified values.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpec - template Spec resource with the tags to be updated.
+func (client Client) Update(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpec *UpdateModel) (result TemplateSpec, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/Client.Update")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.Client", "Update", err.Error())
+	}
+
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, templateSpecName, templateSpec)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.UpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Update", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.UpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.Client", "Update", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client Client) UpdatePreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpec *UpdateModel) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":  autorest.Encode("path", templateSpecName),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if templateSpec != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(templateSpec))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client Client) UpdateSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client Client) UpdateResponder(resp *http.Response) (result TemplateSpec, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/version.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/version.go
new file mode 100644
index 000000000000..317192320017
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/version.go
@@ -0,0 +1,30 @@
+package templatespecs
+
+import "github.com/Azure/azure-sdk-for-go/version"
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+// UserAgent returns the UserAgent string to use when sending http.Requests.
+func UserAgent() string {
+	return "Azure-SDK-For-Go/" + Version() + " templatespecs/2019-06-01-preview"
+}
+
+// Version returns the semantic version (see http://semver.org) of the client.
+func Version() string {
+	return version.Number
+}
diff --git a/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/versions.go b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/versions.go
new file mode 100644
index 000000000000..c9d0de61d3ff
--- /dev/null
+++ b/vendor/github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs/versions.go
@@ -0,0 +1,565 @@
+package templatespecs
+
+// Copyright (c) Microsoft and contributors.  All rights reserved.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+//
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+// Code generated by Microsoft (R) AutoRest Code Generator.
+// Changes may cause incorrect behavior and will be lost if the code is regenerated.
+
+import (
+	"context"
+	"github.com/Azure/go-autorest/autorest"
+	"github.com/Azure/go-autorest/autorest/azure"
+	"github.com/Azure/go-autorest/autorest/validation"
+	"github.com/Azure/go-autorest/tracing"
+	"net/http"
+)
+
+// VersionsClient is the the APIs listed in this specification can be used to manage Template Spec resources through
+// the Azure Resource Manager.
+type VersionsClient struct {
+	BaseClient
+}
+
+// NewVersionsClient creates an instance of the VersionsClient client.
+func NewVersionsClient(subscriptionID string) VersionsClient {
+	return NewVersionsClientWithBaseURI(DefaultBaseURI, subscriptionID)
+}
+
+// NewVersionsClientWithBaseURI creates an instance of the VersionsClient client using a custom endpoint.  Use this
+// when interacting with an Azure cloud that uses a non-standard base URI (sovereign clouds, Azure stack).
+func NewVersionsClientWithBaseURI(baseURI string, subscriptionID string) VersionsClient {
+	return VersionsClient{NewWithBaseURI(baseURI, subscriptionID)}
+}
+
+// CreateOrUpdate creates or updates a Template Spec version.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpecVersion - the version of the Template Spec.
+// templateSpecVersionModel - template Spec Version supplied to the operation.
+func (client VersionsClient) CreateOrUpdate(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string, templateSpecVersionModel VersionTemplatespecs) (result VersionTemplatespecs, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.CreateOrUpdate")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecVersion,
+			Constraints: []validation.Constraint{{Target: "templateSpecVersion", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecVersionModel,
+			Constraints: []validation.Constraint{{Target: "templateSpecVersionModel.Location", Name: validation.Null, Rule: true, Chain: nil},
+				{Target: "templateSpecVersionModel.VersionProperties", Name: validation.Null, Rule: true,
+					Chain: []validation.Constraint{{Target: "templateSpecVersionModel.VersionProperties.Description", Name: validation.Null, Rule: false,
+						Chain: []validation.Constraint{{Target: "templateSpecVersionModel.VersionProperties.Description", Name: validation.MaxLength, Rule: 4096, Chain: nil}}},
+					}}}}}); err != nil {
+		return result, validation.NewError("templatespecs.VersionsClient", "CreateOrUpdate", err.Error())
+	}
+
+	req, err := client.CreateOrUpdatePreparer(ctx, resourceGroupName, templateSpecName, templateSpecVersion, templateSpecVersionModel)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "CreateOrUpdate", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.CreateOrUpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "CreateOrUpdate", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.CreateOrUpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "CreateOrUpdate", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// CreateOrUpdatePreparer prepares the CreateOrUpdate request.
