The linkers resource type is an extension resource, which means you can apply it to another resource.
Use the scope
property on this resource to set the scope for this resource. See Set scope on extension resources in ARM templates.
The linkers resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
To create a Microsoft.ServiceLinker/linkers resource, add the following JSON to your template.
{
"type": "Microsoft.ServiceLinker/linkers",
"apiVersion": "2022-11-01-preview",
"name": "string",
"scope": "string",
"properties": {
"authInfo": {
"authType": "string"
// For remaining properties, see AuthInfoBase objects
},
"clientType": "string",
"configurationInfo": {
"action": "string",
"additionalConfigurations": {
"{customized property}": "string"
},
"customizedKeys": {
"{customized property}": "string"
},
"daprProperties": {
"componentType": "string",
"metadata": [
{
"name": "string",
"secretRef": "string",
"value": "string"
}
],
"scopes": [ "string" ],
"secretStoreComponent": "string",
"version": "string"
},
"deleteOrUpdateBehavior": "string"
},
"publicNetworkSolution": {
"action": "string",
"deleteOrUpdateBehavior": "string",
"firewallRules": {
"azureServices": "string",
"callerClientIP": "string",
"ipRanges": [ "string" ]
}
},
"scope": "string",
"secretStore": {
"keyVaultId": "string",
"keyVaultSecretName": "string"
},
"targetService": {
"type": "string"
// For remaining properties, see TargetServiceBase objects
},
"vNetSolution": {
"deleteOrUpdateBehavior": "string",
"type": "string"
}
}
}
Set the authType property to specify the type of object.
For accessKey, use:
"authType": "accessKey",
"permissions": [ "string" ]
For secret, use:
"authType": "secret",
"name": "string",
"secretInfo": {
"secretType": "string"
// For remaining properties, see SecretInfoBase objects
}
For servicePrincipalCertificate, use:
"authType": "servicePrincipalCertificate",
"certificate": "string",
"clientId": "string",
"deleteOrUpdateBehavior": "string",
"principalId": "string",
"roles": [ "string" ]
For servicePrincipalSecret, use:
"authType": "servicePrincipalSecret",
"clientId": "string",
"deleteOrUpdateBehavior": "string",
"principalId": "string",
"roles": [ "string" ],
"secret": "string",
"userName": "string"
For systemAssignedIdentity, use:
"authType": "systemAssignedIdentity",
"deleteOrUpdateBehavior": "string",
"roles": [ "string" ],
"userName": "string"
For userAccount, use:
"authType": "userAccount",
"deleteOrUpdateBehavior": "string",
"principalId": "string",
"roles": [ "string" ],
"userName": "string"
For userAssignedIdentity, use:
"authType": "userAssignedIdentity",
"clientId": "string",
"deleteOrUpdateBehavior": "string",
"roles": [ "string" ],
"subscriptionId": "string",
"userName": "string"
Set the secretType property to specify the type of object.
For keyVaultSecretReference, use:
"secretType": "keyVaultSecretReference",
"name": "string",
"version": "string"
For keyVaultSecretUri, use:
"secretType": "keyVaultSecretUri",
"value": "string"
For rawValue, use:
"secretType": "rawValue",
"value": "string"
Set the type property to specify the type of object.
For AzureResource, use:
"type": "AzureResource",
"id": "string",
"resourceProperties": {
"type": "string"
// For remaining properties, see AzureResourcePropertiesBase objects
}
For ConfluentBootstrapServer, use:
"type": "ConfluentBootstrapServer",
"endpoint": "string"
For ConfluentSchemaRegistry, use:
"type": "ConfluentSchemaRegistry",
"endpoint": "string"
For SelfHostedServer, use:
"type": "SelfHostedServer",
"endpoint": "string"
Set the type property to specify the type of object.
