How to fetch Azure AD group and use its object ID as SQL Server admin SID?
TypeScriptIn order to fetch Azure AD group and use its object ID as SQL Server admin SID, below is a Pulumi program in TypeScript:
import * as pulumi from "@pulumi/pulumi"; import * as azure from "@pulumi/azure-native"; import * as azuread from "@pulumi/azuread"; // provisioning an Azure AD group const adGroup = new azuread.Group("myGroup", { displayName: "My Group", //additional parameters }); // creating Azure SQL Server const sqlServer = new azure.sql.Server("mySqlServer", { resourceGroupName: "resourceGroupName", serverName: "myservername", administratorLogin: "sqladmin", administratorLoginPassword: "Enyf!dsjk$459745", location: "East US", version: "12.0", }); // assigning the Azure AD Group to the Azure SQL Server Admin const serverADAdmin = new azure.sql.ServerAzureADAdministrator("adAdmin", { administratorType: "ActiveDirectory", login: adGroup.displayName, // using the display name of the AD group as login sid: adGroup.id, // using the Object ID of the group as SID serverName: sqlServer.name, resourceGroupName: "resourceGroupName", });This program first creates an Azure AD group. Then an Azure SQL Server is created. Finally, the created AD group is assigned as Azure AD admin for the SQL Server.
The
azuread.Groupresource is used to create an Azure AD group. ThedisplayNameproperty is the display name for the group.The
azure.native.sql.Serverresource is used to create an Azure SQL Server. It requires details like the resource group it needs to be created on, the server name, location and version of the server.Lastly,
azure-native.sql.ServerAzureADAdministratoris used to assign the Azure AD group as Azure AD admin to the SQL Server. It uses properties likeadministratorType,login,sid(which is the AD group Object ID),serverName, andresourceGroupName.