Skip to content

azurermBatchPool

Manages an Azure Batch pool.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "testaccbatch",
  }
);
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
  this,
  "example_1",
  {
    account_replication_type: "LRS",
    account_tier: "Standard",
    location: azurermResourceGroupExample.location,
    name: "testaccsa",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");
const azurermBatchAccountExample = new azurerm.batchAccount.BatchAccount(
  this,
  "example_2",
  {
    location: azurermResourceGroupExample.location,
    name: "testaccbatch",
    pool_allocation_mode: "BatchService",
    resource_group_name: azurermResourceGroupExample.name,
    storage_account_id: azurermStorageAccountExample.id,
    tags: {
      env: "test",
    },
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermBatchAccountExample.overrideLogicalId("example");
const azurermBatchCertificateExample =
  new azurerm.batchCertificate.BatchCertificate(this, "example_3", {
    account_name: azurermBatchAccountExample.name,
    certificate: '${filebase64("certificate.cer")}',
    format: "Cer",
    resource_group_name: azurermResourceGroupExample.name,
    thumbprint: "312d31a79fa0cef49c00f769afc2b73e9f4edf34",
    thumbprint_algorithm: "SHA1",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermBatchCertificateExample.overrideLogicalId("example");
const azurermBatchPoolExample = new azurerm.batchPool.BatchPool(
  this,
  "example_4",
  {
    account_name: azurermBatchAccountExample.name,
    auto_scale: [
      {
        evaluation_interval: "PT15M",
        formula:
          "      startingNumberOfVMs = 1;\n      maxNumberofVMs = 25;\n      pendingTaskSamplePercent = $PendingTasks.GetSamplePercent(180 * TimeInterval_Second);\n      pendingTaskSamples = pendingTaskSamplePercent < 70 ? startingNumberOfVMs : avg($PendingTasks.GetSample(180 *   TimeInterval_Second));\n      $TargetDedicatedNodes=min(maxNumberofVMs, pendingTaskSamples);\n",
      },
    ],
    certificate: [
      {
        id: azurermBatchCertificateExample.id,
        store_location: "CurrentUser",
        visibility: ["StartTask"],
      },
    ],
    container_configuration: [
      {
        container_registries: [
          {
            password: "apassword",
            registry_server: "docker.io",
            user_name: "login",
          },
        ],
        type: "DockerCompatible",
      },
    ],
    display_name: "Test Acc Pool Auto",
    name: "testaccpool",
    node_agent_sku_id: "batch.node.ubuntu 20.04",
    resource_group_name: azurermResourceGroupExample.name,
    start_task: [
      {
        command_line: "echo 'Hello World from $env'",
        common_environment_properties: [
          {
            env: "TEST",
          },
        ],
        task_retry_maximum: 1,
        user_identity: [
          {
            auto_user: [
              {
                elevation_level: "NonAdmin",
                scope: "Task",
              },
            ],
          },
        ],
        wait_for_success: true,
      },
    ],
    storage_image_reference: [
      {
        offer: "ubuntu-server-container",
        publisher: "microsoft-azure-batch",
        sku: "20-04-lts",
        version: "latest",
      },
    ],
    vm_size: "Standard_A1",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermBatchPoolExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • name - (Required) Specifies the name of the Batch pool. Changing this forces a new resource to be created.

  • resourceGroupName - (Required) The name of the resource group in which to create the Batch pool. Changing this forces a new resource to be created.

  • accountName - (Required) Specifies the name of the Batch account in which the pool will be created. Changing this forces a new resource to be created.

  • nodeAgentSkuId - (Required) Specifies the SKU of the node agents that will be created in the Batch pool. Changing this forces a new resource to be created.

  • stopPendingResizeOperation - (Optional) Whether to stop if there is a pending resize operation on this pool.

  • vmSize - (Required) Specifies the size of the VM created in the Batch pool. Changing this forces a new resource to be created.

