We recommend using Azure Native.
azure.mssql.Server
Explore with Pulumi AI
Manages a Microsoft SQL Azure Database Server.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "database-rg",
location: "West Europe",
});
const exampleServer = new azure.mssql.Server("example", {
name: "mssqlserver",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "missadministrator",
administratorLoginPassword: "thisIsKat11",
minimumTlsVersion: "1.2",
azureadAdministrator: {
loginUsername: "AzureAD Admin",
objectId: "00000000-0000-0000-0000-000000000000",
},
tags: {
environment: "production",
},
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="database-rg",
location="West Europe")
example_server = azure.mssql.Server("example",
name="mssqlserver",
resource_group_name=example.name,
location=example.location,
version="12.0",
administrator_login="missadministrator",
administrator_login_password="thisIsKat11",
minimum_tls_version="1.2",
azuread_administrator={
"login_username": "AzureAD Admin",
"object_id": "00000000-0000-0000-0000-000000000000",
},
tags={
"environment": "production",
})
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/mssql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("database-rg"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
_, err = mssql.NewServer(ctx, "example", &mssql.ServerArgs{
Name: pulumi.String("mssqlserver"),
ResourceGroupName: example.Name,
Location: example.Location,
Version: pulumi.String("12.0"),
AdministratorLogin: pulumi.String("missadministrator"),
AdministratorLoginPassword: pulumi.String("thisIsKat11"),
MinimumTlsVersion: pulumi.String("1.2"),
AzureadAdministrator: &mssql.ServerAzureadAdministratorArgs{
LoginUsername: pulumi.String("AzureAD Admin"),
ObjectId: pulumi.String("00000000-0000-0000-0000-000000000000"),
},
Tags: pulumi.StringMap{
"environment": pulumi.String("production"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "database-rg",
Location = "West Europe",
});
var exampleServer = new Azure.MSSql.Server("example", new()
{
Name = "mssqlserver",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "missadministrator",
AdministratorLoginPassword = "thisIsKat11",
MinimumTlsVersion = "1.2",
AzureadAdministrator = new Azure.MSSql.Inputs.ServerAzureadAdministratorArgs
{
LoginUsername = "AzureAD Admin",
ObjectId = "00000000-0000-0000-0000-000000000000",
},
Tags =
{
{ "environment", "production" },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.mssql.Server;
import com.pulumi.azure.mssql.ServerArgs;
import com.pulumi.azure.mssql.inputs.ServerAzureadAdministratorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("database-rg")
.location("West Europe")
.build());
var exampleServer = new Server("exampleServer", ServerArgs.builder()
.name("mssqlserver")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("missadministrator")
.administratorLoginPassword("thisIsKat11")
.minimumTlsVersion("1.2")
.azureadAdministrator(ServerAzureadAdministratorArgs.builder()
.loginUsername("AzureAD Admin")
.objectId("00000000-0000-0000-0000-000000000000")
.build())
.tags(Map.of("environment", "production"))
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: database-rg
location: West Europe
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: mssqlserver
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: missadministrator
administratorLoginPassword: thisIsKat11
minimumTlsVersion: '1.2'
azureadAdministrator:
loginUsername: AzureAD Admin
objectId: 00000000-0000-0000-0000-000000000000
tags:
environment: production
Transparent Data Encryption(TDE) With A Customer Managed Key(CMK) During Create
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const current = azure.core.getClientConfig({});
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
name: "example-admin",
location: example.location,
resourceGroupName: example.name,
});
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
const exampleKeyVault = new azure.keyvault.KeyVault("example", {
name: "mssqltdeexample",
location: example.location,
resourceGroupName: example.name,
enabledForDiskEncryption: true,
tenantId: exampleUserAssignedIdentity.tenantId,
softDeleteRetentionDays: 7,
purgeProtectionEnabled: true,
skuName: "standard",
accessPolicies: [
{
tenantId: current.then(current => current.tenantId),
objectId: current.then(current => current.objectId),
keyPermissions: [
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
