pulumi-azure-kotlin/com.pulumi.azure.mssql.kotlin/ManagedInstanceActiveDirectoryAdministrator

ManagedInstanceActiveDirectoryAdministrator

class ManagedInstanceActiveDirectoryAdministrator : KotlinCustomResource

Allows you to set a user, group or service principal as the AAD Administrator for an Azure SQL Managed Instance.

Example Usage

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.mssql.ManagedInstance;
import com.pulumi.azure.mssql.ManagedInstanceArgs;
import com.pulumi.azure.mssql.inputs.ManagedInstanceIdentityArgs;
import com.pulumi.azuread.DirectoryRole;
import com.pulumi.azuread.DirectoryRoleArgs;
import com.pulumi.azuread.DirectoryRoleMember;
import com.pulumi.azuread.DirectoryRoleMemberArgs;
import com.pulumi.azuread.User;
import com.pulumi.azuread.UserArgs;
import com.pulumi.azure.mssql.ManagedInstanceActiveDirectoryAdministrator;
import com.pulumi.azure.mssql.ManagedInstanceActiveDirectoryAdministratorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("rg-example")
            .location("West Europe")
            .build());
        final var current = CoreFunctions.getClientConfig();
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .name("example")
            .location(example.location())
            .resourceGroupName(example.name())
            .addressSpaces("10.0.0.0/16")
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .name("example")
            .resourceGroupName(example.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.2.0/24")
            .build());
        var exampleManagedInstance = new ManagedInstance("exampleManagedInstance", ManagedInstanceArgs.builder()
            .name("managedsqlinstance")
            .resourceGroupName(example.name())
            .location(example.location())
            .licenseType("BasePrice")
            .skuName("GP_Gen5")
            .storageSizeInGb(32)
            .subnetId(exampleSubnet.id())
            .vcores(4)
            .administratorLogin("msadministrator")
            .administratorLoginPassword("thisIsDog11")
            .identity(ManagedInstanceIdentityArgs.builder()
                .type("SystemAssigned")
                .build())
            .build());
        var reader = new DirectoryRole("reader", DirectoryRoleArgs.builder()
            .displayName("Directory Readers")
            .build());
        var exampleDirectoryRoleMember = new DirectoryRoleMember("exampleDirectoryRoleMember", DirectoryRoleMemberArgs.builder()
            .roleObjectId(reader.objectId())
            .memberObjectId(exampleManagedInstance.identity().applyValue(identity -> identity.principalId()))
            .build());
        var admin = new User("admin", UserArgs.builder()
            .userPrincipalName("ms.admin@example.com")
            .displayName("Ms Admin")
            .mailNickname("ms.admin")
            .password("SecretP@sswd99!")
            .build());
        var exampleManagedInstanceActiveDirectoryAdministrator = new ManagedInstanceActiveDirectoryAdministrator("exampleManagedInstanceActiveDirectoryAdministrator", ManagedInstanceActiveDirectoryAdministratorArgs.builder()
            .managedInstanceId(exampleManagedInstance.id())
            .loginUsername("msadmin")
            .objectId(admin.objectId())
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .build());
    }
}
Content copied to clipboard

Import

An Azure SQL Active Directory Administrator can be imported using the resource id, e.g.

$ pulumi import azure:mssql/managedInstanceActiveDirectoryAdministrator:ManagedInstanceActiveDirectoryAdministrator administrator /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/managedInstances/mymanagedinstance/administrators/activeDirectory
Content copied to clipboard

Properties

Link copied to clipboard
val azureadAuthenticationOnly: Output<Boolean>?

When true, only permit logins from AAD users and administrators. When false, also allow local database users.

Link copied to clipboard
val id: Output<String>
Link copied to clipboard
val loginUsername: Output<String>

The login name of the principal to set as the Managed Instance Administrator.

Link copied to clipboard
val managedInstanceId: Output<String>

The ID of the Azure SQL Managed Instance for which to set the administrator. Changing this forces a new resource to be created.

Link copied to clipboard
val objectId: Output<String>

The Object ID of the principal to set as the Managed Instance Administrator.

Link copied to clipboard
val pulumiChildResources: Set<KotlinResource>
Link copied to clipboard
Link copied to clipboard
Link copied to clipboard
val tenantId: Output<String>

The Azure Active Directory Tenant ID.

Link copied to clipboard
val urn: Output<String>