storage.azure.com/v1api20210401

APIVersion

Value	Description
“2021-04-01”

StorageAccount

Generator information: - Generated from: /storage/resource-manager/Microsoft.Storage/stable/2021-04-01/storage.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}

Used by: StorageAccountList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccount_Spec Optional
status		StorageAccount_STATUS Optional

StorageAccount_Spec

Property	Description	Type
accessTier	Required for storage accounts where kind = BlobStorage. The access tier used for billing.	StorageAccountPropertiesCreateParameters_AccessTier Optional
allowBlobPublicAccess	Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.	bool Optional
allowCrossTenantReplication	Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.	bool Optional
allowSharedKeyAccess	Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.	bool Optional
azureFilesIdentityBasedAuthentication	Provides the identity based authentication settings for Azure Files.	AzureFilesIdentityBasedAuthentication Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
customDomain	User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.	CustomDomain Optional
encryption	Not applicable. Azure Storage encryption is enabled for all storage accounts and cannot be disabled.	Encryption Optional
extendedLocation	Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location	ExtendedLocation Optional
identity	The identity of the resource.	Identity Optional
isHnsEnabled	Account HierarchicalNamespace enabled if sets to true.	bool Optional
isNfsV3Enabled	NFS 3.0 protocol support enabled if set to true.	bool Optional
keyPolicy	KeyPolicy assigned to the storage account.	KeyPolicy Optional
kind	Required. Indicates the type of storage account.	StorageAccount_Kind_Spec Required
largeFileSharesState	Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.	StorageAccountPropertiesCreateParameters_LargeFileSharesState Optional
location	Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.	string Required
minimumTlsVersion	Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.	StorageAccountPropertiesCreateParameters_MinimumTlsVersion Optional
networkAcls	Network rule set	NetworkRuleSet Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource	genruntime.KnownResourceReference Required
routingPreference	Maintains information about the network routing choice opted by the user for data transfer	RoutingPreference Optional
sasPolicy	SasPolicy assigned to the storage account.	SasPolicy Optional
sku	Required. Gets or sets the SKU name.	Sku Required
supportsHttpsTrafficOnly	Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.	bool Optional
tags	Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.	map[string]string Optional

StorageAccount_STATUS

Property	Description	Type
accessTier	Required for storage accounts where kind = BlobStorage. The access tier used for billing.	StorageAccountProperties_AccessTier_STATUS Optional
allowBlobPublicAccess	Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.	bool Optional
allowCrossTenantReplication	Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.	bool Optional
allowSharedKeyAccess	Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.	bool Optional
azureFilesIdentityBasedAuthentication	Provides the identity based authentication settings for Azure Files.	AzureFilesIdentityBasedAuthentication_STATUS Optional
blobRestoreStatus	Blob restore status	BlobRestoreStatus_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
creationTime	Gets the creation date and time of the storage account in UTC.	string Optional
customDomain	Gets the custom domain the user assigned to this storage account.	CustomDomain_STATUS Optional
encryption	Gets the encryption settings on the account. If unspecified, the account is unencrypted.	Encryption_STATUS Optional
extendedLocation	The extendedLocation of the resource.	ExtendedLocation_STATUS Optional
failoverInProgress	If the failover is in progress, the value will be true, otherwise, it will be null.	bool Optional
geoReplicationStats	Geo Replication Stats	GeoReplicationStats_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
identity	The identity of the resource.	Identity_STATUS Optional
isHnsEnabled	Account HierarchicalNamespace enabled if sets to true.	bool Optional
isNfsV3Enabled	NFS 3.0 protocol support enabled if set to true.	bool Optional
keyCreationTime	Storage account keys creation time.	KeyCreationTime_STATUS Optional
keyPolicy	KeyPolicy assigned to the storage account.	KeyPolicy_STATUS Optional
kind	Gets the Kind.	StorageAccount_Kind_STATUS Optional
largeFileSharesState	Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.	StorageAccountProperties_LargeFileSharesState_STATUS Optional
lastGeoFailoverTime	Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.	string Optional
location	The geo-location where the resource lives	string Optional
minimumTlsVersion	Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.	StorageAccountProperties_MinimumTlsVersion_STATUS Optional
name	The name of the resource	string Optional
networkAcls	Network rule set	NetworkRuleSet_STATUS Optional
primaryEndpoints	Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.	Endpoints_STATUS Optional
primaryLocation	Gets the location of the primary data center for the storage account.	string Optional
privateEndpointConnections	List of private endpoint connection associated with the specified storage account	PrivateEndpointConnection_STATUS[] Optional
provisioningState	Gets the status of the storage account at the time the operation was called.	StorageAccountProperties_ProvisioningState_STATUS Optional
routingPreference	Maintains information about the network routing choice opted by the user for data transfer	RoutingPreference_STATUS Optional
sasPolicy	SasPolicy assigned to the storage account.	SasPolicy_STATUS Optional
secondaryEndpoints	Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.	Endpoints_STATUS Optional
secondaryLocation	Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.	string Optional
sku	Gets the SKU.	Sku_STATUS Optional
statusOfPrimary	Gets the status indicating whether the primary location of the storage account is available or unavailable.	StorageAccountProperties_StatusOfPrimary_STATUS Optional
statusOfSecondary	Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.	StorageAccountProperties_StatusOfSecondary_STATUS Optional
supportsHttpsTrafficOnly	Allows https traffic only to storage service if sets to true.	bool Optional
tags	Resource tags.	map[string]string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccount[] Optional

StorageAccountsBlobService

Generator information: - Generated from: /storage/resource-manager/Microsoft.Storage/stable/2021-04-01/blob.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/blobServices/default

Used by: StorageAccountsBlobServiceList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccountsBlobService_Spec Optional
status		StorageAccountsBlobService_STATUS Optional

StorageAccountsBlobService_Spec

Property	Description	Type
automaticSnapshotPolicyEnabled	Deprecated in favor of isVersioningEnabled property.	bool Optional
changeFeed	The blob service properties for change feed events.	ChangeFeed Optional
containerDeleteRetentionPolicy	The blob service properties for container soft delete.	DeleteRetentionPolicy Optional
cors	Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.	CorsRules Optional
defaultServiceVersion	DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.	string Optional
deleteRetentionPolicy	The blob service properties for blob soft delete.	DeleteRetentionPolicy Optional
isVersioningEnabled	Versioning is enabled if set to true.	bool Optional
lastAccessTimeTrackingPolicy	The blob service property to configure last access time based tracking policy.	LastAccessTimeTrackingPolicy Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsBlobServiceOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required
restorePolicy	The blob service properties for blob restore policy.	RestorePolicyProperties Optional

StorageAccountsBlobService_STATUS

Property	Description	Type
automaticSnapshotPolicyEnabled	Deprecated in favor of isVersioningEnabled property.	bool Optional
changeFeed	The blob service properties for change feed events.	ChangeFeed_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
containerDeleteRetentionPolicy	The blob service properties for container soft delete.	DeleteRetentionPolicy_STATUS Optional
cors	Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.	CorsRules_STATUS Optional
defaultServiceVersion	DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.	string Optional
deleteRetentionPolicy	The blob service properties for blob soft delete.	DeleteRetentionPolicy_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
isVersioningEnabled	Versioning is enabled if set to true.	bool Optional
lastAccessTimeTrackingPolicy	The blob service property to configure last access time based tracking policy.	LastAccessTimeTrackingPolicy_STATUS Optional
name	The name of the resource	string Optional
restorePolicy	The blob service properties for blob restore policy.	RestorePolicyProperties_STATUS Optional
sku	Sku name and tier.	Sku_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsBlobServiceList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccountsBlobService[] Optional

StorageAccountsBlobServicesContainer

Used by: StorageAccountsBlobServicesContainerList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccountsBlobServicesContainer_Spec Optional
status		StorageAccountsBlobServicesContainer_STATUS Optional

StorageAccountsBlobServicesContainer_Spec

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
defaultEncryptionScope	Default the container to use specified encryption scope for all writes.	string Optional
denyEncryptionScopeOverride	Block override of encryption scope from the container default.	bool Optional
immutableStorageWithVersioning	The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.	ImmutableStorageWithVersioning Optional
metadata	A name-value pair to associate with the container as metadata.	map[string]string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsBlobServicesContainerOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsBlobService resource	genruntime.KnownResourceReference Required
publicAccess	Specifies whether data in the container may be accessed publicly and the level of access.	ContainerProperties_PublicAccess Optional

StorageAccountsBlobServicesContainer_STATUS

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
defaultEncryptionScope	Default the container to use specified encryption scope for all writes.	string Optional
deleted	Indicates whether the blob container was deleted.	bool Optional
deletedTime	Blob container deletion time.	string Optional
denyEncryptionScopeOverride	Block override of encryption scope from the container default.	bool Optional
etag	Resource Etag.	string Optional
hasImmutabilityPolicy	The hasImmutabilityPolicy public property is set to true by SRP if ImmutabilityPolicy has been created for this container. The hasImmutabilityPolicy public property is set to false by SRP if ImmutabilityPolicy has not been created for this container.	bool Optional
hasLegalHold	The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account.	bool Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
immutabilityPolicy	The ImmutabilityPolicy property of the container.	ImmutabilityPolicyProperties_STATUS Optional
immutableStorageWithVersioning	The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.	ImmutableStorageWithVersioning_STATUS Optional
lastModifiedTime	Returns the date and time the container was last modified.	string Optional
leaseDuration	Specifies whether the lease on a container is of infinite or fixed duration, only when the container is leased.	ContainerProperties_LeaseDuration_STATUS Optional
leaseState	Lease state of the container.	ContainerProperties_LeaseState_STATUS Optional
leaseStatus	The lease status of the container.	ContainerProperties_LeaseStatus_STATUS Optional
legalHold	The LegalHold property of the container.	LegalHoldProperties_STATUS Optional
metadata	A name-value pair to associate with the container as metadata.	map[string]string Optional
name	The name of the resource	string Optional
publicAccess	Specifies whether data in the container may be accessed publicly and the level of access.	ContainerProperties_PublicAccess_STATUS Optional
remainingRetentionDays	Remaining retention days for soft deleted blob container.	int Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional
version	The version of the deleted blob container.	string Optional

