Workspace
data class WorkspaceArgs(val applicationInsightsId: Output<String>? = null, val containerRegistryId: Output<String>? = null, val description: Output<String>? = null, val encryption: Output<WorkspaceEncryptionArgs>? = null, val friendlyName: Output<String>? = null, val highBusinessImpact: Output<Boolean>? = null, val identity: Output<WorkspaceIdentityArgs>? = null, val imageBuildComputeName: Output<String>? = null, val keyVaultId: Output<String>? = null, val location: Output<String>? = null, val name: Output<String>? = null, val primaryUserAssignedIdentity: Output<String>? = null, val publicAccessBehindVirtualNetworkEnabled: Output<Boolean>? = null, val publicNetworkAccessEnabled: Output<Boolean>? = null, val resourceGroupName: Output<String>? = null, val skuName: Output<String>? = null, val storageAccountId: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val v1LegacyModeEnabled: Output<Boolean>? = null) : ConvertibleToJava<WorkspaceArgs>
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appinsights.Insights;
import com.pulumi.azure.appinsights.InsightsArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.machinelearning.Workspace;
import com.pulumi.azure.machinelearning.WorkspaceArgs;
import com.pulumi.azure.machinelearning.inputs.WorkspaceIdentityArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleInsights = new Insights("exampleInsights", InsightsArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationType("web")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("premium")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.accountTier("Standard")
.accountReplicationType("GRS")
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationInsightsId(exampleInsights.id())
.keyVaultId(exampleKeyVault.id())
.storageAccountId(exampleAccount.id())
.identity(WorkspaceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.build());
}
}Content copied to clipboard
With Data Encryption
NOTE: The Key Vault must enable purge protection.
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appinsights.Insights;
import com.pulumi.azure.appinsights.InsightsArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.machinelearning.Workspace;
import com.pulumi.azure.machinelearning.WorkspaceArgs;
import com.pulumi.azure.machinelearning.inputs.WorkspaceIdentityArgs;
import com.pulumi.azure.machinelearning.inputs.WorkspaceEncryptionArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleInsights = new Insights("exampleInsights", InsightsArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationType("web")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("premium")
.purgeProtectionEnabled(true)
.build());
var exampleAccessPolicy = new AccessPolicy("exampleAccessPolicy", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Create",
"Get",
"Delete",
"Purge",
"GetRotationPolicy")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.accountTier("Standard")
.accountReplicationType("GRS")
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(
exampleKeyVault,
exampleAccessPolicy)
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationInsightsId(exampleInsights.id())
.keyVaultId(exampleKeyVault.id())
.storageAccountId(exampleAccount.id())
.identity(WorkspaceIdentityArgs.builder()
.type("SystemAssigned")
.build())
.encryption(WorkspaceEncryptionArgs.builder()
.keyVaultId(exampleKeyVault.id())
.keyId(exampleKey.id())
.build())
.build());
}
}Content copied to clipboard
With User Assigned Identity And Data Encryption
NOTE: The Key Vault must enable purge protection.
