We recommend using Azure Native.
azure.mssql.ManagedInstance
Explore with Pulumi AI
Manages a Microsoft SQL Azure Managed Instance.
Note: All arguments including the administrator login and password will be stored in the raw state as plain-text. Read more about sensitive data in state.
Note: SQL Managed Instance needs permission to read Azure Active Directory when configuring the AAD administrator. Read more about provisioning AAD administrators.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
    name: "database-rg",
    location: "West Europe",
});
const exampleNetworkSecurityGroup = new azure.network.NetworkSecurityGroup("example", {
    name: "mi-security-group",
    location: example.location,
    resourceGroupName: example.name,
});
const allowManagementInbound = new azure.network.NetworkSecurityRule("allow_management_inbound", {
    name: "allow_management_inbound",
    priority: 106,
    direction: "Inbound",
    access: "Allow",
    protocol: "Tcp",
    sourcePortRange: "*",
    destinationPortRanges: [
        "9000",
        "9003",
        "1438",
        "1440",
        "1452",
    ],
    sourceAddressPrefix: "*",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const allowMisubnetInbound = new azure.network.NetworkSecurityRule("allow_misubnet_inbound", {
    name: "allow_misubnet_inbound",
    priority: 200,
    direction: "Inbound",
    access: "Allow",
    protocol: "*",
    sourcePortRange: "*",
    destinationPortRange: "*",
    sourceAddressPrefix: "10.0.0.0/24",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const allowHealthProbeInbound = new azure.network.NetworkSecurityRule("allow_health_probe_inbound", {
    name: "allow_health_probe_inbound",
    priority: 300,
    direction: "Inbound",
    access: "Allow",
    protocol: "*",
    sourcePortRange: "*",
    destinationPortRange: "*",
    sourceAddressPrefix: "AzureLoadBalancer",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const allowTdsInbound = new azure.network.NetworkSecurityRule("allow_tds_inbound", {
    name: "allow_tds_inbound",
    priority: 1000,
    direction: "Inbound",
    access: "Allow",
    protocol: "Tcp",
    sourcePortRange: "*",
    destinationPortRange: "1433",
    sourceAddressPrefix: "VirtualNetwork",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const denyAllInbound = new azure.network.NetworkSecurityRule("deny_all_inbound", {
    name: "deny_all_inbound",
    priority: 4096,
    direction: "Inbound",
    access: "Deny",
    protocol: "*",
    sourcePortRange: "*",
    destinationPortRange: "*",
    sourceAddressPrefix: "*",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const allowManagementOutbound = new azure.network.NetworkSecurityRule("allow_management_outbound", {
    name: "allow_management_outbound",
    priority: 102,
    direction: "Outbound",
    access: "Allow",
    protocol: "Tcp",
    sourcePortRange: "*",
    destinationPortRanges: [
        "80",
        "443",
        "12000",
    ],
    sourceAddressPrefix: "*",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const allowMisubnetOutbound = new azure.network.NetworkSecurityRule("allow_misubnet_outbound", {
    name: "allow_misubnet_outbound",
    priority: 200,
    direction: "Outbound",
    access: "Allow",
    protocol: "*",
    sourcePortRange: "*",
    destinationPortRange: "*",
    sourceAddressPrefix: "10.0.0.0/24",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const denyAllOutbound = new azure.network.NetworkSecurityRule("deny_all_outbound", {
    name: "deny_all_outbound",
    priority: 4096,
    direction: "Outbound",
    access: "Deny",
    protocol: "*",
    sourcePortRange: "*",
    destinationPortRange: "*",
    sourceAddressPrefix: "*",
    destinationAddressPrefix: "*",
    resourceGroupName: example.name,
    networkSecurityGroupName: exampleNetworkSecurityGroup.name,
});
const exampleVirtualNetwork = new azure.network.VirtualNetwork("example", {
    name: "vnet-mi",
    resourceGroupName: example.name,
    addressSpaces: ["10.0.0.0/16"],
    location: example.location,
});
const exampleSubnet = new azure.network.Subnet("example", {
    name: "subnet-mi",
    resourceGroupName: example.name,
    virtualNetworkName: exampleVirtualNetwork.name,
    addressPrefixes: ["10.0.0.0/24"],
    delegations: [{
        name: "managedinstancedelegation",
        serviceDelegation: {
            name: "Microsoft.Sql/managedInstances",
            actions: [
                "Microsoft.Network/virtualNetworks/subnets/join/action",
                "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
                "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action",
            ],
        },
    }],
});
const exampleSubnetNetworkSecurityGroupAssociation = new azure.network.SubnetNetworkSecurityGroupAssociation("example", {
    subnetId: exampleSubnet.id,
    networkSecurityGroupId: exampleNetworkSecurityGroup.id,
});
const exampleRouteTable = new azure.network.RouteTable("example", {
    name: "routetable-mi",
    location: example.location,
    resourceGroupName: example.name,
    bgpRoutePropagationEnabled: true,
}, {
    dependsOn: [exampleSubnet],
});
const exampleSubnetRouteTableAssociation = new azure.network.SubnetRouteTableAssociation("example", {
    subnetId: exampleSubnet.id,
    routeTableId: exampleRouteTable.id,
});
const exampleManagedInstance = new azure.mssql.ManagedInstance("example", {
    name: "managedsqlinstance",
    resourceGroupName: example.name,
    location: example.location,
    licenseType: "BasePrice",
    skuName: "GP_Gen5",
    storageSizeInGb: 32,
    subnetId: exampleSubnet.id,
    vcores: 4,
    administratorLogin: "mradministrator",
    administratorLoginPassword: "thisIsDog11",
}, {
    dependsOn: [
        exampleSubnetNetworkSecurityGroupAssociation,
        exampleSubnetRouteTableAssociation,
    ],
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
    name="database-rg",
    location="West Europe")
example_network_security_group = azure.network.NetworkSecurityGroup("example",
    name="mi-security-group",
    location=example.location,
    resource_group_name=example.name)
allow_management_inbound = azure.network.NetworkSecurityRule("allow_management_inbound",
    name="allow_management_inbound",
    priority=106,
    direction="Inbound",
    access="Allow",
    protocol="Tcp",
    source_port_range="*",
    destination_port_ranges=[
        "9000",
        "9003",
        "1438",
        "1440",
        "1452",
    ],
    source_address_prefix="*",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
allow_misubnet_inbound = azure.network.NetworkSecurityRule("allow_misubnet_inbound",
    name="allow_misubnet_inbound",
    priority=200,
    direction="Inbound",
    access="Allow",
    protocol="*",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="10.0.0.0/24",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
allow_health_probe_inbound = azure.network.NetworkSecurityRule("allow_health_probe_inbound",
    name="allow_health_probe_inbound",
    priority=300,
    direction="Inbound",
    access="Allow",
    protocol="*",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="AzureLoadBalancer",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
allow_tds_inbound = azure.network.NetworkSecurityRule("allow_tds_inbound",
    name="allow_tds_inbound",
    priority=1000,
    direction="Inbound",
    access="Allow",
    protocol="Tcp",
    source_port_range="*",
    destination_port_range="1433",
    source_address_prefix="VirtualNetwork",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
deny_all_inbound = azure.network.NetworkSecurityRule("deny_all_inbound",
    name="deny_all_inbound",
    priority=4096,
    direction="Inbound",
    access="Deny",
    protocol="*",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="*",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
allow_management_outbound = azure.network.NetworkSecurityRule("allow_management_outbound",
    name="allow_management_outbound",
    priority=102,
    direction="Outbound",
    access="Allow",
    protocol="Tcp",
    source_port_range="*",
    destination_port_ranges=[
        "80",
        "443",
        "12000",
    ],
    source_address_prefix="*",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
allow_misubnet_outbound = azure.network.NetworkSecurityRule("allow_misubnet_outbound",
    name="allow_misubnet_outbound",
    priority=200,
    direction="Outbound",
    access="Allow",
    protocol="*",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="10.0.0.0/24",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
deny_all_outbound = azure.network.NetworkSecurityRule("deny_all_outbound",
    name="deny_all_outbound",
    priority=4096,
    direction="Outbound",
    access="Deny",