+func (client VersionsClient) CreateOrUpdatePreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string, templateSpecVersionModel VersionTemplatespecs) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":    autorest.Encode("path", templateSpecName),
+		"templateSpecVersion": autorest.Encode("path", templateSpecVersion),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPut(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}/versions/{templateSpecVersion}", pathParameters),
+		autorest.WithJSON(templateSpecVersionModel),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// CreateOrUpdateSender sends the CreateOrUpdate request. The method will close the
+// http.Response Body if it receives an error.
+func (client VersionsClient) CreateOrUpdateSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// CreateOrUpdateResponder handles the response to the CreateOrUpdate request. The method always
+// closes the http.Response Body.
+func (client VersionsClient) CreateOrUpdateResponder(resp *http.Response) (result VersionTemplatespecs, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusCreated),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// Delete deletes a specific version from a Template Spec. When operation completes, status code 200 returned without
+// content.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpecVersion - the version of the Template Spec.
+func (client VersionsClient) Delete(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string) (result autorest.Response, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.Delete")
+		defer func() {
+			sc := -1
+			if result.Response != nil {
+				sc = result.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecVersion,
+			Constraints: []validation.Constraint{{Target: "templateSpecVersion", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.VersionsClient", "Delete", err.Error())
+	}
+
+	req, err := client.DeletePreparer(ctx, resourceGroupName, templateSpecName, templateSpecVersion)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Delete", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.DeleteSender(req)
+	if err != nil {
+		result.Response = resp
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Delete", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.DeleteResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Delete", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// DeletePreparer prepares the Delete request.
+func (client VersionsClient) DeletePreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":    autorest.Encode("path", templateSpecName),
+		"templateSpecVersion": autorest.Encode("path", templateSpecVersion),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsDelete(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}/versions/{templateSpecVersion}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// DeleteSender sends the Delete request. The method will close the
+// http.Response Body if it receives an error.
+func (client VersionsClient) DeleteSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// DeleteResponder handles the response to the Delete request. The method always
+// closes the http.Response Body.
+func (client VersionsClient) DeleteResponder(resp *http.Response) (result autorest.Response, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK, http.StatusNoContent),
+		autorest.ByClosing())
+	result.Response = resp
+	return
+}
+
+// Get gets a Template Spec version from a specific Template Spec.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpecVersion - the version of the Template Spec.
+func (client VersionsClient) Get(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string) (result VersionTemplatespecs, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.Get")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecVersion,
+			Constraints: []validation.Constraint{{Target: "templateSpecVersion", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.VersionsClient", "Get", err.Error())
+	}
+
+	req, err := client.GetPreparer(ctx, resourceGroupName, templateSpecName, templateSpecVersion)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Get", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.GetSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Get", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.GetResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Get", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// GetPreparer prepares the Get request.
+func (client VersionsClient) GetPreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":    autorest.Encode("path", templateSpecName),
+		"templateSpecVersion": autorest.Encode("path", templateSpecVersion),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}/versions/{templateSpecVersion}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// GetSender sends the Get request. The method will close the
+// http.Response Body if it receives an error.
+func (client VersionsClient) GetSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// GetResponder handles the response to the Get request. The method always
+// closes the http.Response Body.
+func (client VersionsClient) GetResponder(resp *http.Response) (result VersionTemplatespecs, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// List lists all the Template Spec versions in the specified Template Spec.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+func (client VersionsClient) List(ctx context.Context, resourceGroupName string, templateSpecName string) (result VersionsListResultPage, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.List")
+		defer func() {
+			sc := -1
+			if result.vlr.Response.Response != nil {
+				sc = result.vlr.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.VersionsClient", "List", err.Error())
+	}
+
+	result.fn = client.listNextResults
+	req, err := client.ListPreparer(ctx, resourceGroupName, templateSpecName)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "List", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.vlr.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "List", resp, "Failure sending request")
+		return
+	}
+
+	result.vlr, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "List", resp, "Failure responding to request")
+		return
+	}
+	if result.vlr.hasNextLink() && result.vlr.IsEmpty() {
+		err = result.NextWithContext(ctx)
+		return
+	}
+
+	return
+}
+
+// ListPreparer prepares the List request.
