azure-authorization-role-assignment
An Azure Role Assignment grants a security principal (user, group, service principal, or managed identity) access to Azure resources by assigning a role at a particular scope. For full details see the RBAC documentation.
azure-authorization-role-definition
An Azure Role Definition is a collection of permissions that describes the operations that can be performed on Azure resources. Built-in roles and custom roles are both expressed as role definitions. For full details see the Role Definitions documentation.
azure-batch-batch-account
An Azure Batch Account provides access to the Azure Batch service, enabling large-scale parallel and high-performance computing (HPC) workloads by managing pools of compute nodes and scheduling jobs. For full details see the Batch Account documentation.
azure-batch-batch-application-package
An Azure Batch Application Package is a specific version of an application binary that is uploaded to a Batch account and can be deployed to pool compute nodes. For full details see the Application Packages documentation.
azure-batch-batch-application
An Azure Batch Application is a packaged application that can be deployed to compute nodes in a Batch pool, simplifying the management and deployment of application binaries. For full details see the Batch Applications documentation.
azure-batch-batch-pool
An Azure Batch Pool is a collection of compute nodes (VMs) that execute Batch tasks. Pools can be configured with specific VM sizes, scaling rules, and application packages. For full details see the Batch Pools documentation.
azure-batch-batch-private-endpoint-connection
An Azure Batch Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a Batch Account, enabling secure access to the Batch service over a private network. For full details see the Batch Private Endpoints documentation.
azure-compute-availability-set
An Azure Availability Set is a logical grouping of VMs that ensures they are distributed across multiple isolated hardware nodes in a cluster, reducing the impact of hardware failures, network outages, or power interruptions. For full details see the Availability Sets documentation.
azure-compute-capacity-reservation-group
An Azure Capacity Reservation Group is a container for capacity reservations that allows you to manage reserved VM capacity across availability zones. For full details see the Capacity Reservations documentation.
azure-compute-capacity-reservation
An Azure Capacity Reservation lets you reserve compute capacity in a specific Azure region or availability zone for any duration of time, ensuring capacity availability when you need it. For full details see the Capacity Reservations documentation.
azure-compute-dedicated-host-group
An Azure Dedicated Host Group is a resource that represents a collection of dedicated hosts. It provides fault domain isolation, ensuring that hosts within the group are placed on different physical infrastructure. For full details see the Dedicated Host documentation.
azure-compute-dedicated-host
An Azure Dedicated Host provides physical servers that host one or more Azure VMs, dedicated to your organization and workload. The server capacity is not shared with other customers. For full details see the Dedicated Host documentation.
azure-compute-disk-access-private-endpoint-connection
An Azure Disk Access Private Endpoint Connection represents the private endpoint connectivity status for a Disk Access resource, enabling secure import/export of managed disks over a private link. For full details see the Private Endpoint documentation.
azure-compute-disk-access
An Azure Disk Access resource provides a secure, private connection to managed disks using Azure Private Link, preventing data from traversing the public internet. For full details see the Disk Access documentation.
azure-compute-disk-encryption-set
An Azure Disk Encryption Set is a resource that enables you to use customer-managed keys for encrypting managed disks. It serves as a bridge between your key vault keys and your managed disks. For full details see the Disk Encryption Sets documentation.
azure-compute-disk
An Azure Managed Disk is a block-level storage volume managed by Azure and used with Azure Virtual Machines. Managed disks are designed for high availability, durability, and scalability. For full details see the Azure Managed Disks documentation.
azure-compute-gallery-application-version
An Azure Gallery Application Version is a specific version of a Gallery Application containing the installable binaries and scripts for a VM application. For full details see the Gallery Application Versions documentation.
azure-compute-gallery-application
An Azure Gallery Application is a resource in an Azure Compute Gallery that packages application binaries and configuration for consistent deployment to VMs and scale sets. For full details see the Gallery Applications documentation.
azure-compute-gallery-image
An Azure Gallery Image is an image definition in an Azure Compute Gallery that contains metadata about the image such as OS type, publisher, and offer, with one or more image versions. For full details see the Gallery Image documentation.
azure-compute-gallery
An Azure Compute Gallery (formerly Shared Image Gallery) is a repository for managing and sharing images, application packages, and other resources across your organization. For full details see the Compute Gallery documentation.
