Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The clusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Kusto/clusters resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.Kusto/clusters@2024-04-13' = {
identity: {
type: 'string'
userAssignedIdentities: {
{customized property}: {}
}
}
location: 'string'
name: 'string'
properties: {
acceptedAudiences: [
{
value: 'string'
}
]
allowedFqdnList: [
'string'
]
allowedIpRangeList: [
'string'
]
calloutPolicies: [
{
calloutType: 'string'
calloutUriRegex: 'string'
outboundAccess: 'string'
}
]
enableAutoStop: bool
enableDiskEncryption: bool
enableDoubleEncryption: bool
enablePurge: bool
enableStreamingIngest: bool
engineType: 'string'
keyVaultProperties: {
keyName: 'string'
keyVaultUri: 'string'
keyVersion: 'string'
userIdentity: 'string'
}
languageExtensions: {
value: [
{
languageExtensionCustomImageName: 'string'
languageExtensionImageName: 'string'
languageExtensionName: 'string'
}
]
}
optimizedAutoscale: {
isEnabled: bool
maximum: int
minimum: int
version: int
}
publicIPType: 'string'
publicNetworkAccess: 'string'
restrictOutboundNetworkAccess: 'string'
trustedExternalTenants: [
{
value: 'string'
}
]
virtualClusterGraduationProperties: 'string'
virtualNetworkConfiguration: {
dataManagementPublicIpId: 'string'
enginePublicIpId: 'string'
state: 'string'
subnetId: 'string'
}
}
sku: {
capacity: int
name: 'string'
tier: 'string'
}
tags: {
{customized property}: 'string'
}
zones: [
'string'
]
}
Property Values
AcceptedAudiences
| Name | Description | Value |
|---|---|---|
| value | GUID or valid URL representing an accepted audience. | string |
AzureSku
| Name | Description | Value |
|---|---|---|
| capacity | The number of instances of the cluster. | int |
| name | SKU name. | 'Dev(No SLA)_Standard_D11_v2' 'Dev(No SLA)_Standard_E2a_v4' 'Standard_D11_v2' 'Standard_D12_v2' 'Standard_D13_v2' 'Standard_D14_v2' 'Standard_D16d_v5' 'Standard_D32d_v4' 'Standard_D32d_v5' 'Standard_DS13_v2+1TB_PS' 'Standard_DS13_v2+2TB_PS' 'Standard_DS14_v2+3TB_PS' 'Standard_DS14_v2+4TB_PS' 'Standard_E16ads_v5' 'Standard_E16as_v4+3TB_PS' 'Standard_E16as_v4+4TB_PS' 'Standard_E16as_v5+3TB_PS' 'Standard_E16as_v5+4TB_PS' 'Standard_E16a_v4' 'Standard_E16d_v4' 'Standard_E16d_v5' 'Standard_E16s_v4+3TB_PS' 'Standard_E16s_v4+4TB_PS' 'Standard_E16s_v5+3TB_PS' 'Standard_E16s_v5+4TB_PS' 'Standard_E2ads_v5' 'Standard_E2a_v4' 'Standard_E2d_v4' 'Standard_E2d_v5' 'Standard_E4ads_v5' 'Standard_E4a_v4' 'Standard_E4d_v4' 'Standard_E4d_v5' 'Standard_E64i_v3' 'Standard_E80ids_v4' 'Standard_E8ads_v5' 'Standard_E8as_v4+1TB_PS' 'Standard_E8as_v4+2TB_PS' 'Standard_E8as_v5+1TB_PS' 'Standard_E8as_v5+2TB_PS' 'Standard_E8a_v4' 'Standard_E8d_v4' 'Standard_E8d_v5' 'Standard_E8s_v4+1TB_PS' 'Standard_E8s_v4+2TB_PS' 'Standard_E8s_v5+1TB_PS' 'Standard_E8s_v5+2TB_PS' 'Standard_EC16ads_v5' 'Standard_EC16as_v5+3TB_PS' 'Standard_EC16as_v5+4TB_PS' 'Standard_EC8ads_v5' 'Standard_EC8as_v5+1TB_PS' 'Standard_EC8as_v5+2TB_PS' 'Standard_L16as_v3' 'Standard_L16s' 'Standard_L16s_v2' 'Standard_L16s_v3' 'Standard_L32as_v3' 'Standard_L32s_v3' 'Standard_L4s' 'Standard_L8as_v3' 'Standard_L8s' 'Standard_L8s_v2' 'Standard_L8s_v3' (required) |
| tier | SKU tier. | 'Basic' 'Standard' (required) |
CalloutPolicy
| Name | Description | Value |
|---|---|---|
| calloutType | Type of the callout service, specifying the kind of external resource or service being accessed. | 'azure_digital_twins' 'azure_openai' 'cosmosdb' 'external_data' 'genevametrics' 'kusto' 'mysql' 'postgresql' 'sandbox_artifacts' 'sql' 'webapi' |
| calloutUriRegex | Regular expression or FQDN pattern for the callout URI. | string |
| outboundAccess | Indicates whether outbound access is permitted for the specified URI pattern. | 'Allow' 'Deny' |
ClusterProperties
| Name | Description | Value |
|---|---|---|
| acceptedAudiences | The cluster's accepted audiences. | AcceptedAudiences[] |