StorageAccountsBlobServicesContainerList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccountsBlobServicesContainer[] Optional

StorageAccountsManagementPolicy

Used by: StorageAccountsManagementPolicyList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccountsManagementPolicy_Spec Optional
status		StorageAccountsManagementPolicy_STATUS Optional

StorageAccountsManagementPolicy_Spec

Property	Description	Type
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsManagementPolicyOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required
policy	The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicySchema Required

StorageAccountsManagementPolicy_STATUS

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
lastModifiedTime	Returns the date and time the ManagementPolicies was last modified.	string Optional
name	The name of the resource	string Optional
policy	The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicySchema_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsManagementPolicyList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccountsManagementPolicy[] Optional

StorageAccountsQueueService

Generator information: - Generated from: /storage/resource-manager/Microsoft.Storage/stable/2021-04-01/queue.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Storage/storageAccounts/{accountName}/queueServices/default

Used by: StorageAccountsQueueServiceList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccountsQueueService_Spec Optional
status		StorageAccountsQueueService_STATUS Optional

StorageAccountsQueueService_Spec

Property	Description	Type
cors	Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.	CorsRules Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsQueueServiceOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required

StorageAccountsQueueService_STATUS

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
cors	Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.	CorsRules_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
name	The name of the resource	string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsQueueServiceList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccountsQueueService[] Optional

StorageAccountsQueueServicesQueue

Used by: StorageAccountsQueueServicesQueueList.

Property	Description	Type
metav1.TypeMeta
metav1.ObjectMeta
spec		StorageAccountsQueueServicesQueue_Spec Optional
status		StorageAccountsQueueServicesQueue_STATUS Optional

StorageAccountsQueueServicesQueue_Spec

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
metadata	A name-value pair that represents queue metadata.	map[string]string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsQueueServicesQueueOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsQueueService resource	genruntime.KnownResourceReference Required

StorageAccountsQueueServicesQueue_STATUS

Property	Description	Type
approximateMessageCount	Integer indicating an approximate number of messages in the queue. This number is not lower than the actual number of messages in the queue, but could be higher.	int Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
metadata	A name-value pair that represents queue metadata.	map[string]string Optional
name	The name of the resource	string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsQueueServicesQueueList

Property	Description	Type
metav1.TypeMeta
metav1.ListMeta
items		StorageAccountsQueueServicesQueue[] Optional

StorageAccount_Spec

Used by: StorageAccount.

Property	Description	Type
accessTier	Required for storage accounts where kind = BlobStorage. The access tier used for billing.	StorageAccountPropertiesCreateParameters_AccessTier Optional
allowBlobPublicAccess	Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.	bool Optional
allowCrossTenantReplication	Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.	bool Optional
allowSharedKeyAccess	Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.	bool Optional
azureFilesIdentityBasedAuthentication	Provides the identity based authentication settings for Azure Files.	AzureFilesIdentityBasedAuthentication Optional
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
customDomain	User domain assigned to the storage account. Name is the CNAME source. Only one custom domain is supported per storage account at this time. To clear the existing custom domain, use an empty string for the custom domain name property.	CustomDomain Optional
encryption	Not applicable. Azure Storage encryption is enabled for all storage accounts and cannot be disabled.	Encryption Optional
extendedLocation	Optional. Set the extended location of the resource. If not set, the storage account will be created in Azure main region. Otherwise it will be created in the specified extended location	ExtendedLocation Optional
identity	The identity of the resource.	Identity Optional
isHnsEnabled	Account HierarchicalNamespace enabled if sets to true.	bool Optional
isNfsV3Enabled	NFS 3.0 protocol support enabled if set to true.	bool Optional
keyPolicy	KeyPolicy assigned to the storage account.	KeyPolicy Optional
kind	Required. Indicates the type of storage account.	StorageAccount_Kind_Spec Required
largeFileSharesState	Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.	StorageAccountPropertiesCreateParameters_LargeFileSharesState Optional
location	Required. Gets or sets the location of the resource. This will be one of the supported and registered Azure Geo Regions (e.g. West US, East US, Southeast Asia, etc.). The geo region of a resource cannot be changed once it is created, but if an identical geo region is specified on update, the request will succeed.	string Required
minimumTlsVersion	Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.	StorageAccountPropertiesCreateParameters_MinimumTlsVersion Optional
networkAcls	Network rule set	NetworkRuleSet Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource	genruntime.KnownResourceReference Required
routingPreference	Maintains information about the network routing choice opted by the user for data transfer	RoutingPreference Optional
sasPolicy	SasPolicy assigned to the storage account.	SasPolicy Optional
sku	Required. Gets or sets the SKU name.	Sku Required
supportsHttpsTrafficOnly	Allows https traffic only to storage service if sets to true. The default value is true since API version 2019-04-01.	bool Optional
tags	Gets or sets a list of key value pairs that describe the resource. These tags can be used for viewing and grouping this resource (across resource groups). A maximum of 15 tags can be provided for a resource. Each tag must have a key with a length no greater than 128 characters and a value with a length no greater than 256 characters.	map[string]string Optional

StorageAccount_STATUS

The storage account.

Used by: StorageAccount.

Property	Description	Type
accessTier	Required for storage accounts where kind = BlobStorage. The access tier used for billing.	StorageAccountProperties_AccessTier_STATUS Optional
allowBlobPublicAccess	Allow or disallow public access to all blobs or containers in the storage account. The default interpretation is true for this property.	bool Optional
allowCrossTenantReplication	Allow or disallow cross AAD tenant object replication. The default interpretation is true for this property.	bool Optional
allowSharedKeyAccess	Indicates whether the storage account permits requests to be authorized with the account access key via Shared Key. If false, then all requests, including shared access signatures, must be authorized with Azure Active Directory (Azure AD). The default value is null, which is equivalent to true.	bool Optional
azureFilesIdentityBasedAuthentication	Provides the identity based authentication settings for Azure Files.	AzureFilesIdentityBasedAuthentication_STATUS Optional
blobRestoreStatus	Blob restore status	BlobRestoreStatus_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
creationTime	Gets the creation date and time of the storage account in UTC.	string Optional
customDomain	Gets the custom domain the user assigned to this storage account.	CustomDomain_STATUS Optional
encryption	Gets the encryption settings on the account. If unspecified, the account is unencrypted.	Encryption_STATUS Optional
extendedLocation	The extendedLocation of the resource.	ExtendedLocation_STATUS Optional
failoverInProgress	If the failover is in progress, the value will be true, otherwise, it will be null.	bool Optional
geoReplicationStats	Geo Replication Stats	GeoReplicationStats_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
identity	The identity of the resource.	Identity_STATUS Optional
isHnsEnabled	Account HierarchicalNamespace enabled if sets to true.	bool Optional
isNfsV3Enabled	NFS 3.0 protocol support enabled if set to true.	bool Optional
keyCreationTime	Storage account keys creation time.	KeyCreationTime_STATUS Optional
keyPolicy	KeyPolicy assigned to the storage account.	KeyPolicy_STATUS Optional
kind	Gets the Kind.	StorageAccount_Kind_STATUS Optional
largeFileSharesState	Allow large file shares if sets to Enabled. It cannot be disabled once it is enabled.	StorageAccountProperties_LargeFileSharesState_STATUS Optional
lastGeoFailoverTime	Gets the timestamp of the most recent instance of a failover to the secondary location. Only the most recent timestamp is retained. This element is not returned if there has never been a failover instance. Only available if the accountType is Standard_GRS or Standard_RAGRS.	string Optional
location	The geo-location where the resource lives	string Optional
minimumTlsVersion	Set the minimum TLS version to be permitted on requests to storage. The default interpretation is TLS 1.0 for this property.	StorageAccountProperties_MinimumTlsVersion_STATUS Optional
name	The name of the resource	string Optional
networkAcls	Network rule set	NetworkRuleSet_STATUS Optional
primaryEndpoints	Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object. Note that Standard_ZRS and Premium_LRS accounts only return the blob endpoint.	Endpoints_STATUS Optional
primaryLocation	Gets the location of the primary data center for the storage account.	string Optional
privateEndpointConnections	List of private endpoint connection associated with the specified storage account	PrivateEndpointConnection_STATUS[] Optional
provisioningState	Gets the status of the storage account at the time the operation was called.	StorageAccountProperties_ProvisioningState_STATUS Optional
routingPreference	Maintains information about the network routing choice opted by the user for data transfer	RoutingPreference_STATUS Optional
sasPolicy	SasPolicy assigned to the storage account.	SasPolicy_STATUS Optional
secondaryEndpoints	Gets the URLs that are used to perform a retrieval of a public blob, queue, or table object from the secondary location of the storage account. Only available if the SKU name is Standard_RAGRS.	Endpoints_STATUS Optional
secondaryLocation	Gets the location of the geo-replicated secondary for the storage account. Only available if the accountType is Standard_GRS or Standard_RAGRS.	string Optional
sku	Gets the SKU.	Sku_STATUS Optional
statusOfPrimary	Gets the status indicating whether the primary location of the storage account is available or unavailable.	StorageAccountProperties_StatusOfPrimary_STATUS Optional
statusOfSecondary	Gets the status indicating whether the secondary location of the storage account is available or unavailable. Only available if the SKU name is Standard_GRS or Standard_RAGRS.	StorageAccountProperties_StatusOfSecondary_STATUS Optional
supportsHttpsTrafficOnly	Allows https traffic only to storage service if sets to true.	bool Optional
tags	Resource tags.	map[string]string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsBlobService_Spec

Used by: StorageAccountsBlobService.