  • storageImageReference - (Required) A storageImageReference for the virtual machines that will compose the Batch pool. Changing this forces a new resource to be created.

  • dataDisks - (Optional) A dataDisks block describes the data disk settings as defined below.

  • displayName - (Optional) Specifies the display name of the Batch pool. Changing this forces a new resource to be created.

  • diskEncryption - (Optional) A diskEncryption block, as defined below, describes the disk encryption configuration applied on compute nodes in the pool. Disk encryption configuration is not supported on Linux pool created with Virtual Machine Image or Shared Image Gallery Image.

  • extensions - (Optional) An extensions block as defined below.

  • interNodeCommunication - (Optional) Whether the pool permits direct communication between nodes. This imposes restrictions on which nodes can be assigned to the pool. Enabling this value can reduce the chance of the requested number of nodes to be allocated in the pool. If not specified, this value defaults to disabled. Values allowed are disabled and enabled.

  • identity - (Optional) An identity block as defined below.

  • licenseType - (Optional) The type of on-premises license to be used when deploying the operating system. This only applies to images that contain the Windows operating system, and should only be used when you hold valid on-premises licenses for the nodes which will be deployed. If omitted, no on-premises licensing discount is applied. Values are: "Windows_Server" - The on-premises license is for Windows Server. "Windows_Client" - The on-premises license is for Windows Client.

  • maxTasksPerNode - (Optional) Specifies the maximum number of tasks that can run concurrently on a single compute node in the pool. Defaults to 1. Changing this forces a new resource to be created.

  • fixedScale - (Optional) A fixedScale block that describes the scale settings when using fixed scale as defined below.

  • autoScale - (Optional) A autoScale block that describes the scale settings when using auto scale as defined below.

  • startTask - (Optional) A startTask block that describes the start task settings for the Batch pool as defined below.

  • certificate - (Optional) One or more certificate blocks that describe the certificates to be installed on each compute node in the pool as defined below.

  • containerConfiguration - (Optional) The container configuration used in the pool's VMs.

  • metadata - (Optional) A map of custom batch pool metadata.

  • mount - (Optional) A mount block defined as below.

  • networkConfiguration - (Optional) A networkConfiguration block that describes the network configurations for the Batch pool as defined below. Changing this forces a new resource to be created.

  • nodePlacement - (Optional) A nodePlacement block that describes the placement policy for allocating nodes in the pool as defined below.

  • osDiskPlacement - (Optional) Specifies the ephemeral disk placement for operating system disk for all VMs in the pool. This property can be used by user in the request to choose which location the operating system should be in. e.g., cache disk space for Ephemeral OS disk provisioning. For more information on Ephemeral OS disk size requirements, please refer to Ephemeral OS disk size requirements for Windows VMs at https://docs.microsoft.com/en-us/azure/virtual-machines/windows/ephemeral-os-disks#size-requirements and Linux VMs at https://docs.microsoft.com/en-us/azure/virtual-machines/linux/ephemeral-os-disks#size-requirements. The only possible value is cacheDisk.

  • taskSchedulingPolicy - (Optional) A taskSchedulingPolicy block that describes how tasks are distributed across compute nodes in a pool. If not specified, the default is spread as defined below.

  • userAccounts - (Optional) A userAccounts block that describes the list of user accounts to be created on each node in the pool as defined below.

  • windows - (Optional) A windows block that describes the Windows configuration in the pool as defined below.

-> NOTE: For Windows compute nodes, the Batch service installs the certificates to the specified certificate store and location. For Linux compute nodes, the certificates are stored in a directory inside the task working directory and an environment variable azBatchCertificatesDir is supplied to the task to query for this location. For certificates with visibility of remoteUser, a certs directory is created in the user's home directory (e.g., /home/{userName}/certs) and certificates are placed in that directory.

\~> Please Note: fixedScale and autoScale blocks cannot be used both at the same time.

