pulumi-azure-native-kotlin/com.pulumi.azurenative.sql.kotlin/ServerArgs

ServerArgs

data class ServerArgs(val administratorLogin: Output<String>? = null, val administratorLoginPassword: Output<String>? = null, val administrators: Output<ServerExternalAdministratorArgs>? = null, val federatedClientId: Output<String>? = null, val identity: Output<ResourceIdentityArgs>? = null, val keyId: Output<String>? = null, val location: Output<String>? = null, val minimalTlsVersion: Output<String>? = null, val primaryUserAssignedIdentityId: Output<String>? = null, val publicNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null, val resourceGroupName: Output<String>? = null, val restrictOutboundNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null, val serverName: Output<String>? = null, val tags: Output<Map<String, String>>? = null, val version: Output<String>? = null) : ConvertibleToJava<ServerArgs>

An Azure SQL Database server. Uses Azure REST API version 2021-11-01. In version 1.x of the Azure Native provider, it used API version 2020-11-01-preview. Other available API versions: 2014-04-01, 2022-11-01-preview, 2023-02-01-preview, 2023-05-01-preview, 2023-08-01, 2023-08-01-preview, 2024-05-01-preview. Warning: when AzureADOnlyAuthentication is enabled, the Azure SQL API rejects any AdministratorLoginPassword, even if it is the same as the current one. According to the Azure team, this API design owes to the following reasons:

  • Changing the password is not allowed when Entra-only authentication is enabled because it could lead to invalid templates.

  • Any updates containing the same, unchanged password are also rejected because different behavior for same vs different passwords would be a vector for brute forcing the password. To work around this, you can comment out AdministratorLoginPassword when enabling AzureADOnlyAuthentication. To update the password, you can disable AzureADOnlyAuthentication and re-enable it after the update. For more details and discussion please see this issue.

Example Usage

Create server

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using AzureNative = Pulumi.AzureNative;
return await Deployment.RunAsync(() =>
{
    var server = new AzureNative.Sql.Server("server", new()
    {
        AdministratorLogin = "dummylogin",
        AdministratorLoginPassword = "PLACEHOLDER",
        Administrators = new AzureNative.Sql.Inputs.ServerExternalAdministratorArgs
        {
            AzureADOnlyAuthentication = true,
            Login = "bob@contoso.com",
            PrincipalType = AzureNative.Sql.PrincipalType.User,
            Sid = "00000011-1111-2222-2222-123456789111",
            TenantId = "00000011-1111-2222-2222-123456789111",
        },
        Location = "Japan East",
        PublicNetworkAccess = AzureNative.Sql.ServerNetworkAccessFlag.Enabled,
        ResourceGroupName = "sqlcrudtest-7398",
        RestrictOutboundNetworkAccess = AzureNative.Sql.ServerNetworkAccessFlag.Enabled,
        ServerName = "sqlcrudtest-4645",
    });
});
Content copied to clipboard
package main
import (
	sql "github.com/pulumi/pulumi-azure-native-sdk/sql/v2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := sql.NewServer(ctx, "server", &sql.ServerArgs{
			AdministratorLogin:         pulumi.String("dummylogin"),
			AdministratorLoginPassword: pulumi.String("PLACEHOLDER"),
			Administrators: &sql.ServerExternalAdministratorArgs{
				AzureADOnlyAuthentication: pulumi.Bool(true),
				Login:                     pulumi.String("bob@contoso.com"),
				PrincipalType:             pulumi.String(sql.PrincipalTypeUser),
				Sid:                       pulumi.String("00000011-1111-2222-2222-123456789111"),
				TenantId:                  pulumi.String("00000011-1111-2222-2222-123456789111"),
			},
			Location:                      pulumi.String("Japan East"),
			PublicNetworkAccess:           pulumi.String(sql.ServerNetworkAccessFlagEnabled),
			ResourceGroupName:             pulumi.String("sqlcrudtest-7398"),
			RestrictOutboundNetworkAccess: pulumi.String(sql.ServerNetworkAccessFlagEnabled),
			ServerName:                    pulumi.String("sqlcrudtest-4645"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azurenative.sql.Server;
import com.pulumi.azurenative.sql.ServerArgs;
import com.pulumi.azurenative.sql.inputs.ServerExternalAdministratorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var server = new Server("server", ServerArgs.builder()
            .administratorLogin("dummylogin")
            .administratorLoginPassword("PLACEHOLDER")
            .administrators(ServerExternalAdministratorArgs.builder()
                .azureADOnlyAuthentication(true)
                .login("bob@contoso.com")
                .principalType("User")
                .sid("00000011-1111-2222-2222-123456789111")
                .tenantId("00000011-1111-2222-2222-123456789111")
                .build())
            .location("Japan East")
            .publicNetworkAccess("Enabled")
            .resourceGroupName("sqlcrudtest-7398")
            .restrictOutboundNetworkAccess("Enabled")
            .serverName("sqlcrudtest-4645")
            .build());
    }
}
Content copied to clipboard

Import

An existing resource can be imported using its type token, name, and identifier, e.g.

$ pulumi import azure-native:sql:Server sqlcrudtest-4645 /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(administratorLogin: Output<String>? = null, administratorLoginPassword: Output<String>? = null, administrators: Output<ServerExternalAdministratorArgs>? = null, federatedClientId: Output<String>? = null, identity: Output<ResourceIdentityArgs>? = null, keyId: Output<String>? = null, location: Output<String>? = null, minimalTlsVersion: Output<String>? = null, primaryUserAssignedIdentityId: Output<String>? = null, publicNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null, resourceGroupName: Output<String>? = null, restrictOutboundNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null, serverName: Output<String>? = null, tags: Output<Map<String, String>>? = null, version: Output<String>? = null)

Properties

Link copied to clipboard
val administratorLogin: Output<String>? = null

Administrator username for the server. Once created it cannot be changed.

Link copied to clipboard
val administratorLoginPassword: Output<String>? = null

The administrator login password (required for server creation).

Link copied to clipboard
val administrators: Output<ServerExternalAdministratorArgs>? = null

The Azure Active Directory administrator of the server.

Link copied to clipboard
val federatedClientId: Output<String>? = null

The Client id used for cross tenant CMK scenario

Link copied to clipboard
val identity: Output<ResourceIdentityArgs>? = null

The Azure Active Directory identity of the server.

Link copied to clipboard
val keyId: Output<String>? = null

A CMK URI of the key to use for encryption.

Link copied to clipboard
val location: Output<String>? = null

Resource location.

Link copied to clipboard
val minimalTlsVersion: Output<String>? = null

Minimal TLS version. Allowed values: '1.0', '1.1', '1.2'

Link copied to clipboard
val primaryUserAssignedIdentityId: Output<String>? = null

The resource id of a user assigned identity to be used by default.

Link copied to clipboard
val publicNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null

Whether or not public endpoint access is allowed for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'

Link copied to clipboard
val resourceGroupName: Output<String>? = null

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.

Link copied to clipboard
val restrictOutboundNetworkAccess: Output<Either<String, ServerNetworkAccessFlag>>? = null

Whether or not to restrict outbound network access for this server. Value is optional but if passed in, must be 'Enabled' or 'Disabled'

Link copied to clipboard
val serverName: Output<String>? = null

The name of the server.

Link copied to clipboard
val tags: Output<Map<String, String>>? = null

Resource tags.

Link copied to clipboard
val version: Output<String>? = null

The version of the server.

Functions

Link copied to clipboard
open override fun toJava(): ServerArgs