Property	Description	Type
automaticSnapshotPolicyEnabled	Deprecated in favor of isVersioningEnabled property.	bool Optional
changeFeed	The blob service properties for change feed events.	ChangeFeed Optional
containerDeleteRetentionPolicy	The blob service properties for container soft delete.	DeleteRetentionPolicy Optional
cors	Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.	CorsRules Optional
defaultServiceVersion	DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.	string Optional
deleteRetentionPolicy	The blob service properties for blob soft delete.	DeleteRetentionPolicy Optional
isVersioningEnabled	Versioning is enabled if set to true.	bool Optional
lastAccessTimeTrackingPolicy	The blob service property to configure last access time based tracking policy.	LastAccessTimeTrackingPolicy Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsBlobServiceOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required
restorePolicy	The blob service properties for blob restore policy.	RestorePolicyProperties Optional

StorageAccountsBlobService_STATUS

Used by: StorageAccountsBlobService.

Property	Description	Type
automaticSnapshotPolicyEnabled	Deprecated in favor of isVersioningEnabled property.	bool Optional
changeFeed	The blob service properties for change feed events.	ChangeFeed_STATUS Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
containerDeleteRetentionPolicy	The blob service properties for container soft delete.	DeleteRetentionPolicy_STATUS Optional
cors	Specifies CORS rules for the Blob service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Blob service.	CorsRules_STATUS Optional
defaultServiceVersion	DefaultServiceVersion indicates the default version to use for requests to the Blob service if an incoming request’s version is not specified. Possible values include version 2008-10-27 and all more recent versions.	string Optional
deleteRetentionPolicy	The blob service properties for blob soft delete.	DeleteRetentionPolicy_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
isVersioningEnabled	Versioning is enabled if set to true.	bool Optional
lastAccessTimeTrackingPolicy	The blob service property to configure last access time based tracking policy.	LastAccessTimeTrackingPolicy_STATUS Optional
name	The name of the resource	string Optional
restorePolicy	The blob service properties for blob restore policy.	RestorePolicyProperties_STATUS Optional
sku	Sku name and tier.	Sku_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsBlobServicesContainer_Spec

Used by: StorageAccountsBlobServicesContainer.

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
defaultEncryptionScope	Default the container to use specified encryption scope for all writes.	string Optional
denyEncryptionScopeOverride	Block override of encryption scope from the container default.	bool Optional
immutableStorageWithVersioning	The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.	ImmutableStorageWithVersioning Optional
metadata	A name-value pair to associate with the container as metadata.	map[string]string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsBlobServicesContainerOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsBlobService resource	genruntime.KnownResourceReference Required
publicAccess	Specifies whether data in the container may be accessed publicly and the level of access.	ContainerProperties_PublicAccess Optional

StorageAccountsBlobServicesContainer_STATUS

Used by: StorageAccountsBlobServicesContainer.

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
defaultEncryptionScope	Default the container to use specified encryption scope for all writes.	string Optional
deleted	Indicates whether the blob container was deleted.	bool Optional
deletedTime	Blob container deletion time.	string Optional
denyEncryptionScopeOverride	Block override of encryption scope from the container default.	bool Optional
etag	Resource Etag.	string Optional
hasImmutabilityPolicy	The hasImmutabilityPolicy public property is set to true by SRP if ImmutabilityPolicy has been created for this container. The hasImmutabilityPolicy public property is set to false by SRP if ImmutabilityPolicy has not been created for this container.	bool Optional
hasLegalHold	The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account.	bool Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
immutabilityPolicy	The ImmutabilityPolicy property of the container.	ImmutabilityPolicyProperties_STATUS Optional
immutableStorageWithVersioning	The object level immutability property of the container. The property is immutable and can only be set to true at the container creation time. Existing containers must undergo a migration process.	ImmutableStorageWithVersioning_STATUS Optional
lastModifiedTime	Returns the date and time the container was last modified.	string Optional
leaseDuration	Specifies whether the lease on a container is of infinite or fixed duration, only when the container is leased.	ContainerProperties_LeaseDuration_STATUS Optional
leaseState	Lease state of the container.	ContainerProperties_LeaseState_STATUS Optional
leaseStatus	The lease status of the container.	ContainerProperties_LeaseStatus_STATUS Optional
legalHold	The LegalHold property of the container.	LegalHoldProperties_STATUS Optional
metadata	A name-value pair to associate with the container as metadata.	map[string]string Optional
name	The name of the resource	string Optional
publicAccess	Specifies whether data in the container may be accessed publicly and the level of access.	ContainerProperties_PublicAccess_STATUS Optional
remainingRetentionDays	Remaining retention days for soft deleted blob container.	int Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional
version	The version of the deleted blob container.	string Optional

StorageAccountsManagementPolicy_Spec

Used by: StorageAccountsManagementPolicy.

Property	Description	Type
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsManagementPolicyOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required
policy	The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicySchema Required

StorageAccountsManagementPolicy_STATUS

Used by: StorageAccountsManagementPolicy.

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
lastModifiedTime	Returns the date and time the ManagementPolicies was last modified.	string Optional
name	The name of the resource	string Optional
policy	The Storage Account ManagementPolicy, in JSON format. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicySchema_STATUS Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsQueueService_Spec

Used by: StorageAccountsQueueService.

Property	Description	Type
cors	Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.	CorsRules Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsQueueServiceOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccount resource	genruntime.KnownResourceReference Required

StorageAccountsQueueService_STATUS

Used by: StorageAccountsQueueService.

Property	Description	Type
conditions	The observed state of the resource	conditions.Condition[] Optional
cors	Specifies CORS rules for the Queue service. You can include up to five CorsRule elements in the request. If no CorsRule elements are included in the request body, all CORS rules will be deleted, and CORS will be disabled for the Queue service.	CorsRules_STATUS Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
name	The name of the resource	string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

StorageAccountsQueueServicesQueue_Spec

Used by: StorageAccountsQueueServicesQueue.

Property	Description	Type
azureName	The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.	string Optional
metadata	A name-value pair that represents queue metadata.	map[string]string Optional
operatorSpec	The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure	StorageAccountsQueueServicesQueueOperatorSpec Optional
owner	The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a storage.azure.com/StorageAccountsQueueService resource	genruntime.KnownResourceReference Required

StorageAccountsQueueServicesQueue_STATUS

Used by: StorageAccountsQueueServicesQueue.

Property	Description	Type
approximateMessageCount	Integer indicating an approximate number of messages in the queue. This number is not lower than the actual number of messages in the queue, but could be higher.	int Optional
conditions	The observed state of the resource	conditions.Condition[] Optional
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional
metadata	A name-value pair that represents queue metadata.	map[string]string Optional
name	The name of the resource	string Optional
type	The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts”	string Optional

AzureFilesIdentityBasedAuthentication

Settings for Azure Files identity based authentication.

Used by: StorageAccount_Spec.

Property	Description	Type
activeDirectoryProperties	Required if choose AD.	ActiveDirectoryProperties Optional
defaultSharePermission	Default share permission for users using Kerberos authentication if RBAC role is not assigned.	AzureFilesIdentityBasedAuthentication_DefaultSharePermission Optional
directoryServiceOptions	Indicates the directory service used.	AzureFilesIdentityBasedAuthentication_DirectoryServiceOptions Required

AzureFilesIdentityBasedAuthentication_STATUS

Settings for Azure Files identity based authentication.

Used by: StorageAccount_STATUS.

Property	Description	Type
activeDirectoryProperties	Required if choose AD.	ActiveDirectoryProperties_STATUS Optional
defaultSharePermission	Default share permission for users using Kerberos authentication if RBAC role is not assigned.	AzureFilesIdentityBasedAuthentication_DefaultSharePermission_STATUS Optional
directoryServiceOptions	Indicates the directory service used.	AzureFilesIdentityBasedAuthentication_DirectoryServiceOptions_STATUS Optional

BlobRestoreStatus_STATUS

Blob restore status.

Used by: StorageAccount_STATUS.

Property	Description	Type
failureReason	Failure reason when blob restore is failed.	string Optional
parameters	Blob restore request parameters.	BlobRestoreParameters_STATUS Optional
restoreId	Id for tracking blob restore request.	string Optional
status	The status of blob restore progress. Possible values are: - InProgress: Indicates that blob restore is ongoing. - Complete: Indicates that blob restore has been completed successfully. - Failed: Indicates that blob restore is failed.	BlobRestoreStatus_Status_STATUS Optional

ChangeFeed

The blob service properties for change feed events.

Used by: StorageAccountsBlobService_Spec.