An identity block supports the following:

  • type - (Required) Specifies the type of Managed Service Identity that should be configured on this Batch Account. Only possible value is userAssigned.

  • identityIds - (Required) Specifies a list of User Assigned Managed Identity IDs to be assigned to this Batch Account.

A dataDisks block supports the following:

  • lun - (Required) The lun is used to uniquely identify each data disk. If attaching multiple disks, each should have a distinct lun. The value must be between 0 and 63, inclusive.

  • caching - (Optional) Values are: "none" - The caching mode for the disk is not enabled. "readOnly" - The caching mode for the disk is read only. "readWrite" - The caching mode for the disk is read and write. The default value for caching is "none". For information about the caching options see: https://blogs.msdn.microsoft.com/windowsazurestorage/2012/06/27/exploring-windows-azure-drives-disks-and-images/. Possible values are none, readOnly and readWrite.

  • diskSizeGb - (Required) The initial disk size in GB when creating new data disk.

  • storageAccountType - (Optional) The storage account type to be used for the data disk. If omitted, the default is "Standard_LRS". Values are: "Standard_LRS" - The data disk should use standard locally redundant storage. "Premium_LRS" - The data disk should use premium locally redundant storage.

A diskEncryption block supports the following:

The disk encryption configuration applied on compute nodes in the pool. Disk encryption configuration is not supported on Linux pool created with Virtual Machine Image or Shared Image Gallery Image.

  • diskEncryptionTarget - (Required) On Linux pool, only "TemporaryDisk" is supported; on Windows pool, "OsDisk" and "TemporaryDisk" must be specified.

An extensions block supports the following:

The virtual machine extension for the pool. If specified, the extensions mentioned in this configuration will be installed on each node.

  • name - (Required) The name of the virtual machine extension.

  • publisher - (Required) The name of the extension handler publisher.The name of the extension handler publisher.

  • type - (Required) The type of the extensions.

  • typeHandlerVersion - (Optional) The version of script handler.

  • autoUpgradeMinorVersion - (Optional) Indicates whether the extension should use a newer minor version if one is available at deployment time. Once deployed, however, the extension will not upgrade minor versions unless redeployed, even with this property set to true.

  • settingsJson - (Optional) JSON formatted public settings for the extension.

  • protectedSettings - (Optional) The extension can contain either protectedSettings or provisionAfterExtensions or no protected settings at all.

  • provisionAfterExtensions - (Optional) The collection of extension names. Collection of extension names after which this extension needs to be provisioned.

A nodePlacement block supports the following:

Node placement Policy type on Batch Pools. Allocation policy used by Batch Service to provision the nodes. If not specified, Batch will use the regional policy.

  • policy - (Optional) The placement policy for allocating nodes in the pool. Values are: "Regional": All nodes in the pool will be allocated in the same region; "Zonal": Nodes in the pool will be spread across different zones with the best effort balancing.

A storageImageReference block supports the following:

This block provisions virtual machines in the Batch Pool from one of two sources: an Azure Platform Image (e.g. Ubuntu/Windows Server) or a Custom Image.

To provision from an Azure Platform Image, the following fields are applicable:

  • publisher - (Optional) Specifies the publisher of the image used to create the virtual machines. Changing this forces a new resource to be created.

  • offer - (Optional) Specifies the offer of the image used to create the virtual machines. Changing this forces a new resource to be created.

  • sku - (Optional) Specifies the SKU of the image used to create the virtual machines. Changing this forces a new resource to be created.

  • version - (Optional) Specifies the version of the image used to create the virtual machines. Changing this forces a new resource to be created.

To provision a Custom Image, the following fields are applicable:

  • id - (Optional) Specifies the ID of the Custom Image which the virtual machines should be created from. Changing this forces a new resource to be created. See official documentation for more details.

A fixedScale block supports the following:

  • nodeDeallocationMethod - (Optional) It determines what to do with a node and its running task(s) if the pool size is decreasing. Values are requeue, retainedData, taskCompletion and terminate.