    protocol="*",
    source_port_range="*",
    destination_port_range="*",
    source_address_prefix="*",
    destination_address_prefix="*",
    resource_group_name=example.name,
    network_security_group_name=example_network_security_group.name)
example_virtual_network = azure.network.VirtualNetwork("example",
    name="vnet-mi",
    resource_group_name=example.name,
    address_spaces=["10.0.0.0/16"],
    location=example.location)
example_subnet = azure.network.Subnet("example",
    name="subnet-mi",
    resource_group_name=example.name,
    virtual_network_name=example_virtual_network.name,
    address_prefixes=["10.0.0.0/24"],
    delegations=[{
        "name": "managedinstancedelegation",
        "service_delegation": {
            "name": "Microsoft.Sql/managedInstances",
            "actions": [
                "Microsoft.Network/virtualNetworks/subnets/join/action",
                "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
                "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action",
            ],
        },
    }])
example_subnet_network_security_group_association = azure.network.SubnetNetworkSecurityGroupAssociation("example",
    subnet_id=example_subnet.id,
    network_security_group_id=example_network_security_group.id)
example_route_table = azure.network.RouteTable("example",
    name="routetable-mi",
    location=example.location,
    resource_group_name=example.name,
    bgp_route_propagation_enabled=True,
    opts = pulumi.ResourceOptions(depends_on=[example_subnet]))
example_subnet_route_table_association = azure.network.SubnetRouteTableAssociation("example",
    subnet_id=example_subnet.id,
    route_table_id=example_route_table.id)
example_managed_instance = azure.mssql.ManagedInstance("example",
    name="managedsqlinstance",
    resource_group_name=example.name,
    location=example.location,
    license_type="BasePrice",
    sku_name="GP_Gen5",
    storage_size_in_gb=32,
    subnet_id=example_subnet.id,
    vcores=4,
    administrator_login="mradministrator",
    administrator_login_password="thisIsDog11",
    opts = pulumi.ResourceOptions(depends_on=[
            example_subnet_network_security_group_association,
            example_subnet_route_table_association,
        ]))
package main
import (
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/mssql"
	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/network"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
			Name:     pulumi.String("database-rg"),
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleNetworkSecurityGroup, err := network.NewNetworkSecurityGroup(ctx, "example", &network.NetworkSecurityGroupArgs{
			Name:              pulumi.String("mi-security-group"),
			Location:          example.Location,
			ResourceGroupName: example.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_management_inbound", &network.NetworkSecurityRuleArgs{
			Name:            pulumi.String("allow_management_inbound"),
			Priority:        pulumi.Int(106),
			Direction:       pulumi.String("Inbound"),
			Access:          pulumi.String("Allow"),
			Protocol:        pulumi.String("Tcp"),
			SourcePortRange: pulumi.String("*"),
			DestinationPortRanges: pulumi.StringArray{
				pulumi.String("9000"),
				pulumi.String("9003"),
				pulumi.String("1438"),
				pulumi.String("1440"),
				pulumi.String("1452"),
			},
			SourceAddressPrefix:      pulumi.String("*"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_misubnet_inbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("allow_misubnet_inbound"),
			Priority:                 pulumi.Int(200),
			Direction:                pulumi.String("Inbound"),
			Access:                   pulumi.String("Allow"),
			Protocol:                 pulumi.String("*"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("*"),
			SourceAddressPrefix:      pulumi.String("10.0.0.0/24"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_health_probe_inbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("allow_health_probe_inbound"),
			Priority:                 pulumi.Int(300),
			Direction:                pulumi.String("Inbound"),
			Access:                   pulumi.String("Allow"),
			Protocol:                 pulumi.String("*"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("*"),
			SourceAddressPrefix:      pulumi.String("AzureLoadBalancer"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_tds_inbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("allow_tds_inbound"),
			Priority:                 pulumi.Int(1000),
			Direction:                pulumi.String("Inbound"),
			Access:                   pulumi.String("Allow"),
			Protocol:                 pulumi.String("Tcp"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("1433"),
			SourceAddressPrefix:      pulumi.String("VirtualNetwork"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "deny_all_inbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("deny_all_inbound"),
			Priority:                 pulumi.Int(4096),
			Direction:                pulumi.String("Inbound"),
			Access:                   pulumi.String("Deny"),
			Protocol:                 pulumi.String("*"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("*"),
			SourceAddressPrefix:      pulumi.String("*"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_management_outbound", &network.NetworkSecurityRuleArgs{
			Name:            pulumi.String("allow_management_outbound"),
			Priority:        pulumi.Int(102),
			Direction:       pulumi.String("Outbound"),
			Access:          pulumi.String("Allow"),
			Protocol:        pulumi.String("Tcp"),
			SourcePortRange: pulumi.String("*"),
			DestinationPortRanges: pulumi.StringArray{
				pulumi.String("80"),
				pulumi.String("443"),
				pulumi.String("12000"),
			},
			SourceAddressPrefix:      pulumi.String("*"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "allow_misubnet_outbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("allow_misubnet_outbound"),
			Priority:                 pulumi.Int(200),
			Direction:                pulumi.String("Outbound"),
			Access:                   pulumi.String("Allow"),
			Protocol:                 pulumi.String("*"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("*"),
			SourceAddressPrefix:      pulumi.String("10.0.0.0/24"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		_, err = network.NewNetworkSecurityRule(ctx, "deny_all_outbound", &network.NetworkSecurityRuleArgs{
			Name:                     pulumi.String("deny_all_outbound"),
			Priority:                 pulumi.Int(4096),
			Direction:                pulumi.String("Outbound"),
			Access:                   pulumi.String("Deny"),
			Protocol:                 pulumi.String("*"),
			SourcePortRange:          pulumi.String("*"),
			DestinationPortRange:     pulumi.String("*"),
			SourceAddressPrefix:      pulumi.String("*"),
			DestinationAddressPrefix: pulumi.String("*"),
			ResourceGroupName:        example.Name,
			NetworkSecurityGroupName: exampleNetworkSecurityGroup.Name,
		})
		if err != nil {
			return err
		}
		exampleVirtualNetwork, err := network.NewVirtualNetwork(ctx, "example", &network.VirtualNetworkArgs{
			Name:              pulumi.String("vnet-mi"),
			ResourceGroupName: example.Name,
			AddressSpaces: pulumi.StringArray{
				pulumi.String("10.0.0.0/16"),
			},
			Location: example.Location,
		})
		if err != nil {
			return err
		}
		exampleSubnet, err := network.NewSubnet(ctx, "example", &network.SubnetArgs{
			Name:               pulumi.String("subnet-mi"),
			ResourceGroupName:  example.Name,
			VirtualNetworkName: exampleVirtualNetwork.Name,
			AddressPrefixes: pulumi.StringArray{
				pulumi.String("10.0.0.0/24"),
			},
			Delegations: network.SubnetDelegationArray{
				&network.SubnetDelegationArgs{
					Name: pulumi.String("managedinstancedelegation"),
					ServiceDelegation: &network.SubnetDelegationServiceDelegationArgs{
						Name: pulumi.String("Microsoft.Sql/managedInstances"),
						Actions: pulumi.StringArray{
							pulumi.String("Microsoft.Network/virtualNetworks/subnets/join/action"),
							pulumi.String("Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action"),
							pulumi.String("Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action"),
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		exampleSubnetNetworkSecurityGroupAssociation, err := network.NewSubnetNetworkSecurityGroupAssociation(ctx, "example", &network.SubnetNetworkSecurityGroupAssociationArgs{
			SubnetId:               exampleSubnet.ID(),
			NetworkSecurityGroupId: exampleNetworkSecurityGroup.ID(),
		})
		if err != nil {
			return err
		}
		exampleRouteTable, err := network.NewRouteTable(ctx, "example", &network.RouteTableArgs{
			Name:                       pulumi.String("routetable-mi"),