Property	Description	Type
enabled	Indicates whether change feed event logging is enabled for the Blob service.	bool Optional
retentionInDays	Indicates the duration of changeFeed retention in days. Minimum value is 1 day and maximum value is 146000 days (400 years). A null value indicates an infinite retention of the change feed.	int Optional

ChangeFeed_STATUS

The blob service properties for change feed events.

Used by: StorageAccountsBlobService_STATUS.

Property	Description	Type
enabled	Indicates whether change feed event logging is enabled for the Blob service.	bool Optional
retentionInDays	Indicates the duration of changeFeed retention in days. Minimum value is 1 day and maximum value is 146000 days (400 years). A null value indicates an infinite retention of the change feed.	int Optional

ContainerProperties_LeaseDuration_STATUS

Used by: StorageAccountsBlobServicesContainer_STATUS.

Value	Description
“Fixed”
“Infinite”

ContainerProperties_LeaseState_STATUS

Used by: StorageAccountsBlobServicesContainer_STATUS.

Value	Description
“Available”
“Breaking”
“Broken”
“Expired”
“Leased”

ContainerProperties_LeaseStatus_STATUS

Used by: StorageAccountsBlobServicesContainer_STATUS.

Value	Description
“Locked”
“Unlocked”

ContainerProperties_PublicAccess

Used by: StorageAccountsBlobServicesContainer_Spec.

Value	Description
“Blob”
“Container”
“None”

ContainerProperties_PublicAccess_STATUS

Used by: StorageAccountsBlobServicesContainer_STATUS.

Value	Description
“Blob”
“Container”
“None”

CorsRules

Sets the CORS rules. You can include up to five CorsRule elements in the request.

Used by: StorageAccountsBlobService_Spec, and StorageAccountsQueueService_Spec.

Property	Description	Type
corsRules	The List of CORS rules. You can include up to five CorsRule elements in the request.	CorsRule[] Optional

CorsRules_STATUS

Sets the CORS rules. You can include up to five CorsRule elements in the request.

Used by: StorageAccountsBlobService_STATUS, and StorageAccountsQueueService_STATUS.

Property	Description	Type
corsRules	The List of CORS rules. You can include up to five CorsRule elements in the request.	CorsRule_STATUS[] Optional

CustomDomain

The custom domain assigned to this storage account. This can be set via Update.

Used by: StorageAccount_Spec.

Property	Description	Type
name	Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.	string Required
useSubDomainName	Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.	bool Optional

CustomDomain_STATUS

The custom domain assigned to this storage account. This can be set via Update.

Used by: StorageAccount_STATUS.

Property	Description	Type
name	Gets or sets the custom domain name assigned to the storage account. Name is the CNAME source.	string Optional
useSubDomainName	Indicates whether indirect CName validation is enabled. Default value is false. This should only be set on updates.	bool Optional

DeleteRetentionPolicy

The service properties for soft delete.

Used by: StorageAccountsBlobService_Spec, and StorageAccountsBlobService_Spec.

Property	Description	Type
days	Indicates the number of days that the deleted item should be retained. The minimum specified value can be 1 and the maximum value can be 365.	int Optional
enabled	Indicates whether DeleteRetentionPolicy is enabled.	bool Optional

DeleteRetentionPolicy_STATUS

The service properties for soft delete.

Used by: StorageAccountsBlobService_STATUS, and StorageAccountsBlobService_STATUS.

Property	Description	Type
days	Indicates the number of days that the deleted item should be retained. The minimum specified value can be 1 and the maximum value can be 365.	int Optional
enabled	Indicates whether DeleteRetentionPolicy is enabled.	bool Optional

Encryption

The encryption settings on the storage account.

Used by: StorageAccount_Spec.

Property	Description	Type
identity	The identity to be used with service-side encryption at rest.	EncryptionIdentity Optional
keySource	The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault	Encryption_KeySource Required
keyvaultproperties	Properties provided by key vault.	KeyVaultProperties Optional
requireInfrastructureEncryption	A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.	bool Optional
services	List of services which support encryption.	EncryptionServices Optional

Encryption_STATUS

The encryption settings on the storage account.

Used by: StorageAccount_STATUS.

Property	Description	Type
identity	The identity to be used with service-side encryption at rest.	EncryptionIdentity_STATUS Optional
keySource	The encryption keySource (provider). Possible values (case-insensitive): Microsoft.Storage, Microsoft.Keyvault	Encryption_KeySource_STATUS Optional
keyvaultproperties	Properties provided by key vault.	KeyVaultProperties_STATUS Optional
requireInfrastructureEncryption	A boolean indicating whether or not the service applies a secondary layer of encryption with platform managed keys for data at rest.	bool Optional
services	List of services which support encryption.	EncryptionServices_STATUS Optional

Endpoints_STATUS

The URIs that are used to perform a retrieval of a public blob, queue, table, web or dfs object.

Used by: StorageAccount_STATUS, and StorageAccount_STATUS.

Property	Description	Type
blob	Gets the blob endpoint.	string Optional
dfs	Gets the dfs endpoint.	string Optional
file	Gets the file endpoint.	string Optional
internetEndpoints	Gets the internet routing storage endpoints	StorageAccountInternetEndpoints_STATUS Optional
microsoftEndpoints	Gets the microsoft routing storage endpoints.	StorageAccountMicrosoftEndpoints_STATUS Optional
queue	Gets the queue endpoint.	string Optional
table	Gets the table endpoint.	string Optional
web	Gets the web endpoint.	string Optional

ExtendedLocation

The complex type of the extended location.

Used by: StorageAccount_Spec.

Property	Description	Type
name	The name of the extended location.	string Optional
type	The type of the extended location.	ExtendedLocationType Optional

ExtendedLocation_STATUS

The complex type of the extended location.

Used by: StorageAccount_STATUS.

Property	Description	Type
name	The name of the extended location.	string Optional
type	The type of the extended location.	ExtendedLocationType_STATUS Optional

GeoReplicationStats_STATUS

Statistics related to replication for storage account’s Blob, Table, Queue and File services. It is only available when geo-redundant replication is enabled for the storage account.

Used by: StorageAccount_STATUS.

Property	Description	Type
canFailover	A boolean flag which indicates whether or not account failover is supported for the account.	bool Optional
lastSyncTime	All primary writes preceding this UTC date/time value are guaranteed to be available for read operations. Primary writes following this point in time may or may not be available for reads. Element may be default value if value of LastSyncTime is not available, this can happen if secondary is offline or we are in bootstrap.	string Optional
status	The status of the secondary location. Possible values are: - Live: Indicates that the secondary location is active and operational. - Bootstrap: Indicates initial synchronization from the primary location to the secondary location is in progress.This typically occurs when replication is first enabled. - Unavailable: Indicates that the secondary location is temporarily unavailable.	GeoReplicationStats_Status_STATUS Optional

Identity

Identity for the resource.

Used by: StorageAccount_Spec.

Property	Description	Type
type	The identity type.	Identity_Type Required
userAssignedIdentities	Gets or sets a list of key value pairs that describe the set of User Assigned identities that will be used with this storage account. The key is the ARM resource identifier of the identity. Only 1 User Assigned identity is permitted here.	UserAssignedIdentityDetails[] Optional

Identity_STATUS

Identity for the resource.

Used by: StorageAccount_STATUS.

Property	Description	Type
principalId	The principal ID of resource identity.	string Optional
tenantId	The tenant ID of resource.	string Optional
type	The identity type.	Identity_Type_STATUS Optional
userAssignedIdentities	Gets or sets a list of key value pairs that describe the set of User Assigned identities that will be used with this storage account. The key is the ARM resource identifier of the identity. Only 1 User Assigned identity is permitted here.	map[string]UserAssignedIdentity_STATUS Optional

ImmutabilityPolicyProperties_STATUS

The properties of an ImmutabilityPolicy of a blob container.

Used by: StorageAccountsBlobServicesContainer_STATUS.

Property	Description	Type
allowProtectedAppendWrites	This property can only be changed for unlocked time-based retention policies. When enabled, new blocks can be written to an append blob while maintaining immutability protection and compliance. Only new blocks can be added and any existing blocks cannot be modified or deleted. This property cannot be changed with ExtendImmutabilityPolicy API	bool Optional
etag	ImmutabilityPolicy Etag.	string Optional
immutabilityPeriodSinceCreationInDays	The immutability period for the blobs in the container since the policy creation, in days.	int Optional
state	The ImmutabilityPolicy state of a blob container, possible values include: Locked and Unlocked.	ImmutabilityPolicyProperty_State_STATUS Optional
updateHistory	The ImmutabilityPolicy update history of the blob container.	UpdateHistoryProperty_STATUS[] Optional

ImmutableStorageWithVersioning

Object level immutability properties of the container.

Used by: StorageAccountsBlobServicesContainer_Spec.

Property	Description	Type
enabled	This is an immutable property, when set to true it enables object level immutability at the container level.	bool Optional

ImmutableStorageWithVersioning_STATUS

Object level immutability properties of the container.

Used by: StorageAccountsBlobServicesContainer_STATUS.

Property	Description	Type
enabled	This is an immutable property, when set to true it enables object level immutability at the container level.	bool Optional
migrationState	This property denotes the container level immutability to object level immutability migration state.	ImmutableStorageWithVersioning_MigrationState_STATUS Optional
timeStamp	Returns the date and time the object level immutability was enabled.	string Optional

KeyCreationTime_STATUS

Storage account keys creation time.

Used by: StorageAccount_STATUS.