| allowedFqdnList | List of allowed FQDNs(Fully Qualified Domain Name) for egress from Cluster. | string[] |
| allowedIpRangeList | The list of ips in the format of CIDR allowed to connect to the cluster. | string[] |
| calloutPolicies | List of callout policies for egress from Cluster. | CalloutPolicy[] |
| enableAutoStop | A boolean value that indicates if the cluster could be automatically stopped (due to lack of data or no activity for many days). | bool |
| enableDiskEncryption | A boolean value that indicates if the cluster's disks are encrypted. | bool |
| enableDoubleEncryption | A boolean value that indicates if double encryption is enabled. | bool |
| enablePurge | A boolean value that indicates if the purge operations are enabled. | bool |
| enableStreamingIngest | A boolean value that indicates if the streaming ingest is enabled. | bool |
| engineType | The engine type | 'V2' 'V3' |
| keyVaultProperties | KeyVault properties for the cluster encryption. | KeyVaultProperties |
| languageExtensions | List of the cluster's language extensions. | LanguageExtensionsList |
| optimizedAutoscale | Optimized auto scale definition. | OptimizedAutoscale |
| publicIPType | Indicates what public IP type to create - IPv4 (default), or DualStack (both IPv4 and IPv6) | 'DualStack' 'IPv4' |
| publicNetworkAccess | Public network access to the cluster is enabled by default. When disabled, only private endpoint connection to the cluster is allowed | 'Disabled' 'Enabled' |
| restrictOutboundNetworkAccess | Whether or not to restrict outbound network access. Value is optional but if passed in, must be 'Enabled' or 'Disabled' | 'Disabled' 'Enabled' |
| trustedExternalTenants | The cluster's external tenants. | TrustedExternalTenant[] |
| virtualClusterGraduationProperties | Virtual Cluster graduation properties | string Constraints: Sensitive value. Pass in as a secure parameter. |
| virtualNetworkConfiguration | Virtual network definition. | VirtualNetworkConfiguration |
ComponentsSgqdofSchemasIdentityPropertiesUserassignedidentitiesAdditionalproperties
| Name | Description | Value |
|---|
Identity
| Name | Description | Value |
|---|---|---|
| type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove all identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The list of user identities associated with the Kusto cluster. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityUserAssignedIdentities |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|
KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key vault key. | string |
| keyVaultUri | The Uri of the key vault. | string |
| keyVersion | The version of the key vault key. | string |
| userIdentity | The user assigned identity (ARM resource id) that has access to the key. | string |
LanguageExtension
| Name | Description | Value |
|---|---|---|
| languageExtensionCustomImageName | The language extension custom image name. | string |
| languageExtensionImageName | The language extension image name. | 'Python3_10_8' 'Python3_10_8_DL' 'Python3_11_7' 'Python3_11_7_DL' 'Python3_6_5' 'PythonCustomImage' 'R' |
| languageExtensionName | The language extension name. | 'PYTHON' 'R' |
LanguageExtensionsList
| Name | Description | Value |
|---|---|---|
| value | The list of language extensions. | LanguageExtension[] |
Microsoft.Kusto/clusters
| Name | Description | Value |
|---|---|---|
| identity | The identity of the cluster, if configured. | Identity |
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^.*$ (required) |
| properties | The cluster properties. | ClusterProperties |
| sku | The SKU of the cluster. | AzureSku (required) |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| zones | The availability zones of the cluster. | string[] |
OptimizedAutoscale
| Name | Description | Value |
|---|---|---|