],
},
{
tenantId: exampleUserAssignedIdentity.tenantId,
objectId: exampleUserAssignedIdentity.principalId,
keyPermissions: [
"Get",
"WrapKey",
"UnwrapKey",
],
},
],
});
const exampleKey = new azure.keyvault.Key("example", {
name: "example-key",
keyVaultId: exampleKeyVault.id,
keyType: "RSA",
keySize: 2048,
keyOpts: [
"unwrapKey",
"wrapKey",
],
}, {
dependsOn: [exampleKeyVault],
});
const exampleServer = new azure.mssql.Server("example", {
name: "example-resource",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "Example-Administrator",
administratorLoginPassword: "Example_Password!",
minimumTlsVersion: "1.2",
azureadAdministrator: {
loginUsername: exampleUserAssignedIdentity.name,
objectId: exampleUserAssignedIdentity.principalId,
},
identity: {
type: "UserAssigned",
identityIds: [exampleUserAssignedIdentity.id],
},
primaryUserAssignedIdentityId: exampleUserAssignedIdentity.id,
transparentDataEncryptionKeyVaultKeyId: exampleKey.id,
});
import pulumi
import pulumi_azure as azure
current = azure.core.get_client_config()
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
name="example-admin",
location=example.location,
resource_group_name=example.name)
# Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
example_key_vault = azure.keyvault.KeyVault("example",
name="mssqltdeexample",
location=example.location,
resource_group_name=example.name,
enabled_for_disk_encryption=True,
tenant_id=example_user_assigned_identity.tenant_id,
soft_delete_retention_days=7,
purge_protection_enabled=True,
sku_name="standard",
access_policies=[
{
"tenant_id": current.tenant_id,
"object_id": current.object_id,
"key_permissions": [
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
],
},
{
"tenant_id": example_user_assigned_identity.tenant_id,
"object_id": example_user_assigned_identity.principal_id,
"key_permissions": [
"Get",
"WrapKey",
"UnwrapKey",
],
},
])
example_key = azure.keyvault.Key("example",
name="example-key",
key_vault_id=example_key_vault.id,
key_type="RSA",
key_size=2048,
key_opts=[
"unwrapKey",
"wrapKey",
],
opts = pulumi.ResourceOptions(depends_on=[example_key_vault]))
example_server = azure.mssql.Server("example",
name="example-resource",
resource_group_name=example.name,
location=example.location,
version="12.0",
administrator_login="Example-Administrator",
administrator_login_password="Example_Password!",
minimum_tls_version="1.2",
azuread_administrator={
"login_username": example_user_assigned_identity.name,
"object_id": example_user_assigned_identity.principal_id,
},
identity={
"type": "UserAssigned",
"identity_ids": [example_user_assigned_identity.id],
},
primary_user_assigned_identity_id=example_user_assigned_identity.id,
transparent_data_encryption_key_vault_key_id=example_key.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/mssql"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
current, err := core.GetClientConfig(ctx, map[string]interface{}{}, nil)
if err != nil {
return err
}
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
Name: pulumi.String("example-admin"),
Location: example.Location,
ResourceGroupName: example.Name,
})
if err != nil {
return err
}
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
Name: pulumi.String("mssqltdeexample"),
Location: example.Location,
ResourceGroupName: example.Name,
EnabledForDiskEncryption: pulumi.Bool(true),
TenantId: exampleUserAssignedIdentity.TenantId,
SoftDeleteRetentionDays: pulumi.Int(7),
PurgeProtectionEnabled: pulumi.Bool(true),
SkuName: pulumi.String("standard"),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.String(current.TenantId),
ObjectId: pulumi.String(current.ObjectId),
KeyPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Create"),
pulumi.String("Delete"),
pulumi.String("Update"),
pulumi.String("Recover"),
pulumi.String("Purge"),
pulumi.String("GetRotationPolicy"),
},
},
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: exampleUserAssignedIdentity.TenantId,
ObjectId: exampleUserAssignedIdentity.PrincipalId,
KeyPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("WrapKey"),
pulumi.String("UnwrapKey"),
},
},
},
})
if err != nil {
return err
}
exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
Name: pulumi.String("example-key"),
KeyVaultId: exampleKeyVault.ID(),
KeyType: pulumi.String("RSA"),
KeySize: pulumi.Int(2048),
KeyOpts: pulumi.StringArray{
pulumi.String("unwrapKey"),
pulumi.String("wrapKey"),
},
