Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $
You can buy this project and download/modify it how often you want.
com.pulumi.azure.mssql.kotlin.ServerExtendedAuditingPolicy.kt Maven / Gradle / Ivy
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.azure.mssql.kotlin
import com.pulumi.core.Output
import com.pulumi.kotlin.KotlinCustomResource
import com.pulumi.kotlin.PulumiTagMarker
import com.pulumi.kotlin.ResourceMapper
import com.pulumi.kotlin.options.CustomResourceOptions
import com.pulumi.kotlin.options.CustomResourceOptionsBuilder
import com.pulumi.resources.Resource
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.Unit
import kotlin.collections.List
/**
* Builder for [ServerExtendedAuditingPolicy].
*/
@PulumiTagMarker
public class ServerExtendedAuditingPolicyResourceBuilder internal constructor() {
public var name: String? = null
public var args: ServerExtendedAuditingPolicyArgs = ServerExtendedAuditingPolicyArgs()
public var opts: CustomResourceOptions = CustomResourceOptions()
/**
* @param name The _unique_ name of the resulting resource.
*/
public fun name(`value`: String) {
this.name = value
}
/**
* @param block The arguments to use to populate this resource's properties.
*/
public suspend fun args(block: suspend ServerExtendedAuditingPolicyArgsBuilder.() -> Unit) {
val builder = ServerExtendedAuditingPolicyArgsBuilder()
block(builder)
this.args = builder.build()
}
/**
* @param block A bag of options that control this resource's behavior.
*/
public suspend fun opts(block: suspend CustomResourceOptionsBuilder.() -> Unit) {
this.opts = com.pulumi.kotlin.options.CustomResourceOptions.opts(block)
}
internal fun build(): ServerExtendedAuditingPolicy {
val builtJavaResource =
com.pulumi.azure.mssql.ServerExtendedAuditingPolicy(
this.name,
this.args.toJava(),
this.opts.toJava(),
)
return ServerExtendedAuditingPolicy(builtJavaResource)
}
}
/**
* Manages a MS SQL Server Extended Auditing Policy.
* ## Example Usage
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const example = new azure.core.ResourceGroup("example", {
* name: "example-resources",
* location: "West Europe",
* });
* const exampleServer = new azure.mssql.Server("example", {
* name: "example-sqlserver",
* resourceGroupName: example.name,
* location: example.location,
* version: "12.0",
* administratorLogin: "missadministrator",
* administratorLoginPassword: "AdminPassword123!",
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "examplesa",
* resourceGroupName: example.name,
* location: example.location,
* accountTier: "Standard",
* accountReplicationType: "LRS",
* });
* const exampleServerExtendedAuditingPolicy = new azure.mssql.ServerExtendedAuditingPolicy("example", {
* serverId: exampleServer.id,
* storageEndpoint: exampleAccount.primaryBlobEndpoint,
* storageAccountAccessKey: exampleAccount.primaryAccessKey,
* storageAccountAccessKeyIsSecondary: false,
* retentionInDays: 6,
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* example = azure.core.ResourceGroup("example",
* name="example-resources",
* location="West Europe")
* example_server = azure.mssql.Server("example",
* name="example-sqlserver",
* resource_group_name=example.name,
* location=example.location,
* version="12.0",
* administrator_login="missadministrator",
* administrator_login_password="AdminPassword123!")
