mcl*_*129 8 azure azure-resource-manager azure-sql-database azure-sql-server
是否可以将Active Directory管理员分配给ARM资源模板中的Azure SQL实例?我正在尝试自动部署数据库服务器,但我似乎只能指定本地服务器管理凭据.
"properties": {
"administratorLogin": "[parameters('databaseAdministratorLogin')]",
"administratorLoginPassword": "[parameters('databaseAdministratorPassword')]",
"version": "12.0"
},
除此之外,似乎没有任何地方可以指定特定的Azure AD管理员.
mcl*_*129 20
Microsoft与我联系并提供了一个示例资源模板来完成此任务:
{
"$schema": "http://schema.management.azure.com/schemas/2014-04-01-preview/deploymentTemplate.json#",
"contentVersion": "1.0.0.0",
"parameters": {
"SQL Administrator Login": {
"type": "String"
},
"SQL Administrator Password": {
"type": "SecureString"
},
"AAD Admin Login": {
"type": "String"
},
"AAD Admin ObjectID": {
"type": "String"
},
"AAD TenantId": {
"type": "String"
},
"Location (Region)": {
"type": "String"
},
"Server Name": {
"type": "String"
}
},
"variables": {},
"resources": [
{
"type": "Microsoft.Sql/servers",
"name": "[parameters('Server Name')]",
"apiVersion": "2014-04-01-preview",
"location": "[parameters('Location (Region)')]",
"properties": {
"administratorLogin": "[parameters('SQL Administrator Login')]",
"administratorLoginPassword": "[parameters('SQL Administrator Password')]",
"version": "12.0"
},
"resources": [
{
"type": "firewallrules",
"name": "AllowAllWindowsAzureIps",
"apiVersion": "2014-04-01-preview",
"location": "[parameters('Location (Region)')]",
"properties": {
"endIpAddress": "0.0.0.0",
"startIpAddress": "0.0.0.0"
},
"dependsOn": [
"[concat('Microsoft.Sql/servers/', parameters('Server Name'))]"
]
},
{
"type": "administrators",
"name": "activeDirectory",
"apiVersion": "2014-04-01-preview",
"location": "[parameters('Location (Region)')]",
"properties": {
"administratorType": "ActiveDirectory",
"login": "[parameters('AAD Admin Login')]",
"sid": "[parameters('AAD Admin ObjectID')]",
"tenantId": "[parameters('AAD TenantID')]"
},
"dependsOn": [
"[concat('Microsoft.Sql/servers/', parameters('Server Name'))]"
]
}
]
}
]
}