| isEnabled | A boolean value that indicate if the optimized autoscale feature is enabled or not. | bool (required) |
| maximum | Maximum allowed instances count. | int (required) |
| minimum | Minimum allowed instances count. | int (required) |
| version | The version of the template defined, for instance 1. | int (required) |
TrackedResourceTags
| Name | Description | Value |
|---|
TrustedExternalTenant
| Name | Description | Value |
|---|---|---|
| value | GUID representing an external tenant. | string |
VirtualNetworkConfiguration
| Name | Description | Value |
|---|---|---|
| dataManagementPublicIpId | Data management's service public IP address resource id. | string (required) |
| enginePublicIpId | Engine service's public IP address resource id. | string (required) |
| state | When enabled, the cluster is deployed into the configured subnet, when disabled it will be removed from the subnet. | 'Disabled' 'Enabled' |
| subnetId | The subnet resource id. | string (required) |
Usage Examples
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| Azure Data Explorer (Kusto) cluster | AVM Resource Module for Azure Data Explorer (Kusto) cluster |
Azure Quickstart Samples
The following Azure Quickstart templates contain Bicep samples for deploying this resource type.
| Bicep File | Description |
|---|---|
| Azure Digital Twins with Time Data History Connection | This template creates an Azure Digital Twins instance configured with a time series data history connection. In order to create a connection, other resources must be created such as an Event Hubs namespace, an event hub, Azure Data Explorer cluster, and a database. Data is sent to an event hub which eventually forwards the data to the Azure Data Explorer cluster. Data is stored in a database table in the cluster |
| Create a database watcher | This sample creates a database watcher for Azure SQL and configures its data store, SQL targets, and managed private endpoints |
| Deploy Azure Data Explorer DB with Cosmos DB connection | Deploy Azure Data Explorer DB with Cosmos DB connection. |
| Deploy Azure Data Explorer db with Event Grid connection | Deploy Azure Data Explorer db with Event Grid connection. |
| Deploy Azure Data Explorer db with Event Hub connection | Deploy Azure Data Explorer db with Event Hub connection. |
| FinOps hub | This template creates a new FinOps hub instance, including Data Explorer, Data Lake storage, and Data Factory. |
ARM template resource definition
The clusters resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Kusto/clusters resource, add the following JSON to your template.
{
"type": "Microsoft.Kusto/clusters",
"apiVersion": "2024-04-13",
"name": "string",
"identity": {
"type": "string",
"userAssignedIdentities": {
"{customized property}": {
}
}
},
"location": "string",
"properties": {
"acceptedAudiences": [
{
"value": "string"
}
],
"allowedFqdnList": [ "string" ],
"allowedIpRangeList": [ "string" ],
"calloutPolicies": [
{
"calloutType": "string",
"calloutUriRegex": "string",
"outboundAccess": "string"
}
],
"enableAutoStop": "bool",
"enableDiskEncryption": "bool",
"enableDoubleEncryption": "bool",
"enablePurge": "bool",
"enableStreamingIngest": "bool",
"engineType": "string",
"keyVaultProperties": {
"keyName": "string",
"keyVaultUri": "string",
"keyVersion": "string",
"userIdentity": "string"
},
"languageExtensions": {
"value": [
{
"languageExtensionCustomImageName": "string",
"languageExtensionImageName": "string",
"languageExtensionName": "string"
}
]
},
"optimizedAutoscale": {
"isEnabled": "bool",
"maximum": "int",
"minimum": "int",
"version": "int"
},
"publicIPType": "string",
"publicNetworkAccess": "string",
"restrictOutboundNetworkAccess": "string",
"trustedExternalTenants": [
{
"value": "string"
}
],
"virtualClusterGraduationProperties": "string",
"virtualNetworkConfiguration": {