* example_account = azure.storage.Account("example",
* name="examplesa",
* resource_group_name=example.name,
* location=example.location,
* account_tier="Standard",
* account_replication_type="LRS")
* example_server_extended_auditing_policy = azure.mssql.ServerExtendedAuditingPolicy("example",
* server_id=example_server.id,
* storage_endpoint=example_account.primary_blob_endpoint,
* storage_account_access_key=example_account.primary_access_key,
* storage_account_access_key_is_secondary=False,
* retention_in_days=6)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var example = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example-resources",
* Location = "West Europe",
* });
* var exampleServer = new Azure.MSSql.Server("example", new()
* {
* Name = "example-sqlserver",
* ResourceGroupName = example.Name,
* Location = example.Location,
* Version = "12.0",
* AdministratorLogin = "missadministrator",
* AdministratorLoginPassword = "AdminPassword123!",
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "examplesa",
* ResourceGroupName = example.Name,
* Location = example.Location,
* AccountTier = "Standard",
* AccountReplicationType = "LRS",
* });
* var exampleServerExtendedAuditingPolicy = new Azure.MSSql.ServerExtendedAuditingPolicy("example", new()
* {
* ServerId = exampleServer.Id,
* StorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey = exampleAccount.PrimaryAccessKey,
* StorageAccountAccessKeyIsSecondary = false,
* RetentionInDays = 6,
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example-resources"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
* Name: pulumi.String("example-sqlserver"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* Version: pulumi.String("12.0"),
* AdministratorLogin: pulumi.String("missadministrator"),
* AdministratorLoginPassword: pulumi.String("AdminPassword123!"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("examplesa"),
* ResourceGroupName: example.Name,
* Location: example.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("LRS"),
* })
* if err != nil {
* return err
* }
* _, err = mssql.NewServerExtendedAuditingPolicy(ctx, "example", &mssql.ServerExtendedAuditingPolicyArgs{
* ServerId: exampleServer.ID(),
* StorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
* StorageAccountAccessKey: exampleAccount.PrimaryAccessKey,
* StorageAccountAccessKeyIsSecondary: pulumi.Bool(false),
* RetentionInDays: pulumi.Int(6),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.mssql.Server;
* import com.pulumi.azure.mssql.ServerArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.mssql.ServerExtendedAuditingPolicy;
* import com.pulumi.azure.mssql.ServerExtendedAuditingPolicyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var example = new ResourceGroup("example", ResourceGroupArgs.builder()
* .name("example-resources")
* .location("West Europe")
* .build());
* var exampleServer = new Server("exampleServer", ServerArgs.builder()
* .name("example-sqlserver")
* .resourceGroupName(example.name())
* .location(example.location())
* .version("12.0")
* .administratorLogin("missadministrator")
* .administratorLoginPassword("AdminPassword123!")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("examplesa")
* .resourceGroupName(example.name())
* .location(example.location())
* .accountTier("Standard")
* .accountReplicationType("LRS")
* .build());
* var exampleServerExtendedAuditingPolicy = new ServerExtendedAuditingPolicy("exampleServerExtendedAuditingPolicy", ServerExtendedAuditingPolicyArgs.builder()
* .serverId(exampleServer.id())
* .storageEndpoint(exampleAccount.primaryBlobEndpoint())
* .storageAccountAccessKey(exampleAccount.primaryAccessKey())
* .storageAccountAccessKeyIsSecondary(false)
* .retentionInDays(6)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* example:
* type: azure:core:ResourceGroup
* properties:
* name: example-resources
* location: West Europe
* exampleServer:
* type: azure:mssql:Server
* name: example
* properties:
* name: example-sqlserver
