Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Bicep resource definition
The netAppAccounts/capacityPools/volumes/buckets resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets resource, add the following Bicep to your template.
resource symbolicname 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets@2025-09-01-preview' = {
parent: resourceSymbolicName
name: 'string'
properties: {
akvDetails: {
certificateAkvDetails: {
certificateKeyVaultUri: 'string'
certificateName: 'string'
}
credentialsAkvDetails: {
credentialsKeyVaultUri: 'string'
secretName: 'string'
}
}
fileSystemUser: {
cifsUser: {
username: 'string'
}
nfsUser: {
groupId: int
userId: int
}
}
path: 'string'
permissions: 'string'
server: {
certificateObject: 'string'
fqdn: 'string'
onCertificateConflictAction: 'string'
}
}
}
Property Values
Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^([a-z]|(\d(?!\d{0,2}\.\d{1,3}\.\d{1,3}\.\d{1,3})))([a-z\d]|(\.(?!(\.|-)))|(-(?!\.))){1,61}[a-z\d]$ (required) |
| parent | In Bicep, you can specify the parent resource for a child resource. You only need to add this property when the child resource is declared outside of the parent resource. For more information, see Child resource outside parent resource. |
Symbolic name for resource of type: netAppAccounts/capacityPools/volumes |
| properties | Bucket properties | BucketProperties |
AzureKeyVaultDetails
| Name | Description | Value |
|---|---|---|
| certificateAkvDetails | Specifies the Azure Key Vault settings for retrieving the bucket server certificate. | CertificateAkvDetails |
| credentialsAkvDetails | Specifies the Azure Key Vault settings for storing the bucket credentials. | CredentialsAkvDetails |
BucketProperties
| Name | Description | Value |
|---|---|---|
| akvDetails | Specifies the Azure Key Vault settings. These are used when a) retrieving the bucket server certificate, and b) storing the bucket credentials Notes: 1. If a bucket certificate was previously provided directly using the certificateObject property, it is possible to subsequently use the Azure Key Vault for certificate management by using these 'akvDetails' properties. However, once Azure Key Vault is configured, it is no longer possible to provide the certificate directly via the certificateObject property. 2. These properties are mutually exclusive with the server.certificateObject property. |
AzureKeyVaultDetails |
| fileSystemUser | File System user having access to volume data. For Unix, this is the user's uid and gid. For Windows, this is the user's username. Note that the Unix and Windows user details are mutually exclusive, meaning one or other must be supplied, but not both. | FileSystemUser |
| path | The volume path mounted inside the bucket. The default is the root path '/' if no value is provided when the bucket is created. | string |
| permissions | Access permissions for the bucket. Either ReadOnly or ReadWrite. The default is ReadOnly if no value is provided during bucket creation. | 'ReadOnly' 'ReadWrite' |
| server | Properties of the server managing the lifecycle of volume buckets | BucketServerProperties |
BucketServerProperties
| Name | Description | Value |
|---|---|---|
| certificateObject | The base64-encoded contents of a PEM file, which includes both the bucket server's certificate and private key. It is generated by the end user and allows the user to access volume data in a read-only manner. Note: This is only used when Azure Key Vault is not configured. This property is mutually exclusive with the Azure Key Vault 'akv' properties. |
string Constraints: Min length = 1 Max length = 20480 Sensitive value. Pass in as a secure parameter. |
| fqdn | The host part of the bucket URL, resolving to the bucket IP address and allowed by the server certificate. | string |
| onCertificateConflictAction | Action to take when there is a certificate conflict. Possible values include: 'Update', 'Fail' |
'Fail' 'Update' |
CertificateAkvDetails
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultUri | The base URI of the Azure Key Vault that is used when retrieving the bucket certificate. | string |
| certificateName | The name of the bucket server certificate stored in the Azure Key Vault. | string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
CifsUser
| Name | Description | Value |
|---|---|---|
| username | The CIFS user's username | string |
CredentialsAkvDetails
| Name | Description | Value |
|---|---|---|
| credentialsKeyVaultUri | The base URI of the Azure Key Vault that is used when storing the bucket credentials. | string |
| secretName | The name of the secret stored in Azure Key Vault. The associated key pair has the following structure: { "access_key_id": "<REDACTED>", "secret_access_key": "<REDACTED>" } |
string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
FileSystemUser
| Name | Description | Value |
|---|---|---|
| cifsUser | The effective CIFS username when accessing the volume data. | CifsUser |
| nfsUser | The effective NFS User ID and Group ID when accessing the volume data. | NfsUser |
NfsUser
| Name | Description | Value |
|---|---|---|
| groupId | The NFS user's GID | int |
| userId | The NFS user's UID | int |
ARM template resource definition
The netAppAccounts/capacityPools/volumes/buckets resource type can be deployed with operations that target:
- Resource groups - See resource group deployment commands
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets resource, add the following JSON to your template.