"dataManagementPublicIpId": "string",
"enginePublicIpId": "string",
"state": "string",
"subnetId": "string"
}
},
"sku": {
"capacity": "int",
"name": "string",
"tier": "string"
},
"tags": {
"{customized property}": "string"
},
"zones": [ "string" ]
}
Property Values
AcceptedAudiences
| Name | Description | Value |
|---|---|---|
| value | GUID or valid URL representing an accepted audience. | string |
AzureSku
| Name | Description | Value |
|---|---|---|
| capacity | The number of instances of the cluster. | int |
| name | SKU name. | 'Dev(No SLA)_Standard_D11_v2' 'Dev(No SLA)_Standard_E2a_v4' 'Standard_D11_v2' 'Standard_D12_v2' 'Standard_D13_v2' 'Standard_D14_v2' 'Standard_D16d_v5' 'Standard_D32d_v4' 'Standard_D32d_v5' 'Standard_DS13_v2+1TB_PS' 'Standard_DS13_v2+2TB_PS' 'Standard_DS14_v2+3TB_PS' 'Standard_DS14_v2+4TB_PS' 'Standard_E16ads_v5' 'Standard_E16as_v4+3TB_PS' 'Standard_E16as_v4+4TB_PS' 'Standard_E16as_v5+3TB_PS' 'Standard_E16as_v5+4TB_PS' 'Standard_E16a_v4' 'Standard_E16d_v4' 'Standard_E16d_v5' 'Standard_E16s_v4+3TB_PS' 'Standard_E16s_v4+4TB_PS' 'Standard_E16s_v5+3TB_PS' 'Standard_E16s_v5+4TB_PS' 'Standard_E2ads_v5' 'Standard_E2a_v4' 'Standard_E2d_v4' 'Standard_E2d_v5' 'Standard_E4ads_v5' 'Standard_E4a_v4' 'Standard_E4d_v4' 'Standard_E4d_v5' 'Standard_E64i_v3' 'Standard_E80ids_v4' 'Standard_E8ads_v5' 'Standard_E8as_v4+1TB_PS' 'Standard_E8as_v4+2TB_PS' 'Standard_E8as_v5+1TB_PS' 'Standard_E8as_v5+2TB_PS' 'Standard_E8a_v4' 'Standard_E8d_v4' 'Standard_E8d_v5' 'Standard_E8s_v4+1TB_PS' 'Standard_E8s_v4+2TB_PS' 'Standard_E8s_v5+1TB_PS' 'Standard_E8s_v5+2TB_PS' 'Standard_EC16ads_v5' 'Standard_EC16as_v5+3TB_PS' 'Standard_EC16as_v5+4TB_PS' 'Standard_EC8ads_v5' 'Standard_EC8as_v5+1TB_PS' 'Standard_EC8as_v5+2TB_PS' 'Standard_L16as_v3' 'Standard_L16s' 'Standard_L16s_v2' 'Standard_L16s_v3' 'Standard_L32as_v3' 'Standard_L32s_v3' 'Standard_L4s' 'Standard_L8as_v3' 'Standard_L8s' 'Standard_L8s_v2' 'Standard_L8s_v3' (required) |
| tier | SKU tier. | 'Basic' 'Standard' (required) |
CalloutPolicy
| Name | Description | Value |
|---|---|---|
| calloutType | Type of the callout service, specifying the kind of external resource or service being accessed. | 'azure_digital_twins' 'azure_openai' 'cosmosdb' 'external_data' 'genevametrics' 'kusto' 'mysql' 'postgresql' 'sandbox_artifacts' 'sql' 'webapi' |
| calloutUriRegex | Regular expression or FQDN pattern for the callout URI. | string |
| outboundAccess | Indicates whether outbound access is permitted for the specified URI pattern. | 'Allow' 'Deny' |
ClusterProperties
| Name | Description | Value |
|---|---|---|
| acceptedAudiences | The cluster's accepted audiences. | AcceptedAudiences[] |
| allowedFqdnList | List of allowed FQDNs(Fully Qualified Domain Name) for egress from Cluster. | string[] |
| allowedIpRangeList | The list of ips in the format of CIDR allowed to connect to the cluster. | string[] |
| calloutPolicies | List of callout policies for egress from Cluster. | CalloutPolicy[] |
| enableAutoStop | A boolean value that indicates if the cluster could be automatically stopped (due to lack of data or no activity for many days). | bool |
| enableDiskEncryption | A boolean value that indicates if the cluster's disks are encrypted. | bool |
| enableDoubleEncryption | A boolean value that indicates if double encryption is enabled. | bool |
| enablePurge | A boolean value that indicates if the purge operations are enabled. | bool |
| enableStreamingIngest | A boolean value that indicates if the streaming ingest is enabled. | bool |
| engineType | The engine type | 'V2' 'V3' |
| keyVaultProperties | KeyVault properties for the cluster encryption. | KeyVaultProperties |
| languageExtensions | List of the cluster's language extensions. | LanguageExtensionsList |
| optimizedAutoscale | Optimized auto scale definition. | OptimizedAutoscale |
| publicIPType | Indicates what public IP type to create - IPv4 (default), or DualStack (both IPv4 and IPv6) | 'DualStack' 'IPv4' |
| publicNetworkAccess | Public network access to the cluster is enabled by default. When disabled, only private endpoint connection to the cluster is allowed | 'Disabled' 'Enabled' |
| restrictOutboundNetworkAccess | Whether or not to restrict outbound network access. Value is optional but if passed in, must be 'Enabled' or 'Disabled' | 'Disabled' 'Enabled' |
| trustedExternalTenants | The cluster's external tenants. | TrustedExternalTenant[] |
| virtualClusterGraduationProperties | Virtual Cluster graduation properties | string Constraints: Sensitive value. Pass in as a secure parameter. |
| virtualNetworkConfiguration | Virtual network definition. | VirtualNetworkConfiguration |
ComponentsSgqdofSchemasIdentityPropertiesUserassignedidentitiesAdditionalproperties
| Name | Description | Value |
|---|
Identity
| Name | Description | Value |
|---|---|---|
| type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove all identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The list of user identities associated with the Kusto cluster. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityUserAssignedIdentities |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|
KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key vault key. | string |
| keyVaultUri | The Uri of the key vault. | string |
| keyVersion | The version of the key vault key. | string |
| userIdentity | The user assigned identity (ARM resource id) that has access to the key. | string |
LanguageExtension
| Name | Description | Value |
|---|---|---|
| languageExtensionCustomImageName | The language extension custom image name. | string |
| languageExtensionImageName | The language extension image name. | 'Python3_10_8' 'Python3_10_8_DL' 'Python3_11_7' 'Python3_11_7_DL' 'Python3_6_5' 'PythonCustomImage' 'R' |
| languageExtensionName | The language extension name. | 'PYTHON' 'R' |
LanguageExtensionsList
| Name | Description | Value |
|---|---|---|
| value | The list of language extensions. | LanguageExtension[] |
Microsoft.Kusto/clusters
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2024-04-13' |
| identity | The identity of the cluster, if configured. | Identity |
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^.*$ (required) |
| properties | The cluster properties. | ClusterProperties |
| sku | The SKU of the cluster. | AzureSku (required) |
| tags | Resource tags | Dictionary of tag names and values. See Tags in templates |
| type | The resource type | 'Microsoft.Kusto/clusters' |
| zones | The availability zones of the cluster. | string[] |
OptimizedAutoscale
| Name | Description | Value |
|---|---|---|
| isEnabled | A boolean value that indicate if the optimized autoscale feature is enabled or not. | bool (required) |
| maximum | Maximum allowed instances count. | int (required) |
| minimum | Minimum allowed instances count. | int (required) |
| version | The version of the template defined, for instance 1. | int (required) |
TrackedResourceTags
| Name | Description | Value |
|---|
TrustedExternalTenant
| Name | Description | Value |
|---|---|---|
| value | GUID representing an external tenant. | string |
VirtualNetworkConfiguration
| Name | Description | Value |
|---|---|---|
| dataManagementPublicIpId | Data management's service public IP address resource id. | string (required) |
| enginePublicIpId | Engine service's public IP address resource id. | string (required) |
| state | When enabled, the cluster is deployed into the configured subnet, when disabled it will be removed from the subnet. | 'Disabled' 'Enabled' |
| subnetId | The subnet resource id. | string (required) |
Usage Examples
Azure Quickstart Templates
The following Azure Quickstart templates deploy this resource type.