* resourceGroupName: ${example.name}
* location: ${example.location}
* version: '12.0'
* administratorLogin: missadministrator
* administratorLoginPassword: AdminPassword123!
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: examplesa
* resourceGroupName: ${example.name}
* location: ${example.location}
* accountTier: Standard
* accountReplicationType: LRS
* exampleServerExtendedAuditingPolicy:
* type: azure:mssql:ServerExtendedAuditingPolicy
* name: example
* properties:
* serverId: ${exampleServer.id}
* storageEndpoint: ${exampleAccount.primaryBlobEndpoint}
* storageAccountAccessKey: ${exampleAccount.primaryAccessKey}
* storageAccountAccessKeyIsSecondary: false
* retentionInDays: 6
* ```
*
* ### With Storage Account Behind VNet And Firewall
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as azure from "@pulumi/azure";
* const primary = azure.core.getSubscription({});
* const example = azure.core.getClientConfig({});
* const exampleResourceGroup = new azure.core.ResourceGroup("example", {
* name: "example",
* location: "West Europe",
* });
* const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
* name: "virtnetname-1",
* addressSpaces: ["10.0.0.0/16"],
* location: exampleResourceGroup.location,
* resourceGroupName: exampleResourceGroup.name,
* });
* const exampleSubnet = new azure.network.Subnet("example", {
* name: "subnetname-1",
* resourceGroupName: exampleResourceGroup.name,
* virtualNetworkName: exampleVirtualNetwork.name,
* addressPrefixes: ["10.0.2.0/24"],
* serviceEndpoints: [
* "Microsoft.Sql",
* "Microsoft.Storage",
* ],
* enforcePrivateLinkEndpointNetworkPolicies: true,
* });
* const exampleServer = new azure.mssql.Server("example", {
* name: "example-sqlserver",
* resourceGroupName: exampleResourceGroup.name,
* location: exampleResourceGroup.location,
* version: "12.0",
* administratorLogin: "missadministrator",
* administratorLoginPassword: "AdminPassword123!",
* minimumTlsVersion: "1.2",
* identity: {
* type: "SystemAssigned",
* },
* });
* const exampleAssignment = new azure.authorization.Assignment("example", {
* scope: primary.then(primary => primary.id),
* roleDefinitionName: "Storage Blob Data Contributor",
* principalId: exampleServer.identity.apply(identity => identity?.principalId),
* });
* const sqlvnetrule = new azure.sql.VirtualNetworkRule("sqlvnetrule", {
* name: "sql-vnet-rule",
* resourceGroupName: exampleResourceGroup.name,
* serverName: exampleServer.name,
* subnetId: exampleSubnet.id,
* });
* const exampleFirewallRule = new azure.sql.FirewallRule("example", {
* name: "FirewallRule1",
* resourceGroupName: exampleResourceGroup.name,
* serverName: exampleServer.name,
* startIpAddress: "0.0.0.0",
* endIpAddress: "0.0.0.0",
* });
* const exampleAccount = new azure.storage.Account("example", {
* name: "examplesa",
* resourceGroupName: exampleResourceGroup.name,
* location: exampleResourceGroup.location,
* accountTier: "Standard",
* accountReplicationType: "LRS",
* accountKind: "StorageV2",
* allowNestedItemsToBePublic: false,
* networkRules: {
* defaultAction: "Deny",
* ipRules: ["127.0.0.1"],
* virtualNetworkSubnetIds: [exampleSubnet.id],
* bypasses: ["AzureServices"],
* },
* identity: {
* type: "SystemAssigned",
* },
* });
* const exampleServerExtendedAuditingPolicy = new azure.mssql.ServerExtendedAuditingPolicy("example", {
* storageEndpoint: exampleAccount.primaryBlobEndpoint,
* serverId: exampleServer.id,
* retentionInDays: 6,
* logMonitoringEnabled: false,
* storageAccountSubscriptionId: primaryAzurermSubscription.subscriptionId,
* }, {
* dependsOn: [
* exampleAssignment,
* exampleAccount,
* ],
* });
* ```
* ```python
* import pulumi
* import pulumi_azure as azure
* primary = azure.core.get_subscription()
* example = azure.core.get_client_config()
* example_resource_group = azure.core.ResourceGroup("example",
* name="example",
* location="West Europe")
* example_virtual_network = azure.network.VirtualNetwork("example",
* name="virtnetname-1",
* address_spaces=["10.0.0.0/16"],
* location=example_resource_group.location,