}, pulumi.DependsOn([]pulumi.Resource{
exampleKeyVault,
}))
if err != nil {
return err
}
_, err = mssql.NewServer(ctx, "example", &mssql.ServerArgs{
Name: pulumi.String("example-resource"),
ResourceGroupName: example.Name,
Location: example.Location,
Version: pulumi.String("12.0"),
AdministratorLogin: pulumi.String("Example-Administrator"),
AdministratorLoginPassword: pulumi.String("Example_Password!"),
MinimumTlsVersion: pulumi.String("1.2"),
AzureadAdministrator: &mssql.ServerAzureadAdministratorArgs{
LoginUsername: exampleUserAssignedIdentity.Name,
ObjectId: exampleUserAssignedIdentity.PrincipalId,
},
Identity: &mssql.ServerIdentityArgs{
Type: pulumi.String("UserAssigned"),
IdentityIds: pulumi.StringArray{
exampleUserAssignedIdentity.ID(),
},
},
PrimaryUserAssignedIdentityId: exampleUserAssignedIdentity.ID(),
TransparentDataEncryptionKeyVaultKeyId: exampleKey.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var current = Azure.Core.GetClientConfig.Invoke();
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
{
Name = "example-admin",
Location = example.Location,
ResourceGroupName = example.Name,
});
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
{
Name = "mssqltdeexample",
Location = example.Location,
ResourceGroupName = example.Name,
EnabledForDiskEncryption = true,
TenantId = exampleUserAssignedIdentity.TenantId,
SoftDeleteRetentionDays = 7,
PurgeProtectionEnabled = true,
SkuName = "standard",
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
KeyPermissions = new[]
{
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
},
},
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = exampleUserAssignedIdentity.TenantId,
ObjectId = exampleUserAssignedIdentity.PrincipalId,
KeyPermissions = new[]
{
"Get",
"WrapKey",
"UnwrapKey",
},
},
},
});
var exampleKey = new Azure.KeyVault.Key("example", new()
{
Name = "example-key",
KeyVaultId = exampleKeyVault.Id,
KeyType = "RSA",
KeySize = 2048,
KeyOpts = new[]
{
"unwrapKey",
"wrapKey",
},
}, new CustomResourceOptions
{
DependsOn =
{
exampleKeyVault,
},
});
var exampleServer = new Azure.MSSql.Server("example", new()
{
Name = "example-resource",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "Example-Administrator",
AdministratorLoginPassword = "Example_Password!",
MinimumTlsVersion = "1.2",
AzureadAdministrator = new Azure.MSSql.Inputs.ServerAzureadAdministratorArgs
{
LoginUsername = exampleUserAssignedIdentity.Name,
ObjectId = exampleUserAssignedIdentity.PrincipalId,
},
Identity = new Azure.MSSql.Inputs.ServerIdentityArgs
{
Type = "UserAssigned",
IdentityIds = new[]
{
exampleUserAssignedIdentity.Id,
},
},
PrimaryUserAssignedIdentityId = exampleUserAssignedIdentity.Id,
TransparentDataEncryptionKeyVaultKeyId = exampleKey.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.mssql.Server;
import com.pulumi.azure.mssql.ServerArgs;
import com.pulumi.azure.mssql.inputs.ServerAzureadAdministratorArgs;
import com.pulumi.azure.mssql.inputs.ServerIdentityArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var current = CoreFunctions.getClientConfig();
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
.name("example-admin")
.location(example.location())
.resourceGroupName(example.name())
.build());
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("mssqltdeexample")
.location(example.location())
.resourceGroupName(example.name())
.enabledForDiskEncryption(true)
.tenantId(exampleUserAssignedIdentity.tenantId())
.softDeleteRetentionDays(7)
.purgeProtectionEnabled(true)
.skuName("standard")
.accessPolicies(
KeyVaultAccessPolicyArgs.builder()
.tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
.objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
.keyPermissions(
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy")
.build(),
KeyVaultAccessPolicyArgs.builder()
.tenantId(exampleUserAssignedIdentity.tenantId())
.objectId(exampleUserAssignedIdentity.principalId())
.keyPermissions(
"Get",
"WrapKey",
"UnwrapKey")
.build())
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.name("example-key")
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"unwrapKey",
"wrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleKeyVault)
.build());
var exampleServer = new Server("exampleServer", ServerArgs.builder()
.name("example-resource")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("Example-Administrator")
.administratorLoginPassword("Example_Password!")
