Managed
Manages a SQL Azure Managed Instance.
Note: The
azure.sql.ManagedInstanceresource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use theazure.mssql.ManagedInstanceresource instead. Note: All arguments including the administrator login and password will be stored in the raw state as plain-text. Read more about sensitive data in state.
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.NetworkSecurityGroup;
import com.pulumi.azure.network.NetworkSecurityGroupArgs;
import com.pulumi.azure.network.NetworkSecurityRule;
import com.pulumi.azure.network.NetworkSecurityRuleArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.inputs.SubnetDelegationArgs;
import com.pulumi.azure.network.inputs.SubnetDelegationServiceDelegationArgs;
import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation;
import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs;
import com.pulumi.azure.network.RouteTable;
import com.pulumi.azure.network.RouteTableArgs;
import com.pulumi.azure.network.SubnetRouteTableAssociation;
import com.pulumi.azure.network.SubnetRouteTableAssociationArgs;
import com.pulumi.azure.sql.ManagedInstance;
import com.pulumi.azure.sql.ManagedInstanceArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("database-rg")
.location("West Europe")
.build());
var exampleNetworkSecurityGroup = new NetworkSecurityGroup("exampleNetworkSecurityGroup", NetworkSecurityGroupArgs.builder()
.name("mi-security-group")
.location(example.location())
.resourceGroupName(example.name())
.build());
var allowManagementInbound = new NetworkSecurityRule("allowManagementInbound", NetworkSecurityRuleArgs.builder()
.name("allow_management_inbound")
.priority(106)
.direction("Inbound")
.access("Allow")
.protocol("Tcp")
.sourcePortRange("*")
.destinationPortRanges(
"9000",
"9003",
"1438",
"1440",
"1452")
.sourceAddressPrefix("*")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var allowMisubnetInbound = new NetworkSecurityRule("allowMisubnetInbound", NetworkSecurityRuleArgs.builder()
.name("allow_misubnet_inbound")
.priority(200)
.direction("Inbound")
.access("Allow")
.protocol("*")
.sourcePortRange("*")
.destinationPortRange("*")
.sourceAddressPrefix("10.0.0.0/24")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var allowHealthProbeInbound = new NetworkSecurityRule("allowHealthProbeInbound", NetworkSecurityRuleArgs.builder()
.name("allow_health_probe_inbound")
.priority(300)
.direction("Inbound")
.access("Allow")
.protocol("*")
.sourcePortRange("*")
.destinationPortRange("*")
.sourceAddressPrefix("AzureLoadBalancer")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var allowTdsInbound = new NetworkSecurityRule("allowTdsInbound", NetworkSecurityRuleArgs.builder()
.name("allow_tds_inbound")
.priority(1000)
.direction("Inbound")
.access("Allow")
.protocol("Tcp")
.sourcePortRange("*")
.destinationPortRange("1433")
.sourceAddressPrefix("VirtualNetwork")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var denyAllInbound = new NetworkSecurityRule("denyAllInbound", NetworkSecurityRuleArgs.builder()
.name("deny_all_inbound")
.priority(4096)
.direction("Inbound")
.access("Deny")
.protocol("*")
.sourcePortRange("*")
.destinationPortRange("*")
.sourceAddressPrefix("*")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var allowManagementOutbound = new NetworkSecurityRule("allowManagementOutbound", NetworkSecurityRuleArgs.builder()
.name("allow_management_outbound")
.priority(102)
.direction("Outbound")
.access("Allow")
.protocol("Tcp")
.sourcePortRange("*")
.destinationPortRanges(
"80",
"443",
"12000")
.sourceAddressPrefix("*")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var allowMisubnetOutbound = new NetworkSecurityRule("allowMisubnetOutbound", NetworkSecurityRuleArgs.builder()
.name("allow_misubnet_outbound")
.priority(200)
.direction("Outbound")
.access("Allow")
.protocol("*")
.sourcePortRange("*")
.destinationPortRange("*")
.sourceAddressPrefix("10.0.0.0/24")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var denyAllOutbound = new NetworkSecurityRule("denyAllOutbound", NetworkSecurityRuleArgs.builder()
.name("deny_all_outbound")
.priority(4096)
.direction("Outbound")
.access("Deny")
.protocol("*")
.sourcePortRange("*")
.destinationPortRange("*")
.sourceAddressPrefix("*")
.destinationAddressPrefix("*")
.resourceGroupName(example.name())
.networkSecurityGroupName(exampleNetworkSecurityGroup.name())
.build());
var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
.name("vnet-mi")
.resourceGroupName(example.name())
.addressSpaces("10.0.0.0/16")
.location(example.location())
.build());
var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
.name("subnet-mi")
.resourceGroupName(example.name())
.virtualNetworkName(exampleVirtualNetwork.name())
.addressPrefixes("10.0.0.0/24")
.delegations(SubnetDelegationArgs.builder()
.name("managedinstancedelegation")
.serviceDelegation(SubnetDelegationServiceDelegationArgs.builder()
.name("Microsoft.Sql/managedInstances")
.actions(
"Microsoft.Network/virtualNetworks/subnets/join/action",
"Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
"Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action")
.build())
.build())
.build());
var exampleSubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", SubnetNetworkSecurityGroupAssociationArgs.builder()
.subnetId(exampleSubnet.id())
.networkSecurityGroupId(exampleNetworkSecurityGroup.id())
.build());
var exampleRouteTable = new RouteTable("exampleRouteTable", RouteTableArgs.builder()
.name("routetable-mi")
.location(example.location())
.resourceGroupName(example.name())
.disableBgpRoutePropagation(false)
.build());
var exampleSubnetRouteTableAssociation = new SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", SubnetRouteTableAssociationArgs.builder()
.subnetId(exampleSubnet.id())
.routeTableId(exampleRouteTable.id())
.build());
var exampleManagedInstance = new ManagedInstance("exampleManagedInstance", ManagedInstanceArgs.builder()
.name("managedsqlinstance")
.resourceGroupName(example.name())
.location(example.location())
.administratorLogin("mradministrator")
.administratorLoginPassword("thisIsDog11")
.licenseType("BasePrice")
.subnetId(exampleSubnet.id())
.skuName("GP_Gen5")
.vcores(4)
.storageSizeInGb(32)
.build());
}
}Content copied to clipboard
Import
SQL Servers can be imported using the resource id, e.g.
$ pulumi import azure:sql/managedInstance:ManagedInstance example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/managedInstances/myserverContent copied to clipboard
Properties
Link copied to clipboard
The password associated with the administrator_login user. Needs to comply with Azure's Password Policy
Link copied to clipboard