			Location:                   example.Location,
			ResourceGroupName:          example.Name,
			BgpRoutePropagationEnabled: pulumi.Bool(true),
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleSubnet,
		}))
		if err != nil {
			return err
		}
		exampleSubnetRouteTableAssociation, err := network.NewSubnetRouteTableAssociation(ctx, "example", &network.SubnetRouteTableAssociationArgs{
			SubnetId:     exampleSubnet.ID(),
			RouteTableId: exampleRouteTable.ID(),
		})
		if err != nil {
			return err
		}
		_, err = mssql.NewManagedInstance(ctx, "example", &mssql.ManagedInstanceArgs{
			Name:                       pulumi.String("managedsqlinstance"),
			ResourceGroupName:          example.Name,
			Location:                   example.Location,
			LicenseType:                pulumi.String("BasePrice"),
			SkuName:                    pulumi.String("GP_Gen5"),
			StorageSizeInGb:            pulumi.Int(32),
			SubnetId:                   exampleSubnet.ID(),
			Vcores:                     pulumi.Int(4),
			AdministratorLogin:         pulumi.String("mradministrator"),
			AdministratorLoginPassword: pulumi.String("thisIsDog11"),
		}, pulumi.DependsOn([]pulumi.Resource{
			exampleSubnetNetworkSecurityGroupAssociation,
			exampleSubnetRouteTableAssociation,
		}))
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() => 
{
    var example = new Azure.Core.ResourceGroup("example", new()
    {
        Name = "database-rg",
        Location = "West Europe",
    });
    var exampleNetworkSecurityGroup = new Azure.Network.NetworkSecurityGroup("example", new()
    {
        Name = "mi-security-group",
        Location = example.Location,
        ResourceGroupName = example.Name,
    });
    var allowManagementInbound = new Azure.Network.NetworkSecurityRule("allow_management_inbound", new()
    {
        Name = "allow_management_inbound",
        Priority = 106,
        Direction = "Inbound",
        Access = "Allow",
        Protocol = "Tcp",
        SourcePortRange = "*",
        DestinationPortRanges = new[]
        {
            "9000",
            "9003",
            "1438",
            "1440",
            "1452",
        },
        SourceAddressPrefix = "*",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var allowMisubnetInbound = new Azure.Network.NetworkSecurityRule("allow_misubnet_inbound", new()
    {
        Name = "allow_misubnet_inbound",
        Priority = 200,
        Direction = "Inbound",
        Access = "Allow",
        Protocol = "*",
        SourcePortRange = "*",
        DestinationPortRange = "*",
        SourceAddressPrefix = "10.0.0.0/24",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var allowHealthProbeInbound = new Azure.Network.NetworkSecurityRule("allow_health_probe_inbound", new()
    {
        Name = "allow_health_probe_inbound",
        Priority = 300,
        Direction = "Inbound",
        Access = "Allow",
        Protocol = "*",
        SourcePortRange = "*",
        DestinationPortRange = "*",
        SourceAddressPrefix = "AzureLoadBalancer",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var allowTdsInbound = new Azure.Network.NetworkSecurityRule("allow_tds_inbound", new()
    {
        Name = "allow_tds_inbound",
        Priority = 1000,
        Direction = "Inbound",
        Access = "Allow",
        Protocol = "Tcp",
        SourcePortRange = "*",
        DestinationPortRange = "1433",
        SourceAddressPrefix = "VirtualNetwork",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var denyAllInbound = new Azure.Network.NetworkSecurityRule("deny_all_inbound", new()
    {
        Name = "deny_all_inbound",
        Priority = 4096,
        Direction = "Inbound",
        Access = "Deny",
        Protocol = "*",
        SourcePortRange = "*",
        DestinationPortRange = "*",
        SourceAddressPrefix = "*",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var allowManagementOutbound = new Azure.Network.NetworkSecurityRule("allow_management_outbound", new()
    {
        Name = "allow_management_outbound",
        Priority = 102,
        Direction = "Outbound",
        Access = "Allow",
        Protocol = "Tcp",
        SourcePortRange = "*",
        DestinationPortRanges = new[]
        {
            "80",
            "443",
            "12000",
        },
        SourceAddressPrefix = "*",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var allowMisubnetOutbound = new Azure.Network.NetworkSecurityRule("allow_misubnet_outbound", new()
    {
        Name = "allow_misubnet_outbound",
        Priority = 200,
        Direction = "Outbound",
        Access = "Allow",
        Protocol = "*",
        SourcePortRange = "*",
        DestinationPortRange = "*",
        SourceAddressPrefix = "10.0.0.0/24",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var denyAllOutbound = new Azure.Network.NetworkSecurityRule("deny_all_outbound", new()
    {
        Name = "deny_all_outbound",
        Priority = 4096,
        Direction = "Outbound",
        Access = "Deny",
        Protocol = "*",
        SourcePortRange = "*",
        DestinationPortRange = "*",
        SourceAddressPrefix = "*",
        DestinationAddressPrefix = "*",
        ResourceGroupName = example.Name,
        NetworkSecurityGroupName = exampleNetworkSecurityGroup.Name,
    });
    var exampleVirtualNetwork = new Azure.Network.VirtualNetwork("example", new()
    {
        Name = "vnet-mi",
        ResourceGroupName = example.Name,
        AddressSpaces = new[]
        {
            "10.0.0.0/16",
        },
        Location = example.Location,
    });
    var exampleSubnet = new Azure.Network.Subnet("example", new()
    {
        Name = "subnet-mi",
        ResourceGroupName = example.Name,
        VirtualNetworkName = exampleVirtualNetwork.Name,
        AddressPrefixes = new[]
        {
            "10.0.0.0/24",
        },
        Delegations = new[]
        {
            new Azure.Network.Inputs.SubnetDelegationArgs
            {
                Name = "managedinstancedelegation",
                ServiceDelegation = new Azure.Network.Inputs.SubnetDelegationServiceDelegationArgs
                {
                    Name = "Microsoft.Sql/managedInstances",
                    Actions = new[]
                    {
                        "Microsoft.Network/virtualNetworks/subnets/join/action",
                        "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
                        "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action",
                    },
                },
            },
        },
    });
    var exampleSubnetNetworkSecurityGroupAssociation = new Azure.Network.SubnetNetworkSecurityGroupAssociation("example", new()
    {
        SubnetId = exampleSubnet.Id,
        NetworkSecurityGroupId = exampleNetworkSecurityGroup.Id,
    });
    var exampleRouteTable = new Azure.Network.RouteTable("example", new()
    {
        Name = "routetable-mi",
        Location = example.Location,
        ResourceGroupName = example.Name,
        BgpRoutePropagationEnabled = true,
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            exampleSubnet,
        },
    });
    var exampleSubnetRouteTableAssociation = new Azure.Network.SubnetRouteTableAssociation("example", new()
    {
        SubnetId = exampleSubnet.Id,
        RouteTableId = exampleRouteTable.Id,
    });
    var exampleManagedInstance = new Azure.MSSql.ManagedInstance("example", new()
    {
        Name = "managedsqlinstance",
        ResourceGroupName = example.Name,
        Location = example.Location,
        LicenseType = "BasePrice",
        SkuName = "GP_Gen5",
        StorageSizeInGb = 32,
        SubnetId = exampleSubnet.Id,
        Vcores = 4,
        AdministratorLogin = "mradministrator",
        AdministratorLoginPassword = "thisIsDog11",
    }, new CustomResourceOptions
    {
        DependsOn =
        {
            exampleSubnetNetworkSecurityGroupAssociation,
            exampleSubnetRouteTableAssociation,
        },
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.network.NetworkSecurityGroup;
import com.pulumi.azure.network.NetworkSecurityGroupArgs;
import com.pulumi.azure.network.NetworkSecurityRule;
import com.pulumi.azure.network.NetworkSecurityRuleArgs;
import com.pulumi.azure.network.VirtualNetwork;
import com.pulumi.azure.network.VirtualNetworkArgs;
import com.pulumi.azure.network.Subnet;
import com.pulumi.azure.network.SubnetArgs;
import com.pulumi.azure.network.inputs.SubnetDelegationArgs;
import com.pulumi.azure.network.inputs.SubnetDelegationServiceDelegationArgs;
import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociation;
import com.pulumi.azure.network.SubnetNetworkSecurityGroupAssociationArgs;
import com.pulumi.azure.network.RouteTable;
import com.pulumi.azure.network.RouteTableArgs;
