com.pulumi.azure.mssql.kotlin.ServerMicrosoftSupportAuditingPolicyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-azure-kotlin Show documentation
Show all versions of pulumi-azure-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.mssql.kotlin
import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Boolean
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName
/**
* Manages a MS SQL Server Microsoft Support Auditing Policy.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleServer = new azure.mssql.Server("example", {
* name: "example-sqlserver",
* resourceGroupName: example.name,
* location: example.location,
* version: "12.0",
* administratorLogin: "missadministrator",
* administratorLoginPassword: "AdminPassword123!",
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "examplesa",
* resourceGroupName: example.name,
* location: example.location,
* accountTier: "Standard",
* accountReplicationType: "LRS",
* });
* const exampleServerMicrosoftSupportAuditingPolicy = new azure.mssql.ServerMicrosoftSupportAuditingPolicy("example", {
* serverId: exampleServer.id,
* blobStorageEndpoint: exampleAccount.primaryBlobEndpoint,
* storageAccountAccessKey: exampleAccount.primaryAccessKey,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_server = azure.mssql.Server("example",
* name="example-sqlserver",
* resource_group_name=example.name,
* location=example.location,
* version="12.0",
* administrator_login="missadministrator",
* administrator_login_password="AdminPassword123!")
* example_account = azure.storage.Account("example",
* name="examplesa",
* resource_group_name=example.name,
* location=example.location,
* account_tier="Standard",
* account_replication_type="LRS")
* example_server_microsoft_support_auditing_policy = azure.mssql.ServerMicrosoftSupportAuditingPolicy("example",
* server_id=example_server.id,
* blob_storage_endpoint=example_account.primary_blob_endpoint,
* storage_account_access_key=example_account.primary_access_key)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleServer = new Azure.MSSql.Server("example", new()
* {
* Name = "example-sqlserver",
* ResourceGroupName = example.Name,
* Location = example.Location,
* Version = "12.0",
* AdministratorLogin = "missadministrator",
* AdministratorLoginPassword = "AdminPassword123!",
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "examplesa",
* ResourceGroupName = example.Name,
* Location = example.Location,
* AccountTier = "Standard",
* AccountReplicationType = "LRS",
* });
* var exampleServerMicrosoftSupportAuditingPolicy = new Azure.MSSql.ServerMicrosoftSupportAuditingPolicy("example", new()
* {
* ServerId = exampleServer.Id,
* BlobStorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
* Name: pulumi.String("example-sqlserver"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* Version: pulumi.String("12.0"),
* AdministratorLogin: pulumi.String("missadministrator"),
* AdministratorLoginPassword: pulumi.String("AdminPassword123!"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("examplesa"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("LRS"),
* })
* if err != nil {
* return err
* }
* _, err = mssql.NewServerMicrosoftSupportAuditingPolicy(ctx, "example", &mssql.ServerMicrosoftSupportAuditingPolicyArgs{
* ServerId: exampleServer.ID(),
* BlobStorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.mssql.Server;
* import com.pulumi.azure.mssql.ServerArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicy;
* import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleServer = new Server("exampleServer", ServerArgs.builder()
* .name("example-sqlserver")
* .resourceGroupName(example.name())
* .location(example.location())
* .version("12.0")
* .administratorLogin("missadministrator")
* .administratorLoginPassword("AdminPassword123!")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("examplesa")
* .resourceGroupName(example.name())
* .location(example.location())
* .accountTier("Standard")
* .accountReplicationType("LRS")
* .build());
* var exampleServerMicrosoftSupportAuditingPolicy = new ServerMicrosoftSupportAuditingPolicy("exampleServerMicrosoftSupportAuditingPolicy", ServerMicrosoftSupportAuditingPolicyArgs.builder()
* .serverId(exampleServer.id())
* .blobStorageEndpoint(exampleAccount.primaryBlobEndpoint())
* .storageAccountAccessKey(exampleAccount.primaryAccessKey())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleServer:
* type: azure:mssql:Server
* name: example
* properties:
* name: example-sqlserver
* resourceGroupName: ${example.name}
* location: ${example.location}
* version: '12.0'
* administratorLogin: missadministrator
* administratorLoginPassword: AdminPassword123!