Property	Description	Type
key1		string Optional
key2		string Optional

KeyPolicy

KeyPolicy assigned to the storage account.

Used by: StorageAccount_Spec.

Property	Description	Type
keyExpirationPeriodInDays	The key expiration period in days.	int Required

KeyPolicy_STATUS

KeyPolicy assigned to the storage account.

Used by: StorageAccount_STATUS.

Property	Description	Type
keyExpirationPeriodInDays	The key expiration period in days.	int Optional

LastAccessTimeTrackingPolicy

The blob service properties for Last access time based tracking policy.

Used by: StorageAccountsBlobService_Spec.

Property	Description	Type
blobType	An array of predefined supported blob types. Only blockBlob is the supported value. This field is currently read only	string[] Optional
enable	When set to true last access time based tracking is enabled.	bool Required
name	Name of the policy. The valid value is AccessTimeTracking. This field is currently read only	LastAccessTimeTrackingPolicy_Name Optional
trackingGranularityInDays	The field specifies blob object tracking granularity in days, typically how often the blob object should be tracked.This field is currently read only with value as 1	int Optional

LastAccessTimeTrackingPolicy_STATUS

The blob service properties for Last access time based tracking policy.

Used by: StorageAccountsBlobService_STATUS.

Property	Description	Type
blobType	An array of predefined supported blob types. Only blockBlob is the supported value. This field is currently read only	string[] Optional
enable	When set to true last access time based tracking is enabled.	bool Optional
name	Name of the policy. The valid value is AccessTimeTracking. This field is currently read only	LastAccessTimeTrackingPolicy_Name_STATUS Optional
trackingGranularityInDays	The field specifies blob object tracking granularity in days, typically how often the blob object should be tracked.This field is currently read only with value as 1	int Optional

LegalHoldProperties_STATUS

The LegalHold property of a blob container.

Used by: StorageAccountsBlobServicesContainer_STATUS.

Property	Description	Type
hasLegalHold	The hasLegalHold public property is set to true by SRP if there are at least one existing tag. The hasLegalHold public property is set to false by SRP if all existing legal hold tags are cleared out. There can be a maximum of 1000 blob containers with hasLegalHold=true for a given account.	bool Optional
tags	The list of LegalHold tags of a blob container.	TagProperty_STATUS[] Optional

ManagementPolicySchema

The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

Used by: StorageAccountsManagementPolicy_Spec.

Property	Description	Type
rules	The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicyRule[] Required

ManagementPolicySchema_STATUS

The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.

Used by: StorageAccountsManagementPolicy_STATUS.

Property	Description	Type
rules	The Storage Account ManagementPolicies Rules. See more details in: https://docs.microsoft.com/en-us/azure/storage/common/storage-lifecycle-managment-concepts.	ManagementPolicyRule_STATUS[] Optional

NetworkRuleSet

Network rule set

Used by: StorageAccount_Spec.

Property	Description	Type
bypass	Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Possible values are any combination of Logging	Metrics
defaultAction	Specifies the default action of allow or deny when no other rules match.	NetworkRuleSet_DefaultAction Required
ipRules	Sets the IP ACL rules	IPRule[] Optional
resourceAccessRules	Sets the resource access rules	ResourceAccessRule[] Optional
virtualNetworkRules	Sets the virtual network rules	VirtualNetworkRule[] Optional

NetworkRuleSet_STATUS

Network rule set

Used by: StorageAccount_STATUS.

Property	Description	Type
bypass	Specifies whether traffic is bypassed for Logging/Metrics/AzureServices. Possible values are any combination of Logging	Metrics
defaultAction	Specifies the default action of allow or deny when no other rules match.	NetworkRuleSet_DefaultAction_STATUS Optional
ipRules	Sets the IP ACL rules	IPRule_STATUS[] Optional
resourceAccessRules	Sets the resource access rules	ResourceAccessRule_STATUS[] Optional
virtualNetworkRules	Sets the virtual network rules	VirtualNetworkRule_STATUS[] Optional

PrivateEndpointConnection_STATUS

The Private Endpoint Connection resource.

Used by: StorageAccount_STATUS.

Property	Description	Type
id	Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}	string Optional

RestorePolicyProperties

The blob service properties for blob restore policy

Used by: StorageAccountsBlobService_Spec.

Property	Description	Type
days	how long this blob can be restored. It should be great than zero and less than DeleteRetentionPolicy.days.	int Optional
enabled	Blob restore is enabled if set to true.	bool Required

RestorePolicyProperties_STATUS

The blob service properties for blob restore policy

Used by: StorageAccountsBlobService_STATUS.

Property	Description	Type
days	how long this blob can be restored. It should be great than zero and less than DeleteRetentionPolicy.days.	int Optional
enabled	Blob restore is enabled if set to true.	bool Optional
lastEnabledTime	Deprecated in favor of minRestoreTime property.	string Optional
minRestoreTime	Returns the minimum date and time that the restore can be started.	string Optional

RoutingPreference

Routing preference defines the type of network, either microsoft or internet routing to be used to deliver the user data, the default option is microsoft routing

Used by: StorageAccount_Spec.

Property	Description	Type
publishInternetEndpoints	A boolean flag which indicates whether internet routing storage endpoints are to be published	bool Optional
publishMicrosoftEndpoints	A boolean flag which indicates whether microsoft routing storage endpoints are to be published	bool Optional
routingChoice	Routing Choice defines the kind of network routing opted by the user.	RoutingPreference_RoutingChoice Optional

RoutingPreference_STATUS

Routing preference defines the type of network, either microsoft or internet routing to be used to deliver the user data, the default option is microsoft routing

Used by: StorageAccount_STATUS.

Property	Description	Type
publishInternetEndpoints	A boolean flag which indicates whether internet routing storage endpoints are to be published	bool Optional
publishMicrosoftEndpoints	A boolean flag which indicates whether microsoft routing storage endpoints are to be published	bool Optional
routingChoice	Routing Choice defines the kind of network routing opted by the user.	RoutingPreference_RoutingChoice_STATUS Optional

SasPolicy

SasPolicy assigned to the storage account.

Used by: StorageAccount_Spec.

Property	Description	Type
expirationAction	The SAS expiration action. Can only be Log.	SasPolicy_ExpirationAction Required
sasExpirationPeriod	The SAS expiration period, DD.HH:MM:SS.	string Required

SasPolicy_STATUS

SasPolicy assigned to the storage account.

Used by: StorageAccount_STATUS.

Property	Description	Type
expirationAction	The SAS expiration action. Can only be Log.	SasPolicy_ExpirationAction_STATUS Optional
sasExpirationPeriod	The SAS expiration period, DD.HH:MM:SS.	string Optional

Sku

The SKU of the storage account.

Used by: StorageAccount_Spec.

Property	Description	Type
name	The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.	SkuName Required
tier	The SKU tier. This is based on the SKU name.	Tier Optional

Sku_STATUS

The SKU of the storage account.

Used by: StorageAccount_STATUS, and StorageAccountsBlobService_STATUS.

Property	Description	Type
name	The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.	SkuName_STATUS Optional
tier	The SKU tier. This is based on the SKU name.	Tier_STATUS Optional

StorageAccount_Kind_Spec

Used by: StorageAccount_Spec.

Value	Description
“BlobStorage”
“BlockBlobStorage”
“FileStorage”
“Storage”
“StorageV2”

StorageAccount_Kind_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“BlobStorage”
“BlockBlobStorage”
“FileStorage”
“Storage”
“StorageV2”

StorageAccountOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccount_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
configMaps	configures where to place operator written ConfigMaps.	StorageAccountOperatorConfigMaps Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional
secrets	configures where to place Azure generated secrets.	StorageAccountOperatorSecrets Optional

StorageAccountProperties_AccessTier_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“Cool”
“Hot”

StorageAccountProperties_LargeFileSharesState_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“Disabled”
“Enabled”

StorageAccountProperties_MinimumTlsVersion_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“TLS1_0”
“TLS1_1”
“TLS1_2”

StorageAccountProperties_ProvisioningState_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“Creating”
“ResolvingDNS”
“Succeeded”

StorageAccountProperties_StatusOfPrimary_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“available”
“unavailable”

StorageAccountProperties_StatusOfSecondary_STATUS

Used by: StorageAccount_STATUS.

Value	Description
“available”
“unavailable”

StorageAccountPropertiesCreateParameters_AccessTier

Used by: StorageAccount_Spec.

Value	Description
“Cool”
“Hot”

StorageAccountPropertiesCreateParameters_LargeFileSharesState

Used by: StorageAccount_Spec.

Value	Description
“Disabled”
“Enabled”

StorageAccountPropertiesCreateParameters_MinimumTlsVersion

Used by: StorageAccount_Spec.

Value	Description
“TLS1_0”
“TLS1_1”
“TLS1_2”

StorageAccountsBlobServiceOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccountsBlobService_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

StorageAccountsBlobServicesContainerOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccountsBlobServicesContainer_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

StorageAccountsManagementPolicyOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccountsManagementPolicy_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

StorageAccountsQueueServiceOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccountsQueueService_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

StorageAccountsQueueServicesQueueOperatorSpec

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Used by: StorageAccountsQueueServicesQueue_Spec.

Property	Description	Type
configMapExpressions	configures where to place operator written dynamic ConfigMaps (created with CEL expressions).	core.DestinationExpression[] Optional
secretExpressions	configures where to place operator written dynamic secrets (created with CEL expressions).	core.DestinationExpression[] Optional

ActiveDirectoryProperties

Settings properties for Active Directory (AD).