import com.pulumi.azure.network.SubnetRouteTableAssociation;
import com.pulumi.azure.network.SubnetRouteTableAssociationArgs;
import com.pulumi.azure.mssql.ManagedInstance;
import com.pulumi.azure.mssql.ManagedInstanceArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var example = new ResourceGroup("example", ResourceGroupArgs.builder()
            .name("database-rg")
            .location("West Europe")
            .build());
        var exampleNetworkSecurityGroup = new NetworkSecurityGroup("exampleNetworkSecurityGroup", NetworkSecurityGroupArgs.builder()
            .name("mi-security-group")
            .location(example.location())
            .resourceGroupName(example.name())
            .build());
        var allowManagementInbound = new NetworkSecurityRule("allowManagementInbound", NetworkSecurityRuleArgs.builder()
            .name("allow_management_inbound")
            .priority(106)
            .direction("Inbound")
            .access("Allow")
            .protocol("Tcp")
            .sourcePortRange("*")
            .destinationPortRanges(            
                "9000",
                "9003",
                "1438",
                "1440",
                "1452")
            .sourceAddressPrefix("*")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var allowMisubnetInbound = new NetworkSecurityRule("allowMisubnetInbound", NetworkSecurityRuleArgs.builder()
            .name("allow_misubnet_inbound")
            .priority(200)
            .direction("Inbound")
            .access("Allow")
            .protocol("*")
            .sourcePortRange("*")
            .destinationPortRange("*")
            .sourceAddressPrefix("10.0.0.0/24")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var allowHealthProbeInbound = new NetworkSecurityRule("allowHealthProbeInbound", NetworkSecurityRuleArgs.builder()
            .name("allow_health_probe_inbound")
            .priority(300)
            .direction("Inbound")
            .access("Allow")
            .protocol("*")
            .sourcePortRange("*")
            .destinationPortRange("*")
            .sourceAddressPrefix("AzureLoadBalancer")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var allowTdsInbound = new NetworkSecurityRule("allowTdsInbound", NetworkSecurityRuleArgs.builder()
            .name("allow_tds_inbound")
            .priority(1000)
            .direction("Inbound")
            .access("Allow")
            .protocol("Tcp")
            .sourcePortRange("*")
            .destinationPortRange("1433")
            .sourceAddressPrefix("VirtualNetwork")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var denyAllInbound = new NetworkSecurityRule("denyAllInbound", NetworkSecurityRuleArgs.builder()
            .name("deny_all_inbound")
            .priority(4096)
            .direction("Inbound")
            .access("Deny")
            .protocol("*")
            .sourcePortRange("*")
            .destinationPortRange("*")
            .sourceAddressPrefix("*")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var allowManagementOutbound = new NetworkSecurityRule("allowManagementOutbound", NetworkSecurityRuleArgs.builder()
            .name("allow_management_outbound")
            .priority(102)
            .direction("Outbound")
            .access("Allow")
            .protocol("Tcp")
            .sourcePortRange("*")
            .destinationPortRanges(            
                "80",
                "443",
                "12000")
            .sourceAddressPrefix("*")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var allowMisubnetOutbound = new NetworkSecurityRule("allowMisubnetOutbound", NetworkSecurityRuleArgs.builder()
            .name("allow_misubnet_outbound")
            .priority(200)
            .direction("Outbound")
            .access("Allow")
            .protocol("*")
            .sourcePortRange("*")
            .destinationPortRange("*")
            .sourceAddressPrefix("10.0.0.0/24")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var denyAllOutbound = new NetworkSecurityRule("denyAllOutbound", NetworkSecurityRuleArgs.builder()
            .name("deny_all_outbound")
            .priority(4096)
            .direction("Outbound")
            .access("Deny")
            .protocol("*")
            .sourcePortRange("*")
            .destinationPortRange("*")
            .sourceAddressPrefix("*")
            .destinationAddressPrefix("*")
            .resourceGroupName(example.name())
            .networkSecurityGroupName(exampleNetworkSecurityGroup.name())
            .build());
        var exampleVirtualNetwork = new VirtualNetwork("exampleVirtualNetwork", VirtualNetworkArgs.builder()
            .name("vnet-mi")
            .resourceGroupName(example.name())
            .addressSpaces("10.0.0.0/16")
            .location(example.location())
            .build());
        var exampleSubnet = new Subnet("exampleSubnet", SubnetArgs.builder()
            .name("subnet-mi")
            .resourceGroupName(example.name())
            .virtualNetworkName(exampleVirtualNetwork.name())
            .addressPrefixes("10.0.0.0/24")
            .delegations(SubnetDelegationArgs.builder()
                .name("managedinstancedelegation")
                .serviceDelegation(SubnetDelegationServiceDelegationArgs.builder()
                    .name("Microsoft.Sql/managedInstances")
                    .actions(                    
                        "Microsoft.Network/virtualNetworks/subnets/join/action",
                        "Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action",
                        "Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action")
                    .build())
                .build())
            .build());
        var exampleSubnetNetworkSecurityGroupAssociation = new SubnetNetworkSecurityGroupAssociation("exampleSubnetNetworkSecurityGroupAssociation", SubnetNetworkSecurityGroupAssociationArgs.builder()
            .subnetId(exampleSubnet.id())
            .networkSecurityGroupId(exampleNetworkSecurityGroup.id())
            .build());
        var exampleRouteTable = new RouteTable("exampleRouteTable", RouteTableArgs.builder()
            .name("routetable-mi")
            .location(example.location())
            .resourceGroupName(example.name())
            .bgpRoutePropagationEnabled(true)
            .build(), CustomResourceOptions.builder()
                .dependsOn(exampleSubnet)
                .build());
        var exampleSubnetRouteTableAssociation = new SubnetRouteTableAssociation("exampleSubnetRouteTableAssociation", SubnetRouteTableAssociationArgs.builder()
            .subnetId(exampleSubnet.id())
            .routeTableId(exampleRouteTable.id())
            .build());
        var exampleManagedInstance = new ManagedInstance("exampleManagedInstance", ManagedInstanceArgs.builder()
            .name("managedsqlinstance")
            .resourceGroupName(example.name())
            .location(example.location())
            .licenseType("BasePrice")
            .skuName("GP_Gen5")
            .storageSizeInGb(32)
            .subnetId(exampleSubnet.id())
            .vcores(4)
            .administratorLogin("mradministrator")
            .administratorLoginPassword("thisIsDog11")
            .build(), CustomResourceOptions.builder()
                .dependsOn(                
                    exampleSubnetNetworkSecurityGroupAssociation,
                    exampleSubnetRouteTableAssociation)
                .build());
    }
}
resources:
  example:
    type: azure:core:ResourceGroup
    properties:
      name: database-rg
      location: West Europe
  exampleNetworkSecurityGroup:
    type: azure:network:NetworkSecurityGroup
    name: example
    properties:
      name: mi-security-group
      location: ${example.location}
      resourceGroupName: ${example.name}
  allowManagementInbound:
    type: azure:network:NetworkSecurityRule
    name: allow_management_inbound
    properties:
      name: allow_management_inbound
      priority: 106
      direction: Inbound
      access: Allow
      protocol: Tcp
      sourcePortRange: '*'
      destinationPortRanges:
        - '9000'
        - '9003'
        - '1438'
        - '1440'
        - '1452'
      sourceAddressPrefix: '*'
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  allowMisubnetInbound:
    type: azure:network:NetworkSecurityRule
    name: allow_misubnet_inbound
    properties:
      name: allow_misubnet_inbound
      priority: 200
      direction: Inbound
      access: Allow
      protocol: '*'
      sourcePortRange: '*'
      destinationPortRange: '*'
      sourceAddressPrefix: 10.0.0.0/24
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  allowHealthProbeInbound:
    type: azure:network:NetworkSecurityRule