+func (client VersionsClient) ListPreparer(ctx context.Context, resourceGroupName string, templateSpecName string) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName": autorest.Encode("path", resourceGroupName),
+		"subscriptionId":    autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":  autorest.Encode("path", templateSpecName),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsGet(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}/versions", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// ListSender sends the List request. The method will close the
+// http.Response Body if it receives an error.
+func (client VersionsClient) ListSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// ListResponder handles the response to the List request. The method always
+// closes the http.Response Body.
+func (client VersionsClient) ListResponder(resp *http.Response) (result VersionsListResult, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
+
+// listNextResults retrieves the next set of results, if any.
+func (client VersionsClient) listNextResults(ctx context.Context, lastResults VersionsListResult) (result VersionsListResult, err error) {
+	req, err := lastResults.versionsListResultPreparer(ctx)
+	if err != nil {
+		return result, autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "listNextResults", nil, "Failure preparing next results request")
+	}
+	if req == nil {
+		return
+	}
+	resp, err := client.ListSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		return result, autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "listNextResults", resp, "Failure sending next results request")
+	}
+	result, err = client.ListResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "listNextResults", resp, "Failure responding to next results request")
+	}
+	return
+}
+
+// ListComplete enumerates all values, automatically crossing page boundaries as required.
+func (client VersionsClient) ListComplete(ctx context.Context, resourceGroupName string, templateSpecName string) (result VersionsListResultIterator, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.List")
+		defer func() {
+			sc := -1
+			if result.Response().Response.Response != nil {
+				sc = result.page.Response().Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	result.page, err = client.List(ctx, resourceGroupName, templateSpecName)
+	return
+}
+
+// Update updates Template Spec Version tags with specified values.
+// Parameters:
+// resourceGroupName - the name of the resource group. The name is case insensitive.
+// templateSpecName - name of the Template Spec.
+// templateSpecVersion - the version of the Template Spec.
+// templateSpecVersionUpdateModel - template Spec Version resource with the tags to be updated.
+func (client VersionsClient) Update(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string, templateSpecVersionUpdateModel *VersionUpdateModel) (result VersionTemplatespecs, err error) {
+	if tracing.IsEnabled() {
+		ctx = tracing.StartSpan(ctx, fqdn+"/VersionsClient.Update")
+		defer func() {
+			sc := -1
+			if result.Response.Response != nil {
+				sc = result.Response.Response.StatusCode
+			}
+			tracing.EndSpan(ctx, sc, err)
+		}()
+	}
+	if err := validation.Validate([]validation.Validation{
+		{TargetValue: resourceGroupName,
+			Constraints: []validation.Constraint{{Target: "resourceGroupName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "resourceGroupName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecName,
+			Constraints: []validation.Constraint{{Target: "templateSpecName", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecName", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecName", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}},
+		{TargetValue: templateSpecVersion,
+			Constraints: []validation.Constraint{{Target: "templateSpecVersion", Name: validation.MaxLength, Rule: 90, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.MinLength, Rule: 1, Chain: nil},
+				{Target: "templateSpecVersion", Name: validation.Pattern, Rule: `^[-\w\._\(\)]+$`, Chain: nil}}}}); err != nil {
+		return result, validation.NewError("templatespecs.VersionsClient", "Update", err.Error())
+	}
+
+	req, err := client.UpdatePreparer(ctx, resourceGroupName, templateSpecName, templateSpecVersion, templateSpecVersionUpdateModel)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Update", nil, "Failure preparing request")
+		return
+	}
+
+	resp, err := client.UpdateSender(req)
+	if err != nil {
+		result.Response = autorest.Response{Response: resp}
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Update", resp, "Failure sending request")
+		return
+	}
+
+	result, err = client.UpdateResponder(resp)
+	if err != nil {
+		err = autorest.NewErrorWithError(err, "templatespecs.VersionsClient", "Update", resp, "Failure responding to request")
+		return
+	}
+
+	return
+}
+
+// UpdatePreparer prepares the Update request.