  • targetDedicatedNodes - (Optional) The number of nodes in the Batch pool. Defaults to 1.

  • targetLowPriorityNodes - (Optional) The number of low priority nodes in the Batch pool. Defaults to 0.

  • resizeTimeout - (Optional) The timeout for resize operations. Defaults to pt15M.

A autoScale block supports the following:

  • evaluationInterval - (Optional) The interval to wait before evaluating if the pool needs to be scaled. Defaults to pt15M.

  • formula - (Required) The autoscale formula that needs to be used for scaling the Batch pool.

A startTask block supports the following:

  • commandLine - (Required) The command line executed by the start task.

  • container - (Optional) A container block is the settings for the container under which the start task runs. When this is specified, all directories recursively below the azBatchNodeRootDir (the root of Azure Batch directories on the node) are mapped into the container, all task environment variables are mapped into the container, and the task command line is executed in the container.

  • taskRetryMaximum - (Optional) The number of retry count.

  • waitForSuccess - (Optional) A flag that indicates if the Batch pool should wait for the start task to be completed. Default to false.

  • commonEnvironmentProperties - (Optional) A map of strings (key,value) that represents the environment variables to set in the start task.

  • userIdentity - (Required) A userIdentity block that describes the user identity under which the start task runs as defined below.

  • resourceFile - (Optional) One or more resourceFile blocks that describe the files to be downloaded to a compute node as defined below.

A container block supports the following:

  • imageName - (Required) The image to use to create the container in which the task will run. This is the full image reference, as would be specified to "docker pull". If no tag is provided as part of the image name, the tag ":latest" is used as a default.

  • runOptions - (Optional) Additional options to the container create command. These additional options are supplied as arguments to the "docker create" command, in addition to those controlled by the Batch Service.

  • registry - (Optional) The same reference as containerRegistries block defined as below.

  • workingDirectory - (Optional) A flag to indicate where the container task working directory is. The default is taskWorkingDirectory, an alternative value is containerImageDefault.

A userIdentity block supports the following:

  • userName - (Optional) The username to be used by the Batch pool start task.

  • autoUser - (Optional) A autoUser block that describes the user identity under which the start task runs as defined below.

\~> Please Note: userName and autoUser blocks cannot be used both at the same time, but you need to define one or the other.

A autoUser block supports the following:

  • elevationLevel - (Optional) The elevation level of the user identity under which the start task runs. Possible values are admin or nonAdmin. Defaults to nonAdmin.

  • scope - (Optional) The scope of the user identity under which the start task runs. Possible values are task or pool. Defaults to task.

A certificate block supports the following:

  • id - (Required) The ID of the Batch Certificate to install on the Batch Pool, which must be inside the same Batch Account.

  • storeLocation - (Required) The location of the certificate store on the compute node into which to install the certificate. Possible values are currentUser or localMachine.

-> NOTE: This property is applicable only for pools configured with Windows nodes (that is, created with cloudServiceConfiguration, or with virtualMachineConfiguration using a Windows image reference). For Linux compute nodes, the certificates are stored in a directory inside the task working directory and an environment variable azBatchCertificatesDir is supplied to the task to query for this location. For certificates with visibility of remoteUser, a 'certs' directory is created in the user's home directory (e.g., /home/{userName}/certs) and certificates are placed in that directory.

  • storeName - (Optional) The name of the certificate store on the compute node into which to install the certificate. This property is applicable only for pools configured with Windows nodes (that is, created with cloudServiceConfiguration, or with virtualMachineConfiguration using a Windows image reference). Common store names include: my, root, ca, trust, disallowed, trustedPeople, trustedPublisher, authRoot, addressBook, but any custom store name can also be used. The default value is my.

  • visibility - (Optional) Which user accounts on the compute node should have access to the private data of the certificate. Possible values are startTask, task and remoteUser.