.minimumTlsVersion("1.2")
.azureadAdministrator(ServerAzureadAdministratorArgs.builder()
.loginUsername(exampleUserAssignedIdentity.name())
.objectId(exampleUserAssignedIdentity.principalId())
.build())
.identity(ServerIdentityArgs.builder()
.type("UserAssigned")
.identityIds(exampleUserAssignedIdentity.id())
.build())
.primaryUserAssignedIdentityId(exampleUserAssignedIdentity.id())
.transparentDataEncryptionKeyVaultKeyId(exampleKey.id())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleUserAssignedIdentity:
type: azure:authorization:UserAssignedIdentity
name: example
properties:
name: example-admin
location: ${example.location}
resourceGroupName: ${example.name}
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: example-resource
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: Example-Administrator
administratorLoginPassword: Example_Password!
minimumTlsVersion: '1.2'
azureadAdministrator:
loginUsername: ${exampleUserAssignedIdentity.name}
objectId: ${exampleUserAssignedIdentity.principalId}
identity:
type: UserAssigned
identityIds:
- ${exampleUserAssignedIdentity.id}
primaryUserAssignedIdentityId: ${exampleUserAssignedIdentity.id}
transparentDataEncryptionKeyVaultKeyId: ${exampleKey.id}
# Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
exampleKeyVault:
type: azure:keyvault:KeyVault
name: example
properties:
name: mssqltdeexample
location: ${example.location}
resourceGroupName: ${example.name}
enabledForDiskEncryption: true
tenantId: ${exampleUserAssignedIdentity.tenantId}
softDeleteRetentionDays: 7
purgeProtectionEnabled: true
skuName: standard
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
keyPermissions:
- Get
- List
- Create
- Delete
- Update
- Recover
- Purge
- GetRotationPolicy
- tenantId: ${exampleUserAssignedIdentity.tenantId}
objectId: ${exampleUserAssignedIdentity.principalId}
keyPermissions:
- Get
- WrapKey
- UnwrapKey
exampleKey:
type: azure:keyvault:Key
name: example
properties:
name: example-key
keyVaultId: ${exampleKeyVault.id}
keyType: RSA
keySize: 2048
keyOpts:
- unwrapKey
- wrapKey
options:
dependson:
- ${exampleKeyVault}
variables:
current:
fn::invoke:
Function: azure:core:getClientConfig
Arguments: {}
Create Server Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Server(name: string, args: ServerArgs, opts?: CustomResourceOptions);
@overload
def Server(resource_name: str,
args: ServerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Server(resource_name: str,
opts: Optional[ResourceOptions] = None,
resource_group_name: Optional[str] = None,
version: Optional[str] = None,
minimum_tls_version: Optional[str] = None,
connection_policy: Optional[str] = None,
identity: Optional[ServerIdentityArgs] = None,
location: Optional[str] = None,
administrator_login: Optional[str] = None,
name: Optional[str] = None,
outbound_network_restriction_enabled: Optional[bool] = None,
primary_user_assigned_identity_id: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
azuread_administrator: Optional[ServerAzureadAdministratorArgs] = None,
tags: Optional[Mapping[str, str]] = None,
transparent_data_encryption_key_vault_key_id: Optional[str] = None,
administrator_login_password: Optional[str] = None)
func NewServer(ctx *Context, name string, args ServerArgs, opts ...ResourceOption) (*Server, error)
public Server(string name, ServerArgs args, CustomResourceOptions? opts = null)
public Server(String name, ServerArgs args)
public Server(String name, ServerArgs args, CustomResourceOptions options)
type: azure:mssql:Server
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ServerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ServerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ServerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ServerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ServerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var exampleserverResourceResourceFromMssqlserver = new Azure.MSSql.Server("exampleserverResourceResourceFromMssqlserver", new()
{
ResourceGroupName = "string",
Version = "string",
MinimumTlsVersion = "string",
ConnectionPolicy = "string",
Identity = new Azure.MSSql.Inputs.ServerIdentityArgs
{
Type = "string",
IdentityIds = new[]
{
"string",
},
PrincipalId = "string",
TenantId = "string",
},
Location = "string",
AdministratorLogin = "string",
Name = "string",
OutboundNetworkRestrictionEnabled = false,
PrimaryUserAssignedIdentityId = "string",
PublicNetworkAccessEnabled = false,
AzureadAdministrator = new Azure.MSSql.Inputs.ServerAzureadAdministratorArgs
{
LoginUsername = "string",
ObjectId = "string",
AzureadAuthenticationOnly = false,
TenantId = "string",
},
Tags =
{
{ "string", "string" },
},
TransparentDataEncryptionKeyVaultKeyId = "string",
AdministratorLoginPassword = "string",
});
example, err := mssql.NewServer(ctx, "exampleserverResourceResourceFromMssqlserver", &mssql.ServerArgs{
ResourceGroupName: pulumi.String("string"),
Version: pulumi.String("string"),
MinimumTlsVersion: pulumi.String("string"),
ConnectionPolicy: pulumi.String("string"),
Identity: &mssql.ServerIdentityArgs{
Type: pulumi.String("string"),
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
PrincipalId: pulumi.String("string"),
TenantId: pulumi.String("string"),
},
Location: pulumi.String("string"),
AdministratorLogin: pulumi.String("string"),
Name: pulumi.String("string"),
OutboundNetworkRestrictionEnabled: pulumi.Bool(false),
PrimaryUserAssignedIdentityId: pulumi.String("string"),
PublicNetworkAccessEnabled: pulumi.Bool(false),
AzureadAdministrator: &mssql.ServerAzureadAdministratorArgs{
LoginUsername: pulumi.String("string"),
ObjectId: pulumi.String("string"),
AzureadAuthenticationOnly: pulumi.Bool(false),
TenantId: pulumi.String("string"),
},
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
TransparentDataEncryptionKeyVaultKeyId: pulumi.String("string"),
AdministratorLoginPassword: pulumi.String("string"),
})
var exampleserverResourceResourceFromMssqlserver = new Server("exampleserverResourceResourceFromMssqlserver", ServerArgs.builder()
.resourceGroupName("string")
.version("string")
.minimumTlsVersion("string")
.connectionPolicy("string")
.identity(ServerIdentityArgs.builder()
.type("string")
.identityIds("string")
.principalId("string")
.tenantId("string")
.build())
.location("string")
.administratorLogin("string")
.name("string")
.outboundNetworkRestrictionEnabled(false)
.primaryUserAssignedIdentityId("string")
.publicNetworkAccessEnabled(false)
.azureadAdministrator(ServerAzureadAdministratorArgs.builder()
.loginUsername("string")
.objectId("string")
.azureadAuthenticationOnly(false)
.tenantId("string")
.build())
.tags(Map.of("string", "string"))
.transparentDataEncryptionKeyVaultKeyId("string")
.administratorLoginPassword("string")
.build());
exampleserver_resource_resource_from_mssqlserver = azure.mssql.Server("exampleserverResourceResourceFromMssqlserver",
resource_group_name="string",
version="string",
minimum_tls_version="string",
connection_policy="string",
identity={
"type": "string",
"identity_ids": ["string"],
"principal_id": "string",
"tenant_id": "string",
},
location="string",
administrator_login="string",
name="string",
outbound_network_restriction_enabled=False,
primary_user_assigned_identity_id="string",
public_network_access_enabled=False,
azuread_administrator={
"login_username": "string",
"object_id": "string",
"azuread_authentication_only": False,
"tenant_id": "string",
},
tags={
"string": "string",
},
transparent_data_encryption_key_vault_key_id="string",
administrator_login_password="string")
const exampleserverResourceResourceFromMssqlserver = new azure.mssql.Server("exampleserverResourceResourceFromMssqlserver", {
resourceGroupName: "string",
version: "string",
minimumTlsVersion: "string",
connectionPolicy: "string",
identity: {
type: "string",
identityIds: ["string"],
principalId: "string",
tenantId: "string",
},
location: "string",
administratorLogin: "string",
name: "string",
outboundNetworkRestrictionEnabled: false,
primaryUserAssignedIdentityId: "string",
publicNetworkAccessEnabled: false,
azureadAdministrator: {
loginUsername: "string",
objectId: "string",
azureadAuthenticationOnly: false,
tenantId: "string",
},
tags: {
string: "string",
},
transparentDataEncryptionKeyVaultKeyId: "string",
administratorLoginPassword: "string",
});
type: azure:mssql:Server
properties:
administratorLogin: string
administratorLoginPassword: string
azureadAdministrator:
azureadAuthenticationOnly: false
loginUsername: string
objectId: string
tenantId: string
connectionPolicy: string
identity:
identityIds:
- string
principalId: string
tenantId: string
type: string
location: string
minimumTlsVersion: string
name: string
outboundNetworkRestrictionEnabled: false
primaryUserAssignedIdentityId: string
publicNetworkAccessEnabled: false
resourceGroupName: string
tags:
string: string
transparentDataEncryptionKeyVaultKeyId: string
version: string
Server Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Server resource accepts the following input properties:
- Resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- Version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- Administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - Administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - Azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - Connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - Identity
Server
Identity - An
identity
block as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- Name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- Outbound
Network boolRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - Primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - Public
Network boolAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
- Resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- Version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- Administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - Administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - Azuread
Administrator ServerAzuread Administrator Args - An
azuread_administrator
block as defined below. - Connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - Identity
Server
Identity Args - An
identity
block as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- Name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- Outbound
Network boolRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - Primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - Public
Network boolAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - map[string]string
- A mapping of tags to assign to the resource.
- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
- resource
Group StringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- version String
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login String - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login StringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - connection
Policy String - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - identity
Server
Identity - An
identity
block as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls StringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name String
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network BooleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User StringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network BooleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - Map<String,String>
- A mapping of tags to assign to the resource.
- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
- resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - identity
Server
Identity - An
identity
block as defined below. - location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network booleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network booleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
- resource_
group_ strname - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- version str
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator_
login str - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator_
login_ strpassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread_
administrator ServerAzuread Administrator Args - An
azuread_administrator
block as defined below. - connection_
policy str - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - identity
Server
Identity Args - An
identity
block as defined below. - location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum_
tls_ strversion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name str
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound_
network_ boolrestriction_ enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary_
user_ strassigned_ identity_ id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public_
network_ boolaccess_ enabled - Whether public network access is allowed for this server. Defaults to
true
. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- transparent_
data_ strencryption_ key_ vault_ key_ id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
- resource
Group StringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- version String
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login String - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login StringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator Property Map - An
azuread_administrator
block as defined below. - connection
Policy String - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - identity Property Map
- An
identity
block as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls StringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name String
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network BooleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User StringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network BooleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - Map<String>
- A mapping of tags to assign to the resource.
- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.
Outputs
All input properties are implicitly available as output properties. Additionally, the Server resource produces the following output properties:
- Fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- Id string
- The provider-assigned unique ID for this managed resource.
- Restorable
Dropped List<string>Database Ids - A list of dropped restorable database IDs on the server.
- Fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- Id string
- The provider-assigned unique ID for this managed resource.
- Restorable
Dropped []stringDatabase Ids - A list of dropped restorable database IDs on the server.
- fully
Qualified StringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- id String
- The provider-assigned unique ID for this managed resource.
- restorable
Dropped List<String>Database Ids - A list of dropped restorable database IDs on the server.
- fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- id string
- The provider-assigned unique ID for this managed resource.
- restorable
Dropped string[]Database Ids - A list of dropped restorable database IDs on the server.
- fully_
qualified_ strdomain_ name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- id str
- The provider-assigned unique ID for this managed resource.
- restorable_
dropped_ Sequence[str]database_ ids - A list of dropped restorable database IDs on the server.
- fully
Qualified StringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- id String
- The provider-assigned unique ID for this managed resource.
- restorable
Dropped List<String>Database Ids - A list of dropped restorable database IDs on the server.
