Closed gursharan001 closed 1 year ago
@ninjarobot I have made further changes to hopefully simplify the code. Please do let me know if it can be made better. Thanks again.
Maybe the wrong place to add this but I just tested this feature and found an issue when changing from an existing Azure AD admin to a new one. It seems like this is not supported in ARM/Bicep: https://github.com/Azure/bicep/issues/4988
Does it work in json, just not in bicep? Or is this impacted by the bug regardless?
As far as I understand the comments on the issue, the Microsoft SQL team allows the value to be set but not changed via the ARM template that is generated in this PR:
The initial (deployment) template has to have AAD admin set as a property of "Microsoft.Sql/servers" resource. The "update" template would have to have "Microsoft.Sql/servers/administrators" resource.
https://github.com/Azure/bicep/issues/4988#issuecomment-1291611393
It might be to complex for Farmer to handle this case but perhaps it should be mentioned in the documentation?
This PR closes #1036
The changes in this PR are as follows:
ActiveDirectoryAdminSettings
I have read the contributing guidelines and have completed the following:
Below is a minimal example configuration that includes the new features, which can be used to deploy to Azure:
Issues
I have found that ARM templates need modification to switch SQL server configuration among following -
Please refer this blog post - https://www.codez.one/azure-sql-with-managed-identities-part-2/
One possible way forward is to make
AdOnlyAuth
member optional and let the user write correct farmer template by detecting existence of SQL server out of band (using AZ cli or powershell etc)