Used by: AzureFilesIdentityBasedAuthentication.

Property	Description	Type
azureStorageSid	Specifies the security identifier (SID) for Azure Storage.	string Required
domainGuid	Specifies the domain GUID.	string Required
domainName	Specifies the primary domain that the AD DNS server is authoritative for.	string Required
domainSid	Specifies the security identifier (SID).	string Required
forestName	Specifies the Active Directory forest to get.	string Required
netBiosDomainName	Specifies the NetBIOS domain name.	string Required

ActiveDirectoryProperties_STATUS

Settings properties for Active Directory (AD).

Used by: AzureFilesIdentityBasedAuthentication_STATUS.

Property	Description	Type
azureStorageSid	Specifies the security identifier (SID) for Azure Storage.	string Optional
domainGuid	Specifies the domain GUID.	string Optional
domainName	Specifies the primary domain that the AD DNS server is authoritative for.	string Optional
domainSid	Specifies the security identifier (SID).	string Optional
forestName	Specifies the Active Directory forest to get.	string Optional
netBiosDomainName	Specifies the NetBIOS domain name.	string Optional

AzureFilesIdentityBasedAuthentication_DefaultSharePermission

Used by: AzureFilesIdentityBasedAuthentication.

Value	Description
“None”
“StorageFileDataSmbShareContributor”
“StorageFileDataSmbShareElevatedContributor”
“StorageFileDataSmbShareOwner”
“StorageFileDataSmbShareReader”

AzureFilesIdentityBasedAuthentication_DefaultSharePermission_STATUS

Used by: AzureFilesIdentityBasedAuthentication_STATUS.

Value	Description
“None”
“StorageFileDataSmbShareContributor”
“StorageFileDataSmbShareElevatedContributor”
“StorageFileDataSmbShareOwner”
“StorageFileDataSmbShareReader”

AzureFilesIdentityBasedAuthentication_DirectoryServiceOptions

Used by: AzureFilesIdentityBasedAuthentication.

Value	Description
“AADDS”
“AD”
“None”

AzureFilesIdentityBasedAuthentication_DirectoryServiceOptions_STATUS

Used by: AzureFilesIdentityBasedAuthentication_STATUS.

Value	Description
“AADDS”
“AD”
“None”

BlobRestoreParameters_STATUS

Blob restore parameters

Used by: BlobRestoreStatus_STATUS.

Property	Description	Type
blobRanges	Blob ranges to restore.	BlobRestoreRange_STATUS[] Optional
timeToRestore	Restore blob to the specified time.	string Optional

BlobRestoreStatus_Status_STATUS

Used by: BlobRestoreStatus_STATUS.

Value	Description
“Complete”
“Failed”
“InProgress”

CorsRule

Specifies a CORS rule for the Blob service.

Used by: CorsRules.

Property	Description	Type
allowedHeaders	Required if CorsRule element is present. A list of headers allowed to be part of the cross-origin request.	string[] Required
allowedMethods	Required if CorsRule element is present. A list of HTTP methods that are allowed to be executed by the origin.	CorsRule_AllowedMethods[] Required
allowedOrigins	Required if CorsRule element is present. A list of origin domains that will be allowed via CORS, or “*” to allow all domains	string[] Required
exposedHeaders	Required if CorsRule element is present. A list of response headers to expose to CORS clients.	string[] Required
maxAgeInSeconds	Required if CorsRule element is present. The number of seconds that the client/browser should cache a preflight response.	int Required

CorsRule_STATUS

Specifies a CORS rule for the Blob service.

Used by: CorsRules_STATUS.

Property	Description	Type
allowedHeaders	Required if CorsRule element is present. A list of headers allowed to be part of the cross-origin request.	string[] Optional
allowedMethods	Required if CorsRule element is present. A list of HTTP methods that are allowed to be executed by the origin.	CorsRule_AllowedMethods_STATUS[] Optional
allowedOrigins	Required if CorsRule element is present. A list of origin domains that will be allowed via CORS, or “*” to allow all domains	string[] Optional
exposedHeaders	Required if CorsRule element is present. A list of response headers to expose to CORS clients.	string[] Optional
maxAgeInSeconds	Required if CorsRule element is present. The number of seconds that the client/browser should cache a preflight response.	int Optional

Encryption_KeySource

Used by: Encryption.

Value	Description
“Microsoft.Keyvault”
“Microsoft.Storage”

Encryption_KeySource_STATUS

Used by: Encryption_STATUS.

Value	Description
“Microsoft.Keyvault”
“Microsoft.Storage”

EncryptionIdentity

Encryption identity for the storage account.

Used by: Encryption.

Property	Description	Type
userAssignedIdentityReference	Resource identifier of the UserAssigned identity to be associated with server-side encryption on the storage account.	genruntime.ResourceReference Optional

EncryptionIdentity_STATUS

Encryption identity for the storage account.

Used by: Encryption_STATUS.

Property	Description	Type
userAssignedIdentity	Resource identifier of the UserAssigned identity to be associated with server-side encryption on the storage account.	string Optional

EncryptionServices

A list of services that support encryption.

Used by: Encryption.

Property	Description	Type
blob	The encryption function of the blob storage service.	EncryptionService Optional
file	The encryption function of the file storage service.	EncryptionService Optional
queue	The encryption function of the queue storage service.	EncryptionService Optional
table	The encryption function of the table storage service.	EncryptionService Optional

EncryptionServices_STATUS

A list of services that support encryption.

Used by: Encryption_STATUS.

Property	Description	Type
blob	The encryption function of the blob storage service.	EncryptionService_STATUS Optional
file	The encryption function of the file storage service.	EncryptionService_STATUS Optional
queue	The encryption function of the queue storage service.	EncryptionService_STATUS Optional
table	The encryption function of the table storage service.	EncryptionService_STATUS Optional

ExtendedLocationType

The type of extendedLocation.

Used by: ExtendedLocation.

Value	Description
“EdgeZone”

ExtendedLocationType_STATUS

The type of extendedLocation.

Used by: ExtendedLocation_STATUS.

Value	Description
“EdgeZone”

GeoReplicationStats_Status_STATUS

Used by: GeoReplicationStats_STATUS.

Value	Description
“Bootstrap”
“Live”
“Unavailable”

Identity_Type

Used by: Identity.

Value	Description
“None”
“SystemAssigned”
“SystemAssigned,UserAssigned”
“UserAssigned”

Identity_Type_STATUS

Used by: Identity_STATUS.

Value	Description
“None”
“SystemAssigned”
“SystemAssigned,UserAssigned”
“UserAssigned”

ImmutabilityPolicyProperty_State_STATUS

Used by: ImmutabilityPolicyProperties_STATUS.

Value	Description
“Locked”
“Unlocked”

ImmutableStorageWithVersioning_MigrationState_STATUS

Used by: ImmutableStorageWithVersioning_STATUS.

Value	Description
“Completed”
“InProgress”

IPRule

IP rule with specific IP or IP range in CIDR format.

Used by: NetworkRuleSet.

Property	Description	Type
action	The action of IP ACL rule.	IPRule_Action Optional
value	Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.	string Required

IPRule_STATUS

IP rule with specific IP or IP range in CIDR format.

Used by: NetworkRuleSet_STATUS.

Property	Description	Type
action	The action of IP ACL rule.	IPRule_Action_STATUS Optional
value	Specifies the IP or IP range in CIDR format. Only IPV4 address is allowed.	string Optional

KeyVaultProperties

Properties of key vault.

Used by: Encryption.

Property	Description	Type
keyname	The name of KeyVault key.	string Optional
keyvaulturi	The Uri of KeyVault.	string Optional
keyversion	The version of KeyVault key.	string Optional

KeyVaultProperties_STATUS

Properties of key vault.

Used by: Encryption_STATUS.

Property	Description	Type
currentVersionedKeyIdentifier	The object identifier of the current versioned Key Vault Key in use.	string Optional
keyname	The name of KeyVault key.	string Optional
keyvaulturi	The Uri of KeyVault.	string Optional
keyversion	The version of KeyVault key.	string Optional
lastKeyRotationTimestamp	Timestamp of last rotation of the Key Vault Key.	string Optional

LastAccessTimeTrackingPolicy_Name

Used by: LastAccessTimeTrackingPolicy.

Value	Description
“AccessTimeTracking”

LastAccessTimeTrackingPolicy_Name_STATUS

Used by: LastAccessTimeTrackingPolicy_STATUS.

Value	Description
“AccessTimeTracking”

ManagementPolicyRule

An object that wraps the Lifecycle rule. Each rule is uniquely defined by name.

Used by: ManagementPolicySchema.

Property	Description	Type
definition	An object that defines the Lifecycle rule.	ManagementPolicyDefinition Required
enabled	Rule is enabled if set to true.	bool Optional
name	A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy.	string Required
type	The valid value is Lifecycle	ManagementPolicyRule_Type Required

ManagementPolicyRule_STATUS

An object that wraps the Lifecycle rule. Each rule is uniquely defined by name.

Used by: ManagementPolicySchema_STATUS.

Property	Description	Type
definition	An object that defines the Lifecycle rule.	ManagementPolicyDefinition_STATUS Optional
enabled	Rule is enabled if set to true.	bool Optional
name	A rule name can contain any combination of alpha numeric characters. Rule name is case-sensitive. It must be unique within a policy.	string Optional
type	The valid value is Lifecycle	ManagementPolicyRule_Type_STATUS Optional

NetworkRuleSet_Bypass_STATUS

Used by: NetworkRuleSet_STATUS.

