arm-artifacts/shared-templates/synapse-workspace.json
|
{ "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "_artifactsLocation": { "type": "string" }, "_artifactsLocationSasToken": { "type": "securestring" }, "workspaceName": { "type": "string" }, "location": { "type": "string" }, "defaultDataLakeStorageAccountName": { "type": "string" }, "defaultDataLakeStorageFilesystemName": { "type": "string" }, "setWorkspaceIdentityRbacOnStorageAccount": { "type": "bool" }, "allowAllConnections": { "type": "bool", "defaultValue": true }, "grantWorkspaceIdentityControlForSql": { "type": "string", "allowedValues": [ "Enabled", "Disabled" ] }, "managedVirtualNetwork": { "type": "string", "allowedValues": [ "default", "" ], "defaultValue": "" }, "tagValues": { "type": "object", "defaultValue": {} }, "storageSubscriptionID": { "type": "string", "defaultValue": "[subscription().subscriptionId]" }, "storageResourceGroupName": { "type": "string", "defaultValue": "[resourceGroup().name]" }, "storageLocation": { "type": "string", "defaultValue": "[resourceGroup().location]" }, "isNewStorageAccount": { "type": "bool", "defaultValue": false }, "isNewFileSystemOnly": { "type": "bool", "defaultValue": false }, "adlaResourceId": { "type": "string", "defaultValue": "" }, "storageAccountType": { "type": "string" }, "storageSupportsHttpsTrafficOnly": { "type": "bool" }, "storageIsHnsEnabled": { "type": "bool" }, "datalakeContributorGroupId": { "type": "string", "defaultValue": "" }, "sqlAdministratorPrincipalName": { "type": "string" }, "sqlAdministratorPrincipalId": { "type": "string" }, "setSbdcRbacOnStorageAccount": { "type": "bool", "defaultValue": false }, "defaultSparkPoolName": { "type": "string", "defaultValue": "" }, "defaultSparkPoolVersion": { "type": "string", "defaultValue": "2.4" }, "defaultSparkPoolNodeSize": { "type": "string", "allowedValues": [ "Large", "Medium", "None", "Small", "XLarge", "XXLarge", "XXXLarge" ], "defaultValue": "Small" }, "defaultSparkPoolNodeSizeFamily": { "type": "string", "allowedValues": [ "MemoryOptimized", "None" ], "defaultValue": "MemoryOptimized" }, "defaultSparkPoolNodeCount": { "type": "int", "defaultValue": 3 }, "defaultSparkPoolAutoScaleEnabled": { "type": "bool", "defaultValue": false }, "defaultSparkPoolAutoScaleMinNodes": { "type": "int", "defaultValue": 0 }, "defaultSparkPoolAutoScaleMaxNodes": { "type": "int", "defaultValue": 0 }, "defaultSparkPoolAutoPauseEnabled": { "type": "bool", "defaultValue": true }, "defaultSparkPoolAutoPauseDelayMinutes": { "type": "int", "defaultValue": 15 }, "synapsePrivateEndpointSubnetResourceId": { "type": "string", "defaultValue": "" }, "synapsePrivateEndpointServices": { "type": "array", "defaultValue": [], "allowedValues": [ "Dev", "Sql", "SqlOnDemand" ] }, "workspaceRepositoryConfiguration": { "type": "object", "defaultValue": {} } }, "variables": { "readerRoleId": "acdd72a7-3385-48ef-bd42-f606fba81ae7", "storageBlobDataContributorRoleID": "ba92f5b4-2d11-453d-a403-e96b0029c9fe", "defaultDataLakeStorageAccountUrl": "[concat('https://', parameters('defaultDataLakeStorageAccountName'), '.dfs.core.windows.net')]", "defaultDataLakeStorageDeployName": "[concat(deployment().name, '-defsa')]", "synapseManagedIdentityRoleAssignmentIdBaseEntropy": "[concat(resourceGroup().id, '/', parameters('defaultDataLakeStorageAccountName'), '/', variables('storageBlobDataContributorRoleID'), '/', parameters('workspaceName'))]", "defaultDatalakeDataContributorRoleAssignmentId": "[guid(concat(resourceGroup().id, '/', parameters('defaultDataLakeStorageAccountName'), '/', variables('storageBlobDataContributorRoleID'), '/', parameters('datalakeContributorGroupId'), '/', 'datalake-contributor-group'))]", "defaultDatalakeResourceReaderRoleAssignmentId": "[guid(concat(resourceGroup().id, '/', parameters('defaultDataLakeStorageAccountName'), '/', variables('readerRoleID'), '/', parameters('datalakeContributorGroupId'), '/', 'datalake-contributor-group'))]", "defaultSparkPoolNameSafe": "[if(equals(parameters('defaultSparkPoolName'),''), 'not-required', parameters('defaultSparkPoolName'))]", "localTags": { "displayName": "[parameters('workspaceName')]" }, "tags": "[union(parameters('tagValues'), variables('localTags'))]" }, "resources": [ { "apiVersion": "2019-06-01-preview", "name": "[parameters('workspaceName')]", "location": "[parameters('location')]", "type": "Microsoft.Synapse/workspaces", "identity": { "type": "SystemAssigned" }, "properties": { "defaultDataLakeStorage": { "accountUrl": "[variables('defaultDataLakeStorageAccountUrl')]", "filesystem": "[parameters('defaultDataLakeStorageFilesystemName')]" }, "adlaResourceId": "[parameters('adlaResourceId')]", "managedVirtualNetwork": "[parameters('managedVirtualNetwork')]", "workspaceRepositoryConfiguration": "[parameters('workspaceRepositoryConfiguration')]" }, "resources": [ { "type": "bigDataPools", "condition": "[not(equals(parameters('defaultSparkPoolName'), ''))]", "apiVersion": "2019-06-01-preview", "name": "[variables('defaultSparkPoolNameSafe')]", "location": "[parameters('location')]", "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "properties": { "sparkVersion": "[parameters('defaultSparkPoolVersion')]", "nodeCount": "[parameters('defaultSparkPoolNodeCount')]", "nodeSize": "[parameters('defaultSparkPoolNodeSize')]", "nodeSizeFamily": "[parameters('defaultSparkPoolNodeSizeFamily')]", "autoScale": { "enabled": "[parameters('defaultSparkPoolAutoScaleEnabled')]", "minNodeCount": "[parameters('defaultSparkPoolAutoScaleMinNodes')]", "maxNodeCount": "[parameters('defaultSparkPoolAutoScaleMaxNodes')]" }, "autoPause": { "enabled": "[parameters('defaultSparkPoolAutoPauseEnabled')]", "delayInMinutes": "[parameters('defaultSparkPoolAutoPauseDelayMinutes')]" }, "isComputeIsolationEnabled": false, "sessionLevelPackagesEnabled": false }, "tags": "[parameters('tagValues')]" }, { "type": "firewallRules", "condition": "[parameters('allowAllConnections')]", "apiVersion": "2019-06-01-preview", "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "location": "[parameters('location')]", "name": "allowAll", "properties": { "startIpAddress": "0.0.0.0", "endIpAddress": "255.255.255.255" }, "tags": "[parameters('tagValues')]" }, { "type": "managedIdentitySqlControlSettings", "apiVersion": "2019-06-01-preview", "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "location": "[parameters('location')]", "name": "default", "properties": { "grantSqlControlToManagedIdentity": { "desiredState": "[parameters('grantWorkspaceIdentityControlForSql')]" } }, "tags": "[parameters('tagValues')]" }, { "type": "administrators", "name": "activeDirectory", "apiVersion": "2019-06-01-preview", "location": "[parameters('location')]", "properties": { "administratorType": "ActiveDirectory", "login": "[parameters('sqlAdministratorPrincipalName')]", "sid": "[parameters('sqlAdministratorPrincipalId')]", "tenantId": "[subscription().tenantId]" }, "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "tags": "[parameters('tagValues')]" } ], "dependsOn": [ "[variables('defaultDataLakeStorageDeployName')]", "[concat('Microsoft.Resources/deployments/', parameters('defaultDataLakeStorageFilesystemName'))]" ], "tags": "[variables('tags')]" }, { "condition": "[not(empty(parameters('synapsePrivateEndpointServices')))]", "type": "Microsoft.Resources/deployments", "apiVersion": "2020-10-01", "name": "[concat(deployment().name, '-private-endpoints')]", "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "properties": { "expressionEvaluationOptions": { "scope": "inner" }, "mode": "Incremental", "parameters": { "synapsePrivateEndpointSubnetResourceId": { "value": "[parameters('synapsePrivateEndpointSubnetResourceId')]" }, "synapsePrivateEndpointServices": { "value": "[parameters('synapsePrivateEndpointServices')]" }, "location": { "value": "[parameters('location')]" }, "workspaceName": { "value": "[parameters('workspaceName')]" }, "tags": { "value": "[parameters('tagValues')]" } }, "template": { "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": { "synapsePrivateEndpointSubnetResourceId": { "type": "string" }, "synapsePrivateEndpointServices": { "type": "array", "allowedValues": [ "Dev", "Sql", "SqlOnDemand" ] }, "workspaceName": { "type": "string" }, "location": { "type": "string" }, "tags": { "type": "object", "defaultValue": {} } }, "variables": { "privateEndpointBaseName": "[concat('private-endpoint-synapse-', parameters('workspaceName'))]", }, "resources": [ { "type": "Microsoft.Network/privateEndpoints", "apiVersion": "2020-06-01", "name": "[toLower(concat(variables('privateEndpointBaseName'), '-', parameters('synapsePrivateEndpointServices')[copyIndex()]))]", "copy": { "name": "endpointCopy", "count": "[length(parameters('synapsePrivateEndpointServices'))]" }, "location": "[parameters('location')]", "properties": { "subnet": { "id": "[parameters('synapsePrivateEndpointSubnetResourceId')]" }, "privateLinkServiceConnections": [ { "name": "[toLower(concat(variables('privateEndpointBaseName'), '-', parameters('synapsePrivateEndpointServices')[copyIndex()]))]", "properties": { "privateLinkServiceId": "[resourceId('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]", "groupIds": [ "[parameters('synapsePrivateEndpointServices')[copyIndex()]]" ] } } ] }, "tags": "[parameters('tags')]" } ] } } }, { "condition": "[parameters('setWorkspaceIdentityRbacOnStorageAccount')]", "apiVersion": "2019-05-01", "name": "storageRoleDeploymentResource", "type": "Microsoft.Resources/deployments", "subscriptionId": "[parameters('storageSubscriptionID')]", "resourceGroup": "[parameters('storageResourceGroupName')]", "dependsOn": [ "[concat('Microsoft.Synapse/workspaces/', parameters('workspaceName'))]" ], "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.Storage/storageAccounts/providers/roleAssignments", "apiVersion": "2018-09-01-preview", "name": "[concat(parameters('defaultDataLakeStorageAccountName'), '/Microsoft.Authorization/', guid(concat(variables('synapseManagedIdentityRoleAssignmentIdBaseEntropy'), '/', reference(concat('Microsoft.Synapse/workspaces/', parameters('workspaceName')), '2019-06-01-preview', 'Full').identity.principalId)))]", "location": "[parameters('storageLocation')]", "properties": { "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', variables('storageBlobDataContributorRoleID'))]", "principalId": "[reference(concat('Microsoft.Synapse/workspaces/', parameters('workspaceName')), '2019-06-01-preview', 'Full').identity.principalId]", "principalType": "ServicePrincipal" } }, { "condition": "[parameters('setSbdcRbacOnStorageAccount')]", "type": "Microsoft.Storage/storageAccounts/providers/roleAssignments", "apiVersion": "2018-09-01-preview", "name": "[concat(parameters('defaultDataLakeStorageAccountName'), '/Microsoft.Authorization/', variables('defaultDatalakeDataContributorRoleAssignmentId'))]", "properties": { "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', variables('storageBlobDataContributorRoleID'))]", "principalId": "[parameters('datalakeContributorGroupId')]", "principalType": "Group" } }, { "condition": "[parameters('setSbdcRbacOnStorageAccount')]", "type": "Microsoft.Storage/storageAccounts/providers/roleAssignments", "apiVersion": "2018-09-01-preview", "name": "[concat(parameters('defaultDataLakeStorageAccountName'), '/Microsoft.Authorization/', variables('defaultDatalakeResourceReaderRoleAssignmentId'))]", "properties": { "roleDefinitionId": "[resourceId('Microsoft.Authorization/roleDefinitions', variables('readerRoleId'))]", "principalId": "[parameters('datalakeContributorGroupId')]", "principalType": "Group" } } ] } } }, { "condition": "[parameters('isNewStorageAccount')]", "name": "[variables('defaultDataLakeStorageDeployName')]", "type": "Microsoft.Resources/deployments", "apiVersion": "2019-03-01", "dependsOn": [], "resourceGroup": "[parameters('storageResourceGroupName')]", "properties": { "mode": "Incremental", "templateLink": { "uri": "[concat(parameters('_artifactsLocation'), '/shared-templates/storage-account.json', parameters('_artifactsLocationSasToken'))]", "contentVersion": "1.0.0.0" }, "parameters": { "storageAccountType": { "value": "[parameters('storageAccountType')]" }, "storageAccountName": { "value": "[parameters('defaultDataLakeStorageAccountName')]" }, "storageContainerNames": { "value": "[array(parameters('defaultDataLakeStorageFilesystemName'))]" }, "supportsHttpsTrafficOnly": { "value": "[parameters('storageSupportsHttpsTrafficOnly')]" }, "isHnsEnabled": { "value": "[parameters('storageIsHnsEnabled')]" }, "tagValues": { "value": "[parameters('tagValues')]" } } } }, { "condition": "[parameters('isNewFileSystemOnly')]", "apiVersion": "2019-05-01", "name": "[parameters('defaultDataLakeStorageFilesystemName')]", "type": "Microsoft.Resources/deployments", "subscriptionId": "[parameters('storageSubscriptionID')]", "resourceGroup": "[parameters('storageResourceGroupName')]", "properties": { "mode": "Incremental", "template": { "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#", "contentVersion": "1.0.0.0", "parameters": {}, "variables": {}, "resources": [ { "type": "Microsoft.Storage/storageAccounts/blobServices/containers", "name": "[concat(parameters('defaultDataLakeStorageAccountName'), '/default/', parameters('defaultDataLakeStorageFilesystemName'))]", "apiVersion": "2018-02-01", "properties": { "publicAccess": "None" } } ] } } } ], "outputs": { "synapseManagedIdentity": { "type": "string", "value": "[reference(concat('Microsoft.Synapse/workspaces/', parameters('workspaceName')), '2019-06-01-preview', 'Full').identity.principalId]" }, "defaultDatalakeAccessKey": { "type": "string", "value": "[reference(variables('defaultDataLakeStorageDeployName')).outputs.storageAccountKey.value]" } } } |