ARM template resource definition
The workspaces resource type can be deployed with operations that target:
For a list of changed properties in each API version, see change log.
To create a Microsoft.Synapse/workspaces resource, add the following JSON to your template.
{
"type": "Microsoft.Synapse/workspaces",
"apiVersion": "2021-06-01",
"name": "string",
"location": "string",
"tags": {
"tagName1": "tagValue1",
"tagName2": "tagValue2"
},
"identity": {
"type": "string",
"userAssignedIdentities": {}
},
"properties": {
"azureADOnlyAuthentication": "bool",
"cspWorkspaceAdminProperties": {
"initialWorkspaceAdminObjectId": "string"
},
"defaultDataLakeStorage": {
"accountUrl": "string",
"createManagedPrivateEndpoint": "bool",
"filesystem": "string",
"resourceId": "string"
},
"encryption": {
"cmk": {
"kekIdentity": {
"userAssignedIdentity": "string",
"useSystemAssignedIdentity": {}
},
"key": {
"keyVaultUrl": "string",
"name": "string"
}
}
},
"managedResourceGroupName": "string",
"managedVirtualNetwork": "string",
"managedVirtualNetworkSettings": {
"allowedAadTenantIdsForLinking": [ "string" ],
"linkedAccessCheckOnTargetResource": "bool",
"preventDataExfiltration": "bool"
},
"privateEndpointConnections": [
{
"properties": {
"privateEndpoint": {},
"privateLinkServiceConnectionState": {
"description": "string",
"status": "string"
}
}
}
],
"publicNetworkAccess": "string",
"purviewConfiguration": {
"purviewResourceId": "string"
},
"sqlAdministratorLogin": "string",
"sqlAdministratorLoginPassword": "string",
"trustedServiceBypassEnabled": "bool",
"virtualNetworkProfile": {
"computeSubnetId": "string"
},
"workspaceRepositoryConfiguration": {
"accountName": "string",
"collaborationBranch": "string",
"hostName": "string",
"lastCommitId": "string",
"projectName": "string",
"repositoryName": "string",
"rootFolder": "string",
"tenantId": "string",
"type": "string"
}
}
}
Property values
workspaces
Name |
Description |
Value |
type |
The resource type |
'Microsoft.Synapse/workspaces' |
apiVersion |
The resource api version |
'2021-06-01' |
name |
The resource name |
string (required)
Character limit: 1-50
Valid characters: Lowercase letters, hyphens, and numbers.
Start and end with letter or number.
Can't contain -ondemand
Resource name must be unique across Azure. |
location |
The geo-location where the resource lives |
string (required) |
tags |
Resource tags. |
Dictionary of tag names and values. See Tags in templates |
identity |
Identity of the workspace |
ManagedIdentity |
properties |
Workspace resource properties |
WorkspaceProperties |
ManagedIdentity
Name |
Description |
Value |
type |
The type of managed identity for the workspace |
'None' 'SystemAssigned' 'SystemAssigned,UserAssigned' |
userAssignedIdentities |
The user assigned managed identities. |
object |
WorkspaceProperties
Name |
Description |
Value |
azureADOnlyAuthentication |
Enable or Disable AzureADOnlyAuthentication on All Workspace subresource |
bool |
cspWorkspaceAdminProperties |
Initial workspace AAD admin properties for a CSP subscription |
CspWorkspaceAdminProperties |
defaultDataLakeStorage |
Workspace default data lake storage account details |
DataLakeStorageAccountDetails |
encryption |
The encryption details of the workspace |
EncryptionDetails |
managedResourceGroupName |
Workspace managed resource group. The resource group name uniquely identifies the resource group within the user subscriptionId. The resource group name must be no longer than 90 characters long, and must be alphanumeric characters (Char.IsLetterOrDigit()) and '-', '_', '(', ')' and'.'. Note that the name cannot end with '.' |
string |
managedVirtualNetwork |
Setting this to 'default' will ensure that all compute for this workspace is in a virtual network managed on behalf of the user. |
string |
managedVirtualNetworkSettings |
Managed Virtual Network Settings |
ManagedVirtualNetworkSettings |
privateEndpointConnections |
Private endpoint connections to the workspace |
PrivateEndpointConnection[] |
publicNetworkAccess |
Enable or Disable public network access to workspace |
'Disabled' 'Enabled' |
purviewConfiguration |
Purview Configuration |
PurviewConfiguration |
sqlAdministratorLogin |
Login for workspace SQL active directory administrator |
string |
sqlAdministratorLoginPassword |
SQL administrator login password |
string |
trustedServiceBypassEnabled |
Is trustedServiceBypassEnabled for the workspace |
bool |
virtualNetworkProfile |
Virtual Network profile |
VirtualNetworkProfile |
workspaceRepositoryConfiguration |
Git integration settings |
WorkspaceRepositoryConfiguration |
CspWorkspaceAdminProperties
Name |
Description |
Value |
initialWorkspaceAdminObjectId |
AAD object ID of initial workspace admin |
string |
DataLakeStorageAccountDetails
Name |
Description |
Value |
accountUrl |
Account URL |
string |
createManagedPrivateEndpoint |
Create managed private endpoint to this storage account or not |
bool |
filesystem |
Filesystem name |
string |
resourceId |
ARM resource Id of this storage account |
string |
EncryptionDetails
CustomerManagedKeyDetails
KekIdentityProperties
Name |
Description |
Value |
userAssignedIdentity |
User assigned identity resource Id |
string |
useSystemAssignedIdentity |
Boolean specifying whether to use system assigned identity or not |
|
WorkspaceKeyDetails
Name |
Description |
Value |
keyVaultUrl |
Workspace Key sub-resource key vault url |
string |
name |
Workspace Key sub-resource name |
string |
ManagedVirtualNetworkSettings
Name |
Description |
Value |
allowedAadTenantIdsForLinking |
Allowed Aad Tenant Ids For Linking |
string[] |
linkedAccessCheckOnTargetResource |
Linked Access Check On Target Resource |
bool |
preventDataExfiltration |
Prevent Data Exfiltration |
bool |
PrivateEndpointConnection
PrivateEndpointConnectionProperties
PrivateEndpoint
This object doesn't contain any properties to set during deployment. All properties are ReadOnly.
PrivateLinkServiceConnectionState
Name |
Description |
Value |
description |
The private link service connection description. |
string |
status |
The private link service connection status. |
string |
PurviewConfiguration
Name |
Description |
Value |
purviewResourceId |
Purview Resource ID |
string |
VirtualNetworkProfile
Name |
Description |
Value |
computeSubnetId |
Subnet ID used for computes in workspace |
string |
WorkspaceRepositoryConfiguration
Name |
Description |
Value |
accountName |
Account name |
string |
collaborationBranch |
Collaboration branch |
string |
hostName |
GitHub Enterprise host name. For example: https://github.mydomain.com |
string |
lastCommitId |
The last commit ID |
string |
projectName |
VSTS project name |
string |
repositoryName |
Repository name |
string |
rootFolder |
Root folder to use in the repository |
string |
tenantId |
The VSTS tenant ID |
string |
type |
Type of workspace repositoryID configuration. Example WorkspaceVSTSConfiguration, WorkspaceGitHubConfiguration |
string |
Quickstart templates
The following quickstart templates deploy this resource type.
Template |
Description |
Azure Synapse Proof-of-Concept
 |
This template creates a proof of concept environment for Azure Synapse, including SQL Pools and optional Apache Spark Pools |