A containerConfiguration block supports the following:

  • type - (Optional) The type of container configuration. Possible value is dockerCompatible.

  • containerImageNames - (Optional) A list of container image names to use, as would be specified by dockerPull. Changing this forces a new resource to be created.

  • containerRegistries - (Optional) One or more containerRegistries blocks as defined below. Additional container registries from which container images can be pulled by the pool's VMs. Changing this forces a new resource to be created.

A resourceFile block supports the following:

  • autoStorageContainerName - (Optional) The storage container name in the auto storage account.

  • blobPrefix - (Optional) The blob prefix to use when downloading blobs from an Azure Storage container. Only the blobs whose names begin with the specified prefix will be downloaded. The property is valid only when autoStorageContainerName or storageContainerUrl is used. This prefix can be a partial filename or a subdirectory. If a prefix is not specified, all the files in the container will be downloaded.

  • fileMode - (Optional) The file permission mode represented as a string in octal format (e.g. "0644"). This property applies only to files being downloaded to Linux compute nodes. It will be ignored if it is specified for a resourceFile which will be downloaded to a Windows node. If this property is not specified for a Linux node, then a default value of 0770 is applied to the file.

  • filePath - (Optional) The location on the compute node to which to download the file, relative to the task's working directory. If the httpUrl property is specified, the filePath is required and describes the path which the file will be downloaded to, including the filename. Otherwise, if the autoStorageContainerName or storageContainerUrl property is specified, filePath is optional and is the directory to download the files to. In the case where filePath is used as a directory, any directory structure already associated with the input data will be retained in full and appended to the specified filePath directory. The specified relative path cannot break out of the task's working directory (for example by using '..').

  • httpUrl - (Optional) The URL of the file to download. If the URL is Azure Blob Storage, it must be readable using anonymous access; that is, the Batch service does not present any credentials when downloading the blob. There are two ways to get such a URL for a blob in Azure storage: include a Shared Access Signature (SAS) granting read permissions on the blob, or set the ACL for the blob or its container to allow public access.

  • storageContainerUrl - (Optional) The URL of the blob container within Azure Blob Storage. This URL must be readable and listable using anonymous access; that is, the Batch service does not present any credentials when downloading the blob. There are two ways to get such a URL for a blob in Azure storage: include a Shared Access Signature (SAS) granting read and list permissions on the blob, or set the ACL for the blob or its container to allow public access.

  • userAssignedIdentityId - (Optional) An identity reference from pool's user assigned managed identity list.

\~> Please Note: Exactly one of autoStorageContainerName, storageContainerUrl and autoUser must be specified.

A containerRegistries block supports the following:

  • registryServer - (Required) The container registry URL. The default is "docker.io". Changing this forces a new resource to be created.

  • userName - (Optional) The user name to log into the registry server. Changing this forces a new resource to be created.

  • password - (Optional) The password to log into the registry server. Changing this forces a new resource to be created.

  • userAssignedIdentityId - (Optional) The reference to the user assigned identity to use to access an Azure Container Registry instead of username and password. Changing this forces a new resource to be created.

An mount block supports the following:

Any property below is mutually exclusive with all other properties.

  • azureBlobFileSystem - (Optional) A azureBlobFileSystem block defined as below.

  • azureFileShare - (Optional) A azureFileShare block defined as below.

  • cifsMount - (Optional) A cifsMount block defined as below.

  • nfsMount - (Optional) A nfsMount block defined as below.

An azureBlobFileSystem block supports the following:

  • accountName - (Required) The Azure Storage Account name.

  • containerName - (Required) The Azure Blob Storage Container name.

  • relativeMountPath - (Required) The relative path on compute node where the file system will be mounted All file systems are mounted relative to the Batch mounts directory, accessible via the azBatchNodeMountsDir environment variable.

  • accountKey - (Optional) The Azure Storage Account key. This property is mutually exclusive with both sasKey and identityId; exactly one must be specified.