azure-compute-image
An Azure Compute Image is a custom image resource that can be used to create virtual machines. It captures the OS disk and optionally data disks as a reusable template for VM deployment. For full details see the Azure Images documentation.
azure-compute-proximity-placement-group
An Azure Proximity Placement Group is a logical grouping used to make sure that Azure compute resources are physically located close to each other, reducing network latency between them. For full details see the Proximity Placement Groups documentation.
azure-compute-shared-gallery-image
An Azure Shared Gallery Image is an image version stored in an Azure Compute Gallery (formerly Shared Image Gallery) that can be shared across subscriptions, tenants, and regions. For full details see the Azure Compute Gallery documentation.
azure-compute-snapshot
An Azure Compute Snapshot is a read-only, full copy of a managed disk taken at a point in time. Snapshots are useful for backup, disaster recovery, and troubleshooting. For full details see the Snapshots documentation.
azure-compute-virtual-machine-extension
An Azure Virtual Machine Extension is a small application that provides post-deployment configuration and automation tasks on Azure VMs, such as software installation, anti-virus protection, or custom scripts. For full details see the VM Extensions documentation.
azure-compute-virtual-machine-run-command
An Azure Virtual Machine Run Command allows you to execute scripts on a VM through the VM agent. This is useful for troubleshooting, recovery, and general machine configuration. For full details see the Run Command documentation.
azure-compute-virtual-machine-scale-set
An Azure Virtual Machine Scale Set lets you create and manage a group of load-balanced VMs that can automatically increase or decrease in number based on demand or a defined schedule. For full details see the VMSS documentation.
azure-compute-virtual-machine
An Azure Virtual Machine is a scalable, on-demand compute resource that provides the flexibility of virtualization without having to buy and maintain physical hardware. VMs run Windows or Linux operating systems and support a wide range of workloads. For full details see the Azure VM documentation.
azure-dbforpostgresql-database
An Azure Database for PostgreSQL Database is an individual database hosted within a PostgreSQL Flexible Server instance, containing schemas, tables, and data. For full details see the PostgreSQL Database documentation.
azure-dbforpostgresql-flexible-server-administrator
An Azure Database for PostgreSQL Flexible Server Administrator is an Azure Active Directory administrator assigned to the Flexible Server, providing AAD-based authentication. For full details see the AAD Authentication documentation.
azure-dbforpostgresql-flexible-server-backup
An Azure Database for PostgreSQL Flexible Server Backup represents a point-in-time backup of the Flexible Server, enabling data recovery and restoration. For full details see the Backup documentation.
azure-dbforpostgresql-flexible-server-configuration
An Azure Database for PostgreSQL Flexible Server Configuration represents a server parameter that controls the behavior of the PostgreSQL engine, such as connection limits, memory settings, or logging options. For full details see the Server Parameters documentation.
azure-dbforpostgresql-flexible-server-firewall-rule
An Azure Database for PostgreSQL Flexible Server Firewall Rule defines the allowed IP address ranges that can connect to the Flexible Server instance. For full details see the Firewall Rules documentation.
azure-dbforpostgresql-flexible-server-private-endpoint-connection
An Azure Database for PostgreSQL Flexible Server Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a Flexible Server, enabling secure database access. For full details see the Private Endpoints documentation.
azure-dbforpostgresql-flexible-server-replica
An Azure Database for PostgreSQL Flexible Server Replica is a read replica of a primary Flexible Server, providing read-only copies of the database for scaling read workloads and geographic distribution. For full details see the Read Replicas documentation.
azure-dbforpostgresql-flexible-server-virtual-endpoint
An Azure Database for PostgreSQL Flexible Server Virtual Endpoint provides a stable DNS name that automatically points to the current primary server in a high-availability or read-replica configuration, simplifying connection management during failover. For full details see the Virtual Endpoints documentation.
azure-dbforpostgresql-flexible-server
An Azure Database for PostgreSQL Flexible Server is a fully managed database service that provides granular control over database management and configuration settings, with built-in high availability and intelligent performance. For full details see the Flexible Server documentation.
azure-documentdb-database-accounts
An Azure Cosmos DB (DocumentDB) Database Account is the top-level resource for Azure Cosmos DB, providing a globally distributed, multi-model database service with turnkey global distribution and elastic scaling. For full details see the Cosmos DB documentation.