    name: allow_health_probe_inbound
    properties:
      name: allow_health_probe_inbound
      priority: 300
      direction: Inbound
      access: Allow
      protocol: '*'
      sourcePortRange: '*'
      destinationPortRange: '*'
      sourceAddressPrefix: AzureLoadBalancer
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  allowTdsInbound:
    type: azure:network:NetworkSecurityRule
    name: allow_tds_inbound
    properties:
      name: allow_tds_inbound
      priority: 1000
      direction: Inbound
      access: Allow
      protocol: Tcp
      sourcePortRange: '*'
      destinationPortRange: '1433'
      sourceAddressPrefix: VirtualNetwork
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  denyAllInbound:
    type: azure:network:NetworkSecurityRule
    name: deny_all_inbound
    properties:
      name: deny_all_inbound
      priority: 4096
      direction: Inbound
      access: Deny
      protocol: '*'
      sourcePortRange: '*'
      destinationPortRange: '*'
      sourceAddressPrefix: '*'
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  allowManagementOutbound:
    type: azure:network:NetworkSecurityRule
    name: allow_management_outbound
    properties:
      name: allow_management_outbound
      priority: 102
      direction: Outbound
      access: Allow
      protocol: Tcp
      sourcePortRange: '*'
      destinationPortRanges:
        - '80'
        - '443'
        - '12000'
      sourceAddressPrefix: '*'
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  allowMisubnetOutbound:
    type: azure:network:NetworkSecurityRule
    name: allow_misubnet_outbound
    properties:
      name: allow_misubnet_outbound
      priority: 200
      direction: Outbound
      access: Allow
      protocol: '*'
      sourcePortRange: '*'
      destinationPortRange: '*'
      sourceAddressPrefix: 10.0.0.0/24
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  denyAllOutbound:
    type: azure:network:NetworkSecurityRule
    name: deny_all_outbound
    properties:
      name: deny_all_outbound
      priority: 4096
      direction: Outbound
      access: Deny
      protocol: '*'
      sourcePortRange: '*'
      destinationPortRange: '*'
      sourceAddressPrefix: '*'
      destinationAddressPrefix: '*'
      resourceGroupName: ${example.name}
      networkSecurityGroupName: ${exampleNetworkSecurityGroup.name}
  exampleVirtualNetwork:
    type: azure:network:VirtualNetwork
    name: example
    properties:
      name: vnet-mi
      resourceGroupName: ${example.name}
      addressSpaces:
        - 10.0.0.0/16
      location: ${example.location}
  exampleSubnet:
    type: azure:network:Subnet
    name: example
    properties:
      name: subnet-mi
      resourceGroupName: ${example.name}
      virtualNetworkName: ${exampleVirtualNetwork.name}
      addressPrefixes:
        - 10.0.0.0/24
      delegations:
        - name: managedinstancedelegation
          serviceDelegation:
            name: Microsoft.Sql/managedInstances
            actions:
              - Microsoft.Network/virtualNetworks/subnets/join/action
              - Microsoft.Network/virtualNetworks/subnets/prepareNetworkPolicies/action
              - Microsoft.Network/virtualNetworks/subnets/unprepareNetworkPolicies/action
  exampleSubnetNetworkSecurityGroupAssociation:
    type: azure:network:SubnetNetworkSecurityGroupAssociation
    name: example
    properties:
      subnetId: ${exampleSubnet.id}
      networkSecurityGroupId: ${exampleNetworkSecurityGroup.id}
  exampleRouteTable:
    type: azure:network:RouteTable
    name: example
    properties:
      name: routetable-mi
      location: ${example.location}
      resourceGroupName: ${example.name}
      bgpRoutePropagationEnabled: true
    options:
      dependsOn:
        - ${exampleSubnet}
  exampleSubnetRouteTableAssociation:
    type: azure:network:SubnetRouteTableAssociation
    name: example
    properties:
      subnetId: ${exampleSubnet.id}
      routeTableId: ${exampleRouteTable.id}
  exampleManagedInstance:
    type: azure:mssql:ManagedInstance
    name: example
    properties:
      name: managedsqlinstance
      resourceGroupName: ${example.name}
      location: ${example.location}
      licenseType: BasePrice
      skuName: GP_Gen5
      storageSizeInGb: 32
      subnetId: ${exampleSubnet.id}
      vcores: 4
      administratorLogin: mradministrator
      administratorLoginPassword: thisIsDog11
    options:
      dependsOn:
        - ${exampleSubnetNetworkSecurityGroupAssociation}
        - ${exampleSubnetRouteTableAssociation}
Create ManagedInstance Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ManagedInstance(name: string, args: ManagedInstanceArgs, opts?: CustomResourceOptions);@overload
def ManagedInstance(resource_name: str,
                    args: ManagedInstanceArgs,
                    opts: Optional[ResourceOptions] = None)
@overload
def ManagedInstance(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    license_type: Optional[str] = None,
                    vcores: Optional[int] = None,
                    subnet_id: Optional[str] = None,
                    storage_size_in_gb: Optional[int] = None,
                    sku_name: Optional[str] = None,
                    resource_group_name: Optional[str] = None,
                    name: Optional[str] = None,
                    dns_zone_partner_id: Optional[str] = None,
                    hybrid_secondary_usage: Optional[str] = None,
                    location: Optional[str] = None,
                    maintenance_configuration_name: Optional[str] = None,
                    minimum_tls_version: Optional[str] = None,
                    administrator_login: Optional[str] = None,
                    proxy_override: Optional[str] = None,
                    public_data_endpoint_enabled: Optional[bool] = None,
                    identity: Optional[ManagedInstanceIdentityArgs] = None,
                    service_principal_type: Optional[str] = None,
                    database_format: Optional[str] = None,
                    storage_account_type: Optional[str] = None,
                    collation: Optional[str] = None,
                    azure_active_directory_administrator: Optional[ManagedInstanceAzureActiveDirectoryAdministratorArgs] = None,
                    tags: Optional[Mapping[str, str]] = None,
                    timezone_id: Optional[str] = None,
                    administrator_login_password: Optional[str] = None,
                    zone_redundant_enabled: Optional[bool] = None)func NewManagedInstance(ctx *Context, name string, args ManagedInstanceArgs, opts ...ResourceOption) (*ManagedInstance, error)public ManagedInstance(string name, ManagedInstanceArgs args, CustomResourceOptions? opts = null)
public ManagedInstance(String name, ManagedInstanceArgs args)
public ManagedInstance(String name, ManagedInstanceArgs args, CustomResourceOptions options)
type: azure:mssql:ManagedInstance
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ManagedInstanceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ManagedInstanceArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ManagedInstanceArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ManagedInstanceArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ManagedInstanceArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var managedInstanceResource = new Azure.MSSql.ManagedInstance("managedInstanceResource", new()
{
    LicenseType = "string",
    Vcores = 0,
    SubnetId = "string",
    StorageSizeInGb = 0,
    SkuName = "string",
    ResourceGroupName = "string",
    Name = "string",
    DnsZonePartnerId = "string",
    HybridSecondaryUsage = "string",
    Location = "string",
    MaintenanceConfigurationName = "string",
    MinimumTlsVersion = "string",
    AdministratorLogin = "string",
    ProxyOverride = "string",
    PublicDataEndpointEnabled = false,
    Identity = new Azure.MSSql.Inputs.ManagedInstanceIdentityArgs
    {
        Type = "string",
        IdentityIds = new[]
        {
            "string",
        },
        PrincipalId = "string",
        TenantId = "string",
    },
    ServicePrincipalType = "string",
    DatabaseFormat = "string",
    StorageAccountType = "string",
    Collation = "string",
    AzureActiveDirectoryAdministrator = new Azure.MSSql.Inputs.ManagedInstanceAzureActiveDirectoryAdministratorArgs
    {
        LoginUsername = "string",
        ObjectId = "string",
        PrincipalType = "string",
        AzureadAuthenticationOnlyEnabled = false,
        TenantId = "string",
    },
    Tags = 
    {
        { "string", "string" },
    },
    TimezoneId = "string",
    AdministratorLoginPassword = "string",
    ZoneRedundantEnabled = false,
});
example, err := mssql.NewManagedInstance(ctx, "managedInstanceResource", &mssql.ManagedInstanceArgs{