  • sasKey - (Optional) The Azure Storage SAS token. This property is mutually exclusive with both accountKey and identityId; exactly one must be specified.

  • identityId - (Optional) The ARM resource id of the user assigned identity. This property is mutually exclusive with both accountKey and sasKey; exactly one must be specified.

  • blobfuseOptions - (Optional) Additional command line options to pass to the mount command. These are 'net use' options in Windows and 'mount' options in Linux.

An azureFileShare block supports the following:

  • accountName - (Required) The Azure Storage Account name.

  • accountKey - (Required) The Azure Storage Account key.

  • azureFileUrl - (Required) The Azure Files URL. This is of the form 'https://{account}.file.core.windows.net/'.

  • relativeMountPath - (Required) The relative path on compute node where the file system will be mounted All file systems are mounted relative to the Batch mounts directory, accessible via the azBatchNodeMountsDir environment variable.

  • mountOptions - (Optional) Additional command line options to pass to the mount command. These are 'net use' options in Windows and 'mount' options in Linux.

A cifsMount block supports the following:

  • userName - (Required) The user to use for authentication against the CIFS file system.

  • password - (Required) The password to use for authentication against the CIFS file system.

  • source - (Required) The URI of the file system to mount.

  • relativeMountPath - (Required) The relative path on compute node where the file system will be mounted All file systems are mounted relative to the Batch mounts directory, accessible via the azBatchNodeMountsDir environment variable.

  • mountOptions - (Optional) Additional command line options to pass to the mount command. These are 'net use' options in Windows and 'mount' options in Linux.

A nfsMount block supports the following:

  • source - (Required) The URI of the file system to mount.

  • relativeMountPath - (Required) The relative path on compute node where the file system will be mounted All file systems are mounted relative to the Batch mounts directory, accessible via the azBatchNodeMountsDir environment variable.

  • mountOptions - (Optional) Additional command line options to pass to the mount command. These are 'net use' options in Windows and 'mount' options in Linux.

A networkConfiguration block supports the following:

  • subnetId - (Required) The ARM resource identifier of the virtual network subnet which the compute nodes of the pool will join. Changing this forces a new resource to be created.

  • dynamicVnetAssignmentScope - (Optional) The scope of dynamic vnet assignment. Allowed values: none, job. Changing this forces a new resource to be created.

  • publicIps - (Optional) A list of public IP ids that will be allocated to nodes. Changing this forces a new resource to be created.

  • endpointConfiguration - (Optional) A list of inbound NAT pools that can be used to address specific ports on an individual compute node externally. Set as documented in the inbound_nat_pools block below. Changing this forces a new resource to be created.

  • publicAddressProvisioningType - (Optional) Type of public IP address provisioning. Supported values are batchManaged, userManaged and noPublicIpAddresses.

A endpointConfiguration block supports the following:

  • name - (Required) The name of the endpoint. The name must be unique within a Batch pool, can contain letters, numbers, underscores, periods, and hyphens. Names must start with a letter or number, must end with a letter, number, or underscore, and cannot exceed 77 characters. Changing this forces a new resource to be created.

  • backendPort - (Required) The port number on the compute node. Acceptable values are between 1 and 65535 except for 29876, 29877 as these are reserved. Changing this forces a new resource to be created.

  • protocol - (Required) The protocol of the endpoint. Acceptable values are tcp and udp. Changing this forces a new resource to be created.

  • frontendPortRange - (Required) The range of external ports that will be used to provide inbound access to the backendPort on individual compute nodes in the format of 10001100. Acceptable values range between 1 and 65534 except ports from 50000 to 55000 which are reserved by the Batch service. All ranges within a pool must be distinct and cannot overlap. Values must be a range of at least 100 nodes. Changing this forces a new resource to be created.

  • networkSecurityGroupRules - (Optional) A list of networkSecurityGroupRules blocks as defined below that will be applied to the endpoint. The maximum number of rules that can be specified across all the endpoints on a Batch pool is 25. If no network security group rules are specified, a default rule will be created to allow inbound access to the specified backendPort. Set as documented in the network_security_group_rules block below. Changing this forces a new resource to be created.