azure-documentdb-private-endpoint-connection
An Azure Cosmos DB (DocumentDB) Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a Cosmos DB account, enabling secure database access over a private network. For full details see the Cosmos DB Private Endpoints documentation.
azure-elasticsan-elastic-san-volume-snapshot
An Azure Elastic SAN Volume Snapshot is a point-in-time copy of an Elastic SAN volume, useful for data protection, backup, and creating new volumes from existing data. For full details see the Volume Snapshots documentation.
azure-elasticsan-elastic-san
An Azure Elastic SAN is a cloud-native storage area network (SAN) service that provides scalable, cost-effective, high-performance block storage with built-in resiliency. For full details see the Elastic SAN documentation.
azure-elasticsan-volume-group
An Azure Elastic SAN Volume Group is a logical container for managing volumes within an Elastic SAN, providing shared network and encryption settings for the volumes it contains. For full details see the Volume Groups documentation.
azure-elasticsan-volume
An Azure Elastic SAN Volume is a block storage volume within a Volume Group that can be attached to Azure compute resources, providing high-performance iSCSI-based storage. For full details see the Elastic SAN Volumes documentation.
azure-keyvault-key
An Azure Key Vault Key is a cryptographic key stored in Key Vault, used for encryption, decryption, signing, and verification operations. Keys can be software-protected or HSM-protected. For full details see the Key Vault Keys documentation.
azure-keyvault-managed-hsm-private-endpoint-connection
An Azure Key Vault Managed HSM Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a Managed HSM, enabling secure cryptographic operations over a private network. For full details see the Managed HSM Private Endpoints documentation.
azure-keyvault-managed-hsm
An Azure Key Vault Managed HSM provides a fully managed, highly available, single-tenant hardware security module (HSM) for cryptographic key management, meeting FIPS 140-2 Level 3 compliance. For full details see the Managed HSM documentation.
azure-keyvault-secret
An Azure Key Vault Secret is a sensitive value stored securely in Key Vault, such as connection strings, passwords, API keys, or other configuration data that applications need at runtime. For full details see the Key Vault Secrets documentation.
azure-keyvault-vault
An Azure Key Vault provides a secure store for secrets, keys, and certificates, with access policies and RBAC controls. It enables centralized management of application secrets and cryptographic keys. For full details see the Key Vault documentation.
azure-managedidentity-federated-identity-credential
An Azure Federated Identity Credential enables workloads running outside Azure (such as in GitHub Actions, Kubernetes, or other identity providers) to access Azure resources using a user-assigned managed identity without managing secrets. For full details see the Federated Identity documentation.
azure-managedidentity-user-assigned-identity
An Azure User-Assigned Managed Identity is a standalone Azure resource that can be assigned to one or more Azure service instances, providing an identity in Azure AD for authenticating to services without managing credentials. For full details see the Managed Identity documentation.
azure-network-application-gateway
An Azure Application Gateway is a web traffic load balancer and application delivery controller that operates at Layer 7 (HTTP/HTTPS), enabling URL-based routing, SSL termination, and Web Application Firewall capabilities. For full details see the Application Gateway documentation.
azure-network-application-security-group
An Azure Application Security Group enables you to group VMs and define network security policies based on application structure, allowing you to reuse security policies at scale without manual maintenance of explicit IP addresses. For full details see the ASG documentation.
azure-network-ddos-protection-plan
An Azure DDoS Protection Plan provides enhanced DDoS mitigation capabilities for virtual network resources, protecting against volumetric, protocol, and application-layer attacks. For full details see the DDoS Protection documentation.
azure-network-default-security-rule
An Azure Default Security Rule is one of the built-in rules automatically included in every Network Security Group, providing baseline allow/deny behavior for VNet, load balancer, and internet traffic. For full details see the Default Security Rules documentation.
azure-network-dns-record-set
An Azure DNS Record Set is a collection of DNS records of the same type (A, AAAA, CNAME, MX, etc.) within a DNS zone that share the same name. For full details see the DNS Records documentation.
azure-network-dns-virtual-network-link
An Azure DNS Virtual Network Link associates a Private DNS Zone with a Virtual Network, enabling DNS resolution for resources in that VNet using the private zone's records. For full details see the Virtual Network Links documentation.
azure-network-flow-log
An Azure Network Watcher Flow Log records information about IP traffic flowing through a network security group, useful for monitoring, auditing, and compliance. For full details see the Flow Logs documentation.
azure-network-ip-group
An Azure IP Group is a resource that allows you to group and manage IP addresses as a single object for use in Azure Firewall rules, simplifying rule management. For full details see the IP Groups documentation.
azure-network-load-balancer-backend-address-pool
An Azure Load Balancer Backend Address Pool defines the group of resources that will receive inbound traffic distributed by the load balancer. For full details see the Backend Pool documentation.
azure-network-load-balancer-frontend-ip-configuration
An Azure Load Balancer Frontend IP Configuration specifies the IP address (public or private) where the load balancer receives traffic. Each load balancer can have one or more frontend IP configurations. For full details see the Frontend IP documentation.
azure-network-load-balancer-probe
An Azure Load Balancer Probe monitors the health of backend pool instances to determine which instances can receive new connections from the load balancer. For full details see the Health Probe documentation.
azure-network-load-balancer
An Azure Load Balancer distributes inbound network traffic across multiple VMs or instances, providing high availability and network performance. It supports both internal and public load balancing scenarios. For full details see the Load Balancer documentation.
azure-network-local-network-gateway
An Azure Local Network Gateway represents your on-premises VPN device and defines the address prefixes and public IP of your on-premises location for site-to-site VPN connectivity. For full details see the Local Network Gateway documentation.
azure-network-nat-gateway
An Azure NAT Gateway provides outbound internet connectivity for virtual networks, allowing resources in private subnets to access the internet while remaining fully protected from inbound connections. For full details see the NAT Gateway documentation.
azure-network-network-interface-ip-configuration
An Azure Network Interface IP Configuration defines the private and/or public IP addressing for a network interface, including the subnet association and allocation method. For full details see the IP Configuration documentation.
azure-network-network-interface
An Azure Network Interface (NIC) is the interconnection between a VM and a virtual network. Each NIC has one or more IP configurations and is associated with a subnet. For full details see the NIC documentation.
azure-network-network-security-group
An Azure Network Security Group (NSG) contains security rules that allow or deny inbound and outbound network traffic to and from Azure resources connected to a virtual network. For full details see the NSG documentation.
azure-network-network-watcher
Azure Network Watcher provides network monitoring and diagnostic tools for Azure IaaS resources, including packet capture, connection troubleshooting, NSG flow logs, and topology views. For full details see the Network Watcher documentation.
azure-network-private-dns-zone
An Azure Private DNS Zone provides name resolution for virtual networks, allowing you to use custom domain names rather than the Azure-provided names, with records accessible only from linked virtual networks. For full details see the Private DNS documentation.
azure-network-private-endpoint
An Azure Private Endpoint is a network interface that uses a private IP address from your VNet, providing a private and secure connection to an Azure service powered by Azure Private Link. For full details see the Private Endpoint documentation.
azure-network-private-link-service
An Azure Private Link Service enables you to expose your service behind a standard load balancer so that consumers can access it privately from their own VNets using Private Endpoints. For full details see the Private Link Service documentation.
azure-network-public-ip-address
An Azure Public IP Address provides an internet-routable IP address that can be assigned to VMs, load balancers, VPN gateways, and application gateways. For full details see the Public IP documentation.
azure-network-public-ip-prefix
An Azure Public IP Prefix is a reserved, contiguous range of public IP addresses that can be assigned to Azure resources, ensuring predictable IP addresses for outbound connections. For full details see the Public IP Prefix documentation.
azure-network-route-table
An Azure Route Table contains a set of routes that control where network traffic is directed within a virtual network, enabling custom routing for subnets. For full details see the Route Table documentation.
azure-network-route
An Azure Route is an individual routing rule within a Route Table that specifies the destination address prefix and the next hop type for network traffic. For full details see the Routes documentation.
azure-network-security-rule
An Azure Network Security Rule is an individual allow or deny rule within a Network Security Group that controls inbound or outbound traffic based on source, destination, port, and protocol. For full details see the Security Rules documentation.
azure-network-subnet
An Azure Subnet is a range of IP addresses within a Virtual Network. Subnets segment the VNet into smaller address spaces and enable you to organize and secure resources with network security groups and route tables. For full details see the Subnet documentation.
azure-network-virtual-network-gateway
An Azure Virtual Network Gateway provides cross-premises connectivity between your Azure virtual network and on-premises infrastructure through Site-to-Site VPN or ExpressRoute connections. For full details see the VPN Gateway documentation.
azure-network-virtual-network-peering
Azure Virtual Network Peering enables seamless connectivity between two Azure virtual networks, allowing traffic to flow privately through the Microsoft backbone infrastructure without going over the public internet. For full details see the VNet Peering documentation.
azure-network-virtual-network
An Azure Virtual Network (VNet) is the fundamental building block for private networking in Azure. VNets enable Azure resources to securely communicate with each other, the internet, and on-premises networks. For full details see the VNet documentation.
azure-network-zone
An Azure DNS Zone hosts DNS records for a domain and manages name resolution. Public DNS zones resolve names on the internet, while private zones resolve names within virtual networks. For full details see the DNS Zone documentation.
azure-operationalinsights-workspace
An Azure Log Analytics Workspace (Operational Insights) is a unique environment for log data from Azure Monitor and other sources, providing a central repository for collecting, analyzing, and acting on telemetry data. For full details see the Log Analytics documentation.
azure-sql-database-schema
An Azure SQL Database Schema represents the schema within an Azure SQL Database, containing tables, views, stored procedures, and other database objects. For full details see the SQL Database documentation.
azure-sql-database
An Azure SQL Database is a fully managed relational database service based on the latest stable version of Microsoft SQL Server, offering built-in intelligence, high availability, and automatic scaling. For full details see the SQL Database documentation.
azure-sql-elastic-pool
An Azure SQL Elastic Pool provides a cost-effective solution for managing multiple databases that have varying and unpredictable resource usage demands, sharing a set pool of resources. For full details see the Elastic Pool documentation.
azure-sql-server-failover-group
An Azure SQL Server Failover Group manages the replication and failover of a group of databases on a server to another region, providing geographic redundancy and automatic failover for disaster recovery. For full details see the Failover Groups documentation.
azure-sql-server-firewall-rule
An Azure SQL Server Firewall Rule defines an allowed range of IP addresses that can access the logical SQL server and its databases. For full details see the Firewall Rules documentation.
azure-sql-server-key
An Azure SQL Server Key is a TDE (Transparent Data Encryption) protector configured on a logical SQL server, which can be a service-managed key or a customer-managed key stored in Azure Key Vault. For full details see the TDE documentation.
azure-sql-server-private-endpoint-connection
An Azure SQL Server Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a SQL Server, enabling secure database access over a private network. For full details see the SQL Private Endpoints documentation.
azure-sql-server-virtual-network-rule
An Azure SQL Server Virtual Network Rule enables traffic from a specific subnet within a virtual network to access an Azure SQL Database server, providing VNet service endpoint integration. For full details see the VNet Rules documentation.
azure-sql-server
An Azure SQL Server is a logical server that acts as a central administrative point for a group of Azure SQL databases, elastic pools, and related resources, providing server-level firewall rules and authentication. For full details see the SQL Server documentation.
azure-storage-account
An Azure Storage Account provides a unique namespace for your Azure Storage data, offering highly available, durable, and scalable cloud storage including blobs, files, queues, and tables. For full details see the Storage Account documentation.
azure-storage-blob-container
An Azure Blob Container organizes a set of blobs (binary large objects) within a Storage Account, similar to a directory in a file system, and provides access control and metadata management. For full details see the Blob Containers documentation.
azure-storage-encryption-scope
An Azure Storage Encryption Scope enables you to manage encryption at the container or blob level with customer-managed or Microsoft-managed keys, providing granular control over data encryption. For full details see the Encryption Scopes documentation.
azure-storage-file-share
An Azure File Share provides fully managed file shares in the cloud accessible via SMB, NFS, or Azure Files REST API, useful for lift-and-shift scenarios and shared application settings. For full details see the Azure Files documentation.
azure-storage-queue
An Azure Storage Queue provides cloud messaging between application components, enabling decoupled and scalable architectures with asynchronous message processing. For full details see the Queue Storage documentation.
azure-storage-storage-account-private-endpoint-connection
An Azure Storage Account Private Endpoint Connection represents the private link connectivity between a Private Endpoint and a Storage Account, enabling secure access over a private network. For full details see the Storage Private Endpoints documentation.
azure-storage-table
An Azure Storage Table is a NoSQL key-value store for rapid development using massive semi-structured datasets, providing schemaless design with fast access to large quantities of data. For full details see the Table Storage documentation.