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: examplesa
* resourceGroupName: ${example.name}
* location: ${example.location}
* accountTier: Standard
* accountReplicationType: LRS
* exampleServerMicrosoftSupportAuditingPolicy:
* type: azure:mssql:ServerMicrosoftSupportAuditingPolicy
* name: example
* properties:
* serverId: ${exampleServer.id}
* blobStorageEndpoint: ${exampleAccount.primaryBlobEndpoint}
* storageAccountAccessKey: ${exampleAccount.primaryAccessKey}
* ```
*
* ### With Storage Account Behind VNet And Firewall
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const primary = azure.core.getSubscription({});
* const example = azure.core.getClientConfig({});
* const exampleResourceGroup = new azure.core.ResourceGroup("example", {
* name: "example",
* location: "West Europe",
* });
* const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
* name: "virtnetname-1",
* addressSpaces: ["10.0.0.0/16"],
* location: exampleResourceGroup.location,
* resourceGroupName: exampleResourceGroup.name,
* });
* const exampleSubnet = new azure.network.Subnet("example", {
* name: "subnetname-1",
* resourceGroupName: exampleResourceGroup.name,
* virtualNetworkName: exampleVirtualNetwork.name,
* addressPrefixes: ["10.0.2.0/24"],
* serviceEndpoints: [
* "Microsoft.Sql",
* "Microsoft.Storage",
* ],
* enforcePrivateLinkEndpointNetworkPolicies: true,
* });
* const exampleServer = new azure.mssql.Server("example", {
* name: "example-sqlserver",
* resourceGroupName: exampleResourceGroup.name,
* location: exampleResourceGroup.location,
* version: "12.0",
* administratorLogin: "missadministrator",
* administratorLoginPassword: "AdminPassword123!",
* minimumTlsVersion: "1.2",
* identity: {
* type: "SystemAssigned",
* },
* });
* const exampleAssignment = new azure.authorization.Assignment("example", {
* scope: primary.then(primary => primary.id),
* roleDefinitionName: "Storage Blob Data Contributor",
* principalId: exampleServer.identity.apply(identity => identity?.principalId),
* });
* const sqlvnetrule = new azure.sql.VirtualNetworkRule("sqlvnetrule", {
* name: "sql-vnet-rule",
* resourceGroupName: exampleResourceGroup.name,
* serverName: exampleServer.name,
* subnetId: exampleSubnet.id,
* });
* const exampleFirewallRule = new azure.sql.FirewallRule("example", {
* name: "FirewallRule1",
* resourceGroupName: exampleResourceGroup.name,
* serverName: exampleServer.name,
* startIpAddress: "0.0.0.0",
* endIpAddress: "0.0.0.0",
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "examplesa",
* resourceGroupName: exampleResourceGroup.name,
* location: exampleResourceGroup.location,
* accountTier: "Standard",
* accountReplicationType: "LRS",
* accountKind: "StorageV2",
* allowNestedItemsToBePublic: false,
* networkRules: {
* defaultAction: "Deny",
* ipRules: ["127.0.0.1"],
* virtualNetworkSubnetIds: [exampleSubnet.id],
* bypasses: ["AzureServices"],
* },
* identity: {
* type: "SystemAssigned",
* },
* });
* const exampleServerMicrosoftSupportAuditingPolicy = new azure.mssql.ServerMicrosoftSupportAuditingPolicy("example", {
* blobStorageEndpoint: exampleAccount.primaryBlobEndpoint,
* serverId: exampleServer.id,
* logMonitoringEnabled: false,
* storageAccountSubscriptionId: primaryAzurermSubscription.subscriptionId,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* primary = azure.core.get_subscription()
* example = azure.core.get_client_config()
* example_resource_group = azure.core.ResourceGroup("example",
* name="example",
* location="West Europe")
* example_virtual_network = azure.network.VirtualNetwork("example",
* name="virtnetname-1",
* address_spaces=["10.0.0.0/16"],
* location=example_resource_group.location,
* resource_group_name=example_resource_group.name)
* example_subnet = azure.network.Subnet("example",
* name="subnetname-1",
* resource_group_name=example_resource_group.name,
* virtual_network_name=example_virtual_network.name,
* address_prefixes=["10.0.2.0/24"],
* service_endpoints=[
* "Microsoft.Sql",
* "Microsoft.Storage",
* ],
* enforce_private_link_endpoint_network_policies=True)
* example_server = azure.mssql.Server("example",
* name="example-sqlserver",
* resource_group_name=example_resource_group.name,
* location=example_resource_group.location,
* version="12.0",
* administrator_login="missadministrator",