* resource_group_name=example_resource_group.name)
* example_subnet = azure.network.Subnet("example",
* name="subnetname-1",
* resource_group_name=example_resource_group.name,
* virtual_network_name=example_virtual_network.name,
* address_prefixes=["10.0.2.0/24"],
* service_endpoints=[
* "Microsoft.Sql",
* "Microsoft.Storage",
* ],
* enforce_private_link_endpoint_network_policies=True)
* example_server = azure.mssql.Server("example",
* name="example-sqlserver",
* resource_group_name=example_resource_group.name,
* location=example_resource_group.location,
* version="12.0",
* administrator_login="missadministrator",
* administrator_login_password="AdminPassword123!",
* minimum_tls_version="1.2",
* identity={
* "type": "SystemAssigned",
* })
* example_assignment = azure.authorization.Assignment("example",
* scope=primary.id,
* role_definition_name="Storage Blob Data Contributor",
* principal_id=example_server.identity.principal_id)
* sqlvnetrule = azure.sql.VirtualNetworkRule("sqlvnetrule",
* name="sql-vnet-rule",
* resource_group_name=example_resource_group.name,
* server_name=example_server.name,
* subnet_id=example_subnet.id)
* example_firewall_rule = azure.sql.FirewallRule("example",
* name="FirewallRule1",
* resource_group_name=example_resource_group.name,
* server_name=example_server.name,
* start_ip_address="0.0.0.0",
* end_ip_address="0.0.0.0")
* example_account = azure.storage.Account("example",
* name="examplesa",
* resource_group_name=example_resource_group.name,
* location=example_resource_group.location,
* account_tier="Standard",
* account_replication_type="LRS",
* account_kind="StorageV2",
* allow_nested_items_to_be_public=False,
* network_rules={
* "default_action": "Deny",
* "ip_rules": ["127.0.0.1"],
* "virtual_network_subnet_ids": [example_subnet.id],
* "bypasses": ["AzureServices"],
* },
* identity={
* "type": "SystemAssigned",
* })
* example_server_extended_auditing_policy = azure.mssql.ServerExtendedAuditingPolicy("example",
* storage_endpoint=example_account.primary_blob_endpoint,
* server_id=example_server.id,
* retention_in_days=6,
* log_monitoring_enabled=False,
* storage_account_subscription_id=primary_azurerm_subscription["subscriptionId"],
* opts = pulumi.ResourceOptions(depends_on=[
* example_assignment,
* example_account,
* ]))
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Azure = Pulumi.Azure;
* return await Deployment.RunAsync(() =>
* {
* var primary = Azure.Core.GetSubscription.Invoke();
* var example = Azure.Core.GetClientConfig.Invoke();
* var exampleResourceGroup = new Azure.Core.ResourceGroup("example", new()
* {
* Name = "example",
* Location = "West Europe",
* });
* var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
* {
* Name = "virtnetname-1",
* AddressSpaces = new[]
* {
* "10.0.0.0/16",
* },
* Location = exampleResourceGroup.Location,
* ResourceGroupName = exampleResourceGroup.Name,
* });
* var exampleSubnet = new Azure.Network.Subnet("example", new()
* {
* Name = "subnetname-1",
* ResourceGroupName = exampleResourceGroup.Name,
* VirtualNetworkName = exampleVirtualNetwork.Name,
* AddressPrefixes = new[]
* {
* "10.0.2.0/24",
* },
* ServiceEndpoints = new[]
* {
* "Microsoft.Sql",
* "Microsoft.Storage",
* },
* EnforcePrivateLinkEndpointNetworkPolicies = true,
* });
* var exampleServer = new Azure.MSSql.Server("example", new()
* {
* Name = "example-sqlserver",
* ResourceGroupName = exampleResourceGroup.Name,
* Location = exampleResourceGroup.Location,
* Version = "12.0",
* AdministratorLogin = "missadministrator",
* AdministratorLoginPassword = "AdminPassword123!",
* MinimumTlsVersion = "1.2",
* Identity = new Azure.MSSql.Inputs.ServerIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var exampleAssignment = new Azure.Authorization.Assignment("example", new()
* {
* Scope = primary.Apply(getSubscriptionResult => getSubscriptionResult.Id),
* RoleDefinitionName = "Storage Blob Data Contributor",
* PrincipalId = exampleServer.Identity.Apply(identity => identity?.PrincipalId),
* });
