azurermBatchAccount
Manages an Azure Batch account.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "testbatch",
}
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
this,
"example_1",
{
account_replication_type: "LRS",
account_tier: "Standard",
location: azurermResourceGroupExample.location,
name: "teststorage",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermBatchAccountExample = new azurerm.batchAccount.BatchAccount(
this,
"example_2",
{
location: azurermResourceGroupExample.location,
name: "testbatchaccount",
pool_allocation_mode: "BatchService",
resource_group_name: azurermResourceGroupExample.name,
storage_account_id: azurermStorageAccountExample.id,
tags: {
env: "test",
},
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermBatchAccountExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name- (Required) Specifies the name of the Batch account. Only lowercase Alphanumeric characters allowed. Changing this forces a new resource to be created. -
resourceGroupName- (Required) The name of the resource group in which to create the Batch account. Changing this forces a new resource to be created.
\~> NOTE: To work around a bug in the Azure API this property is currently treated as case-insensitive. A future version of Terraform will require that the casing is correct.
-
location- (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created. -
identity- (Optional) Anidentityblock as defined below. -
poolAllocationMode- (Optional) Specifies the mode to use for pool allocation. Possible values arebatchServiceoruserSubscription. Defaults tobatchService. -
publicNetworkAccessEnabled- (Optional) Whether public network access is allowed for this server. Defaults totrue. Changing this forces a new resource to be created.
\~> NOTE: When using userSubscription mode, an Azure KeyVault reference has to be specified. See keyVaultReference below.
\~> NOTE: When using userSubscription mode, the microsoftAzureBatch service principal has to have contributor role on your subscription scope, as documented here.
-
keyVaultReference- (Optional) AkeyVaultReferenceblock, as defined below, that describes the Azure KeyVault reference to use when deploying the Azure Batch account using theuserSubscriptionpool allocation mode. -
storageAccountId- (Optional) Specifies the storage account to use for the Batch account. If not specified, Azure Batch will manage the storage. -
storageAccountAuthenticationMode- (Optional) Specifies the storage account authentication mode. Possible values includestorageKeys,batchAccountManagedIdentity.
\~> NOTE: When using batchAccountManagedIdentity mod, the identityType must set to userAssigned or systemAssigned,UserAssigned.
-
storageAccountNodeIdentity- (Optional) Specifies the user assigned identity for the storage account. -
allowedAuthenticationModes- (Optional) Specifies the allowed authentication mode for the Batch account. Possible values includeaad,sharedKeyortaskAuthenticationToken. -
encryption- (Optional) Specifies if customer managed key encryption should be used to encrypt batch account data. -
tags- (Optional) A mapping of tags to assign to the resource.
An identity block supports the following:
-
type- (Required) Specifies the type of Managed Service Identity that should be configured on this Batch Account. Possible values aresystemAssigned,userAssigned,systemAssigned,UserAssigned(to enable both). -
identityIds- (Optional) A list of User Assigned Managed Identity IDs to be assigned to this Batch Account.
\~> NOTE: This is required when type is set to userAssigned or systemAssigned,UserAssigned.
A keyVaultReference block supports the following:
-
id- (Required) The Azure identifier of the Azure KeyVault to use. -
url- (Required) The HTTPS URL of the Azure KeyVault to use.
A encryption block supports the following:
keyVaultKeyId- (Required) The Azure key vault reference id with version that should be used to encrypt data, as documented here. Key rotation is not yet supported.
Attributes Reference
The following attributes are exported:
-
id- The ID of the Batch Account. -
identity- Anidentityblock as defined below. -
primaryAccessKey- The Batch account primary access key. -
secondaryAccessKey- The Batch account secondary access key. -
accountEndpoint- The account endpoint used to interact with the Batch service.
\~> NOTE: Primary and secondary access keys are only available when poolAllocationMode is set to batchService and allowedAuthenticationModes contains sharedKey. See documentation for more information.
An identity block exports the following:
-
principalId- The Principal ID associated with this Managed Service Identity. -
tenantId- The Tenant ID associated with this Managed Service Identity.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the Batch Account.update- (Defaults to 30 minutes) Used when updating the Batch Account.read- (Defaults to 5 minutes) Used when retrieving the Batch Account.delete- (Defaults to 30 minutes) Used when deleting the Batch Account.
Import
Batch Account can be imported using the resourceId, e.g.