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.appinsights.Insights;
import com.pulumi.azure.appinsights.InsightsArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.AccessPolicy;
import com.pulumi.azure.keyvault.AccessPolicyArgs;
import com.pulumi.azuread.AzureadFunctions;
import com.pulumi.azuread.inputs.GetServicePrincipalArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.machinelearning.Workspace;
import com.pulumi.azure.machinelearning.WorkspaceArgs;
import com.pulumi.azure.machinelearning.inputs.WorkspaceIdentityArgs;
import com.pulumi.azure.machinelearning.inputs.WorkspaceEncryptionArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
.location("West Europe")
.build());
var exampleInsights = new Insights("exampleInsights", InsightsArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationType("web")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.accountTier("Standard")
.accountReplicationType("GRS")
.build());
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.skuName("premium")
.purgeProtectionEnabled(true)
.build());
var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.build());
var example_identity = new AccessPolicy("example-identity", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(exampleUserAssignedIdentity.principalId())
.keyPermissions(
"WrapKey",
"UnwrapKey",
"Get",
"Recover")
.secretPermissions(
"Get",
"List",
"Set",
"Delete",
"Recover",
"Backup",
"Restore")
.build());
var example_sp = new AccessPolicy("example-sp", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Get",
"Create",
"Recover",
"Delete",
"Purge",
"GetRotationPolicy")
.build());
final var test = AzureadFunctions.getServicePrincipal(GetServicePrincipalArgs.builder()
.displayName("Azure Cosmos DB")
.build());
var example_cosmosdb = new AccessPolicy("example-cosmosdb", AccessPolicyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(test.applyValue(getServicePrincipalResult -> getServicePrincipalResult.objectId()))
.keyPermissions(
"Get",
"Recover",
"UnwrapKey",
"WrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(
test.applyValue(getServicePrincipalResult -> getServicePrincipalResult),
current.applyValue(getClientConfigResult -> getClientConfigResult))
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"decrypt",
"encrypt",
"sign",
"unwrapKey",
"verify",
"wrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(
exampleKeyVault,
example_sp)
.build());
var example_role1 = new Assignment("example-role1", AssignmentArgs.builder()
.scope(exampleKeyVault.id())
.roleDefinitionName("Contributor")
.principalId(exampleUserAssignedIdentity.principalId())
.build());
var example_role2 = new Assignment("example-role2", AssignmentArgs.builder()
.scope(exampleAccount.id())
.roleDefinitionName("Storage Blob Data Contributor")
.principalId(exampleUserAssignedIdentity.principalId())
.build());
var example_role3 = new Assignment("example-role3", AssignmentArgs.builder()
.scope(exampleAccount.id())
.roleDefinitionName("Contributor")
.principalId(exampleUserAssignedIdentity.principalId())
.build());
var example_role4 = new Assignment("example-role4", AssignmentArgs.builder()
.scope(exampleInsights.id())
.roleDefinitionName("Contributor")
.principalId(exampleUserAssignedIdentity.principalId())
.build());
var exampleWorkspace = new Workspace("exampleWorkspace", WorkspaceArgs.builder()
.location(exampleResourceGroup.location())
.resourceGroupName(exampleResourceGroup.name())
.applicationInsightsId(exampleInsights.id())
.keyVaultId(exampleKeyVault.id())
.storageAccountId(exampleAccount.id())
.highBusinessImpact(true)
.primaryUserAssignedIdentity(exampleUserAssignedIdentity.id())
.identity(WorkspaceIdentityArgs.builder()
.type("UserAssigned")
.identityIds(exampleUserAssignedIdentity.id())
.build())
.encryption(WorkspaceEncryptionArgs.builder()
.userAssignedIdentityId(exampleUserAssignedIdentity.id())
.keyVaultId(exampleKeyVault.id())
.keyId(exampleKey.id())
.build())
.build(), CustomResourceOptions.builder()
.dependsOn(
example_role1,
example_role2,
example_role3,
example_role4,
example_cosmosdb)
.build());
}
}Content copied to clipboard
Import
Machine Learning Workspace can be imported using the resource id, e.g.
$ pulumi import azure:machinelearning/workspace:Workspace example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.MachineLearningServices/workspaces/workspace1Content copied to clipboard
Constructors
Link copied to clipboard
fun WorkspaceArgs(applicationInsightsId: Output<String>? = null, containerRegistryId: Output<String>? = null, description: Output<String>? = null, encryption: Output<WorkspaceEncryptionArgs>? = null, friendlyName: Output<String>? = null, highBusinessImpact: Output<Boolean>? = null, identity: Output<WorkspaceIdentityArgs>? = null, imageBuildComputeName: Output<String>? = null, keyVaultId: Output<String>? = null, location: Output<String>? = null, name: Output<String>? = null, primaryUserAssignedIdentity: Output<String>? = null, publicAccessBehindVirtualNetworkEnabled: Output<Boolean>? = null, publicNetworkAccessEnabled: Output<Boolean>? = null, resourceGroupName: Output<String>? = null, skuName: Output<String>? = null, storageAccountId: Output<String>? = null, tags: Output<Map<String, String>>? = null, v1LegacyModeEnabled: Output<Boolean>? = null)
Functions
Properties
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard