From bfd969a69ced28f4ebc8f8e0e631453b813f5a7b Mon Sep 17 00:00:00 2001 From: Vinit Dinesh Parekh Date: Wed, 23 Jun 2021 17:51:32 -0700 Subject: [PATCH] Add examples for CMK with UMI --- .../azure/cli/command_modules/sql/_help.py | 36 +++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/src/azure-cli/azure/cli/command_modules/sql/_help.py b/src/azure-cli/azure/cli/command_modules/sql/_help.py index 76fc34e0ee1..66d0f920786 100644 --- a/src/azure-cli/azure/cli/command_modules/sql/_help.py +++ b/src/azure-cli/azure/cli/command_modules/sql/_help.py @@ -755,6 +755,16 @@ text: az sql mi create -g mygroup -n myinstance -l mylocation -i -u myusername -p mypassword --subnet /subscriptions/{SubID}/resourceGroups/{ResourceGroup}/providers/Microsoft.Network/virtualNetworks/{VNETName}/subnets/{SubnetName} -m SQL_{Region}_{MaintenanceConfigName} - name: Create a managed instance without SQL Admin, with AAD admin and AD Only enabled text: az sql mi create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName --external-admin-sid c5e964e2-6bb2-2222-1111-3b16ec0e1234 -g myResourceGroup -n miName --subnet /subscriptions/78975f9f-2222-1111-1111-29c42ac70000/resourceGroups/myResourceGroup/providers/Microsoft.Network/virtualNetworks/vnet-test/subnets/ManagedInstance + - name: Create a managed instance without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is SystemAssigned,UserAssigned. + text: az sql mi create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \\ + --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi + - name: Create a managed instance without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is UserAssigned. + text: az sql mi create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \\ + --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi """ helps['sql mi delete'] = """ @@ -850,6 +860,14 @@ text: az sql mi update -g mygroup -n myinstance -m SQL_{Region}_{MaintenanceConfigName} - name: Remove maintenance configuration from managed instance text: az sql mi update -g mygroup -n myinstance -m SQL_Default + - name: Update a managed instance with User Managed Identies and Identity Type is SystemAssigned,UserAssigned. + text: az sql mi update -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi + - name: Update a managed instance with User Managed Identies and Identity Type is UserAssigned. + text: az sql mi update -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi """ helps['sql midb'] = """ @@ -1259,6 +1277,16 @@ text: az sql server create -l westus -g mygroup -n myserver -u myadminuser -p myadminpassword -e false - name: Create a server without SQL Admin, with AD admin and AD Only enabled. text: az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer + - name: Create a server without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is SystemAssigned,UserAssigned. + text: az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \\ + --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi + - name: Create a server without SQL Admin, with AD admin, AD Only enabled, User ManagedIdenties and Identity Type is UserAssigned. + text: az sql server create --enable-ad-only-auth --external-admin-principal-type User --external-admin-name myUserName \\ + --external-admin-sid c5e964e2-6bb2-1111-1111-3b16ec0e1234 -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi """ helps['sql server dns-alias'] = """ @@ -1357,6 +1385,14 @@ - name: Update a server. (autogenerated) text: az sql server update --admin-password myadminpassword --name MyAzureSQLServer --resource-group MyResourceGroup crafted: true + - name: Update a server with User Managed Identies and Identity Type is SystemAssigned,UserAssigned. + text: az sql server update -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type SystemAssigned,UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi + - name: Update a server with User Managed Identies and Identity Type is UserAssigned. + text: az sql server update -g myResourceGroup -n myServer -i \\ + --user-assigned-identity-id /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi \\ + --identity-type UserAssigned --pid /subscriptions/xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/myResourceGroup/providers/Microsoft.ManagedIdentity/userAssignedIdentities/testumi """ helps['sql server vnet-rule'] = """