Azure · anandanthony · Jan 9, 2023 · Jan 10, 2023 · Jan 10, 2023
diff --git a/specification/common-types/resource-management/v3/types.json b/specification/common-types/resource-management/v3/types.json
@@ -102,35 +102,6 @@
       "description": "The resource model definition containing the full set of allowed properties for a resource. Except properties bag, there cannot be a top level property outside of this set.",
       "type": "object",
       "properties": {
-        "id": {
-          "readOnly": true,
-          "type": "string",
-          "x-ms-mutability": [
-            "read"
-          ],
-          "description": "Fully qualified resource ID for the resource. Ex - /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}"
-        },
-        "name": {
-          "readOnly": true,
-          "type": "string",
-          "description": "The name of the resource"
-        },
-        "type": {
-          "readOnly": true,
-          "type": "string",
-          "x-ms-mutability": [
-            "read"
-          ],
-          "description": "The type of the resource. E.g. \"Microsoft.Compute/virtualMachines\" or \"Microsoft.Storage/storageAccounts\""
-        },
-        "location": {
-          "type": "string",
-          "x-ms-mutability": [
-            "read",
-            "create"
-          ],
-          "description": "The geo-location where the resource lives"
-        },
         "managedBy": {
           "type": "string",
           "x-ms-mutability": [
@@ -154,18 +125,6 @@
           "type": "string",
           "description": "The etag field is *not* required. If it is provided in the response body, it must also be provided as a header per the normal etag convention.  Entity tags are used for comparing two or more entities from the same requested resource. HTTP/1.1 uses entity tags in the etag (section 14.19), If-Match (section 14.24), If-None-Match (section 14.26), and If-Range (section 14.27) header fields. "
         },
-        "tags": {
-          "type": "object",
-          "additionalProperties": {
-            "type": "string"
-          },
-          "x-ms-mutability": [
-            "read",
-            "create",
-            "update"
-          ],
-          "description": "Resource tags."
-        },
         "identity": {
           "allOf": [
             {
@@ -188,6 +147,11 @@
           ]
         }
       },
+      "allOf": [
+        {
+          "$ref": "#/definitions/TrackedResource"
+        }
+      ],
       "x-ms-azure-resource": true
     },
     "SkuTier": {

diff --git a/specification/common-types/resource-management/v4/customermanagedkeys.json b/specification/common-types/resource-management/v4/customermanagedkeys.json
@@ -0,0 +1,70 @@
+{
+  "swagger": "2.0",
+  "info": {
+    "version": "4.0",
+    "title": "Common types"
+  },
+  "paths": {},
+  "definitions": {
+    "encryption": {
+      "type": "object",
+      "description": "(Optional) Discouraged to include in resource definition. Only needed where it is possible to disable platform (AKA infrastructure) encryption. Azure SQL TDE is an example of this. Values are enabled and disabled.",
+      "properties": {
+        "infrastructureEncryption": {
+          "type": "string",
+          "enum": [
+            "enabled",
+            "disabled"
+          ],
+          "x-ms-enum": {
+            "name": "InfrastructureEncryption",
+            "modelAsString": true
+          },
+          "description": "Values are enabled and disabled."
+        },
+        "customerManagedKeyEncryption": {
+          "description": "All Customer-managed key encryption properties for the resource.",
+          "$ref": "#/definitions/customerManagedKeyEncryption"
+        }
+      }
+    },
+    "customerManagedKeyEncryption": {
+      "type": "object",
+      "description": "All Customer-managed key encryption properties for the resource.",
+      "properties": {
+        "keyEncryptionKeyIdentity": {
+          "type": "object",
+          "description": "All identity configuration for Customer-managed key settings defining which identity should be used to auth to Key Vault.",
+          "properties": {
+            "identityType": {
+              "type": "string",
+              "enum": [
+                "systemAssignedIdentity",
+                "userAssignedIdentity",
+                "delegatedResourceIdentity"
+              ],
+              "x-ms-enum": {
+                "name": "IdentityType",
+                "modelAsString": true
+              },
+              "description": "Values can be systemAssignedIdentity or userAssignedIdentity"
+            },
+            "userAssignedIdentityResourceId": {
+              "type": "string",
+              "description": "user assigned identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity and delegatedResourceIdentity."
+            },
+            "delegatedIdentityClientId": {
+              "type": "string",
+              "format": "uuid",
+              "description": "delegated identity to use for accessing key encryption key Url. Ex: /subscriptions/fa5fc227-a624-475e-b696-cdd604c735bc/resourceGroups/<resource group>/providers/Microsoft.ManagedIdentity/userAssignedIdentities/myId. Mutually exclusive with identityType systemAssignedIdentity and userAssignedIdentity - internal use only."
+            }
+          }
+        },
+        "keyEncryptionKeyUrl": {
+          "type": "string",
+          "description": "key encryption key Url, versioned or non-versioned. Ex: https://contosovault.vault.azure.net/keys/contosokek/562a4bb76b524a1493a6afe8e536ee78 or https://contosovault.vault.azure.net/keys/contosokek."
+        }
+      }
+    }
+  }
+}
diff --git a/specification/common-types/resource-management/v4/privatelinks.json b/specification/common-types/resource-management/v4/privatelinks.json
@@ -28,7 +28,7 @@
       },
       "allOf": [
         {
-          "$ref": "../v3/types.json#/definitions/Resource"
+          "$ref": "../v4/types.json#/definitions/Resource"
         }
       ],
       "description": "The private endpoint connection resource."
@@ -119,7 +119,7 @@
       },
       "allOf": [
         {
-          "$ref": "../v3/types.json#/definitions/Resource"
+          "$ref": "../v4/types.json#/definitions/Resource"
         }
       ],
       "description": "A private link resource."