* administrator_login_password="AdminPassword123!",
* minimum_tls_version="1.2",
* identity=azure.mssql.ServerIdentityArgs(
* type="SystemAssigned",
* ))
* example_assignment = azure.authorization.Assignment("example",
* scope=primary.id,
* role_definition_name="Storage Blob Data Contributor",
* principal_id=example_server.identity.principal_id)
* sqlvnetrule = azure.sql.VirtualNetworkRule("sqlvnetrule",
* name="sql-vnet-rule",
* resource_group_name=example_resource_group.name,
* server_name=example_server.name,
* subnet_id=example_subnet.id)
* example_firewall_rule = azure.sql.FirewallRule("example",
* name="FirewallRule1",
* resource_group_name=example_resource_group.name,
* server_name=example_server.name,
* start_ip_address="0.0.0.0",
* end_ip_address="0.0.0.0")
* example_account = azure.storage.Account("example",
* name="examplesa",
* resource_group_name=example_resource_group.name,
* location=example_resource_group.location,
* account_tier="Standard",
* account_replication_type="LRS",
* account_kind="StorageV2",
* allow_nested_items_to_be_public=False,
* network_rules=azure.storage.AccountNetworkRulesArgs(
* default_action="Deny",
* ip_rules=["127.0.0.1"],
* virtual_network_subnet_ids=[example_subnet.id],
* bypasses=["AzureServices"],
* ),
* identity=azure.storage.AccountIdentityArgs(
* type="SystemAssigned",
* ))
* example_server_microsoft_support_auditing_policy = azure.mssql.ServerMicrosoftSupportAuditingPolicy("example",
* blob_storage_endpoint=example_account.primary_blob_endpoint,
* server_id=example_server.id,
* log_monitoring_enabled=False,
* storage_account_subscription_id=primary_azurerm_subscription["subscriptionId"])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var primary = Azure.Core.GetSubscription.Invoke();
* var example = Azure.Core.GetClientConfig.Invoke();
* var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example",
* Location = "West Europe",
* });
* var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
* {
* Name = "virtnetname-1",
* AddressSpaces = new[]
* {
* "10.0.0.0/16",
* },
* Location = exampleResourceGroup.Location,
* ResourceGroupName = exampleResourceGroup.Name,
* });
* var exampleSubnet = new Azure.Network.Subnet("example", new()
* {
* Name = "subnetname-1",
* ResourceGroupName = exampleResourceGroup.Name,
* VirtualNetworkName = exampleVirtualNetwork.Name,
* AddressPrefixes = new[]
* {
* "10.0.2.0/24",
* },
* ServiceEndpoints = new[]
* {
* "Microsoft.Sql",
* "Microsoft.Storage",
* },
* EnforcePrivateLinkEndpointNetworkPolicies = true,
* });
* var exampleServer = new Azure.MSSql.Server("example", new()
* {
* Name = "example-sqlserver",
* ResourceGroupName = exampleResourceGroup.Name,
* Location = exampleResourceGroup.Location,
* Version = "12.0",
* AdministratorLogin = "missadministrator",
* AdministratorLoginPassword = "AdminPassword123!",
* MinimumTlsVersion = "1.2",
* Identity = new Azure.MSSql.Inputs.ServerIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var exampleAssignment = new Azure.Authorization.Assignment("example", new()
* {
* Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
* RoleDefinitionName = "Storage Blob Data Contributor",
* PrincipalId = exampleServer.Identity.Apply(identity => identity?.PrincipalId),
* });
* var sqlvnetrule = new Azure.Sql.VirtualNetworkRule("sqlvnetrule", new()
* {
* Name = "sql-vnet-rule",
* ResourceGroupName = exampleResourceGroup.Name,
* ServerName = exampleServer.Name,
* SubnetId = exampleSubnet.Id,
* });
* var exampleFirewallRule = new Azure.Sql.FirewallRule("example", new()
* {
* Name = "FirewallRule1",
* ResourceGroupName = exampleResourceGroup.Name,
* ServerName = exampleServer.Name,
* StartIpAddress = "0.0.0.0",
* EndIpAddress = "0.0.0.0",
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "examplesa",
* ResourceGroupName = exampleResourceGroup.Name,
* Location = exampleResourceGroup.Location,
* AccountTier = "Standard",
* AccountReplicationType = "LRS",
* AccountKind = "StorageV2",
* AllowNestedItemsToBePublic = false,
* NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
* {
* DefaultAction = "Deny",
* IpRules = new[]
* {
* "127.0.0.1",
* },
* VirtualNetworkSubnetIds = new[]
* {
* exampleSubnet.Id,
* },
* Bypasses = new[]
* {
* "AzureServices",
* },
* },