* var sqlvnetrule = new Azure.Sql.VirtualNetworkRule("sqlvnetrule", new()
* {
* Name = "sql-vnet-rule",
* ResourceGroupName = exampleResourceGroup.Name,
* ServerName = exampleServer.Name,
* SubnetId = exampleSubnet.Id,
* });
* var exampleFirewallRule = new Azure.Sql.FirewallRule("example", new()
* {
* Name = "FirewallRule1",
* ResourceGroupName = exampleResourceGroup.Name,
* ServerName = exampleServer.Name,
* StartIpAddress = "0.0.0.0",
* EndIpAddress = "0.0.0.0",
* });
* var exampleAccount = new Azure.Storage.Account("example", new()
* {
* Name = "examplesa",
* ResourceGroupName = exampleResourceGroup.Name,
* Location = exampleResourceGroup.Location,
* AccountTier = "Standard",
* AccountReplicationType = "LRS",
* AccountKind = "StorageV2",
* AllowNestedItemsToBePublic = false,
* NetworkRules = new Azure.Storage.Inputs.AccountNetworkRulesArgs
* {
* DefaultAction = "Deny",
* IpRules = new[]
* {
* "127.0.0.1",
* },
* VirtualNetworkSubnetIds = new[]
* {
* exampleSubnet.Id,
* },
* Bypasses = new[]
* {
* "AzureServices",
* },
* },
* Identity = new Azure.Storage.Inputs.AccountIdentityArgs
* {
* Type = "SystemAssigned",
* },
* });
* var exampleServerExtendedAuditingPolicy = new Azure.MSSql.ServerExtendedAuditingPolicy("example", new()
* {
* StorageEndpoint = exampleAccount.PrimaryBlobEndpoint,
* ServerId = exampleServer.Id,
* RetentionInDays = 6,
* LogMonitoringEnabled = false,
* StorageAccountSubscriptionId = primaryAzurermSubscription.SubscriptionId,
* }, new CustomResourceOptions
* {
* DependsOn =
* {
* exampleAssignment,
* exampleAccount,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/network"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/sql"
* "github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* primary, err := core.LookupSubscription(ctx, nil, nil)
* if err != nil {
* return err
* }
* _, err = core.GetClientConfig(ctx, nil, nil)
* if err != nil {
* return err
* }
* exampleResourceGroup, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
* Name: pulumi.String("example"),
* Location: pulumi.String("West Europe"),
* })
* if err != nil {
* return err
* }
* exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
* Name: pulumi.String("virtnetname-1"),
* AddressSpaces: pulumi.StringArray{
* pulumi.String("10.0.0.0/16"),
* },
* Location: exampleResourceGroup.Location,
* ResourceGroupName: exampleResourceGroup.Name,
* })
* if err != nil {
* return err
* }
* exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
* Name: pulumi.String("subnetname-1"),
* ResourceGroupName: exampleResourceGroup.Name,
* VirtualNetworkName: exampleVirtualNetwork.Name,
* AddressPrefixes: pulumi.StringArray{
* pulumi.String("10.0.2.0/24"),
* },
* ServiceEndpoints: pulumi.StringArray{
* pulumi.String("Microsoft.Sql"),
* pulumi.String("Microsoft.Storage"),
* },
* EnforcePrivateLinkEndpointNetworkPolicies: pulumi.Bool(true),
* })
* if err != nil {
* return err
* }
* exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
* Name: pulumi.String("example-sqlserver"),
* ResourceGroupName: exampleResourceGroup.Name,
* Location: exampleResourceGroup.Location,
* Version: pulumi.String("12.0"),
* AdministratorLogin: pulumi.String("missadministrator"),
* AdministratorLoginPassword: pulumi.String("AdminPassword123!"),
* MinimumTlsVersion: pulumi.String("1.2"),
* Identity: &mssql.ServerIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* exampleAssignment, err := authorization.NewAssignment(ctx, "example", &authorization.AssignmentArgs{
* Scope: pulumi.String(primary.Id),
* RoleDefinitionName: pulumi.String("Storage Blob Data Contributor"),
* PrincipalId: pulumi.String(exampleServer.Identity.ApplyT(func(identity mssql.ServerIdentity) (*string, error) {
* return &identity.PrincipalId, nil
* }).(pulumi.StringPtrOutput)),
* })
* if err != nil {
* return err
* }
* _, err = sql.NewVirtualNetworkRule(ctx, "sqlvnetrule", &sql.VirtualNetworkRuleArgs{
* Name: pulumi.String("sql-vnet-rule"),
* ResourceGroupName: exampleResourceGroup.Name,
* ServerName: exampleServer.Name,
* SubnetId: exampleSubnet.ID(),