| Template | Description |
|---|---|
Azure Digital Twins with Time Data History Connection |
This template creates an Azure Digital Twins instance configured with a time series data history connection. In order to create a connection, other resources must be created such as an Event Hubs namespace, an event hub, Azure Data Explorer cluster, and a database. Data is sent to an event hub which eventually forwards the data to the Azure Data Explorer cluster. Data is stored in a database table in the cluster |
| Create a cluster a database |
This template allows you to create a cluster and a database. |
| Create a database watcher |
This sample creates a database watcher for Azure SQL and configures its data store, SQL targets, and managed private endpoints |
| Deploy Azure Data Explorer cluster into your VNet |
This template allows you deploy a cluster into your VNet. |
| Deploy Azure Data Explorer DB with Cosmos DB connection |
Deploy Azure Data Explorer DB with Cosmos DB connection. |
| Deploy Azure Data Explorer db with Event Grid connection |
Deploy Azure Data Explorer db with Event Grid connection. |
| Deploy Azure Data Explorer db with Event Hub connection |
Deploy Azure Data Explorer db with Event Hub connection. |
| FinOps hub |
This template creates a new FinOps hub instance, including Data Explorer, Data Lake storage, and Data Factory. |
Terraform (AzAPI provider) resource definition
The clusters resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.Kusto/clusters resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.Kusto/clusters@2024-04-13"
name = "string"
parent_id = "string"
identity {
type = "string"
identity_ids = [
"string"
]
}
location = "string"
tags = {
{customized property} = "string"
}
body = {
properties = {
acceptedAudiences = [
{
value = "string"
}
]
allowedFqdnList = [
"string"
]
allowedIpRangeList = [
"string"
]
calloutPolicies = [
{
calloutType = "string"
calloutUriRegex = "string"
outboundAccess = "string"
}
]
enableAutoStop = bool
enableDiskEncryption = bool
enableDoubleEncryption = bool
enablePurge = bool
enableStreamingIngest = bool
engineType = "string"
keyVaultProperties = {
keyName = "string"
keyVaultUri = "string"
keyVersion = "string"
userIdentity = "string"
}
languageExtensions = {
value = [
{
languageExtensionCustomImageName = "string"
languageExtensionImageName = "string"
languageExtensionName = "string"
}
]
}
optimizedAutoscale = {
isEnabled = bool
maximum = int
minimum = int
version = int
}
publicIPType = "string"
publicNetworkAccess = "string"
restrictOutboundNetworkAccess = "string"
trustedExternalTenants = [
{
value = "string"
}
]
virtualClusterGraduationProperties = "string"
virtualNetworkConfiguration = {
dataManagementPublicIpId = "string"
enginePublicIpId = "string"
state = "string"
subnetId = "string"
}
}
sku = {
capacity = int
name = "string"
tier = "string"
}
zones = [
"string"
]
}
}
Property Values
AcceptedAudiences
| Name | Description | Value |
|---|---|---|
| value | GUID or valid URL representing an accepted audience. | string |
AzureSku
| Name | Description | Value |
|---|---|---|
| capacity | The number of instances of the cluster. | int |
