redkiteps

0.0.5729

Schemas/sql.schema.json

{
    "$id": "#/properties/permissions/items/anyOf/1",
    "type": "object",
    "title": "SQL Database Role Permission",
    "description": "Add an AAD Group, User or Application to a database role",
    "default": {},
    "examples": [
        {
            "comment": "Reader access for the Developers AD Group",
            "type": "sql",
            "scope": "/subscriptions/c56006d3-f9cd-48e8-ad27-a501d64f190c/resourceGroups/rg-nucleus-dev-euw-001/providers/Microsoft.Sql/servers/my-sql-server/databases/my-sql-db",
            "principalType": "AAD",
            "principalName": "My AAD Group Name",
            "databaseRole": "db_datareader"
        }
    ],
    "required": [
        "type",
        "scope",
        "principalType",
        "principalName",
        "databaseRole"
    ],
    "properties": {
        "comment": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/comment",
            "type": "string",
            "title": "Comment",
            "description": "Description or explanation for the permission",
            "default": "",
            "examples": [
                "Application SP needs to read data in the database"
            ]
        },
        "type": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/type",
            "type": "string",
            "title": "Type",
            "description": "Type of permission",
            "enum": ["sql"],
            "default": "sql",
            "examples": [
                "sql"
            ]
        },
        "scope": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/scope",
            "type": "string",
            "title": "The scope schema",
            "description": "Scope to the Azure Resource (See the properties Blade in the portal)",
            "default": "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}",
            "examples": [
                "/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/servers/{serverName}/databases/{dbName}"
            ]
        },
        "principalType": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/principalType",
            "type": "string",
            "title": "Pprincipal Type",
            "description": "Type of SQL Prinicpal (AAD Account/SQL Login)",
            "default": "AAD",
            "enum": ["AAD","SQL"],
            "examples": [
                "AAD", "SQL"
            ]
        },
        "principalName": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/principalName",
            "type": "string",
            "title": "Principal Name",
            "description": "Name of the database principal to be created/added to role",
            "default": "MyUserName",
            "examples": []
        },
        "databaseRole": {
            "$id": "#/properties/permissions/items/anyOf/1/properties/databaseRole",
            "type": "string",
            "title": "Database Role",
            "description": "Role to add the user to - will be created if it does not exist",
            "default": "",
            "examples": [
                "db_owner",
                "db_datareader",
                "db_datawriter"
            ]
        }
    },
    "additionalProperties": false
}