Value	Description
“AzureServices”
“Logging”
“Metrics”
“None”

NetworkRuleSet_DefaultAction

Used by: NetworkRuleSet.

Value	Description
“Allow”
“Deny”

NetworkRuleSet_DefaultAction_STATUS

Used by: NetworkRuleSet_STATUS.

Value	Description
“Allow”
“Deny”

ResourceAccessRule

Resource Access Rule.

Used by: NetworkRuleSet.

Property	Description	Type
resourceReference	Resource Id	genruntime.ResourceReference Optional
tenantId	Tenant Id	string Optional

ResourceAccessRule_STATUS

Resource Access Rule.

Used by: NetworkRuleSet_STATUS.

Property	Description	Type
resourceId	Resource Id	string Optional
tenantId	Tenant Id	string Optional

RoutingPreference_RoutingChoice

Used by: RoutingPreference.

Value	Description
“InternetRouting”
“MicrosoftRouting”

RoutingPreference_RoutingChoice_STATUS

Used by: RoutingPreference_STATUS.

Value	Description
“InternetRouting”
“MicrosoftRouting”

SasPolicy_ExpirationAction

Used by: SasPolicy.

Value	Description
“Log”

SasPolicy_ExpirationAction_STATUS

Used by: SasPolicy_STATUS.

Value	Description
“Log”

SkuName

The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.

Used by: Sku.

Value	Description
“Premium_LRS”
“Premium_ZRS”
“Standard_GRS”
“Standard_GZRS”
“Standard_LRS”
“Standard_RAGRS”
“Standard_RAGZRS”
“Standard_ZRS”

SkuName_STATUS

The SKU name. Required for account creation; optional for update. Note that in older versions, SKU name was called accountType.

Used by: Sku_STATUS.

Value	Description
“Premium_LRS”
“Premium_ZRS”
“Standard_GRS”
“Standard_GZRS”
“Standard_LRS”
“Standard_RAGRS”
“Standard_RAGZRS”
“Standard_ZRS”

StorageAccountInternetEndpoints_STATUS

The URIs that are used to perform a retrieval of a public blob, file, web or dfs object via a internet routing endpoint.

Used by: Endpoints_STATUS.

Property	Description	Type
blob	Gets the blob endpoint.	string Optional
dfs	Gets the dfs endpoint.	string Optional
file	Gets the file endpoint.	string Optional
web	Gets the web endpoint.	string Optional

StorageAccountMicrosoftEndpoints_STATUS

The URIs that are used to perform a retrieval of a public blob, queue, table, web or dfs object via a microsoft routing endpoint.

Used by: Endpoints_STATUS.

Property	Description	Type
blob	Gets the blob endpoint.	string Optional
dfs	Gets the dfs endpoint.	string Optional
file	Gets the file endpoint.	string Optional
queue	Gets the queue endpoint.	string Optional
table	Gets the table endpoint.	string Optional
web	Gets the web endpoint.	string Optional

StorageAccountOperatorConfigMaps

Used by: StorageAccountOperatorSpec.

Property	Description	Type
blobEndpoint	indicates where the BlobEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional
dfsEndpoint	indicates where the DfsEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional
fileEndpoint	indicates where the FileEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional
queueEndpoint	indicates where the QueueEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional
tableEndpoint	indicates where the TableEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional
webEndpoint	indicates where the WebEndpoint config map should be placed. If omitted, no config map will be created.	genruntime.ConfigMapDestination Optional

StorageAccountOperatorSecrets

Used by: StorageAccountOperatorSpec.

Property	Description	Type
blobEndpoint	indicates where the BlobEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
dfsEndpoint	indicates where the DfsEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
fileEndpoint	indicates where the FileEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
key1	indicates where the Key1 secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
key2	indicates where the Key2 secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
queueEndpoint	indicates where the QueueEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
tableEndpoint	indicates where the TableEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional
webEndpoint	indicates where the WebEndpoint secret should be placed. If omitted, the secret will not be retrieved from Azure.	genruntime.SecretDestination Optional

TagProperty_STATUS

A tag of the LegalHold of a blob container.

Used by: LegalHoldProperties_STATUS.

Property	Description	Type
objectIdentifier	Returns the Object ID of the user who added the tag.	string Optional
tag	The tag value.	string Optional
tenantId	Returns the Tenant ID that issued the token for the user who added the tag.	string Optional
timestamp	Returns the date and time the tag was added.	string Optional
upn	Returns the User Principal Name of the user who added the tag.	string Optional

Tier

The SKU tier. This is based on the SKU name.

Used by: Sku.

Value	Description
“Premium”
“Standard”

Tier_STATUS

The SKU tier. This is based on the SKU name.

Used by: Sku_STATUS.

Value	Description
“Premium”
“Standard”

UpdateHistoryProperty_STATUS

An update history of the ImmutabilityPolicy of a blob container.

Used by: ImmutabilityPolicyProperties_STATUS.

Property	Description	Type
immutabilityPeriodSinceCreationInDays	The immutability period for the blobs in the container since the policy creation, in days.	int Optional
objectIdentifier	Returns the Object ID of the user who updated the ImmutabilityPolicy.	string Optional
tenantId	Returns the Tenant ID that issued the token for the user who updated the ImmutabilityPolicy.	string Optional
timestamp	Returns the date and time the ImmutabilityPolicy was updated.	string Optional
update	The ImmutabilityPolicy update type of a blob container, possible values include: put, lock and extend.	UpdateHistoryProperty_Update_STATUS Optional
upn	Returns the User Principal Name of the user who updated the ImmutabilityPolicy.	string Optional

UserAssignedIdentity_STATUS

UserAssignedIdentity for the resource.

Used by: Identity_STATUS.

Property	Description	Type
clientId	The client ID of the identity.	string Optional
principalId	The principal ID of the identity.	string Optional

UserAssignedIdentityDetails

Information about the user assigned identity for the resource

Used by: Identity.

Property	Description	Type
reference		genruntime.ResourceReference Optional

VirtualNetworkRule

Virtual Network rule.

Used by: NetworkRuleSet.

Property	Description	Type
action	The action of virtual network rule.	VirtualNetworkRule_Action Optional
reference	Resource ID of a subnet, for example: /subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}.	genruntime.ResourceReference Required
state	Gets the state of virtual network rule.	VirtualNetworkRule_State Optional

VirtualNetworkRule_STATUS

Virtual Network rule.

Used by: NetworkRuleSet_STATUS.

Property	Description	Type
action	The action of virtual network rule.	VirtualNetworkRule_Action_STATUS Optional
id	Resource ID of a subnet, for example: /subscriptions/{subscriptionId}/resourceGroups/{groupName}/providers/Microsoft.Network/virtualNetworks/{vnetName}/subnets/{subnetName}.	string Optional
state	Gets the state of virtual network rule.	VirtualNetworkRule_State_STATUS Optional

BlobRestoreRange_STATUS

Blob range

Used by: BlobRestoreParameters_STATUS.

Property	Description	Type
endRange	Blob end range. This is exclusive. Empty means account end.	string Optional
startRange	Blob start range. This is inclusive. Empty means account start.	string Optional

CorsRule_AllowedMethods

Used by: CorsRule.

Value	Description
“DELETE”
“GET”
“HEAD”
“MERGE”
“OPTIONS”
“POST”
“PUT”

CorsRule_AllowedMethods_STATUS

Used by: CorsRule_STATUS.

Value	Description
“DELETE”
“GET”
“HEAD”
“MERGE”
“OPTIONS”
“POST”
“PUT”

EncryptionService

A service that allows server-side encryption to be used.

Used by: EncryptionServices, EncryptionServices, EncryptionServices, and EncryptionServices.

Property	Description	Type
enabled	A boolean indicating whether or not the service encrypts the data as it is stored.	bool Optional
keyType	Encryption key type to be used for the encryption service. ‘Account’ key type implies that an account-scoped encryption key will be used. ‘Service’ key type implies that a default service key is used.	EncryptionService_KeyType Optional

EncryptionService_STATUS

A service that allows server-side encryption to be used.

Used by: EncryptionServices_STATUS, EncryptionServices_STATUS, EncryptionServices_STATUS, and EncryptionServices_STATUS.

Property	Description	Type
enabled	A boolean indicating whether or not the service encrypts the data as it is stored.	bool Optional
keyType	Encryption key type to be used for the encryption service. ‘Account’ key type implies that an account-scoped encryption key will be used. ‘Service’ key type implies that a default service key is used.	EncryptionService_KeyType_STATUS Optional
lastEnabledTime	Gets a rough estimate of the date/time when the encryption was last enabled by the user. Only returned when encryption is enabled. There might be some unencrypted blobs which were written after this time, as it is just a rough estimate.	string Optional

IPRule_Action

Used by: IPRule.

Value	Description
“Allow”

IPRule_Action_STATUS

Used by: IPRule_STATUS.

Value	Description
“Allow”

ManagementPolicyDefinition

An object that defines the Lifecycle rule. Each definition is made up with a filters set and an actions set.

Used by: ManagementPolicyRule.

Property	Description	Type
actions	An object that defines the action set.	ManagementPolicyAction Required
filters	An object that defines the filter set.	ManagementPolicyFilter Optional

ManagementPolicyDefinition_STATUS

An object that defines the Lifecycle rule. Each definition is made up with a filters set and an actions set.

