Name	Name	Last commit message	Last commit date
parent directory ..
Pulumi.dev.yaml	Pulumi.dev.yaml
Pulumi.yaml	Pulumi.yaml
README.md	README.md
go.mod	go.mod
go.sum	go.sum
main.go	main.go

Deploying Azure SQL Server and Database with Server Vulnerability Assessment in GO

Deploys Azure SQL Server & Database with Server Vulnerability Assessment. Azure Defender for SQL Server turned on at subscription level. The Server Vulnerability Assessment is commented out due to Azure Eventual Consistency issues.

Turning on Azure Defender for SQL Server

Via azure cli. Once Azure Defender is enabled the very 1st time, wait 5 minutes to allow it to propagates across the subscription. We did it this way.

az security pricing create -n SQLServers --tier 'standard'

Via Azure Portal

Deployment

Login to Azure CLI (you will be prompted to do this during deployment if you forget this step)
```
az login
```
Create a new stack:
```
pulumi stack init dev
```
Configure the location to deploy the resources to. The Azure region to deploy to is pre-set to WestUS - but you can modify the region you would like to deploy to.
```
pulumi config set azure-native:location eastus2
```

Create that stack via pulumi up

pulumi up -y

The Result will be

Updating (dev)

View Live: https://app.pulumi.com/shaht/azure-go-sqlserver-servervulnerabilityassessment/dev/updates/30

    Type                                     Name                                                  Status      
+   pulumi:pulumi:Stack                      azure-go-sqlserver-servervulnerabilityassessment-dev  created     
+   ├─ random:index:RandomPassword           loginpassword                                         created     
+   ├─ azure-native:resources:ResourceGroup  vulnerability-rg                                      created     
+   ├─ azure-native:sql:Server               vulnerability-sqlserver                               created     
+   ├─ azure-native:storage:StorageAccount   vulnstorageacct                                       created     
+   ├─ azure-native:storage:BlobContainer    vulnerabilityblobcontainer                            created     
+   └─ azure-native:sql:Database             vulnerability-sqldatabase                             created     

Outputs:
    blob_container_name    : "vulnerabilityblobcontainer"
    primarystoragekey      : "[secret]"
    resourcegroup_name     : "vulnerability-rg9aa03f29"
    sqladmin_password      : "[secret]"
    sqladmin_user          : "pulumiadmin"
    sqlserver_database_name: "vulnerability-sqldatabase"
    sqlserver_name         : "vulnerability-sqlserver7ad52e2b"
    storage_path_container : "https://vulnstorageacct16db2cec.blob.core.windows.net/vulnerabilityblobcontainer"
    storageaccount_name    : "vulnstorageacct16db2cec"

Resources:
    + 7 created

Duration: 2m31s

Check the Outputs

pulumi stack output

Returns:

 Current stack outputs (9):
 OUTPUT                   VALUE
 blob_container_name      vulnerabilityblobcontainer
 primarystoragekey        [secret]
 resourcegroup_name       vulnerability-rg9aa03f29
 sqladmin_password        [secret]
 sqladmin_user            pulumiadmin
 sqlserver_database_name  vulnerability-sqldatabase
 sqlserver_name           vulnerability-sqlserver7ad52e2b
 storage_path_container   https://vulnstorageacct16db2cec.blob.core.windows.net/vulnerabilityblobcontainer
 storageaccount_name      vulnstorageacct16db2cec

Wait 3-5 minutes and uncomment the following code blocks. This is an Azure issue with eventual consistency.
- Uncomment out block of code for serverVulnerabilityAssessment.
- Uncomment out the ouputs for server_vulnerability_assessment_name & server_vulnerability_assessment_type.

Run pulumi up until the server vulnerability assessment is created

pulumi up -y

Results

Updating (dev)

 View Live: https://app.pulumi.com/shaht/azure-go-sqlserver-servervulnerabilityassessment/dev/updates/35

     Type                                               Name                                                  Status      
     pulumi:pulumi:Stack                                azure-go-sqlserver-servervulnerabilityassessment-dev              
 +   └─ azure-native:sql:ServerVulnerabilityAssessment  servervulnerabilityassessment                         created     
 
 Outputs:
     blob_container_name                 : "vulnerabilityblobcontainer"
     primarystoragekey                   : "[secret]"
     resourcegroup_name                  : "vulnerability-rg9aa03f29"
 + server_vulnerability_assessment_name: "Default"
 + server_vulnerability_assessment_type: "Microsoft.Sql/servers/vulnerabilityAssessments"
     sqladmin_password                   : "[secret]"
     sqladmin_user                       : "pulumiadmin"
     sqlserver_database_name             : "vulnerability-sqldatabase"
     sqlserver_name                      : "vulnerability-sqlserver7ad52e2b"
     storage_path_container              : "https://vulnstorageacct16db2cec.blob.core.windows.net/vulnerabilityblobcontainer"
     storageaccount_name                 : "vulnstorageacct16db2cec"

 Resources:
     + 1 created
     7 unchanged

Check the Outputs again

pulumi stack output

Returns

Current stack outputs (11):
 OUTPUT                                VALUE
 blob_container_name                   vulnerabilityblobcontainer
 primarystoragekey                     [secret]
 resourcegroup_name                    vulnerability-rg9aa03f29
 server_vulnerability_assessment_name  Default
 server_vulnerability_assessment_type  Microsoft.Sql/servers/vulnerabilityAssessments
 sqladmin_password                     [secret]
 sqladmin_user                         pulumiadmin
 sqlserver_database_name               vulnerability-sqldatabase
 sqlserver_name                        vulnerability-sqlserver7ad52e2b
 storage_path_container                https://vulnstorageacct16db2cec.blob.core.windows.net/vulnerabilityblobcontainer
 storageaccount_name                   vulnstorageacct16db2cec

Destroy the Stack
```
pulumi destoy -y
```
Remove the Stack
```
pulumi stack rm dev
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

azure-go-sqlserver-servervulnerabilityassessment

azure-go-sqlserver-servervulnerabilityassessment

README.md

Deploying Azure SQL Server and Database with Server Vulnerability Assessment in GO

Turning on Azure Defender for SQL Server

Deployment

Files

azure-go-sqlserver-servervulnerabilityassessment

Directory actions

More options

Directory actions

More options

Latest commit

History

azure-go-sqlserver-servervulnerabilityassessment

Folders and files

parent directory

README.md

Deploying Azure SQL Server and Database with Server Vulnerability Assessment in GO

Turning on Azure Defender for SQL Server

Deployment