* })
* if err != nil {
* return err
* }
* _, err = sql.NewFirewallRule(ctx, "example", &sql.FirewallRuleArgs{
* Name: pulumi.String("FirewallRule1"),
* ResourceGroupName: exampleResourceGroup.Name,
* ServerName: exampleServer.Name,
* StartIpAddress: pulumi.String("0.0.0.0"),
* EndIpAddress: pulumi.String("0.0.0.0"),
* })
* if err != nil {
* return err
* }
* exampleAccount, err := storage.NewAccount(ctx, "example", &storage.AccountArgs{
* Name: pulumi.String("examplesa"),
* ResourceGroupName: exampleResourceGroup.Name,
* Location: exampleResourceGroup.Location,
* AccountTier: pulumi.String("Standard"),
* AccountReplicationType: pulumi.String("LRS"),
* AccountKind: pulumi.String("StorageV2"),
* AllowNestedItemsToBePublic: pulumi.Bool(false),
* NetworkRules: &storage.AccountNetworkRulesTypeArgs{
* DefaultAction: pulumi.String("Deny"),
* IpRules: pulumi.StringArray{
* pulumi.String("127.0.0.1"),
* },
* VirtualNetworkSubnetIds: pulumi.StringArray{
* exampleSubnet.ID(),
* },
* Bypasses: pulumi.StringArray{
* pulumi.String("AzureServices"),
* },
* },
* Identity: &storage.AccountIdentityArgs{
* Type: pulumi.String("SystemAssigned"),
* },
* })
* if err != nil {
* return err
* }
* _, err = mssql.NewServerExtendedAuditingPolicy(ctx, "example", &mssql.ServerExtendedAuditingPolicyArgs{
* StorageEndpoint: exampleAccount.PrimaryBlobEndpoint,
* ServerId: exampleServer.ID(),
* RetentionInDays: pulumi.Int(6),
* LogMonitoringEnabled: pulumi.Bool(false),
* StorageAccountSubscriptionId: pulumi.Any(primaryAzurermSubscription.SubscriptionId),
* }, pulumi.DependsOn([]pulumi.Resource{
* exampleAssignment,
* exampleAccount,
* }))
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.azure.core.CoreFunctions;
* import com.pulumi.azure.core.inputs.GetSubscriptionArgs;
* import com.pulumi.azure.core.ResourceGroup;
* import com.pulumi.azure.core.ResourceGroupArgs;
* import com.pulumi.azure.network.VirtualNetwork;
* import com.pulumi.azure.network.VirtualNetworkArgs;
* import com.pulumi.azure.network.Subnet;
* import com.pulumi.azure.network.SubnetArgs;
* import com.pulumi.azure.mssql.Server;
* import com.pulumi.azure.mssql.ServerArgs;
* import com.pulumi.azure.mssql.inputs.ServerIdentityArgs;
* import com.pulumi.azure.authorization.Assignment;
* import com.pulumi.azure.authorization.AssignmentArgs;
* import com.pulumi.azure.sql.VirtualNetworkRule;
* import com.pulumi.azure.sql.VirtualNetworkRuleArgs;
* import com.pulumi.azure.sql.FirewallRule;
* import com.pulumi.azure.sql.FirewallRuleArgs;
* import com.pulumi.azure.storage.Account;
* import com.pulumi.azure.storage.AccountArgs;
* import com.pulumi.azure.storage.inputs.AccountNetworkRulesArgs;
* import com.pulumi.azure.storage.inputs.AccountIdentityArgs;
* import com.pulumi.azure.mssql.ServerExtendedAuditingPolicy;
* import com.pulumi.azure.mssql.ServerExtendedAuditingPolicyArgs;
* import com.pulumi.resources.CustomResourceOptions;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var primary = CoreFunctions.getSubscription();
* final var example = CoreFunctions.getClientConfig();
* var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()
* .name("example")
* .location("West Europe")
* .build());
* var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
* .name("virtnetname-1")
* .addressSpaces("10.0.0.0/16")
* .location(exampleResourceGroup.location())
* .resourceGroupName(exampleResourceGroup.name())
* .build());
* var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
* .name("subnetname-1")
* .resourceGroupName(exampleResourceGroup.name())
* .virtualNetworkName(exampleVirtualNetwork.name())
* .addressPrefixes("10.0.2.0/24")
* .serviceEndpoints(
* "Microsoft.Sql",
* "Microsoft.Storage")
* .enforcePrivateLinkEndpointNetworkPolicies(true)
* .build());
* var exampleServer = new Server("exampleServer", ServerArgs.builder()
* .name("example-sqlserver")
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .version("12.0")
* .administratorLogin("missadministrator")
* .administratorLoginPassword("AdminPassword123!")
* .minimumTlsVersion("1.2")
* .identity(ServerIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
* .scope(primary.applyValue(getSubscriptionResult -> getSubscriptionResult.id()))
* .roleDefinitionName("Storage Blob Data Contributor")
* .principalId(exampleServer.identity().applyValue(identity -> identity.principalId()))
* .build());
* var sqlvnetrule = new VirtualNetworkRule("sqlvnetrule", VirtualNetworkRuleArgs.builder()
* .name("sql-vnet-rule")
* .resourceGroupName(exampleResourceGroup.name())
* .serverName(exampleServer.name())
* .subnetId(exampleSubnet.id())
* .build());
* var exampleFirewallRule = new FirewallRule("exampleFirewallRule", FirewallRuleArgs.builder()
* .name("FirewallRule1")
* .resourceGroupName(exampleResourceGroup.name())
* .serverName(exampleServer.name())
* .startIpAddress("0.0.0.0")
* .endIpAddress("0.0.0.0")
* .build());
* var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
* .name("examplesa")
* .resourceGroupName(exampleResourceGroup.name())
* .location(exampleResourceGroup.location())
* .accountTier("Standard")
* .accountReplicationType("LRS")
* .accountKind("StorageV2")
* .allowNestedItemsToBePublic(false)
* .networkRules(AccountNetworkRulesArgs.builder()
* .defaultAction("Deny")
* .ipRules("127.0.0.1")
* .virtualNetworkSubnetIds(exampleSubnet.id())
* .bypasses("AzureServices")
* .build())
* .identity(AccountIdentityArgs.builder()
* .type("SystemAssigned")
* .build())
* .build());
* var exampleServerExtendedAuditingPolicy = new ServerExtendedAuditingPolicy("exampleServerExtendedAuditingPolicy", ServerExtendedAuditingPolicyArgs.builder()
* .storageEndpoint(exampleAccount.primaryBlobEndpoint())
* .serverId(exampleServer.id())
* .retentionInDays(6)
* .logMonitoringEnabled(false)
* .storageAccountSubscriptionId(primaryAzurermSubscription.subscriptionId())
* .build(), CustomResourceOptions.builder()
* .dependsOn(
* exampleAssignment,
* exampleAccount)
* .build());
* }
* }
* ```
* ```yaml
* resources:
* exampleResourceGroup:
* type: azure:core:ResourceGroup
* name: example
* properties:
* name: example
* location: West Europe
* exampleVirtualNetwork:
* type: azure:network:VirtualNetwork
* name: example
* properties:
* name: virtnetname-1
* addressSpaces:
* - 10.0.0.0/16
* location: ${exampleResourceGroup.location}
* resourceGroupName: ${exampleResourceGroup.name}
* exampleSubnet:
* type: azure:network:Subnet
* name: example
* properties:
* name: subnetname-1
* resourceGroupName: ${exampleResourceGroup.name}
* virtualNetworkName: ${exampleVirtualNetwork.name}
* addressPrefixes:
* - 10.0.2.0/24
* serviceEndpoints:
* - Microsoft.Sql
* - Microsoft.Storage
* enforcePrivateLinkEndpointNetworkPolicies: true
* exampleAssignment:
* type: azure:authorization:Assignment
* name: example
* properties:
* scope: ${primary.id}
* roleDefinitionName: Storage Blob Data Contributor
* principalId: ${exampleServer.identity.principalId}
* exampleServer:
* type: azure:mssql:Server
* name: example
* properties:
* name: example-sqlserver
* resourceGroupName: ${exampleResourceGroup.name}
* location: ${exampleResourceGroup.location}
* version: '12.0'
* administratorLogin: missadministrator
* administratorLoginPassword: AdminPassword123!
* minimumTlsVersion: '1.2'
* identity:
* type: SystemAssigned
* sqlvnetrule:
* type: azure:sql:VirtualNetworkRule
* properties:
* name: sql-vnet-rule
* resourceGroupName: ${exampleResourceGroup.name}
* serverName: ${exampleServer.name}
* subnetId: ${exampleSubnet.id}
* exampleFirewallRule:
* type: azure:sql:FirewallRule
* name: example
* properties:
* name: FirewallRule1
* resourceGroupName: ${exampleResourceGroup.name}
* serverName: ${exampleServer.name}
* startIpAddress: 0.0.0.0
* endIpAddress: 0.0.0.0
* exampleAccount:
* type: azure:storage:Account
* name: example
* properties:
* name: examplesa
* resourceGroupName: ${exampleResourceGroup.name}
* location: ${exampleResourceGroup.location}
* accountTier: Standard
* accountReplicationType: LRS
* accountKind: StorageV2
* allowNestedItemsToBePublic: false
* networkRules:
* defaultAction: Deny
* ipRules:
* - 127.0.0.1
* virtualNetworkSubnetIds:
* - ${exampleSubnet.id}
* bypasses:
* - AzureServices
* identity:
* type: SystemAssigned
* exampleServerExtendedAuditingPolicy:
* type: azure:mssql:ServerExtendedAuditingPolicy
* name: example
* properties:
* storageEndpoint: ${exampleAccount.primaryBlobEndpoint}
* serverId: ${exampleServer.id}
* retentionInDays: 6
* logMonitoringEnabled: false
* storageAccountSubscriptionId: ${primaryAzurermSubscription.subscriptionId}
* options:
* dependson:
* - ${exampleAssignment}
* - ${exampleAccount}
* variables:
* primary:
* fn::invoke:
* Function: azure:core:getSubscription
* Arguments: {}
* example:
* fn::invoke:
* Function: azure:core:getClientConfig
* Arguments: {}
* ```
*
* ## Import
* MS SQL Server Extended Auditing Policies can be imported using the `resource id`, e.g.