+func (client VersionsClient) UpdatePreparer(ctx context.Context, resourceGroupName string, templateSpecName string, templateSpecVersion string, templateSpecVersionUpdateModel *VersionUpdateModel) (*http.Request, error) {
+	pathParameters := map[string]interface{}{
+		"resourceGroupName":   autorest.Encode("path", resourceGroupName),
+		"subscriptionId":      autorest.Encode("path", client.SubscriptionID),
+		"templateSpecName":    autorest.Encode("path", templateSpecName),
+		"templateSpecVersion": autorest.Encode("path", templateSpecVersion),
+	}
+
+	const APIVersion = "2019-06-01-preview"
+	queryParameters := map[string]interface{}{
+		"api-version": APIVersion,
+	}
+
+	preparer := autorest.CreatePreparer(
+		autorest.AsContentType("application/json; charset=utf-8"),
+		autorest.AsPatch(),
+		autorest.WithBaseURL(client.BaseURI),
+		autorest.WithPathParameters("/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Resources/templateSpecs/{templateSpecName}/versions/{templateSpecVersion}", pathParameters),
+		autorest.WithQueryParameters(queryParameters))
+	if templateSpecVersionUpdateModel != nil {
+		preparer = autorest.DecoratePreparer(preparer,
+			autorest.WithJSON(templateSpecVersionUpdateModel))
+	}
+	return preparer.Prepare((&http.Request{}).WithContext(ctx))
+}
+
+// UpdateSender sends the Update request. The method will close the
+// http.Response Body if it receives an error.
+func (client VersionsClient) UpdateSender(req *http.Request) (*http.Response, error) {
+	return client.Send(req, azure.DoRetryWithRegistration(client.Client))
+}
+
+// UpdateResponder handles the response to the Update request. The method always
+// closes the http.Response Body.
+func (client VersionsClient) UpdateResponder(resp *http.Response) (result VersionTemplatespecs, err error) {
+	err = autorest.Respond(
+		resp,
+		azure.WithErrorUnlessStatusCode(http.StatusOK),
+		autorest.ByUnmarshallingJSON(&result),
+		autorest.ByClosing())
+	result.Response = autorest.Response{Response: resp}
+	return
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 72168c0bf03e..0e606ffb4f8f 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -85,6 +85,7 @@ github.com/Azure/azure-sdk-for-go/services/preview/policyinsights/mgmt/2019-10-0
 github.com/Azure/azure-sdk-for-go/services/preview/portal/mgmt/2019-01-01-preview/portal
 github.com/Azure/azure-sdk-for-go/services/preview/purview/mgmt/2020-12-01-preview/purview
 github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2018-03-01-preview/managementgroups
+github.com/Azure/azure-sdk-for-go/services/preview/resources/mgmt/2019-06-01-preview/templatespecs
 github.com/Azure/azure-sdk-for-go/services/preview/security/mgmt/v3.0/security
 github.com/Azure/azure-sdk-for-go/services/preview/securityinsight/mgmt/2019-01-01-preview/securityinsight
 github.com/Azure/azure-sdk-for-go/services/preview/servicebus/mgmt/2018-01-01-preview/servicebus
diff --git a/website/docs/d/template_spec_version.html.markdown b/website/docs/d/template_spec_version.html.markdown
new file mode 100644
index 000000000000..09dd1f756ebe
--- /dev/null
+++ b/website/docs/d/template_spec_version.html.markdown
@@ -0,0 +1,51 @@
+---
+subcategory: "Template"
+layout: "azurerm"
+page_title: "Azure Resource Manager: Data Source: azurerm_template_spec_version"
+description: |-
+  Gets information about an existing Template Spec Version.
+---
+
+# Data Source: azurerm_template_spec_version
+
+Use this data source to access information about an existing Template Spec Version.
+
+## Example Usage
+
+```hcl
+data "azurerm_template_spec_version" "example" {
+  name                = "exampleTemplateSpec"
+  resource_group_name = "MyResourceGroup"
+  version             = "v1.0.4"
+}
+
+output "id" {
+  value = data.azurerm_template_spec_version.example.id
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+* `name` - (Required) The name of this Template Spec.
+
+* `resource_group_name` - (Required) The name of the Resource Group where the Template Spec exists.
+
+* `version` - (Required) The Version Name of the Template Spec.
