pulumi-azure-kotlin/com.pulumi.azure.mssql.kotlin/ManagedInstanceVulnerabilityAssessmentArgs

ManagedInstanceVulnerabilityAssessmentArgs

data class ManagedInstanceVulnerabilityAssessmentArgs(val managedInstanceId: Output<String>? = null, val recurringScans: Output<ManagedInstanceVulnerabilityAssessmentRecurringScansArgs>? = null, val storageAccountAccessKey: Output<String>? = null, val storageContainerPath: Output<String>? = null, val storageContainerSasKey: Output<String>? = null) : ConvertibleToJava<ManagedInstanceVulnerabilityAssessmentArgs>

Manages the Vulnerability Assessment for an MS Managed Instance.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.mssql.ManagedInstance;
import com.pulumi.azure.mssql.ManagedInstanceArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.storage.Container;
import com.pulumi.azure.storage.ContainerArgs;
import com.pulumi.azure.mssql.ManagedInstanceSecurityAlertPolicy;
import com.pulumi.azure.mssql.ManagedInstanceSecurityAlertPolicyArgs;
import com.pulumi.azure.mssql.ManagedInstanceVulnerabilityAssessment;
import com.pulumi.azure.mssql.ManagedInstanceVulnerabilityAssessmentArgs;
import com.pulumi.azure.mssql.inputs.ManagedInstanceVulnerabilityAssessmentRecurringScansArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
            .location("West Europe")
            .build());
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.2.0/24")
            .build());
        var exampleManagedInstance = new ManagedInstance("exampleManagedInstance", ManagedInstanceArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .licenseType("BasePrice")
            .skuName("GP_Gen5")
            .storageSizeInGb(32)
            .subnetId(exampleSubnet.id())
            .vcores(4)
            .administratorLogin("missadministrator")
            .administratorLoginPassword("NCC-1701-D")
            .build());
        var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .accountTier("Standard")
            .accountReplicationType("GRS")
            .build());
        var exampleContainer = new Container("exampleContainer", ContainerArgs.builder()
            .storageAccountName(exampleAccount.name())
            .containerAccessType("private")
            .build());
        var exampleManagedInstanceSecurityAlertPolicy = new ManagedInstanceSecurityAlertPolicy("exampleManagedInstanceSecurityAlertPolicy", ManagedInstanceSecurityAlertPolicyArgs.builder()
            .resourceGroupName(azurerm_resource_group.test().name())
            .managedInstanceName(azurerm_mssql_managed_instance.test().name())
            .enabled(true)
            .storageEndpoint(azurerm_storage_account.test().primary_blob_endpoint())
            .storageAccountAccessKey(azurerm_storage_account.test().primary_access_key())
            .retentionDays(30)
            .build());
        var exampleManagedInstanceVulnerabilityAssessment = new ManagedInstanceVulnerabilityAssessment("exampleManagedInstanceVulnerabilityAssessment", ManagedInstanceVulnerabilityAssessmentArgs.builder()
            .managedInstanceId(exampleManagedInstance.id())
            .storageContainerPath(Output.tuple(exampleAccount.primaryBlobEndpoint(), exampleContainer.name()).applyValue(values -> {
                var primaryBlobEndpoint = values.t1;
                var name = values.t2;
                return String.format("%s%s/", primaryBlobEndpoint,name);
            }))
            .storageAccountAccessKey(exampleAccount.primaryAccessKey())
            .recurringScans(ManagedInstanceVulnerabilityAssessmentRecurringScansArgs.builder()
                .enabled(true)
                .emailSubscriptionAdmins(true)
                .emails(
                    "email@example1.com",
                    "email@example2.com")
                .build())
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleManagedInstanceSecurityAlertPolicy)
                .build());
    }
}
Content copied to clipboard

Import

The Vulnerability Assessment can be imported using the resource id, e.g.

$ pulumi import azure:mssql/managedInstanceVulnerabilityAssessment:ManagedInstanceVulnerabilityAssessment example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/acceptanceTestResourceGroup1/providers/Microsoft.Sql/managedInstances/instance1/vulnerabilityAssessments/Default
Content copied to clipboard

Constructors

fun ManagedInstanceVulnerabilityAssessmentArgs(managedInstanceId: Output<String>? = null, recurringScans: Output<ManagedInstanceVulnerabilityAssessmentRecurringScansArgs>? = null, storageAccountAccessKey: Output<String>? = null, storageContainerPath: Output<String>? = null, storageContainerSasKey: Output<String>? = null)

Functions

Link copied to clipboard
open override fun toJava(): ManagedInstanceVulnerabilityAssessmentArgs

Properties

Link copied to clipboard
val managedInstanceId: Output<String>? = null

The id of the MS SQL Managed Instance. Changing this forces a new resource to be created.

Link copied to clipboard
val recurringScans: Output<ManagedInstanceVulnerabilityAssessmentRecurringScansArgs>? = null

The recurring scans settings. The recurring_scans block supports fields documented below.

Link copied to clipboard
val storageAccountAccessKey: Output<String>? = null

Specifies the identifier key of the storage account for vulnerability assessment scan results. If storage_container_sas_key isn't specified, storage_account_access_key is required.

Link copied to clipboard
val storageContainerPath: Output<String>? = null

A blob storage container path to hold the scan results (e.g. https://myStorage.blob.core.windows.net/VaScans/).

Link copied to clipboard
val storageContainerSasKey: Output<String>? = null

A shared access signature (SAS Key) that has write access to the blob container specified in storage_container_path parameter. If storage_account_access_key isn't specified, storage_container_sas_key is required.