Data Lake Storage

The following arguments are supported:

• name - (Required) The name of the Data Lake Gen2 File System which should be created within the Storage Account. Must be unique within the storage account the queue is located. Changing this forces a new resource to be created.
• storage_account_id - (Required) Specifies the ID of the Storage Account in which the Data Lake Gen2 File System should exist. Changing this forces a new resource to be created.
• properties - (Optional) A mapping of Key to Base64-Encoded Values which should be assigned to this Data Lake Gen2 File System.
• ace - (Optional) One or more ace blocks as defined below to specify the entries for the ACL for the path.
• owner - (Optional) Specifies the Object ID of the Azure Active Directory User to make the owning user of the root path (i.e. /). Possible values also include $superuser.
• group - (Optional) Specifies the Object ID of the Azure Active Directory Group to make the owning group of the root path (i.e. /). Possible values also include $superuser.

NOTE:

The Storage Account requires account_kind to be either StorageV2 or BlobStorage. In addition, is_hns_enabled has to be set to true.

An ace block supports the following:

• scope - (Optional) Specifies whether the ACE represents an access entry or a default entry. Default value is access.
• type - (Required) Specifies the type of entry. Can be user, group, mask or other.
• id - (Optional) Specifies the Object ID of the Azure Active Directory User or Group that the entry relates to. Only valid for user or group entries.
• permissions - (Required) Specifies the permissions for the entry in rwx form. For example, rwx gives full permissions but r-- only gives read permissions.

More details on ACLs can be found here: https://docs.microsoft.com/azure/storage/blobs/data-lake-storage-access-control#access-control-lists-on-files-and-directories

‍