{
"type": "Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets",
"apiVersion": "2025-09-01-preview",
"name": "string",
"properties": {
"akvDetails": {
"certificateAkvDetails": {
"certificateKeyVaultUri": "string",
"certificateName": "string"
},
"credentialsAkvDetails": {
"credentialsKeyVaultUri": "string",
"secretName": "string"
}
},
"fileSystemUser": {
"cifsUser": {
"username": "string"
},
"nfsUser": {
"groupId": "int",
"userId": "int"
}
},
"path": "string",
"permissions": "string",
"server": {
"certificateObject": "string",
"fqdn": "string",
"onCertificateConflictAction": "string"
}
}
}
Property Values
Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets
| Name | Description | Value |
|---|---|---|
| apiVersion | The api version | '2025-09-01-preview' |
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^([a-z]|(\d(?!\d{0,2}\.\d{1,3}\.\d{1,3}\.\d{1,3})))([a-z\d]|(\.(?!(\.|-)))|(-(?!\.))){1,61}[a-z\d]$ (required) |
| properties | Bucket properties | BucketProperties |
| type | The resource type | 'Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets' |
AzureKeyVaultDetails
| Name | Description | Value |
|---|---|---|
| certificateAkvDetails | Specifies the Azure Key Vault settings for retrieving the bucket server certificate. | CertificateAkvDetails |
| credentialsAkvDetails | Specifies the Azure Key Vault settings for storing the bucket credentials. | CredentialsAkvDetails |
BucketProperties
| Name | Description | Value |
|---|---|---|
| akvDetails | Specifies the Azure Key Vault settings. These are used when a) retrieving the bucket server certificate, and b) storing the bucket credentials Notes: 1. If a bucket certificate was previously provided directly using the certificateObject property, it is possible to subsequently use the Azure Key Vault for certificate management by using these 'akvDetails' properties. However, once Azure Key Vault is configured, it is no longer possible to provide the certificate directly via the certificateObject property. 2. These properties are mutually exclusive with the server.certificateObject property. |
AzureKeyVaultDetails |
| fileSystemUser | File System user having access to volume data. For Unix, this is the user's uid and gid. For Windows, this is the user's username. Note that the Unix and Windows user details are mutually exclusive, meaning one or other must be supplied, but not both. | FileSystemUser |
| path | The volume path mounted inside the bucket. The default is the root path '/' if no value is provided when the bucket is created. | string |
| permissions | Access permissions for the bucket. Either ReadOnly or ReadWrite. The default is ReadOnly if no value is provided during bucket creation. | 'ReadOnly' 'ReadWrite' |
| server | Properties of the server managing the lifecycle of volume buckets | BucketServerProperties |
BucketServerProperties
| Name | Description | Value |
|---|---|---|
| certificateObject | The base64-encoded contents of a PEM file, which includes both the bucket server's certificate and private key. It is generated by the end user and allows the user to access volume data in a read-only manner. Note: This is only used when Azure Key Vault is not configured. This property is mutually exclusive with the Azure Key Vault 'akv' properties. |
string Constraints: Min length = 1 Max length = 20480 Sensitive value. Pass in as a secure parameter. |
| fqdn | The host part of the bucket URL, resolving to the bucket IP address and allowed by the server certificate. | string |
| onCertificateConflictAction | Action to take when there is a certificate conflict. Possible values include: 'Update', 'Fail' |
'Fail' 'Update' |
CertificateAkvDetails
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultUri | The base URI of the Azure Key Vault that is used when retrieving the bucket certificate. | string |
| certificateName | The name of the bucket server certificate stored in the Azure Key Vault. | string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
CifsUser
| Name | Description | Value |
|---|---|---|
| username | The CIFS user's username | string |
CredentialsAkvDetails
| Name | Description | Value |
|---|---|---|
| credentialsKeyVaultUri | The base URI of the Azure Key Vault that is used when storing the bucket credentials. | string |
| secretName | The name of the secret stored in Azure Key Vault. The associated key pair has the following structure: { "access_key_id": "<REDACTED>", "secret_access_key": "<REDACTED>" } |
string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
FileSystemUser
| Name | Description | Value |
|---|---|---|
| cifsUser | The effective CIFS username when accessing the volume data. | CifsUser |
| nfsUser | The effective NFS User ID and Group ID when accessing the volume data. | NfsUser |
NfsUser
| Name | Description | Value |
|---|---|---|
| groupId | The NFS user's GID | int |
| userId | The NFS user's UID | int |
Usage Examples
Terraform (AzAPI provider) resource definition
The netAppAccounts/capacityPools/volumes/buckets resource type can be deployed with operations that target:
- Resource groups
For a list of changed properties in each API version, see change log.