* ```sh
* $ pulumi import azure:mssql/serverExtendedAuditingPolicy:ServerExtendedAuditingPolicy example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/sqlServer1/extendedAuditingSettings/default
* ```
*/
public class ServerExtendedAuditingPolicy internal constructor(
override val javaResource: com.pulumi.azure.mssql.ServerExtendedAuditingPolicy,
) : KotlinCustomResource(javaResource, ServerExtendedAuditingPolicyMapper) {
/**
* A list of Actions-Groups and Actions to audit.
*/
public val auditActionsAndGroups: Output>
get() = javaResource.auditActionsAndGroups().applyValue({ args0 -> args0.map({ args0 -> args0 }) })
/**
* Whether to enable the extended auditing policy. Possible values are `true` and `false`. Defaults to `true`.
* ->**NOTE:** If `enabled` is `true`, `storage_endpoint` or `log_monitoring_enabled` are required.
*/
public val enabled: Output?
get() = javaResource.enabled().applyValue({ args0 -> args0.map({ args0 -> args0 }).orElse(null) })
/**
* Enable audit events to Azure Monitor? To enable server audit events to Azure Monitor, please enable its main database audit events to Azure Monitor. Defaults to `true`.
*/
public val logMonitoringEnabled: Output?
get() = javaResource.logMonitoringEnabled().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Specifies condition of where clause when creating an audit.
*/
public val predicateExpression: Output?
get() = javaResource.predicateExpression().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The number of days to retain logs for in the storage account. Defaults to `0`.
*/
public val retentionInDays: Output?
get() = javaResource.retentionInDays().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The ID of the SQL Server to set the extended auditing policy. Changing this forces a new resource to be created.
*/
public val serverId: Output
get() = javaResource.serverId().applyValue({ args0 -> args0 })
/**
* The access key to use for the auditing storage account.
*/
public val storageAccountAccessKey: Output?
get() = javaResource.storageAccountAccessKey().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* Is `storage_account_access_key` value the storage's secondary key?
*/
public val storageAccountAccessKeyIsSecondary: Output?
get() = javaResource.storageAccountAccessKeyIsSecondary().applyValue({ args0 ->
args0.map({ args0 -> args0 }).orElse(null)
})
/**
* The ID of the Subscription containing the Storage Account.
*/
public val storageAccountSubscriptionId: Output?
get() = javaResource.storageAccountSubscriptionId().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
/**
* The blob storage endpoint (e.g. ). This blob storage will hold all extended auditing logs.
*/
public val storageEndpoint: Output?
get() = javaResource.storageEndpoint().applyValue({ args0 ->
args0.map({ args0 ->
args0
}).orElse(null)
})
}
public object ServerExtendedAuditingPolicyMapper : ResourceMapper {
override fun supportsMappingOfType(javaResource: Resource): Boolean =
com.pulumi.azure.mssql.ServerExtendedAuditingPolicy::class == javaResource::class
override fun map(javaResource: Resource): ServerExtendedAuditingPolicy =
ServerExtendedAuditingPolicy(
javaResource as
com.pulumi.azure.mssql.ServerExtendedAuditingPolicy,
)
}
/**
* @see [ServerExtendedAuditingPolicy].
* @param name The _unique_ name of the resulting resource.
* @param block Builder for [ServerExtendedAuditingPolicy].
*/
public suspend fun serverExtendedAuditingPolicy(
name: String,
block: suspend ServerExtendedAuditingPolicyResourceBuilder.() -> Unit,
): ServerExtendedAuditingPolicy {
val builder = ServerExtendedAuditingPolicyResourceBuilder()
builder.name(name)
block(builder)
return builder.build()
}
/**
* @see [ServerExtendedAuditingPolicy].
* @param name The _unique_ name of the resulting resource.
*/
public fun serverExtendedAuditingPolicy(name: String): ServerExtendedAuditingPolicy {
val builder = ServerExtendedAuditingPolicyResourceBuilder()
builder.name(name)
return builder.build()
}