For KeyVault, use:
"type": "KeyVault",
"connectAsKubernetesCsiDriver": "bool"
Name | Description | Value |
---|---|---|
type | The resource type | 'Microsoft.ServiceLinker/linkers' |
apiVersion | The resource api version | '2022-11-01-preview' |
name | The resource name | string (required) |
scope | Use when creating an extension resource at a scope that is different than the deployment scope. | Target resource For JSON, set the value to the full name of the resource to apply the extension resource to. |
properties | The properties of the Linker. | LinkerProperties (required) |
Name | Description | Value |
---|---|---|
authInfo | The authentication type. | AuthInfoBase |
clientType | The application client type | 'dapr' 'django' 'dotnet' 'go' 'java' 'kafka-springBoot' 'nodejs' 'none' 'php' 'python' 'ruby' 'springBoot' |
configurationInfo | The connection information consumed by applications, including secrets, connection strings. | ConfigurationInfo |
publicNetworkSolution | The network solution. | PublicNetworkSolution |
scope | connection scope in source service. | string |
secretStore | An option to store secret value in secure place | SecretStore |
targetService | The target service properties | TargetServiceBase |
vNetSolution | The VNet solution. | VNetSolution |
Name | Description | Value |
---|---|---|
authType | Set the object type | accessKey secret servicePrincipalCertificate servicePrincipalSecret systemAssignedIdentity userAccount userAssignedIdentity (required) |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'accessKey' (required) |
permissions | Permissions of the accessKey. Read and Write are for Azure Cosmos DB and Azure App Configuration, Listen , Send and Manage are for Azure Event Hub and Azure Service Bus. |
String array containing any of: 'Listen' 'Manage' 'Read' 'Send' 'Write' |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'secret' (required) |
name | Username or account name for secret auth. | string |
secretInfo | Password or key vault secret for secret auth. | SecretInfoBase |
Name | Description | Value |
---|---|---|
secretType | Set the object type | keyVaultSecretReference keyVaultSecretUri rawValue (required) |
Name | Description | Value |
---|---|---|
secretType | The secret type. | 'keyVaultSecretReference' (required) |
name | Name of the Key Vault secret. | string |
version | Version of the Key Vault secret. | string |
Name | Description | Value |
---|---|---|
secretType | The secret type. | 'keyVaultSecretUri' (required) |
value | URI to the keyvault secret | string |
Name | Description | Value |
---|---|---|
secretType | The secret type. | 'rawValue' (required) |
value | The actual value of the secret. | string Constraints: Sensitive value. Pass in as a secure parameter. |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'servicePrincipalCertificate' (required) |
certificate | ServicePrincipal certificate for servicePrincipal auth. | string (required) Constraints: Sensitive value. Pass in as a secure parameter. |
clientId | Application clientId for servicePrincipal auth. | string (required) |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
principalId | Principal Id for servicePrincipal auth. | string (required) |
roles | Optional, this value specifies the Azure roles to be assigned. Automatically | string[] |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'servicePrincipalSecret' (required) |
clientId | ServicePrincipal application clientId for servicePrincipal auth. | string (required) |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
principalId | Principal Id for servicePrincipal auth. | string (required) |
roles | Optional, this value specifies the Azure roles to be assigned. Automatically | string[] |
secret | Secret for servicePrincipal auth. | string (required) Constraints: Sensitive value. Pass in as a secure parameter. |
userName | Username created in the database which is mapped to a user in AAD. | string |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'systemAssignedIdentity' (required) |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
roles | Optional, this value specifies the Azure role to be assigned | string[] |
userName | Username created in the database which is mapped to a user in AAD. | string |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'userAccount' (required) |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
principalId | Principal Id for user account. | string |
roles | Optional, this value specifies the Azure roles to be assigned. Automatically | string[] |
userName | Username created in the database which is mapped to a user in AAD. | string |
Name | Description | Value |
---|---|---|