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported: 
+
+* `id` - The ID of the Template Spec version.
+
+* `template_body` - The ARM Template body of the Template Spec Version.
+
+* `tags` - A mapping of tags assigned to the Template.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `read` - (Defaults to 5 minutes) Used when retrieving the Template.
diff --git a/website/docs/r/management_group_template_deployment.html.markdown b/website/docs/r/management_group_template_deployment.html.markdown
new file mode 100644
index 000000000000..d88a06b8e6c4
--- /dev/null
+++ b/website/docs/r/management_group_template_deployment.html.markdown
@@ -0,0 +1,156 @@
+---
+subcategory: "Template"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_management_group_template_deployment"
+description: |-
+  Manages a Template Deployment at a Management Group Scope.
+---
+
+# azurerm_management_group_template_deployment
+
+Manages a Template Deployment at a Management Group Scope.
+
+~> **Note:** Deleting a Deployment at the Management Group Scope will not delete any resources created by the deployment. 
+
+~> **Note:** Deployments to a Management Group are always Incrementally applied. Existing resources that are not part of the template will not be removed.
+
+## Example Usage
+
+```hcl
+data "azurerm_management_group" "example" {
+  name = "00000000-0000-0000-0000-000000000000"
+}
+
+resource "azurerm_management_group_template_deployment" "example" {
+  name                = "example"
+  location            = "West Europe"
+  management_group_id = data.azurerm_management_group.example.id
+  template_content    = <<TEMPLATE
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "policyAssignmentName": {
+      "type": "string",
+      "defaultValue": "[guid(parameters('policyDefinitionID'), resourceGroup().name)]",
+      "metadata": {
+        "description": "Specifies the name of the policy assignment, can be used defined or an idempotent name as the defaultValue provides."
+      }
+    },
+    "policyDefinitionID": {
+      "type": "string",
+      "metadata": {
+        "description": "Specifies the ID of the policy definition or policy set definition being assigned."
+      }
+    }
+  },
+  "resources": [
+    {
+      "type": "Microsoft.Authorization/policyAssignments",
+      "name": "[parameters('policyAssignmentName')]",
+      "apiVersion": "2019-09-01",
+      "properties": {
+        "scope": "[subscriptionResourceId('Microsoft.Resources/resourceGroups', resourceGroup().name)]",
+        "policyDefinitionId": "[parameters('policyDefinitionID')]"
+      }
+    }
+  ]
+}
+TEMPLATE
+
+  parameters_content = <<PARAMS
+{
+  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentParameters.json#",
+  "contentVersion": "1.0.0.0",
+  "parameters": {
+    "policyDefinitionID": {
+      "value": "/providers/Microsoft.Authorization/policyDefinitions/0a914e76-4921-4c19-b460-a2d36003525a"
+    }
+  }
+}
+PARAMS
+}
+```
+
+```hcl
+
+data "azurerm_management_group" "example" {
+  name = "00000000-0000-0000-0000-000000000000"
+}
+
+resource "azurerm_management_group_template_deployment" "example" {
+  name                = "example"
+  location            = "West Europe"
+  management_group_id = data.azurerm_management_group.example.id
+  template_content    = file("templates/example-deploy-template.json")
+  parameters_content  = file("templates/example-deploy-params.json")
+}
+```
+
+```hcl
+
+data "azurerm_management_group" "example" {
+  name = "00000000-0000-0000-0000-000000000000"
+}
+
+data "azurerm_template_spec_version" "example" {
+  name                = "exampleTemplateForManagementGroup"
+  resource_group_name = "exampleResourceGroup"
+  version             = "v1.0.9"
+}
+
+resource "azurerm_management_group_template_deployment" "example" {
+  name                     = "example"
+  location                 = "West Europe"
+  management_group_id      = data.azurerm_management_group.example.id
+  template_spec_version_id = data.azurerm_template_spec_version.example.id
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+* `location` - (Required) The Azure Region where the Template should exist. Changing this forces a new Template to be created.
+
+* `management_group_name` - (Required) The Name of the Management Group to apply the Deployment Template to.
+
+* `name` - (Required) The name which should be used for this Template Deployment. Changing this forces a new Template Deployment to be created.
