Channels
announcements
automation-api
aws
azure
blog-posts
built-with-pulumi
cloudengineering
cloudengineering-support
content-share
contribex
contribute
docs
dotnet
finops
general
getting-started
gitlab
golang
google-cloud
hackathon-03-19-2020
hacktoberfest
install
java
jobs
kubernetes
learn-pulumi-events
linen
localstack
multi-language-hackathon
office-hours
oracle-cloud-infrastructure
package-authoring
pulumi-ai
pulumi-cdk
pulumi-cloud
pulumi-crosscode
pulumi-deployments
pulumi-kubernetes-operator
pulumiverse
python
registry
status
testingtesting123
testingtesting321
typescript
welcome
workshops
yaml
Title
e
elegant-stone-54832
11/21/2021, 8:13 PMHi! I am trying to grant Directory Reader role to an Azure SQL Server instance, but I stuck.
var sqlServerManagedIdentity = sqlServer.Identity.Apply(x => x.PrincipalId);
new AppRoleAssignment("SqlServerDirectoryReader", new AppRoleAssignmentArgs
{
AppRoleId = "88d8e3e3-8f55-4a1e-953a-9b9898b8876b",
PrincipalObjectId = sqlServerManagedIdentity,
ResourceObjectId = sqlServerManagedIdentity
});a
adorable-soccer-30455
11/22/2021, 11:28 AMIs this what You're trying to achieve?
https://docs.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-directory-readers-role
e
elegant-stone-54832
11/22/2021, 7:53 PMyes, @adorable-soccer-30455
a
adorable-soccer-30455
11/23/2021, 2:14 PMI think it might be DirectoryRoleMember You should use
https://www.pulumi.com/registry/packages/azuread/api-docs/directoryrolemember/
e
elegant-stone-54832
11/24/2021, 9:18 PMThanks that is working.
new DirectoryRoleMember("Sql Server Directory reader role", new DirectoryRoleMemberArgs(){RoleObjectId = new DirectoryRole("Directory Readers", new DirectoryRoleArgs{DisplayName = "Directory Readers"}).ObjectId,MemberObjectId = sqlServer.Identity.Apply(x => x.PrincipalId)});