https://pulumi.com logo
Powered by
#azure
Title
# azure
m

millions-journalist-34868

01/31/2022, 10:54 PM
What is the proper way to grant permissions to add azure ad users/ applications on an azure sql database using Pulumi ? Doing that requires to execute an sql command on the database and I don't know where to put this code in my Pulumi program:
Copy code
CREATE USER [<identity-name>] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [<identity-name>];
ALTER ROLE db_datawriter ADD MEMBER [<identity-name>];
GO
I have seen there is a new Command package in Pulumi, could this be a good idea to use that? What are the other options? Dynamic provider?
d

delightful-controller-34898

02/01/2022, 7:23 AM
Command package, Dynamic provider, Build your own provider. K8 job, function or do it outside of Pulumi
👍 1
m

millions-journalist-34868

02/01/2022, 7:55 AM
Has anyone done it before and has a sample to share?
d

delightful-controller-34898

02/01/2022, 12:57 PM
I used this example to create a small custom provider last year https://github.com/pulumi/pulumi-provider-boilerplate
combine it with https://github.com/denisenkom/go-mssqldb and you could have a solution
Be warned. It is time consuming
Maybe wrapping the terraform provider could be a option as well https://registry.terraform.io/providers/betr-io/mssql/latest/docs
m

millions-journalist-34868

02/02/2022, 7:05 AM
Thank you for your answers. Indeed building my own provider seems time consuming, a bit too much. I will maybe give a try to Command Package. Dynamic providers could be an interesting option but there are not yet available in .NET unfortunately which is what I am using in my stack.
d

delightful-controller-34898

02/02/2022, 3:20 PM
Yes it is unfortunate. I am also waiting on this feature
4 Views
Powered by