This message was deleted.

Is this what You're trying to achieve? https://docs.microsoft.com/en-us/azure/azure-sql/database/authentication-aad-directory-readers-role

yes, @adorable-soccer-30455

I think it might be DirectoryRoleMember You should use https://www.pulumi.com/registry/packages/azuread/api-docs/directoryrolemember/

Thanks that is working.

new DirectoryRoleMember("Sql Server Directory reader role", new DirectoryRoleMemberArgs()

{

RoleObjectId = new DirectoryRole("Directory Readers", new DirectoryRoleArgs

{

DisplayName = "Directory Readers"

}).ObjectId,

MemberObjectId = sqlServer.Identity.Apply(x => x.PrincipalId)

});