* Identity = new Azure.Storage.Inputs.AccountIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var exampleServerMicrosoftSupportAuditingPolicy = new Azure.MSSql.ServerMicrosoftSupportAuditingPolicy("example", new()
* {
* BlobStorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
* ServerId = exampleServer.Id,
* LogMonitoringEnabled = false,
* StorageAccountSubscriptionId = primaryAzurermSubscription.SubscriptionId,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* primary, err := core.LookupSubscription(ctx, nil, nil)
* if err != nil {
* return err
* }
* _, err = core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
* Name: pulumi.String("virtnetname-1"),
* AddressSpaces: pulumi.StringArray{
* pulumi.String("10.0.0.0/16"),
* },
* Location: exampleResourceGroup.Location,
* ResourceGroupName: exampleResourceGroup.Name,
* })
* if err != nil {
* return err
* }
* exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
* Name: pulumi.String("subnetname-1"),
* ResourceGroupName: exampleResourceGroup.Name,
* VirtualNetworkName: exampleVirtualNetwork.Name,
* AddressPrefixes: pulumi.StringArray{
* pulumi.String("10.0.2.0/24"),
* },
* ServiceEndpoints: pulumi.StringArray{
* pulumi.String("Microsoft.Sql"),
* pulumi.String("Microsoft.Storage"),
* },
* EnforcePrivateLinkEndpointNetworkPolicies: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
* Name: pulumi.String("example-sqlserver"),
* ResourceGroupName: exampleResourceGroup.Name,
* Location: exampleResourceGroup.Location,
* Version: pulumi.String("12.0"),
* AdministratorLogin: pulumi.String("missadministrator"),
* AdministratorLoginPassword: pulumi.String("AdminPassword123!"),
* MinimumTlsVersion: pulumi.String("1.2"),
* Identity: &mssql.ServerIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = authorization.NewAssignment(ctx, "example", &authorization.AssignmentArgs{
* Scope: pulumi.String(primary.Id),
* RoleDefinitionName: pulumi.String("Storage Blob Data Contributor"),
* PrincipalId: exampleServer.Identity.ApplyT(func(identity mssql.ServerIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput),
* })
* if err != nil {
* return err
* }
* _, err = sql.NewVirtualNetworkRule(ctx, "sqlvnetrule", &sql.VirtualNetworkRuleArgs{
* Name: pulumi.String("sql-vnet-rule"),
* ResourceGroupName: exampleResourceGroup.Name,
* ServerName: exampleServer.Name,
* SubnetId: exampleSubnet.ID(),
* })
* if err != nil {
* return err
* }
* _, err = sql.NewFirewallRule(ctx, "example", &sql.FirewallRuleArgs{
* Name: pulumi.String("FirewallRule1"),
* ResourceGroupName: exampleResourceGroup.Name,
* ServerName: exampleServer.Name,
* StartIpAddress: pulumi.String("0.0.0.0"),
* EndIpAddress: pulumi.String("0.0.0.0"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("examplesa"),
* ResourceGroupName: exampleResourceGroup.Name,
* Location: exampleResourceGroup.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("LRS"),
* AccountKind: pulumi.String("StorageV2"),
* AllowNestedItemsToBePublic: pulumi.Bool(false),
* NetworkRules: &storage.AccountNetworkRulesTypeArgs{
* DefaultAction: pulumi.String("Deny"),
* IpRules: pulumi.StringArray{
* pulumi.String("127.0.0.1"),
* },
* VirtualNetworkSubnetIds: pulumi.StringArray{
* exampleSubnet.ID(),
* },
* Bypasses: pulumi.StringArray{
* pulumi.String("AzureServices"),
* },
* },
* Identity: &storage.AccountIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = mssql.NewServerMicrosoftSupportAuditingPolicy(ctx, "example", &mssql.ServerMicrosoftSupportAuditingPolicyArgs{
* BlobStorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
* ServerId: exampleServer.ID(),
* LogMonitoringEnabled: pulumi.Bool(false),
* StorageAccountSubscriptionId: pulumi.Any(primaryAzurermSubscription.SubscriptionId),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.network.VirtualNetwork;
* import com.pulumi.azure.network.VirtualNetworkArgs;
* import com.pulumi.azure.network.Subnet;
* import com.pulumi.azure.network.SubnetArgs;
* import com.pulumi.azure.mssql.Server;
* import com.pulumi.azure.mssql.ServerArgs;
* import com.pulumi.azure.mssql.inputs.ServerIdentityArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import com.pulumi.azure.sql.VirtualNetworkRule;
* import com.pulumi.azure.sql.VirtualNetworkRuleArgs;
* import com.pulumi.azure.sql.FirewallRule;
* import com.pulumi.azure.sql.FirewallRuleArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs;
