No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

What is the proper way to <https://docs.microsoft.com/en-us/azure/azure-functions/functions-identity-access-azure-sql-with-managed-identity#grant-sql-database-access-to-the-managed-identity|grant permissions to add azure ad users/ applications on an azure sql database> using Pulumi ? Doing that requires to execute an sql command on the database and I don't know where to put this code in my Pulumi program:
`CREATE USER [&lt;identity-name&gt;] FROM EXTERNAL PROVIDER;
ALTER ROLE db_datareader ADD MEMBER [&lt;identity-name&gt;];
ALTER ROLE db_datawriter ADD MEMBER [&lt;identity-name&gt;];
GO`

I have seen there is a new Command package in Pulumi, could this be a good idea to use that? What are the other options? Dynamic provider?

Command package, Dynamic provider, Build your own provider.  K8 job, function or do it outside of Pulumi

Has anyone done it before and has a sample to share?

I used this example to create a small custom provider last year <https://github.com/pulumi/pulumi-provider-boilerplate>

combine it with <https://github.com/denisenkom/go-mssqldb> and you could have a solution

Maybe wrapping the terraform provider could be a option as well <https://registry.terraform.io/providers/betr-io/mssql/latest/docs>

<https://github.com/pulumi/pulumi-terraform-bridge>

Thank you for your answers. Indeed building my own provider seems time consuming, a bit too much. I will maybe give a try to Command Package. Dynamic providers could be an interesting option but there are not yet available in .NET unfortunately which is what I am using in my stack.

Yes it is unfortunate. I am also waiting on this feature