A networkSecurityGroupRules block supports the following:

  • access - (Required) The action that should be taken for a specified IP address, subnet range or tag. Acceptable values are allow and deny. Changing this forces a new resource to be created.

  • priority - (Required) The priority for this rule. The value must be at least 150. Changing this forces a new resource to be created.

  • sourceAddressPrefix - (Required) The source address prefix or tag to match for the rule. Changing this forces a new resource to be created.

  • sourcePortRanges - (Optional) The source port ranges to match for the rule. Valid values are * (for all ports 0 - 65535) or arrays of ports or port ranges (i.e. 100200). The ports should in the range of 0 to 65535 and the port ranges or ports can't overlap. If any other values are provided the request fails with HTTP status code 400. Default value will be *. Changing this forces a new resource to be created.

A taskSchedulingPolicy block supports the following:

  • nodeFillType - (Optional) Supported values are "Pack" and "Spread". "Pack" means as many tasks as possible (taskSlotsPerNode) should be assigned to each node in the pool before any tasks are assigned to the next node in the pool. "Spread" means that tasks should be assigned evenly across all nodes in the pool.

A userAccounts block supports the following:

  • name - (Required) The name of the user account.

  • password - (Required) The password for the user account.

  • elevationLevel - (Required) The elevation level of the user account. "NonAdmin" - The auto user is a standard user without elevated access. "Admin" - The auto user is a user with elevated access and operates with full Administrator permissions. The default value is nonAdmin.

  • linuxUserConfiguration - (Optional) The linuxUserConfiguration block defined below is a linux-specific user configuration for the user account. This property is ignored if specified on a Windows pool. If not specified, the user is created with the default options.

  • windowsUserConfiguration - (Optional) The windowsUserConfiguration block defined below is a windows-specific user configuration for the user account. This property can only be specified if the user is on a Windows pool. If not specified and on a Windows pool, the user is created with the default options.

A linuxUserConfiguration block supports the following:

  • uid - (Optional) The group ID for the user account. The uid and gid properties must be specified together or not at all. If not specified the underlying operating system picks the gid.

  • gid - (Optional) The user ID of the user account. The uid and gid properties must be specified together or not at all. If not specified the underlying operating system picks the uid.

  • sshPrivateKey - (Optional) The SSH private key for the user account. The private key must not be password protected. The private key is used to automatically configure asymmetric-key based authentication for SSH between nodes in a Linux pool when the pool's enableInterNodeCommunication property is true (it is ignored if enableInterNodeCommunication is false). It does this by placing the key pair into the user's .ssh directory. If not specified, password-less SSH is not configured between nodes (no modification of the user's .ssh directory is done).

A windowsUserConfiguration block supports the following:

  • loginMode - (Required) Specifies login mode for the user. The default value for VirtualMachineConfiguration pools is interactive mode and for CloudServiceConfiguration pools is batch mode. Values supported are "Batch" and "Interactive".

A windows block supports the following:

Windows operating system settings on the virtual machine. This property must not be specified if the imageReference specifies a Linux OS image.

  • enableAutomaticUpdates - (Optional) Whether automatic updates are enabled on the virtual machine. If omitted, the default value is true.

Attributes Reference

The following attributes are exported:

  • id - The ID of the Batch Pool.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the Batch Pool.
  • update - (Defaults to 30 minutes) Used when updating the Batch Pool.
  • read - (Defaults to 5 minutes) Used when retrieving the Batch Pool.
  • delete - (Defaults to 30 minutes) Used when deleting the Batch Pool.

Import

Batch Pools can be imported using the resourceId, e.g.

terraform import azurerm_batch_pool.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myGroup1/providers/Microsoft.Batch/batchAccounts/myBatchAccount1/pools/myBatchPool1