| name | SKU name. | 'Dev(No SLA)_Standard_D11_v2' 'Dev(No SLA)_Standard_E2a_v4' 'Standard_D11_v2' 'Standard_D12_v2' 'Standard_D13_v2' 'Standard_D14_v2' 'Standard_D16d_v5' 'Standard_D32d_v4' 'Standard_D32d_v5' 'Standard_DS13_v2+1TB_PS' 'Standard_DS13_v2+2TB_PS' 'Standard_DS14_v2+3TB_PS' 'Standard_DS14_v2+4TB_PS' 'Standard_E16ads_v5' 'Standard_E16as_v4+3TB_PS' 'Standard_E16as_v4+4TB_PS' 'Standard_E16as_v5+3TB_PS' 'Standard_E16as_v5+4TB_PS' 'Standard_E16a_v4' 'Standard_E16d_v4' 'Standard_E16d_v5' 'Standard_E16s_v4+3TB_PS' 'Standard_E16s_v4+4TB_PS' 'Standard_E16s_v5+3TB_PS' 'Standard_E16s_v5+4TB_PS' 'Standard_E2ads_v5' 'Standard_E2a_v4' 'Standard_E2d_v4' 'Standard_E2d_v5' 'Standard_E4ads_v5' 'Standard_E4a_v4' 'Standard_E4d_v4' 'Standard_E4d_v5' 'Standard_E64i_v3' 'Standard_E80ids_v4' 'Standard_E8ads_v5' 'Standard_E8as_v4+1TB_PS' 'Standard_E8as_v4+2TB_PS' 'Standard_E8as_v5+1TB_PS' 'Standard_E8as_v5+2TB_PS' 'Standard_E8a_v4' 'Standard_E8d_v4' 'Standard_E8d_v5' 'Standard_E8s_v4+1TB_PS' 'Standard_E8s_v4+2TB_PS' 'Standard_E8s_v5+1TB_PS' 'Standard_E8s_v5+2TB_PS' 'Standard_EC16ads_v5' 'Standard_EC16as_v5+3TB_PS' 'Standard_EC16as_v5+4TB_PS' 'Standard_EC8ads_v5' 'Standard_EC8as_v5+1TB_PS' 'Standard_EC8as_v5+2TB_PS' 'Standard_L16as_v3' 'Standard_L16s' 'Standard_L16s_v2' 'Standard_L16s_v3' 'Standard_L32as_v3' 'Standard_L32s_v3' 'Standard_L4s' 'Standard_L8as_v3' 'Standard_L8s' 'Standard_L8s_v2' 'Standard_L8s_v3' (required) |
| tier | SKU tier. | 'Basic' 'Standard' (required) |
CalloutPolicy
| Name | Description | Value |
|---|---|---|
| calloutType | Type of the callout service, specifying the kind of external resource or service being accessed. | 'azure_digital_twins' 'azure_openai' 'cosmosdb' 'external_data' 'genevametrics' 'kusto' 'mysql' 'postgresql' 'sandbox_artifacts' 'sql' 'webapi' |
| calloutUriRegex | Regular expression or FQDN pattern for the callout URI. | string |
| outboundAccess | Indicates whether outbound access is permitted for the specified URI pattern. | 'Allow' 'Deny' |
ClusterProperties
| Name | Description | Value |
|---|---|---|
| acceptedAudiences | The cluster's accepted audiences. | AcceptedAudiences[] |
| allowedFqdnList | List of allowed FQDNs(Fully Qualified Domain Name) for egress from Cluster. | string[] |
| allowedIpRangeList | The list of ips in the format of CIDR allowed to connect to the cluster. | string[] |
| calloutPolicies | List of callout policies for egress from Cluster. | CalloutPolicy[] |
| enableAutoStop | A boolean value that indicates if the cluster could be automatically stopped (due to lack of data or no activity for many days). | bool |
| enableDiskEncryption | A boolean value that indicates if the cluster's disks are encrypted. | bool |
| enableDoubleEncryption | A boolean value that indicates if double encryption is enabled. | bool |
| enablePurge | A boolean value that indicates if the purge operations are enabled. | bool |
| enableStreamingIngest | A boolean value that indicates if the streaming ingest is enabled. | bool |
| engineType | The engine type | 'V2' 'V3' |
| keyVaultProperties | KeyVault properties for the cluster encryption. | KeyVaultProperties |
| languageExtensions | List of the cluster's language extensions. | LanguageExtensionsList |
| optimizedAutoscale | Optimized auto scale definition. | OptimizedAutoscale |
| publicIPType | Indicates what public IP type to create - IPv4 (default), or DualStack (both IPv4 and IPv6) | 'DualStack' 'IPv4' |
| publicNetworkAccess | Public network access to the cluster is enabled by default. When disabled, only private endpoint connection to the cluster is allowed | 'Disabled' 'Enabled' |
| restrictOutboundNetworkAccess | Whether or not to restrict outbound network access. Value is optional but if passed in, must be 'Enabled' or 'Disabled' | 'Disabled' 'Enabled' |
| trustedExternalTenants | The cluster's external tenants. | TrustedExternalTenant[] |
| virtualClusterGraduationProperties | Virtual Cluster graduation properties | string Constraints: Sensitive value. Pass in as a secure parameter. |