+
+---
+
+* `debug_level` - (Optional) The Debug Level which should be used for this Resource Group Template Deployment. Possible values are `none`, `requestContent`, `responseContent` and `requestContent, responseContent`. 
+
+* `parameters_content` - (Optional) The contents of the ARM Template parameters file - containing a JSON list of parameters.
+
+* `template_content` - (Optional) The contents of the ARM Template which should be deployed into this Resource Group. Cannot be specified with `template_spec_version_id`. 
+
+* `template_spec_version_id` - (Optional) The ID of the Template Spec Version to deploy. Cannot be specified with `template_content`.
+
+* `tags` - (Optional) A mapping of tags which should be assigned to the Template.
+
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported: 
+
+* `id` - The ID of the Management Group Template Deployment.
+
+* `output_content` - The JSON Content of the Outputs of the ARM Template Deployment.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `create` - (Defaults to 3 hours) Used when creating the Management Group Template Deployment.
+* `read` - (Defaults to 5 minutes) Used when retrieving the Management Group Template Deployment.
+* `update` - (Defaults to 3 hours) Used when updating the Management Group Template Deployment.
+* `delete` - (Defaults to 3 hours) Used when deleting the Management Group Template Deployment.
+
+## Import
+
+Management Group Template Deployments can be imported using the `resource id`, e.g.
+
+```shell
+terraform import azurerm_management_group_template_deployment.example /providers/Microsoft.Management/managementGroups/my-management-group-id/providers/Microsoft.Resources/deployments/deploy1
+```
diff --git a/website/docs/r/resource_group_template_deployment.html.markdown b/website/docs/r/resource_group_template_deployment.html.markdown
index 33e635dc0b6e..1dfedcfa3037 100644
--- a/website/docs/r/resource_group_template_deployment.html.markdown
+++ b/website/docs/r/resource_group_template_deployment.html.markdown
@@ -74,6 +74,21 @@ output arm_example_output {
 }
 ```
 
+```hcl
+data "azurerm_template_spec_version" "example" {
+  name                = "myTemplateForResourceGroup"
+  resource_group_name = "myResourceGroup"
+  version             = "v3.4.0"
+}
+
+resource "azurerm_resource_group_template_deployment" "example" {
+  name                     = "example-deploy"
+  resource_group_name      = "example-group"
+  deployment_mode          = "Complete"
+  template_spec_version_id = data.azurerm_template_spec_version.example.id
+}
+```
+
 ## Arguments Reference
 
 The following arguments are supported:
@@ -84,14 +99,16 @@ The following arguments are supported:
 
 * `resource_group_name` - (Required) The name of the Resource Group where the Resource Group Template Deployment should exist. Changing this forces a new Resource Group Template Deployment to be created.
 
-* `template_content` - (Required) The contents of the ARM Template which should be deployed into this Resource Group.
-
 ~> **Note:** If `deployment_mode` is set to `Complete` then resources within this Resource Group which are not defined in the ARM Template will be deleted.
 
 ---
 
 * `debug_level` - (Optional) The Debug Level which should be used for this Resource Group Template Deployment. Possible values are `none`, `requestContent`, `responseContent` and `requestContent, responseContent`.
 
+* `template_content` - (Optional) The contents of the ARM Template which should be deployed into this Resource Group. Cannot be specified with `template_spec_version_id`.
+
+* `template_spec_version_id` - (Optional) The ID of the Template Spec Version to deploy. Cannot be specified with `template_content`.
+
 * `parameters_content` - (Optional) The contents of the ARM Template parameters file - containing a JSON list of parameters.
 
 -> An example of how to pass Terraform variables into an ARM Template can be seen in the example.
diff --git a/website/docs/r/subscription_template_deployment.html.markdown b/website/docs/r/subscription_template_deployment.html.markdown
index 5ce04689c85b..6e8a6687d31b 100644
--- a/website/docs/r/subscription_template_deployment.html.markdown
+++ b/website/docs/r/subscription_template_deployment.html.markdown
@@ -47,12 +47,14 @@ The following arguments are supported:
 
 * `name` - (Required) The name which should be used for this Subscription Template Deployment. Changing this forces a new Subscription Template Deployment to be created.