* import com.pulumi.azure.storage.inputs.AccountIdentityArgs;
* import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicy;
* import com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var primary = CoreFunctions.getSubscription();
* final var example = CoreFunctions.getClientConfig();
* var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
* .name("example")
* .location("West Europe")
* .build());
* var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
* .name("virtnetname-1")
* .addressSpaces("10.0.0.0/16")
* .location(exampleResourceGroup.location())
* .resourceGroupName(exampleResourceGroup.name())
* .build());
* var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
* .name("subnetname-1")
* .resourceGroupName(exampleResourceGroup.name())
* .virtualNetworkName(exampleVirtualNetwork.name())
* .addressPrefixes("10.0.2.0/24")
* .serviceEndpoints(
* "Microsoft.Sql",
* "Microsoft.Storage")
* .enforcePrivateLinkEndpointNetworkPolicies(true)
* .build());
* var exampleServer = new Server("exampleServer", ServerArgs.builder()
* .name("example-sqlserver")
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .version("12.0")
* .administratorLogin("missadministrator")
* .administratorLoginPassword("AdminPassword123!")
* .minimumTlsVersion("1.2")
* .identity(ServerIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
* .scope(primary.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
* .roleDefinitionName("Storage Blob Data Contributor")
* .principalId(exampleServer.identity().applyValue(identity -> identity.principalId()))
* .build());
* var sqlvnetrule = new VirtualNetworkRule("sqlvnetrule", VirtualNetworkRuleArgs.builder()
* .name("sql-vnet-rule")
* .resourceGroupName(exampleResourceGroup.name())
* .serverName(exampleServer.name())
* .subnetId(exampleSubnet.id())
* .build());
* var exampleFirewallRule = new FirewallRule("exampleFirewallRule", FirewallRuleArgs.builder()
* .name("FirewallRule1")
* .resourceGroupName(exampleResourceGroup.name())
* .serverName(exampleServer.name())
* .startIpAddress("0.0.0.0")
* .endIpAddress("0.0.0.0")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("examplesa")
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .accountTier("Standard")
* .accountReplicationType("LRS")
* .accountKind("StorageV2")
* .allowNestedItemsToBePublic(false)
* .networkRules(AccountNetworkRulesArgs.builder()
* .defaultAction("Deny")
* .ipRules("127.0.0.1")
* .virtualNetworkSubnetIds(exampleSubnet.id())
* .bypasses("AzureServices")
* .build())
* .identity(AccountIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var exampleServerMicrosoftSupportAuditingPolicy = new ServerMicrosoftSupportAuditingPolicy("exampleServerMicrosoftSupportAuditingPolicy", ServerMicrosoftSupportAuditingPolicyArgs.builder()
* .blobStorageEndpoint(exampleAccount.primaryBlobEndpoint())
* .serverId(exampleServer.id())
* .logMonitoringEnabled(false)
* .storageAccountSubscriptionId(primaryAzurermSubscription.subscriptionId())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* exampleResourceGroup:
* type: azure:core:ResourceGroup
* name: example
* properties:
* name: example
* location: West Europe
* exampleVirtualNetwork:
* type: azure:network:VirtualNetwork
* name: example
* properties:
* name: virtnetname-1
* addressSpaces:
* - 10.0.0.0/16
* location: ${exampleResourceGroup.location}
* resourceGroupName: ${exampleResourceGroup.name}
* exampleSubnet:
* type: azure:network:Subnet
* name: example
* properties:
* name: subnetname-1
* resourceGroupName: ${exampleResourceGroup.name}
* virtualNetworkName: ${exampleVirtualNetwork.name}
* addressPrefixes:
* - 10.0.2.0/24
* serviceEndpoints:
* - Microsoft.Sql
* - Microsoft.Storage
* enforcePrivateLinkEndpointNetworkPolicies: true
* exampleAssignment:
* type: azure:authorization:Assignment
* name: example
* properties:
* scope: ${primary.id}
* roleDefinitionName: Storage Blob Data Contributor
* principalId: ${exampleServer.identity.principalId}
* exampleServer:
* type: azure:mssql:Server
* name: example
* properties:
* name: example-sqlserver
* resourceGroupName: ${exampleResourceGroup.name}
* location: ${exampleResourceGroup.location}
* version: '12.0'
* administratorLogin: missadministrator
* administratorLoginPassword: AdminPassword123!
