Schemas/datalake.schema.json
|
{
"$id": "#", "type": "object", "title": "Data Lake ACL Permission", "description": "Apply data lake ACL", "default": {}, "examples": [ { "comment": "Example Lake permission for subfolder/AAD Group", "type": "datalake", "dataLakeName": "mydatalake", "containerName": "mycontainer", "path": "LANDED/TEST1/", "principalType": "group", "principalName": "GDAI_Imperial_GDP", "permission": "xrw", "aclType": "Access", "applyMinimumPermissionsToParentFolders": true, "applyToSubFolders": true, "forceApplyPermission": true } ], "required": [ "type", "dataLakeName", "containerName", "principalType", "principalName", "path", "permission" ], "properties": { "comment": { "$id": "#/properties/comment", "type": "string", "title": "Comment", "description": "Description or explanation for the permission", "default": "", "examples": [] }, "type": { "$id": "#/properties/type", "type": "string", "title": "Type", "description": "Type of permission", "enum": [ "datalake" ], "default": "datalake", "examples": [ "datalake" ] }, "dataLakeName": { "$id": "#/properties/dataLakeName", "type": "string", "title": "Data Lake Name", "description": "Name of the Azure Data Lake Storage Account (Gen 2).", "default": "", "examples": [ "mystorageaccount" ] }, "containerName": { "$id": "#/properties/containerName", "type": "string", "title": "Container Name", "description": "Name of the container within the storage account that the path belongs to.", "default": "", "examples": [ "mycontainer" ] }, "path": { "$id": "#/properties/path", "type": "string", "title": "Path", "description": "Folder path from root (preceeding and trailing / is ignored) Slashes must be forward. Single / for root.", "default": "", "examples": [ "Sourced/System/Entity", "/" ] }, "principalType": { "$id": "#/properties/principalType", "type": "string", "title": "Principal Type", "description": "Type of AAD Prinicpal", "default": "AAD", "enum": [ "Group", "User", "MSI", "Application" ], "examples": [ "Group", "User" ] }, "principalName": { "$id": "#/properties/principalName", "type": "string", "title": "Principal Name", "description": "Name of the principal to be added", "default": "My AAD Group Name", "examples": [] }, "permission": { "$id": "#/properties/permission", "type": "string", "title": "Database Role", "description": "X = Execute (always required), R = Read, W = Write. Order required. Blank removes permissions.", "default": "xrw", "enum": [ "xrw", "xr", "xw", "x", "" ], "examples": [ "xrw", "xr", "xw", "x" ] }, "aclType": { "$id": "#/properties/aclType", "type": "string", "title": "ACL Type", "description": "Enum for selecting the type of ACL which should be applied. Access applies directly to target directory. Default applies a template for future child objects to inherit from. Both applies both Access and Default.", "default": "Access", "enum": [ "Access", "Default", "Both" ], "examples": [ "Access", "Default", "Both" ] }, "applyMinimumPermissionsToParentFolders": { "$id": "#/properties/applyMinimumPermissionsToParentFolders", "type": "boolean", "title": "Apply Minimum Permissions to Parent Folders", "description": "Boolean value indicating whether or not to apply Read/Execute permissions to Parent objects. These permissions are required from the root directory to the target folder so they can be viewed within Storage Explorer. Set to false if access is already provided by other permissions, or you are assigning access to the root directory.", "default": true, "examples": [ true, false ] }, "applyToSubFolders": { "$id": "#/properties/applyToSubFolders", "type": "boolean", "title": "Apply to Sub Folders", "description": "Boolean value indicating whether or not ACL permissions should be propagated to child folders.", "default": true, "examples": [ true, false ] }, "forceApplyPermission": { "$id": "#/properties/applyToSubFolders", "type": "boolean", "title": "Force Apply Permission", "description": "Boolean value indicating whether or not ACL permissions should be forcibly applied. If set to true, existing permissions are ignored. When false, an existence check is applied before setting permissions and any permissions with existing defaults will be skipped.", "default": false, "examples": [ true, false ] } }, "additionalProperties": false } |