Look up Existing Server Resource
Get an existing Server resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ServerState, opts?: CustomResourceOptions): Server
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
administrator_login: Optional[str] = None,
administrator_login_password: Optional[str] = None,
azuread_administrator: Optional[ServerAzureadAdministratorArgs] = None,
connection_policy: Optional[str] = None,
fully_qualified_domain_name: Optional[str] = None,
identity: Optional[ServerIdentityArgs] = None,
location: Optional[str] = None,
minimum_tls_version: Optional[str] = None,
name: Optional[str] = None,
outbound_network_restriction_enabled: Optional[bool] = None,
primary_user_assigned_identity_id: Optional[str] = None,
public_network_access_enabled: Optional[bool] = None,
resource_group_name: Optional[str] = None,
restorable_dropped_database_ids: Optional[Sequence[str]] = None,
tags: Optional[Mapping[str, str]] = None,
transparent_data_encryption_key_vault_key_id: Optional[str] = None,
version: Optional[str] = None) -> Server
func GetServer(ctx *Context, name string, id IDInput, state *ServerState, opts ...ResourceOption) (*Server, error)
public static Server Get(string name, Input<string> id, ServerState? state, CustomResourceOptions? opts = null)
public static Server get(String name, Output<String> id, ServerState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - Administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - Azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - Connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - Fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- Identity
Server
Identity - An
identity
block as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- Name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- Outbound
Network boolRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - Primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - Public
Network boolAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - Resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- Restorable
Dropped List<string>Database Ids - A list of dropped restorable database IDs on the server.
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- Version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- Administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - Administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - Azuread
Administrator ServerAzuread Administrator Args - An
azuread_administrator
block as defined below. - Connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - Fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- Identity
Server
Identity Args - An
identity
block as defined below. - Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- Minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- Name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- Outbound
Network boolRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - Primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - Public
Network boolAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - Resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- Restorable
Dropped []stringDatabase Ids - A list of dropped restorable database IDs on the server.
- map[string]string
- A mapping of tags to assign to the resource.
- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- Version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login String - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login StringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - connection
Policy String - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - fully
Qualified StringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- identity
Server
Identity - An
identity
block as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls StringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name String
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network BooleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User StringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network BooleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - resource
Group StringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- restorable
Dropped List<String>Database Ids - A list of dropped restorable database IDs on the server.
- Map<String,String>
- A mapping of tags to assign to the resource.
- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- version String
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login string - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login stringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator ServerAzuread Administrator - An
azuread_administrator
block as defined below. - connection
Policy string - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - fully
Qualified stringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- identity
Server
Identity - An
identity
block as defined below. - location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls stringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name string
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network booleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User stringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network booleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - resource
Group stringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- restorable
Dropped string[]Database Ids - A list of dropped restorable database IDs on the server.
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- version string
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator_
login str - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator_
login_ strpassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread_
administrator ServerAzuread Administrator Args - An
azuread_administrator
block as defined below. - connection_
policy str - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - fully_
qualified_ strdomain_ name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- identity
Server
Identity Args - An
identity
block as defined below. - location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum_
tls_ strversion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name str
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound_
network_ boolrestriction_ enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary_
user_ strassigned_ identity_ id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public_
network_ boolaccess_ enabled - Whether public network access is allowed for this server. Defaults to
true
. - resource_
group_ strname - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- restorable_
dropped_ Sequence[str]database_ ids - A list of dropped restorable database IDs on the server.
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- transparent_
data_ strencryption_ key_ vault_ key_ id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- version str
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
- administrator
Login String - The administrator login name for the new server. Required unless
azuread_authentication_only
in theazuread_administrator
block istrue
. When omitted, Azure will generate a default username which cannot be subsequently changed. Changing this forces a new resource to be created. - administrator
Login StringPassword - The password associated with the
administrator_login
user. Needs to comply with Azure's Password Policy. Required unlessazuread_authentication_only
in theazuread_administrator
block istrue
. - azuread
Administrator Property Map - An
azuread_administrator
block as defined below. - connection
Policy String - The connection policy the server will use. Possible values are
Default
,Proxy
, andRedirect
. Defaults toDefault
. - fully
Qualified StringDomain Name - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)
- identity Property Map
- An
identity
block as defined below. - location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- minimum
Tls StringVersion The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are:
1.0
,1.1
,1.2
andDisabled
. Defaults to1.2
.NOTE: The
minimum_tls_version
is set toDisabled
means all TLS versions are allowed. After you enforce a version ofminimum_tls_version
, it's not possible to revert toDisabled
.- name String
- The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- outbound
Network BooleanRestriction Enabled - Whether outbound network traffic is restricted for this server. Defaults to
false
. - primary
User StringAssigned Identity Id - Specifies the primary user managed identity id. Required if
type
within theidentity
block is set to eitherSystemAssigned, UserAssigned
orUserAssigned
and should be set at same time as settingidentity_ids
. - public
Network BooleanAccess Enabled - Whether public network access is allowed for this server. Defaults to
true
. - resource
Group StringName - The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.