* minimumTlsVersion: '1.2'
* identity:
* type: SystemAssigned
* sqlvnetrule:
* type: azure:sql:VirtualNetworkRule
* properties:
* name: sql-vnet-rule
* resourceGroupName: ${exampleResourceGroup.name}
* serverName: ${exampleServer.name}
* subnetId: ${exampleSubnet.id}
* exampleFirewallRule:
* type: azure:sql:FirewallRule
* name: example
* properties:
* name: FirewallRule1
* resourceGroupName: ${exampleResourceGroup.name}
* serverName: ${exampleServer.name}
* startIpAddress: 0.0.0.0
* endIpAddress: 0.0.0.0
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: examplesa
* resourceGroupName: ${exampleResourceGroup.name}
* location: ${exampleResourceGroup.location}
* accountTier: Standard
* accountReplicationType: LRS
* accountKind: StorageV2
* allowNestedItemsToBePublic: false
* networkRules:
* defaultAction: Deny
* ipRules:
* - 127.0.0.1
* virtualNetworkSubnetIds:
* - ${exampleSubnet.id}
* bypasses:
* - AzureServices
* identity:
* type: SystemAssigned
* exampleServerMicrosoftSupportAuditingPolicy:
* type: azure:mssql:ServerMicrosoftSupportAuditingPolicy
* name: example
* properties:
* blobStorageEndpoint: ${exampleAccount.primaryBlobEndpoint}
* serverId: ${exampleServer.id}
* logMonitoringEnabled: false
* storageAccountSubscriptionId: ${primaryAzurermSubscription.subscriptionId}
* variables:
* primary:
* fn::invoke:
* Function: azure:core:getSubscription
* Arguments: {}
* example:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* MS SQL Server Microsoft Support Auditing Policies can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:mssql/serverMicrosoftSupportAuditingPolicy:ServerMicrosoftSupportAuditingPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/sqlServer1/devOpsAuditingSettings/default
* ```
* @property blobStorageEndpoint The blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Microsoft support auditing logs.
* @property enabled Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.
* ->**NOTE:** If `enabled` is `true`, `blob_storage_endpoint` or `log_monitoring_enabled` are required.
* @property logMonitoringEnabled Enable audit events to Azure Monitor? To enable server audit events to Azure Monitor, please enable its main database audit events to Azure Monitor. Defaults to `true`.
* @property serverId The ID of the SQL Server to set the extended auditing policy. Changing this forces a new resource to be created.
* @property storageAccountAccessKey The access key to use for the auditing storage account.
* @property storageAccountSubscriptionId The ID of the Subscription containing the Storage Account.
*/
public data class ServerMicrosoftSupportAuditingPolicyArgs(
public val blobStorageEndpoint: Output? = null,
public val enabled: Output? = null,
public val logMonitoringEnabled: Output? = null,
public val serverId: Output? = null,
public val storageAccountAccessKey: Output? = null,
public val storageAccountSubscriptionId: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs =
com.pulumi.azure.mssql.ServerMicrosoftSupportAuditingPolicyArgs.builder()
.blobStorageEndpoint(blobStorageEndpoint?.applyValue({ args0 -> args0 }))
.enabled(enabled?.applyValue({ args0 -> args0 }))
.logMonitoringEnabled(logMonitoringEnabled?.applyValue({ args0 -> args0 }))
.serverId(serverId?.applyValue({ args0 -> args0 }))
.storageAccountAccessKey(storageAccountAccessKey?.applyValue({ args0 -> args0 }))
.storageAccountSubscriptionId(storageAccountSubscriptionId?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [ServerMicrosoftSupportAuditingPolicyArgs].