Resource format
To create a Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets resource, add the following Terraform to your template.
resource "azapi_resource" "symbolicname" {
type = "Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets@2025-09-01-preview"
name = "string"
parent_id = "string"
body = {
properties = {
akvDetails = {
certificateAkvDetails = {
certificateKeyVaultUri = "string"
certificateName = "string"
}
credentialsAkvDetails = {
credentialsKeyVaultUri = "string"
secretName = "string"
}
}
fileSystemUser = {
cifsUser = {
username = "string"
}
nfsUser = {
groupId = int
userId = int
}
}
path = "string"
permissions = "string"
server = {
certificateObject = "string"
fqdn = "string"
onCertificateConflictAction = "string"
}
}
}
}
Property Values
Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets
| Name | Description | Value |
|---|---|---|
| name | The resource name | string Constraints: Min length = 3 Max length = 63 Pattern = ^([a-z]|(\d(?!\d{0,2}\.\d{1,3}\.\d{1,3}\.\d{1,3})))([a-z\d]|(\.(?!(\.|-)))|(-(?!\.))){1,61}[a-z\d]$ (required) |
| parent_id | The ID of the resource that is the parent for this resource. | ID for resource of type: netAppAccounts/capacityPools/volumes |
| properties | Bucket properties | BucketProperties |
| type | The resource type | "Microsoft.NetApp/netAppAccounts/capacityPools/volumes/buckets@2025-09-01-preview" |
AzureKeyVaultDetails
| Name | Description | Value |
|---|---|---|
| certificateAkvDetails | Specifies the Azure Key Vault settings for retrieving the bucket server certificate. | CertificateAkvDetails |
| credentialsAkvDetails | Specifies the Azure Key Vault settings for storing the bucket credentials. | CredentialsAkvDetails |
BucketProperties
| Name | Description | Value |
|---|---|---|
| akvDetails | Specifies the Azure Key Vault settings. These are used when a) retrieving the bucket server certificate, and b) storing the bucket credentials Notes: 1. If a bucket certificate was previously provided directly using the certificateObject property, it is possible to subsequently use the Azure Key Vault for certificate management by using these 'akvDetails' properties. However, once Azure Key Vault is configured, it is no longer possible to provide the certificate directly via the certificateObject property. 2. These properties are mutually exclusive with the server.certificateObject property. |
AzureKeyVaultDetails |
| fileSystemUser | File System user having access to volume data. For Unix, this is the user's uid and gid. For Windows, this is the user's username. Note that the Unix and Windows user details are mutually exclusive, meaning one or other must be supplied, but not both. | FileSystemUser |
| path | The volume path mounted inside the bucket. The default is the root path '/' if no value is provided when the bucket is created. | string |
| permissions | Access permissions for the bucket. Either ReadOnly or ReadWrite. The default is ReadOnly if no value is provided during bucket creation. | 'ReadOnly' 'ReadWrite' |
| server | Properties of the server managing the lifecycle of volume buckets | BucketServerProperties |
BucketServerProperties
| Name | Description | Value |
|---|---|---|
| certificateObject | The base64-encoded contents of a PEM file, which includes both the bucket server's certificate and private key. It is generated by the end user and allows the user to access volume data in a read-only manner. Note: This is only used when Azure Key Vault is not configured. This property is mutually exclusive with the Azure Key Vault 'akv' properties. |
string Constraints: Min length = 1 Max length = 20480 Sensitive value. Pass in as a secure parameter. |
| fqdn | The host part of the bucket URL, resolving to the bucket IP address and allowed by the server certificate. | string |
| onCertificateConflictAction | Action to take when there is a certificate conflict. Possible values include: 'Update', 'Fail' |
'Fail' 'Update' |
CertificateAkvDetails
| Name | Description | Value |
|---|---|---|
| certificateKeyVaultUri | The base URI of the Azure Key Vault that is used when retrieving the bucket certificate. | string |
| certificateName | The name of the bucket server certificate stored in the Azure Key Vault. | string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
CifsUser
| Name | Description | Value |
|---|---|---|
| username | The CIFS user's username | string |
CredentialsAkvDetails
| Name | Description | Value |
|---|---|---|
| credentialsKeyVaultUri | The base URI of the Azure Key Vault that is used when storing the bucket credentials. | string |
| secretName | The name of the secret stored in Azure Key Vault. The associated key pair has the following structure: { "access_key_id": "<REDACTED>", "secret_access_key": "<REDACTED>" } |
string Constraints: Min length = 1 Max length = 127 Pattern = ^[a-zA-Z0-9-]{1,127}$ |
FileSystemUser
| Name | Description | Value |
|---|---|---|
| cifsUser | The effective CIFS username when accessing the volume data. | CifsUser |
| nfsUser | The effective NFS User ID and Group ID when accessing the volume data. | NfsUser |
NfsUser
| Name | Description | Value |
|---|---|---|
| groupId | The NFS user's GID | int |
| userId | The NFS user's UID | int |