 
-* `template_content` - (Required) The contents of the ARM Template which should be deployed into this Subscription.
-
 ---
 
 * `debug_level` - (Optional) The Debug Level which should be used for this Subscription Template Deployment. Possible values are `none`, `requestContent`, `responseContent` and `requestContent, responseContent`.
 
+* `template_content` - (Optional) The contents of the ARM Template which should be deployed into this Subscription.
+
+* `template_spec_version_id` - (Optional) The ID of the Template Spec Version to deploy into the Subscription. Cannot be specified with `template_content`.
+
 * `parameters_content` - (Optional) The contents of the ARM Template parameters file - containing a JSON list of parameters.
 
 * `tags` - (Optional) A mapping of tags which should be assigned to the Subscription Template Deployment.
diff --git a/website/docs/r/tenant_template_deployment.html.markdown b/website/docs/r/tenant_template_deployment.html.markdown
new file mode 100644
index 000000000000..ae7a93dc8bf5
--- /dev/null
+++ b/website/docs/r/tenant_template_deployment.html.markdown
@@ -0,0 +1,78 @@
+---
+subcategory: "Template"
+layout: "azurerm"
+page_title: "Azure Resource Manager: azurerm_tenant_template_deployment"
+description: |-
+  Manages a Template Deployment at the Tenant Scope.
+---
+
+# azurerm_tenant_template_deployment
+
+Manages a Template Deployment at the Tenant Scope.
+
+~> **Note:** Deleting a Deployment at the Tenant Scope will not delete any resources created by the deployment.
+
+~> **Note:** Deployments to a Tenant are always Incrementally applied. Existing resources that are not part of the template will not be removed.
+
+~> **Note:** Tenant Template Deployments are always targeted at the Tenant in which the current User, Managed Identity, or Service Principal being used by Terraform is homed.
+
+## Example Usage
+
+```hcl
+data "azurerm_template_spec_version" "example" {
+  name                = "myTemplateForTenant"
+  resource_group_name = "myResourceGroup"
+  version             = "v0.1"
+}
+
+resource "azurerm_tenant_template_deployment" "example" {
+  name                     = "example"
+  location                 = "West Europe"
+  template_spec_version_id = data.azurerm_template_spec_version.example.id
+}
+```
+
+## Arguments Reference
+
+The following arguments are supported:
+
+* `location` - (Required) The Azure Region where the Template should exist. Changing this forces a new Template to be created.
+
+* `name` - (Required) The name which should be used for this Template. Changing this forces a new Template to be created.
+
+---
+
+* `debug_level` - (Optional) The Debug Level which should be used for this Resource Group Template Deployment. Possible values are `none`, `requestContent`, `responseContent` and `requestContent, responseContent`.
+
+* `parameters_content` - (Optional) The contents of the ARM Template parameters file - containing a JSON list of parameters.
+
+* `template_content` - (Optional) The contents of the ARM Template which should be deployed into this Resource Group. Cannot be specified with `template_spec_version_id`.
+
+* `template_spec_version_id` - (Optional) The ID of the Template Spec Version to deploy. Cannot be specified with `template_content`.
+
+* `tags` - (Optional) A mapping of tags which should be assigned to the Template.
+
+## Attributes Reference
+
+In addition to the Arguments listed above - the following Attributes are exported: 
+
+* `id` - The ID of the Tenant Template Deployment.
+
+* `output_content` - The JSON Content of the Outputs of the ARM Template Deployment.
+
+## Timeouts
+
+The `timeouts` block allows you to specify [timeouts](https://www.terraform.io/docs/configuration/resources.html#timeouts) for certain actions:
+
+* `create` - (Defaults to 3 hours) Used when creating the Tenant Template Deployment.
+* `read` - (Defaults to 5 minutes) Used when retrieving the Tenant Template Deployment.
+* `update` - (Defaults to 3 hours) Used when updating the Tenant Template Deployment.
+* `delete` - (Defaults to 3 hours) Used when deleting the Tenant Template Deployment.
+
+## Import
+
+Tenant Template Deployments can be imported using the `resource id`, e.g.
+
+```shell
+terraform import azurerm_tenant_template_deployment.example /providers/Microsoft.Resources/deployments/deploy1
+```