*/
@PulumiTagMarker
public class ServerMicrosoftSupportAuditingPolicyArgsBuilder internal constructor() {
private var blobStorageEndpoint: Output? = null
private var enabled: Output? = null
private var logMonitoringEnabled: Output? = null
private var serverId: Output? = null
private var storageAccountAccessKey: Output? = null
private var storageAccountSubscriptionId: Output? = null
/**
* @param value The blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Microsoft support auditing logs.
*/
@JvmName("mqjwnsfrihayvgfs")
public suspend fun blobStorageEndpoint(`value`: Output) {
this.blobStorageEndpoint = value
}
/**
* @param value Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.
* ->**NOTE:** If `enabled` is `true`, `blob_storage_endpoint` or `log_monitoring_enabled` are required.
*/
@JvmName("pliaoihunbrvjixw")
public suspend fun enabled(`value`: Output) {
this.enabled = value
}
/**
* @param value Enable audit events to Azure Monitor? To enable server audit events to Azure Monitor, please enable its main database audit events to Azure Monitor. Defaults to `true`.
*/
@JvmName("dbmhpoxcldxewfvw")
public suspend fun logMonitoringEnabled(`value`: Output) {
this.logMonitoringEnabled = value
}
/**
* @param value The ID of the SQL Server to set the extended auditing policy. Changing this forces a new resource to be created.
*/
@JvmName("ufhjaddwnchavgid")
public suspend fun serverId(`value`: Output) {
this.serverId = value
}
/**
* @param value The access key to use for the auditing storage account.
*/
@JvmName("doomqugwvmcwqkmk")
public suspend fun storageAccountAccessKey(`value`: Output) {
this.storageAccountAccessKey = value
}
/**
* @param value The ID of the Subscription containing the Storage Account.
*/
@JvmName("vksilhftakifsrqe")
public suspend fun storageAccountSubscriptionId(`value`: Output) {
this.storageAccountSubscriptionId = value
}
/**
* @param value The blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Microsoft support auditing logs.
*/
@JvmName("ejabmbtxeicpntye")
public suspend fun blobStorageEndpoint(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.blobStorageEndpoint = mapped
}
/**
* @param value Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.
* ->**NOTE:** If `enabled` is `true`, `blob_storage_endpoint` or `log_monitoring_enabled` are required.
*/
@JvmName("wwkactiqduwnwmdd")
public suspend fun enabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.enabled = mapped
}
/**
* @param value Enable audit events to Azure Monitor? To enable server audit events to Azure Monitor, please enable its main database audit events to Azure Monitor. Defaults to `true`.
*/
@JvmName("dabswgnppfomnlmu")
public suspend fun logMonitoringEnabled(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.logMonitoringEnabled = mapped
}
/**
* @param value The ID of the SQL Server to set the extended auditing policy. Changing this forces a new resource to be created.
*/
@JvmName("mwmblsfarxfrrpmt")
public suspend fun serverId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.serverId = mapped
}
/**
* @param value The access key to use for the auditing storage account.
*/
@JvmName("lmmgyknvpnpuawss")
public suspend fun storageAccountAccessKey(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.storageAccountAccessKey = mapped
}
/**
* @param value The ID of the Subscription containing the Storage Account.
*/
@JvmName("vkefmgqjnungijky")
public suspend fun storageAccountSubscriptionId(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.storageAccountSubscriptionId = mapped
}
internal fun build(): ServerMicrosoftSupportAuditingPolicyArgs =
ServerMicrosoftSupportAuditingPolicyArgs(
blobStorageEndpoint = blobStorageEndpoint,
enabled = enabled,
logMonitoringEnabled = logMonitoringEnabled,
serverId = serverId,
storageAccountAccessKey = storageAccountAccessKey,
storageAccountSubscriptionId = storageAccountSubscriptionId,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy