Server
data class ServerMicrosoftSupportAuditingPolicyArgs(val blobStorageEndpoint: Output<String>? = null, val enabled: Output<Boolean>? = null, val logMonitoringEnabled: Output<Boolean>? = null, val serverId: Output<String>? = null, val storageAccountAccessKey: Output<String>? = null, val storageAccountSubscriptionId: Output<String>? = null) : ConvertibleToJava<ServerMicrosoftSupportAuditingPolicyArgs>
Manages a MS SQL Server Microsoft Support Auditing Policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleServer = new azure.mssql.Server("example", {
name: "example-sqlserver",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "missadministrator",
administratorLoginPassword: "AdminPassword123!",
});
const exampleAccount = new azure.storage.Account("example", {
name: "examplesa",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleServerMicrosoftSupportAuditingPolicy = new azure.mssql.ServerMicrosoftSupportAuditingPolicy("example", {
serverId: exampleServer.id,
blobStorageEndpoint: exampleAccount.primaryBlobEndpoint,
storageAccountAccessKey: exampleAccount.primaryAccessKey,
});Content copied to clipboard
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_server = azure.mssql.Server("example",
name="example-sqlserver",
resource_group_name=example.name,
location=example.location,
version="12.0",
administrator_login="missadministrator",
administrator_login_password="AdminPassword123!")
example_account = azure.storage.Account("example",
name="examplesa",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_server_microsoft_support_auditing_policy = azure.mssql.ServerMicrosoftSupportAuditingPolicy("example",
server_id=example_server.id,
blob_storage_endpoint=example_account.primary_blob_endpoint,
storage_account_access_key=example_account.primary_access_key)Content copied to clipboard
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleServer = new Azure.MSSql.Server("example", new()
{
Name = "example-sqlserver",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "missadministrator",
AdministratorLoginPassword = "AdminPassword123!",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "examplesa",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleServerMicrosoftSupportAuditingPolicy = new Azure.MSSql.ServerMicrosoftSupportAuditingPolicy("example", new()
{
ServerId = exampleServer.Id,
BlobStorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
});
});Content copied to clipboard
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/mssql"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
Name: pulumi.String("example-sqlserver"),
ResourceGroupName: example.Name,
Location: example.Location,
Version: pulumi.String("12.0"),
AdministratorLogin: pulumi.String("missadministrator"),
AdministratorLoginPassword: pulumi.String("AdminPassword123!"),
})
if err != nil {
return err
}
exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("examplesa"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
_, err = mssql.NewServerMicrosoftSupportAuditingPolicy(ctx, "example", &mssql.ServerMicrosoftSupportAuditingPolicyArgs{
ServerId: exampleServer.ID(),
BlobStorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
})
if err != nil {
return err
}
return nil
})
}Content copied to clipboard
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.mssql.Server;
import com.pulumi.azure.mssql.ServerArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicy;
import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleServer = new Server("exampleServer", ServerArgs.builder()
.name("example-sqlserver")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("missadministrator")
.administratorLoginPassword("AdminPassword123!")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("examplesa")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleServerMicrosoftSupportAuditingPolicy = new ServerMicrosoftSupportAuditingPolicy("exampleServerMicrosoftSupportAuditingPolicy", ServerMicrosoftSupportAuditingPolicyArgs.builder()
.serverId(exampleServer.id())
.blobStorageEndpoint(exampleAccount.primaryBlobEndpoint())
.storageAccountAccessKey(exampleAccount.primaryAccessKey())
.build());
}
}Content copied to clipboard
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: example-sqlserver
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: missadministrator
administratorLoginPassword: AdminPassword123!
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: examplesa
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleServerMicrosoftSupportAuditingPolicy:
type: azure:mssql:ServerMicrosoftSupportAuditingPolicy
name: example
properties:
serverId: ${exampleServer.id}
blobStorageEndpoint: ${exampleAccount.primaryBlobEndpoint}
storageAccountAccessKey: ${exampleAccount.primaryAccessKey}Content copied to clipboard
With Storage Account Behind VNet And Firewall
resources:
exampleResourceGroup:
type: azure:core:ResourceGroup
name: example
properties:
name: example
location: West Europe
exampleVirtualNetwork:
type: azure:network:VirtualNetwork
name: example
properties:
name: virtnetname-1
addressSpaces:
- 10.0.0.0/16
location: ${exampleResourceGroup.location}
resourceGroupName: ${exampleResourceGroup.name}
exampleSubnet:
type: azure:network:Subnet
name: example
properties:
name: subnetname-1
resourceGroupName: ${exampleResourceGroup.name}
virtualNetworkName: ${exampleVirtualNetwork.name}
addressPrefixes:
- 10.0.2.0/24
serviceEndpoints:
- Microsoft.Sql
- Microsoft.Storage
enforcePrivateLinkEndpointNetworkPolicies: true
exampleAssignment:
type: azure:authorization:Assignment
name: example
properties:
scope: ${primary.id}
roleDefinitionName: Storage Blob Data Contributor
principalId: ${exampleServer.identity.principalId}
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: example-sqlserver
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
version: '12.0'
administratorLogin: missadministrator
administratorLoginPassword: AdminPassword123!
minimumTlsVersion: '1.2'
identity:
type: SystemAssigned
sqlvnetrule:
type: azurerm:sqlVirtualNetworkRule
properties:
name: sql-vnet-rule
resourceGroupName: ${exampleResourceGroup.name}
serverName: ${exampleServer.name}
subnetId: ${exampleSubnet.id}
exampleSqlFirewallRule:
type: azurerm:sqlFirewallRule
name: example
properties:
name: FirewallRule1
resourceGroupName: ${exampleResourceGroup.name}
serverName: ${exampleServer.name}
startIpAddress: 0.0.0.0
endIpAddress: 0.0.0.0
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: examplesa
resourceGroupName: ${exampleResourceGroup.name}
location: ${exampleResourceGroup.location}
accountTier: Standard
accountReplicationType: LRS
accountKind: StorageV2
allowNestedItemsToBePublic: false
networkRules:
defaultAction: Deny
ipRules:
- 127.0.0.1
virtualNetworkSubnetIds:
- ${exampleSubnet.id}
bypasses:
- AzureServices
identity:
type: SystemAssigned
exampleServerMicrosoftSupportAuditingPolicy:
type: azure:mssql:ServerMicrosoftSupportAuditingPolicy
name: example
properties:
blobStorageEndpoint: ${exampleAccount.primaryBlobEndpoint}
serverId: ${exampleServer.id}
logMonitoringEnabled: false
storageAccountSubscriptionId: ${primaryAzurermSubscription.subscriptionId}
options:
dependsOn:
- ${exampleAssignment}
- ${exampleAccount}
variables:
primary:
fn::invoke:
function: azure:core:getSubscription
arguments: {}
example:
fn::invoke:
function: azure:core:getClientConfig
arguments: {}Content copied to clipboard
API Providers
This resource uses the following Azure API Providers:
Microsoft.Sql: 2023-08-01-preview
Import
MS SQL Server Microsoft Support Auditing Policies can be imported using the resource id, e.g.
$ pulumi import azure:mssql/serverMicrosoftSupportAuditingPolicy:ServerMicrosoftSupportAuditingPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/sqlServer1/devOpsAuditingSettings/defaultContent copied to clipboard
Properties
Link copied to clipboard
The blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Microsoft support auditing logs.
Link copied to clipboard
Enable audit events to Azure Monitor? To enable server audit events to Azure Monitor, please enable its main database audit events to Azure Monitor. Defaults to true.
Link copied to clipboard
The access key to use for the auditing storage account.
Link copied to clipboard
The ID of the Subscription containing the Storage Account.