| virtualNetworkConfiguration | Virtual network definition. | VirtualNetworkConfiguration |
ComponentsSgqdofSchemasIdentityPropertiesUserassignedidentitiesAdditionalproperties
| Name | Description | Value |
|---|
Identity
| Name | Description | Value |
|---|---|---|
| type | The type of managed identity used. The type 'SystemAssigned, UserAssigned' includes both an implicitly created identity and a set of user-assigned identities. The type 'None' will remove all identities. | 'None' 'SystemAssigned' 'SystemAssigned, UserAssigned' 'UserAssigned' (required) |
| userAssignedIdentities | The list of user identities associated with the Kusto cluster. The user identity dictionary key references will be ARM resource ids in the form: '/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{identityName}'. | IdentityUserAssignedIdentities |
IdentityUserAssignedIdentities
| Name | Description | Value |
|---|
KeyVaultProperties
| Name | Description | Value |
|---|---|---|
| keyName | The name of the key vault key. | string |
| keyVaultUri | The Uri of the key vault. | string |
| keyVersion | The version of the key vault key. | string |
| userIdentity | The user assigned identity (ARM resource id) that has access to the key. | string |
LanguageExtension
| Name | Description | Value |
|---|---|---|
| languageExtensionCustomImageName | The language extension custom image name. | string |
| languageExtensionImageName | The language extension image name. | 'Python3_10_8' 'Python3_10_8_DL' 'Python3_11_7' 'Python3_11_7_DL' 'Python3_6_5' 'PythonCustomImage' 'R' |
| languageExtensionName | The language extension name. | 'PYTHON' 'R' |
LanguageExtensionsList
| Name | Description | Value |
|---|---|---|
| value | The list of language extensions. | LanguageExtension[] |
Microsoft.Kusto/clusters
| Name | Description | Value |
|---|---|---|
| identity | The identity of the cluster, if configured. | Identity |
| location | The geo-location where the resource lives | string (required) |
| name | The resource name | string Constraints: Pattern = ^.*$ (required) |
| properties | The cluster properties. | ClusterProperties |
| sku | The SKU of the cluster. | AzureSku (required) |
| tags | Resource tags | Dictionary of tag names and values. |
| type | The resource type | "Microsoft.Kusto/clusters@2024-04-13" |
| zones | The availability zones of the cluster. | string[] |
OptimizedAutoscale
| Name | Description | Value |
|---|---|---|
| isEnabled | A boolean value that indicate if the optimized autoscale feature is enabled or not. | bool (required) |
| maximum | Maximum allowed instances count. | int (required) |
| minimum | Minimum allowed instances count. | int (required) |
| version | The version of the template defined, for instance 1. | int (required) |
TrackedResourceTags
| Name | Description | Value |
|---|
TrustedExternalTenant
| Name | Description | Value |
|---|---|---|
| value | GUID representing an external tenant. | string |
VirtualNetworkConfiguration
| Name | Description | Value |
|---|---|---|
| dataManagementPublicIpId | Data management's service public IP address resource id. | string (required) |
| enginePublicIpId | Engine service's public IP address resource id. | string (required) |
| state | When enabled, the cluster is deployed into the configured subnet, when disabled it will be removed from the subnet. | 'Disabled' 'Enabled' |
| subnetId | The subnet resource id. | string (required) |
Usage Examples
Azure Verified Modules
The following Azure Verified Modules can be used to deploy this resource type.
| Module | Description |
|---|---|
| Kusto Clusters | AVM Resource Module for Kusto Clusters |