	LicenseType:                  pulumi.String("string"),
	Vcores:                       pulumi.Int(0),
	SubnetId:                     pulumi.String("string"),
	StorageSizeInGb:              pulumi.Int(0),
	SkuName:                      pulumi.String("string"),
	ResourceGroupName:            pulumi.String("string"),
	Name:                         pulumi.String("string"),
	DnsZonePartnerId:             pulumi.String("string"),
	HybridSecondaryUsage:         pulumi.String("string"),
	Location:                     pulumi.String("string"),
	MaintenanceConfigurationName: pulumi.String("string"),
	MinimumTlsVersion:            pulumi.String("string"),
	AdministratorLogin:           pulumi.String("string"),
	ProxyOverride:                pulumi.String("string"),
	PublicDataEndpointEnabled:    pulumi.Bool(false),
	Identity: &mssql.ManagedInstanceIdentityArgs{
		Type: pulumi.String("string"),
		IdentityIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		PrincipalId: pulumi.String("string"),
		TenantId:    pulumi.String("string"),
	},
	ServicePrincipalType: pulumi.String("string"),
	DatabaseFormat:       pulumi.String("string"),
	StorageAccountType:   pulumi.String("string"),
	Collation:            pulumi.String("string"),
	AzureActiveDirectoryAdministrator: &mssql.ManagedInstanceAzureActiveDirectoryAdministratorArgs{
		LoginUsername:                    pulumi.String("string"),
		ObjectId:                         pulumi.String("string"),
		PrincipalType:                    pulumi.String("string"),
		AzureadAuthenticationOnlyEnabled: pulumi.Bool(false),
		TenantId:                         pulumi.String("string"),
	},
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	TimezoneId:                 pulumi.String("string"),
	AdministratorLoginPassword: pulumi.String("string"),
	ZoneRedundantEnabled:       pulumi.Bool(false),
})
var managedInstanceResource = new ManagedInstance("managedInstanceResource", ManagedInstanceArgs.builder()
    .licenseType("string")
    .vcores(0)
    .subnetId("string")
    .storageSizeInGb(0)
    .skuName("string")
    .resourceGroupName("string")
    .name("string")
    .dnsZonePartnerId("string")
    .hybridSecondaryUsage("string")
    .location("string")
    .maintenanceConfigurationName("string")
    .minimumTlsVersion("string")
    .administratorLogin("string")
    .proxyOverride("string")
    .publicDataEndpointEnabled(false)
    .identity(ManagedInstanceIdentityArgs.builder()
        .type("string")
        .identityIds("string")
        .principalId("string")
        .tenantId("string")
        .build())
    .servicePrincipalType("string")
    .databaseFormat("string")
    .storageAccountType("string")
    .collation("string")
    .azureActiveDirectoryAdministrator(ManagedInstanceAzureActiveDirectoryAdministratorArgs.builder()
        .loginUsername("string")
        .objectId("string")
        .principalType("string")
        .azureadAuthenticationOnlyEnabled(false)
        .tenantId("string")
        .build())
    .tags(Map.of("string", "string"))
    .timezoneId("string")
    .administratorLoginPassword("string")
    .zoneRedundantEnabled(false)
    .build());
managed_instance_resource = azure.mssql.ManagedInstance("managedInstanceResource",
    license_type="string",
    vcores=0,
    subnet_id="string",
    storage_size_in_gb=0,
    sku_name="string",
    resource_group_name="string",
    name="string",
    dns_zone_partner_id="string",
    hybrid_secondary_usage="string",
    location="string",
    maintenance_configuration_name="string",
    minimum_tls_version="string",
    administrator_login="string",
    proxy_override="string",
    public_data_endpoint_enabled=False,
    identity={
        "type": "string",
        "identity_ids": ["string"],
        "principal_id": "string",
        "tenant_id": "string",
    },
    service_principal_type="string",
    database_format="string",
    storage_account_type="string",
    collation="string",
    azure_active_directory_administrator={
        "login_username": "string",
        "object_id": "string",
        "principal_type": "string",
        "azuread_authentication_only_enabled": False,
        "tenant_id": "string",
    },
    tags={
        "string": "string",
    },
    timezone_id="string",
    administrator_login_password="string",
    zone_redundant_enabled=False)
const managedInstanceResource = new azure.mssql.ManagedInstance("managedInstanceResource", {
    licenseType: "string",
    vcores: 0,
    subnetId: "string",
    storageSizeInGb: 0,
    skuName: "string",
    resourceGroupName: "string",
    name: "string",
    dnsZonePartnerId: "string",
    hybridSecondaryUsage: "string",
    location: "string",
    maintenanceConfigurationName: "string",
    minimumTlsVersion: "string",
    administratorLogin: "string",
    proxyOverride: "string",
    publicDataEndpointEnabled: false,
    identity: {
        type: "string",
        identityIds: ["string"],
        principalId: "string",
        tenantId: "string",
    },
    servicePrincipalType: "string",
    databaseFormat: "string",
    storageAccountType: "string",
    collation: "string",
    azureActiveDirectoryAdministrator: {
        loginUsername: "string",
        objectId: "string",
        principalType: "string",
        azureadAuthenticationOnlyEnabled: false,
        tenantId: "string",
    },
    tags: {
        string: "string",
    },
    timezoneId: "string",
    administratorLoginPassword: "string",
    zoneRedundantEnabled: false,
});
type: azure:mssql:ManagedInstance
properties:
    administratorLogin: string
    administratorLoginPassword: string
    azureActiveDirectoryAdministrator:
        azureadAuthenticationOnlyEnabled: false
        loginUsername: string
        objectId: string
        principalType: string
        tenantId: string
    collation: string
    databaseFormat: string
    dnsZonePartnerId: string
    hybridSecondaryUsage: string
    identity:
        identityIds:
            - string
        principalId: string
        tenantId: string
        type: string
    licenseType: string
    location: string
    maintenanceConfigurationName: string
    minimumTlsVersion: string
    name: string
    proxyOverride: string
    publicDataEndpointEnabled: false
    resourceGroupName: string
    servicePrincipalType: string
    skuName: string
    storageAccountType: string
    storageSizeInGb: 0
    subnetId: string
    tags:
        string: string
    timezoneId: string
    vcores: 0
    zoneRedundantEnabled: false
ManagedInstance Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ManagedInstance resource accepts the following input properties:
- LicenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- ResourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- SkuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- StorageSize intIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- SubnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- Vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- AdministratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- AdministratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- AzureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- Collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- DatabaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- DnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- HybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- Identity
ManagedInstance Identity 
- An identityblock as defined below.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MaintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- MinimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- Name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- ProxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- PublicData boolEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- ServicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- StorageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- TimezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- ZoneRedundant boolEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- LicenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- ResourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- SkuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- StorageSize intIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- SubnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- Vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- AdministratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- AdministratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- AzureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator Args 
- An azure_active_directory_administratorblock as defined below.
- Collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- DatabaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- DnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- HybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- Identity
ManagedInstance Identity Args 
- An identityblock as defined below.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MaintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- MinimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- Name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- ProxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- PublicData boolEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- ServicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- StorageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- map[string]string
- A mapping of tags to assign to the resource.
- TimezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- ZoneRedundant boolEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- licenseType String
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- resourceGroup StringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- skuName String
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageSize IntegerIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId String
- The subnet resource id that the SQL Managed Instance will be associated with.
- vcores Integer
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- administratorLogin String
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin StringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation String
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat String
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone StringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- hybridSecondary StringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity 
- An identityblock as defined below.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration StringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls StringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name String
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride String
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData BooleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- servicePrincipal StringType 
- The service principal type. The only possible value is SystemAssigned.
- storageAccount StringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- Map<String,String>
- A mapping of tags to assign to the resource.
- timezoneId String
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- zoneRedundant BooleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- licenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- resourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- skuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageSize numberIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- vcores number
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- administratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- hybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity 
- An identityblock as defined below.
- location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData booleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- servicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- storageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- timezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- zoneRedundant booleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- license_type str
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- resource_group_ strname 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- sku_name str
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storage_size_ intin_ gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnet_id str
- The subnet resource id that the SQL Managed Instance will be associated with.
- vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- administrator_login str
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administrator_login_ strpassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azure_active_ Manageddirectory_ administrator Instance Azure Active Directory Administrator Args 
- An azure_active_directory_administratorblock as defined below.
- collation str
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- database_format str
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dns_zone_ strpartner_ id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- hybrid_secondary_ strusage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity Args 
- An identityblock as defined below.
- location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenance_configuration_ strname 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimum_tls_ strversion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name str
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxy_override str
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- public_data_ boolendpoint_ enabled 
- Is the public data endpoint enabled? Default value is false.
- service_principal_ strtype 
- The service principal type. The only possible value is SystemAssigned.
- storage_account_ strtype 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- timezone_id str
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- zone_redundant_ boolenabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- licenseType String
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- resourceGroup StringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- skuName String
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageSize NumberIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId String
- The subnet resource id that the SQL Managed Instance will be associated with.
- vcores Number
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- administratorLogin String
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin StringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive Property MapDirectory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation String
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat String
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone StringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- hybridSecondary StringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity Property Map
- An identityblock as defined below.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration StringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls StringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name String
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride String
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData BooleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- servicePrincipal StringType 
- The service principal type. The only possible value is SystemAssigned.
- storageAccount StringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- Map<String>
- A mapping of tags to assign to the resource.
- timezoneId String
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- zoneRedundant BooleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
Outputs
All input properties are implicitly available as output properties. Additionally, the ManagedInstance resource produces the following output properties:
Look up Existing ManagedInstance Resource
Get an existing ManagedInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ManagedInstanceState, opts?: CustomResourceOptions): ManagedInstance@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        administrator_login: Optional[str] = None,
        administrator_login_password: Optional[str] = None,
        azure_active_directory_administrator: Optional[ManagedInstanceAzureActiveDirectoryAdministratorArgs] = None,
        collation: Optional[str] = None,
        database_format: Optional[str] = None,
        dns_zone: Optional[str] = None,
        dns_zone_partner_id: Optional[str] = None,
        fqdn: Optional[str] = None,
        hybrid_secondary_usage: Optional[str] = None,
        identity: Optional[ManagedInstanceIdentityArgs] = None,
        license_type: Optional[str] = None,
        location: Optional[str] = None,
        maintenance_configuration_name: Optional[str] = None,
        minimum_tls_version: Optional[str] = None,
        name: Optional[str] = None,
        proxy_override: Optional[str] = None,
        public_data_endpoint_enabled: Optional[bool] = None,
        resource_group_name: Optional[str] = None,
        service_principal_type: Optional[str] = None,
        sku_name: Optional[str] = None,
        storage_account_type: Optional[str] = None,
        storage_size_in_gb: Optional[int] = None,
        subnet_id: Optional[str] = None,
        tags: Optional[Mapping[str, str]] = None,
        timezone_id: Optional[str] = None,
        vcores: Optional[int] = None,
        zone_redundant_enabled: Optional[bool] = None) -> ManagedInstancefunc GetManagedInstance(ctx *Context, name string, id IDInput, state *ManagedInstanceState, opts ...ResourceOption) (*ManagedInstance, error)public static ManagedInstance Get(string name, Input<string> id, ManagedInstanceState? state, CustomResourceOptions? opts = null)public static ManagedInstance get(String name, Output<String> id, ManagedInstanceState state, CustomResourceOptions options)resources:  _:    type: azure:mssql:ManagedInstance    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AdministratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- AdministratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- AzureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- Collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- DatabaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- DnsZone string
- The Dns Zone where the SQL Managed Instance is located.
- DnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- Fqdn string
- The fully qualified domain name of the Azure Managed SQL Instance
- HybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- Identity
ManagedInstance Identity 
- An identityblock as defined below.
- LicenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MaintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- MinimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- Name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- ProxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- PublicData boolEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- ResourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- ServicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- SkuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- StorageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- StorageSize intIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- SubnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- Dictionary<string, string>
- A mapping of tags to assign to the resource.
- TimezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- Vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- ZoneRedundant boolEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- AdministratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- AdministratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- AzureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator Args 
- An azure_active_directory_administratorblock as defined below.
- Collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- DatabaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- DnsZone string
- The Dns Zone where the SQL Managed Instance is located.
- DnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- Fqdn string
- The fully qualified domain name of the Azure Managed SQL Instance
- HybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- Identity
ManagedInstance Identity Args 
- An identityblock as defined below.
- LicenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- Location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- MaintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- MinimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- Name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- ProxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- PublicData boolEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- ResourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- ServicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- SkuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- StorageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- StorageSize intIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- SubnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- map[string]string
- A mapping of tags to assign to the resource.
- TimezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- Vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- ZoneRedundant boolEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- administratorLogin String
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin StringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation String
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat String
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone String
- The Dns Zone where the SQL Managed Instance is located.
- dnsZone StringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- fqdn String
- The fully qualified domain name of the Azure Managed SQL Instance
- hybridSecondary StringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity 
- An identityblock as defined below.
- licenseType String
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration StringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls StringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name String
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride String
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData BooleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- resourceGroup StringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- servicePrincipal StringType 
- The service principal type. The only possible value is SystemAssigned.
- skuName String
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageAccount StringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- storageSize IntegerIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId String
- The subnet resource id that the SQL Managed Instance will be associated with.
- Map<String,String>
- A mapping of tags to assign to the resource.
- timezoneId String
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- vcores Integer
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- zoneRedundant BooleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- administratorLogin string
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin stringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive ManagedDirectory Administrator Instance Azure Active Directory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation string
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat string
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone string
- The Dns Zone where the SQL Managed Instance is located.
- dnsZone stringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- fqdn string
- The fully qualified domain name of the Azure Managed SQL Instance
- hybridSecondary stringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity 
- An identityblock as defined below.
- licenseType string
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- location string
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration stringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls stringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name string
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride string
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData booleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- resourceGroup stringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- servicePrincipal stringType 
- The service principal type. The only possible value is SystemAssigned.
- skuName string
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageAccount stringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- storageSize numberIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId string
- The subnet resource id that the SQL Managed Instance will be associated with.