Used by: ManagementPolicyRule_STATUS.

Property	Description	Type
actions	An object that defines the action set.	ManagementPolicyAction_STATUS Optional
filters	An object that defines the filter set.	ManagementPolicyFilter_STATUS Optional

ManagementPolicyRule_Type

Used by: ManagementPolicyRule.

Value	Description
“Lifecycle”

ManagementPolicyRule_Type_STATUS

Used by: ManagementPolicyRule_STATUS.

Value	Description
“Lifecycle”

UpdateHistoryProperty_Update_STATUS

Used by: UpdateHistoryProperty_STATUS.

Value	Description
“extend”
“lock”
“put”

VirtualNetworkRule_Action

Used by: VirtualNetworkRule.

Value	Description
“Allow”

VirtualNetworkRule_Action_STATUS

Used by: VirtualNetworkRule_STATUS.

Value	Description
“Allow”

VirtualNetworkRule_State

Used by: VirtualNetworkRule.

Value	Description
“Deprovisioning”
“Failed”
“NetworkSourceDeleted”
“Provisioning”
“Succeeded”

VirtualNetworkRule_State_STATUS

Used by: VirtualNetworkRule_STATUS.

Value	Description
“Deprovisioning”
“Failed”
“NetworkSourceDeleted”
“Provisioning”
“Succeeded”

EncryptionService_KeyType

Used by: EncryptionService.

Value	Description
“Account”
“Service”

EncryptionService_KeyType_STATUS

Used by: EncryptionService_STATUS.

Value	Description
“Account”
“Service”

ManagementPolicyAction

Actions are applied to the filtered blobs when the execution condition is met.

Used by: ManagementPolicyDefinition.

Property	Description	Type
baseBlob	The management policy action for base blob	ManagementPolicyBaseBlob Optional
snapshot	The management policy action for snapshot	ManagementPolicySnapShot Optional
version	The management policy action for version	ManagementPolicyVersion Optional

ManagementPolicyAction_STATUS

Actions are applied to the filtered blobs when the execution condition is met.

Used by: ManagementPolicyDefinition_STATUS.

Property	Description	Type
baseBlob	The management policy action for base blob	ManagementPolicyBaseBlob_STATUS Optional
snapshot	The management policy action for snapshot	ManagementPolicySnapShot_STATUS Optional
version	The management policy action for version	ManagementPolicyVersion_STATUS Optional

ManagementPolicyFilter

Filters limit rule actions to a subset of blobs within the storage account. If multiple filters are defined, a logical AND is performed on all filters.

Used by: ManagementPolicyDefinition.

Property	Description	Type
blobIndexMatch	An array of blob index tag based filters, there can be at most 10 tag filters	TagFilter[] Optional
blobTypes	An array of predefined enum values. Currently blockBlob supports all tiering and delete actions. Only delete actions are supported for appendBlob.	string[] Required
prefixMatch	An array of strings for prefixes to be match.	string[] Optional

ManagementPolicyFilter_STATUS

Filters limit rule actions to a subset of blobs within the storage account. If multiple filters are defined, a logical AND is performed on all filters.

Used by: ManagementPolicyDefinition_STATUS.

Property	Description	Type
blobIndexMatch	An array of blob index tag based filters, there can be at most 10 tag filters	TagFilter_STATUS[] Optional
blobTypes	An array of predefined enum values. Currently blockBlob supports all tiering and delete actions. Only delete actions are supported for appendBlob.	string[] Optional
prefixMatch	An array of strings for prefixes to be match.	string[] Optional

ManagementPolicyBaseBlob

Management policy action for base blob.

Used by: ManagementPolicyAction.

Property	Description	Type
delete	The function to delete the blob	DateAfterModification Optional
enableAutoTierToHotFromCool	This property enables auto tiering of a blob from cool to hot on a blob access. This property requires tierToCool.daysAfterLastAccessTimeGreaterThan.	bool Optional
tierToArchive	The function to tier blobs to archive storage. Support blobs currently at Hot or Cool tier	DateAfterModification Optional
tierToCool	The function to tier blobs to cool storage. Support blobs currently at Hot tier	DateAfterModification Optional

ManagementPolicyBaseBlob_STATUS

Management policy action for base blob.

Used by: ManagementPolicyAction_STATUS.

Property	Description	Type
delete	The function to delete the blob	DateAfterModification_STATUS Optional
enableAutoTierToHotFromCool	This property enables auto tiering of a blob from cool to hot on a blob access. This property requires tierToCool.daysAfterLastAccessTimeGreaterThan.	bool Optional
tierToArchive	The function to tier blobs to archive storage. Support blobs currently at Hot or Cool tier	DateAfterModification_STATUS Optional
tierToCool	The function to tier blobs to cool storage. Support blobs currently at Hot tier	DateAfterModification_STATUS Optional

ManagementPolicySnapShot

Management policy action for snapshot.

Used by: ManagementPolicyAction.

Property	Description	Type
delete	The function to delete the blob snapshot	DateAfterCreation Optional
tierToArchive	The function to tier blob snapshot to archive storage. Support blob snapshot currently at Hot or Cool tier	DateAfterCreation Optional
tierToCool	The function to tier blob snapshot to cool storage. Support blob snapshot currently at Hot tier	DateAfterCreation Optional

ManagementPolicySnapShot_STATUS

Management policy action for snapshot.

Used by: ManagementPolicyAction_STATUS.

Property	Description	Type
delete	The function to delete the blob snapshot	DateAfterCreation_STATUS Optional
tierToArchive	The function to tier blob snapshot to archive storage. Support blob snapshot currently at Hot or Cool tier	DateAfterCreation_STATUS Optional
tierToCool	The function to tier blob snapshot to cool storage. Support blob snapshot currently at Hot tier	DateAfterCreation_STATUS Optional

ManagementPolicyVersion

Management policy action for blob version.

Used by: ManagementPolicyAction.

Property	Description	Type
delete	The function to delete the blob version	DateAfterCreation Optional
tierToArchive	The function to tier blob version to archive storage. Support blob version currently at Hot or Cool tier	DateAfterCreation Optional
tierToCool	The function to tier blob version to cool storage. Support blob version currently at Hot tier	DateAfterCreation Optional

ManagementPolicyVersion_STATUS

Management policy action for blob version.

Used by: ManagementPolicyAction_STATUS.

Property	Description	Type
delete	The function to delete the blob version	DateAfterCreation_STATUS Optional
tierToArchive	The function to tier blob version to archive storage. Support blob version currently at Hot or Cool tier	DateAfterCreation_STATUS Optional
tierToCool	The function to tier blob version to cool storage. Support blob version currently at Hot tier	DateAfterCreation_STATUS Optional

TagFilter

Blob index tag based filtering for blob objects

Used by: ManagementPolicyFilter.

Property	Description	Type
name	This is the filter tag name, it can have 1 - 128 characters	string Required
op	This is the comparison operator which is used for object comparison and filtering. Only == (equality operator) is currently supported	string Required
value	This is the filter tag value field used for tag based filtering, it can have 0 - 256 characters	string Required

TagFilter_STATUS

Blob index tag based filtering for blob objects

Used by: ManagementPolicyFilter_STATUS.

Property	Description	Type
name	This is the filter tag name, it can have 1 - 128 characters	string Optional
op	This is the comparison operator which is used for object comparison and filtering. Only == (equality operator) is currently supported	string Optional
value	This is the filter tag value field used for tag based filtering, it can have 0 - 256 characters	string Optional

DateAfterCreation

Object to define the number of days after creation.

Used by: ManagementPolicySnapShot, ManagementPolicySnapShot, ManagementPolicySnapShot, ManagementPolicyVersion, ManagementPolicyVersion, and ManagementPolicyVersion.

Property	Description	Type
daysAfterCreationGreaterThan	Value indicating the age in days after creation	int Required

DateAfterCreation_STATUS

Object to define the number of days after creation.

Used by: ManagementPolicySnapShot_STATUS, ManagementPolicySnapShot_STATUS, ManagementPolicySnapShot_STATUS, ManagementPolicyVersion_STATUS, ManagementPolicyVersion_STATUS, and ManagementPolicyVersion_STATUS.

Property	Description	Type
daysAfterCreationGreaterThan	Value indicating the age in days after creation	float64 Optional

DateAfterModification

Object to define the number of days after object last modification Or last access. Properties daysAfterModificationGreaterThan and daysAfterLastAccessTimeGreaterThan are mutually exclusive.

Used by: ManagementPolicyBaseBlob, ManagementPolicyBaseBlob, and ManagementPolicyBaseBlob.

Property	Description	Type
daysAfterLastAccessTimeGreaterThan	Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy	int Optional
daysAfterModificationGreaterThan	Value indicating the age in days after last modification	int Optional

DateAfterModification_STATUS

Object to define the number of days after object last modification Or last access. Properties daysAfterModificationGreaterThan and daysAfterLastAccessTimeGreaterThan are mutually exclusive.

Used by: ManagementPolicyBaseBlob_STATUS, ManagementPolicyBaseBlob_STATUS, and ManagementPolicyBaseBlob_STATUS.

Property	Description	Type
daysAfterLastAccessTimeGreaterThan	Value indicating the age in days after last blob access. This property can only be used in conjunction with last access time tracking policy	float64 Optional
daysAfterModificationGreaterThan	Value indicating the age in days after last modification	float64 Optional