@salmon-mechanic-4571 We can create User or Roles for sql db using custom implementation by extending Resource and by implementing interface ResourceProvider and using ShellCommand
1. export interface DatabaseUserProviderArgs {
/**
* Database Instance IP Address or DNS Name.
*/
instance: pulumi.Input<string>;
/**
* Admin User ID used to login to the database instance.
*/
adminUserId: pulumi.Input<string>;
/**
* Admin User Password to login to the database instance
*/
adminPassword: pulumi.Input<string>;
/**
* New LOGIN that will be created
*/
loginId: pulumi.Input<string>;
/**
* Password for the new LOGIN that will be created
*/
loginPassword: pulumi.Input<string>;
}
2, DatabaseResource extends Resource
(Eg
export class DatabaseResource extends pulumi.dynamic.Resource {
constructor(name: string, args: DatabaseProviderArgs, opts?: pulumi.CustomResourceOptions) {
super(new DatabaseProvider(), name, { ...args }, opts);
}
}
3, DatabaseProvider implements ResourceProvider
export class DatabaseProvider implements ResourceProvider
......
public async create(inputs: DatabaseProviderArgs): Promise<pulumi.dynamic.CreateResult> {
//TODO Create the database in the instance here. Create a user in this database.
let id: string = uuidv4();
......
......
//Initialize users
inputs.userIds.forEach(userId => {
let sqlCommandCreateUser: string = `sqlcmd -b -x -U${inputs.adminUserId} -P${inputs.adminPassword} -S ${inputs.instance} -d ${inputs.name} -Q "create user ${userId} for login ${userId};" -o logs/${id}-create-user-${userId}.log`;
ShellUtils.executeShellCommand(id + "-createuser-" + userId, sqlCommandCreateUser);
//Grant owner privs
let sqlCommandGrantRole: string = `sqlcmd -b -x -U${inputs.adminUserId} -P${inputs.adminPassword} -S ${inputs.instance} -d ${inputs.name} -Q "EXEC sp_addrolemember N'db_owner', N'${userId}';" -o logs/${id}-grant-role-${userId}.log`;
ShellUtils.executeShellCommand(id + "-grantrole-" + userId, sqlCommandGrantRole);
});
......
}
4. ShellUtils
executeShellCommand method will have execSync to execute the command
... const response = execSync(command, { stdio : "inherit"});
.....
5. // Finally create the resource
const repoUserAbadmin = new DatabaseUserResource("abadmin-user", {
instance: sqlServer.fullyQualifiedDomainName,
adminUserId: 'sqlserver',
adminPassword: sqlserverPasswordObj,
loginId: "abadmin",
loginPassword: sqlserverPasswordObj
}, { dependsOn: [sqlServer, firewallRule] });