- {[key: string]: string}
- A mapping of tags to assign to the resource.
- timezoneId string
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- vcores number
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- zoneRedundant booleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- administrator_login str
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administrator_login_ strpassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azure_active_ Manageddirectory_ administrator Instance Azure Active Directory Administrator Args 
- An azure_active_directory_administratorblock as defined below.
- collation str
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- database_format str
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dns_zone str
- The Dns Zone where the SQL Managed Instance is located.
- dns_zone_ strpartner_ id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- fqdn str
- The fully qualified domain name of the Azure Managed SQL Instance
- hybrid_secondary_ strusage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity
ManagedInstance Identity Args 
- An identityblock as defined below.
- license_type str
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- location str
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenance_configuration_ strname 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimum_tls_ strversion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name str
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxy_override str
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- public_data_ boolendpoint_ enabled 
- Is the public data endpoint enabled? Default value is false.
- resource_group_ strname 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- service_principal_ strtype 
- The service principal type. The only possible value is SystemAssigned.
- sku_name str
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storage_account_ strtype 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- storage_size_ intin_ gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnet_id str
- The subnet resource id that the SQL Managed Instance will be associated with.
- Mapping[str, str]
- A mapping of tags to assign to the resource.
- timezone_id str
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- vcores int
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- zone_redundant_ boolenabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
- administratorLogin String
- The administrator login name for the new SQL Managed Instance. Changing this forces a new resource to be created.
- administratorLogin StringPassword 
- The password associated with the administrator_loginuser. Needs to comply with Azure's Password Policy
- azureActive Property MapDirectory Administrator 
- An azure_active_directory_administratorblock as defined below.
- collation String
- Specifies how the SQL Managed Instance will be collated. Default value is SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
- databaseFormat String
- Specifies the internal format of the SQL Managed Instance databases specific to the SQL engine version. Possible values are - AlwaysUpToDateand- SQLServer2022. Defaults to- SQLServer2022.- Note: Changing - database_formatfrom- AlwaysUpToDateto- SQLServer2022forces a new SQL Managed Instance to be created.
- dnsZone String
- The Dns Zone where the SQL Managed Instance is located.
- dnsZone StringPartner Id 
- The ID of the SQL Managed Instance which will share the DNS zone. This is a prerequisite for creating an azurerm_sql_managed_instance_failover_group. Setting this after creation forces a new resource to be created.
- fqdn String
- The fully qualified domain name of the Azure Managed SQL Instance
- hybridSecondary StringUsage 
- Specifies the hybrid secondary usage for disaster recovery of the SQL Managed Instance. Possible values are ActiveandPassive. Defaults toActive.
- identity Property Map
- An identityblock as defined below.
- licenseType String
- What type of license the Managed Instance will use. Possible values are LicenseIncludedandBasePrice.
- location String
- Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.
- maintenanceConfiguration StringName 
- The name of the Public Maintenance Configuration window to apply to the SQL Managed Instance. Valid values include SQL_Defaultor an Azure Location in the formatSQL_{Location}_MI_{Size}(for exampleSQL_EastUS_MI_1). Defaults toSQL_Default.
- minimumTls StringVersion 
- The Minimum TLS Version. Default value is - 1.2Valid values include- 1.0,- 1.1,- 1.2.- NOTE: Azure Services will require TLS 1.2+ by August 2025, please see this announcement for more. 
- name String
- The name of the SQL Managed Instance. This needs to be globally unique within Azure. Changing this forces a new resource to be created.
- proxyOverride String
- Specifies how the SQL Managed Instance will be accessed. Default value is Default. Valid values includeDefault,Proxy, andRedirect.
- publicData BooleanEndpoint Enabled 
- Is the public data endpoint enabled? Default value is false.
- resourceGroup StringName 
- The name of the resource group in which to create the SQL Managed Instance. Changing this forces a new resource to be created.
- servicePrincipal StringType 
- The service principal type. The only possible value is SystemAssigned.
- skuName String
- Specifies the SKU Name for the SQL Managed Instance. Valid values include GP_Gen4,GP_Gen5,GP_Gen8IM,GP_Gen8IH,BC_Gen4,BC_Gen5,BC_Gen8IMorBC_Gen8IH.
- storageAccount StringType 
- Specifies the storage account type used to store backups for this database. Possible values are GRS,GZRS,LRS, andZRS. Defaults toGRS.
- storageSize NumberIn Gb 
- Maximum storage space for the SQL Managed instance. This should be a multiple of 32 (GB).
- subnetId String
- The subnet resource id that the SQL Managed Instance will be associated with.
- Map<String>
- A mapping of tags to assign to the resource.
- timezoneId String
- The TimeZone ID that the SQL Managed Instance will be operating in. Default value is UTC. Changing this forces a new resource to be created.
- vcores Number
- Number of cores that should be assigned to the SQL Managed Instance. Values can be 8,16, or24for Gen4 SKUs, or4,6,8,10,12,16,20,24,32,40,48,56,64,80,96or128for Gen5 SKUs.
- zoneRedundant BooleanEnabled 
- Specifies whether or not the SQL Managed Instance is zone redundant. Defaults to false.
Supporting Types
ManagedInstanceAzureActiveDirectoryAdministrator, ManagedInstanceAzureActiveDirectoryAdministratorArgs            
- LoginUsername string
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- ObjectId string
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- PrincipalType string
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- AzureadAuthentication boolOnly Enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- TenantId string
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
- LoginUsername string
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- ObjectId string
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- PrincipalType string
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- AzureadAuthentication boolOnly Enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- TenantId string
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
- loginUsername String
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- objectId String
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- principalType String
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- azureadAuthentication BooleanOnly Enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- tenantId String
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
- loginUsername string
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- objectId string
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- principalType string
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- azureadAuthentication booleanOnly Enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- tenantId string
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
- login_username str
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- object_id str
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- principal_type str
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- azuread_authentication_ boolonly_ enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- tenant_id str
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
- loginUsername String
- The login username of the Azure AD Administrator of this SQL Managed Instance.
- objectId String
- The object id of the Azure AD Administrator of this SQL Managed Instance.
- principalType String
- The principal type of the Azure AD Administrator of this SQL Managed Instance. Possible values are Application,Group,User.
- azureadAuthentication BooleanOnly Enabled 
- Specifies whether only Azure AD authentication can be used to log in to this SQL Managed Instance. When true, theadministrator_loginandadministrator_login_passwordproperties can be omitted. Defaults tofalse.
- tenantId String
- The tenant id of the Azure AD Administrator of this SQL Managed Instance. Should be specified if the Azure AD Administrator is homed in a different tenant to the SQL Managed Instance.
ManagedInstanceIdentity, ManagedInstanceIdentityArgs      
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- IdentityIds List<string>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- PrincipalId string
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- TenantId string
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- IdentityIds []string
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- PrincipalId string
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- TenantId string
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- identityIds List<String>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- principalId String
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- tenantId String
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- identityIds string[]
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- principalId string
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- tenantId string
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- type str
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- identity_ids Sequence[str]
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- principal_id str
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- tenant_id str
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Managed Instance. Possible values are SystemAssigned,UserAssigned,SystemAssigned, UserAssigned.
- identityIds List<String>
- Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Managed Instance. Required when - typeincludes- UserAssigned.- The assigned - principal_idand- tenant_idcan be retrieved after the identity- typehas been set to- SystemAssignedand SQL Managed Instance has been created.
- principalId String
- The Principal ID for the Service Principal associated with the Identity of this SQL Managed Instance.
- tenantId String
- The Tenant ID for the Service Principal associated with the Identity of this SQL Managed Instance.
Import
Microsoft SQL Managed Instances can be imported using the resource id, e.g.
$ pulumi import azure:mssql/managedInstance:ManagedInstance example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/managedInstances/myserver
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the azurermTerraform Provider.