authType | The authentication type. | 'userAssignedIdentity' (required) |
clientId | Client Id for userAssignedIdentity. | string |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
roles | Optional, this value specifies the Azure role to be assigned | string[] |
subscriptionId | Subscription id for userAssignedIdentity. | string |
userName | Username created in the database which is mapped to a user in AAD. | string |
Name | Description | Value |
---|---|---|
action | Optional, indicate whether to apply configurations on source application. If enable, generate configurations and applied to the source application. Default is enable. If optOut, no configuration change will be made on source. | 'Internal' 'enable' 'optOut' |
additionalConfigurations | A dictionary of additional configurations to be added. Service will auto generate a set of basic configurations and this property is to full fill more customized configurations | ConfigurationInfoAdditionalConfigurations |
customizedKeys | Optional. A dictionary of default key name and customized key name mapping. If not specified, default key name will be used for generate configurations | ConfigurationInfoCustomizedKeys |
daprProperties | Indicates some additional properties for dapr client type | DaprProperties |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
Name | Description | Value |
---|---|---|
{customized property} | string |
Name | Description | Value |
---|---|---|
{customized property} | string |
Name | Description | Value |
---|---|---|
componentType | The dapr component type | string |
metadata | Additional dapr metadata | DaprMetadata[] |
scopes | The dapr component scopes | string[] |
secretStoreComponent | The name of a secret store dapr to retrieve secret | string |
version | The dapr component version | string |
Name | Description | Value |
---|---|---|
name | Metadata property name. | string |
secretRef | The secret name where dapr could get value | string |
value | Metadata property value. | string |
Name | Description | Value |
---|---|---|
action | Optional. Indicates public network solution. If enable, enable public network access of target service with best try. Default is enable. If optOut, opt out public network access configuration. | 'Internal' 'enable' 'optOut' |
deleteOrUpdateBehavior | Indicates whether to clean up previous operation(such as firewall rules) when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
firewallRules | Describe firewall rules of target service to make sure source application could connect to the target. | FirewallRules |
Name | Description | Value |
---|---|---|
azureServices | Allow Azure services to access the target service if true. | 'false' 'true' |
callerClientIP | Allow caller client IP to access the target service if true. the property is used when connecting local application to target service. | 'false' 'true' |
ipRanges | This value specifies the set of IP addresses or IP address ranges in CIDR form to be included as the allowed list of client IPs for a given database account. | string[] |
Name | Description | Value |
---|---|---|
keyVaultId | The key vault id to store secret | string |
keyVaultSecretName | The key vault secret name to store secret, only valid when storing one secret | string |
Name | Description | Value |
---|---|---|
type | Set the object type | AzureResource ConfluentBootstrapServer ConfluentSchemaRegistry SelfHostedServer (required) |
Name | Description | Value |
---|---|---|
type | The target service type. | 'AzureResource' (required) |
id | The Id of azure resource. | string |
resourceProperties | The azure resource connection related properties. | AzureResourcePropertiesBase |
Name | Description | Value |
---|---|---|
type | Set the object type | KeyVault (required) |
Name | Description | Value |
---|---|---|
type | The azure resource type. | 'KeyVault' (required) |
connectAsKubernetesCsiDriver | True if connect via Kubernetes CSI Driver. | bool |
Name | Description | Value |
---|---|---|
type | The target service type. | 'ConfluentBootstrapServer' (required) |
endpoint | The endpoint of service. | string |
Name | Description | Value |
---|---|---|
type | The target service type. | 'ConfluentSchemaRegistry' (required) |
endpoint | The endpoint of service. | string |
Name | Description | Value |
---|---|---|
type | The target service type. | 'SelfHostedServer' (required) |
endpoint | The endpoint of service. | string |
Name | Description | Value |
---|---|---|
deleteOrUpdateBehavior | Indicates whether to clean up previous operation when Linker is updating or deleting | 'Default' 'ForcedCleanup' |
type | Type of VNet solution. | 'privateLink' 'serviceEndpoint' |