Manages a Cognitive Services Account.
resource "azurerm_resource_group" "example" {
name = "example-resources"
location = "West Europe"
}
resource "azurerm_cognitive_account" "example" {
name = "example-account"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
kind = "Face"
sku_name = "S0"
tags = {
Acceptance = "Test"
}
}
The following arguments are supported:
name
- (Required) Specifies the name of the Cognitive Service Account. Changing this forces a new resource to be created.
resource_group_name
- (Required) The name of the resource group in which the Cognitive Service Account is created. Changing this forces a new resource to be created.
location
- (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
kind
- (Required) Specifies the type of Cognitive Service Account that should be created. Possible values are Academic
, AnomalyDetector
, Bing.Autosuggest
, Bing.Autosuggest.v7
, Bing.CustomSearch
, Bing.Search
, Bing.Search.v7
, Bing.Speech
, Bing.SpellCheck
, Bing.SpellCheck.v7
, CognitiveServices
, ComputerVision
, ContentModerator
, ContentSafety
, CustomSpeech
, CustomVision.Prediction
, CustomVision.Training
, Emotion
, Face
, FormRecognizer
, ImmersiveReader
, LUIS
, LUIS.Authoring
, MetricsAdvisor
, OpenAI
, Personalizer
, QnAMaker
, Recommendations
, SpeakerRecognition
, Speech
, SpeechServices
, SpeechTranslation
, TextAnalytics
, TextTranslation
and WebLM
. Changing this forces a new resource to be created.
sku_name
- (Required) Specifies the SKU Name for this Cognitive Service Account. Possible values are F0
, F1
, S0
, S
, S1
, S2
, S3
, S4
, S5
, S6
, P0
, P1
, P2
, E0
and DC0
.custom_subdomain_name
- (Optional) The subdomain name used for token-based authentication. This property is required when network_acls
is specified. Changing this forces a new resource to be created.
dynamic_throttling_enabled
- (Optional) Whether to enable the dynamic throttling for this Cognitive Service Account.
customer_managed_key
- (Optional) A customer_managed_key
block as documented below.
fqdns
- (Optional) List of FQDNs allowed for the Cognitive Account.
identity
- (Optional) An identity
block as defined below.
local_auth_enabled
- (Optional) Whether local authentication methods is enabled for the Cognitive Account. Defaults to true
.
metrics_advisor_aad_client_id
- (Optional) The Azure AD Client ID (Application ID). This attribute is only set when kind is MetricsAdvisor
. Changing this forces a new resource to be created.
metrics_advisor_aad_tenant_id
- (Optional) The Azure AD Tenant ID. This attribute is only set when kind is MetricsAdvisor
. Changing this forces a new resource to be created.
metrics_advisor_super_user_name
- (Optional) The super user of Metrics Advisor. This attribute is only set when kind is MetricsAdvisor
. Changing this forces a new resource to be created.
metrics_advisor_website_name
- (Optional) The website name of Metrics Advisor. This attribute is only set when kind is MetricsAdvisor
. Changing this forces a new resource to be created.
network_acls
- (Optional) A network_acls
block as defined below. When this property is specified, custom_subdomain_name
is also required to be set.
outbound_network_access_restricted
- (Optional) Whether outbound network access is restricted for the Cognitive Account. Defaults to false
.
public_network_access_enabled
- (Optional) Whether public network access is allowed for the Cognitive Account. Defaults to true
.
qna_runtime_endpoint
- (Optional) A URL to link a QnAMaker cognitive account to a QnA runtime.
custom_question_answering_search_service_id
- (Optional) If kind
is TextAnalytics
this specifies the ID of the Search service.
custom_question_answering_search_service_key
- (Optional) If kind
is TextAnalytics
this specifies the key of the Search service.
storage
- (Optional) A storage
block as defined below.
tags
- (Optional) A mapping of tags to assign to the resource.
A network_acls
block supports the following:
default_action
- (Required) The Default Action to use when no rules match from ip_rules
/ virtual_network_rules
. Possible values are Allow
and Deny
.
ip_rules
- (Optional) One or more IP Addresses, or CIDR Blocks which should be able to access the Cognitive Account.
virtual_network_rules
- (Optional) A virtual_network_rules
block as defined below.
A virtual_network_rules
block supports the following:
subnet_id
- (Required) The ID of the subnet which should be able to access this Cognitive Account.
ignore_missing_vnet_service_endpoint
- (Optional) Whether ignore missing vnet service endpoint or not. Default to false
.
A customer_managed_key
block supports the following:
key_vault_key_id
- (Required) The ID of the Key Vault Key which should be used to Encrypt the data in this Cognitive Account.
identity_client_id
- (Optional) The Client ID of the User Assigned Identity that has access to the key. This property only needs to be specified when there're multiple identities attached to the Cognitive Account.
A identity
block supports the following:
type
- (Required) Specifies the type of Managed Service Identity that should be configured on this Cognitive Account. Possible values are SystemAssigned
, UserAssigned
, SystemAssigned, UserAssigned
(to enable both).
identity_ids
- (Optional) Specifies a list of User Assigned Managed Identity IDs to be assigned to this Cognitive Account.
A storage
block supports the following:
storage_account_id
- (Required) Full resource id of a Microsoft.Storage resource.
identity_client_id
- (Optional) The client ID of the managed identity associated with the storage resource.
In addition to the Arguments listed above - the following Attributes are exported:
id
- The ID of the Cognitive Service Account.
endpoint
- The endpoint used to connect to the Cognitive Service Account.
identity
- An identity
block as defined below.
primary_access_key
- A primary access key which can be used to connect to the Cognitive Service Account.
secondary_access_key
- The secondary access key which can be used to connect to the Cognitive Service Account.
An identity
block exports the following:
principal_id
- The Principal ID associated with this Managed Service Identity.
tenant_id
- The Tenant ID associated with this Managed Service Identity.
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 30 minutes) Used when creating the Cognitive Service Account.update
- (Defaults to 30 minutes) Used when updating the Cognitive Service Account.read
- (Defaults to 5 minutes) Used when retrieving the Cognitive Service Account.delete
- (Defaults to 30 minutes) Used when deleting the Cognitive Service Account.Cognitive Service Accounts can be imported using the resource id
, e.g.
terraform import azurerm_cognitive_account.account1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.CognitiveServices/accounts/account1