- restorable
Dropped List<String>Database Ids - A list of dropped restorable database IDs on the server.
- Map<String>
- A mapping of tags to assign to the resource.
- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Server
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.NOTE: Cross-tenant
Key Vault
andMicrosoft SQL Server
interactions are not supported. Please see the product documentation for more information.NOTE: When using a firewall with a
Key Vault
, you must enable the optionAllow trusted Microsoft services to bypass the firewall
.- version String
- The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.
Supporting Types
ServerAzureadAdministrator, ServerAzureadAdministratorArgs
- Login
Username string - The login username of the Azure AD Administrator of this SQL Server.
- Object
Id string - The object id of the Azure AD Administrator of this SQL Server.
- Azuread
Authentication boolOnly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - Tenant
Id string - The tenant id of the Azure AD Administrator of this SQL Server.
- Login
Username string - The login username of the Azure AD Administrator of this SQL Server.
- Object
Id string - The object id of the Azure AD Administrator of this SQL Server.
- Azuread
Authentication boolOnly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - Tenant
Id string - The tenant id of the Azure AD Administrator of this SQL Server.
- login
Username String - The login username of the Azure AD Administrator of this SQL Server.
- object
Id String - The object id of the Azure AD Administrator of this SQL Server.
- azuread
Authentication BooleanOnly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - tenant
Id String - The tenant id of the Azure AD Administrator of this SQL Server.
- login
Username string - The login username of the Azure AD Administrator of this SQL Server.
- object
Id string - The object id of the Azure AD Administrator of this SQL Server.
- azuread
Authentication booleanOnly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - tenant
Id string - The tenant id of the Azure AD Administrator of this SQL Server.
- login_
username str - The login username of the Azure AD Administrator of this SQL Server.
- object_
id str - The object id of the Azure AD Administrator of this SQL Server.
- azuread_
authentication_ boolonly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - tenant_
id str - The tenant id of the Azure AD Administrator of this SQL Server.
- login
Username String - The login username of the Azure AD Administrator of this SQL Server.
- object
Id String - The object id of the Azure AD Administrator of this SQL Server.
- azuread
Authentication BooleanOnly - Specifies whether only AD Users and administrators (e.g.
azuread_administrator[0].login_username
) can be used to login, or also local database users (e.g.administrator_login
). Whentrue
, theadministrator_login
andadministrator_login_password
properties can be omitted. - tenant
Id String - The tenant id of the Azure AD Administrator of this SQL Server.
ServerIdentity, ServerIdentityArgs
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - Identity
Ids List<string> Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- Principal
Id string - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- Tenant
Id string - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - Identity
Ids []string Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- Principal
Id string - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- Tenant
Id string - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- principal
Id String - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- tenant
Id String - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
- type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - identity
Ids string[] Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- principal
Id string - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- tenant
Id string - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
- type str
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - identity_
ids Sequence[str] Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- principal_
id str - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- tenant_
id str - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Server. Possible values are
SystemAssigned
,UserAssigned
,SystemAssigned, UserAssigned
(to enable both). - identity
Ids List<String> Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Server.
NOTE: This is required when
type
is set toUserAssigned
NOTE: When
type
is set toSystemAssigned
, the assignedprincipal_id
andtenant_id
can be retrieved after the Microsoft SQL Server has been created. More details are available below.- principal
Id String - The Principal ID for the Service Principal associated with the Identity of this SQL Server.
- tenant
Id String - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.
Import
SQL Servers can be imported using the resource id
, e.g.
$ pulumi import azure:mssql/server:Server example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/servers/myserver
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.