Managed Instance Administrators - Create Or Update

  • Reference
Service:
SQL Database
API Version:
2021-11-01

Creates or updates a managed instance administrator.

PUT https://management.azure.com/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.Sql/managedInstances/{managedInstanceName}/administrators/ActiveDirectory?api-version=2021-11-01

URI Parameters

Name In Required Type Description
administratorName
 path True

AdministratorName

managedInstanceName
 path True

string

The name of the managed instance.
resourceGroupName
 path True

string

The name of the resource group that contains the resource. You can obtain this value from the Azure Resource Manager API or the portal.
subscriptionId
 path True

string

The subscription ID that identifies an Azure subscription.
api-version
 query True

string

The API version to use for the request.

Request Body

Name Required Type Description
properties.administratorType True

ManagedInstanceAdministratorType

Type of the managed instance administrator.
properties.login True

string

Login name of the managed instance administrator.
properties.sid True

string

SID (object ID) of the managed instance administrator.
properties.tenantId

string

Tenant ID of the managed instance administrator.

Responses

Name Type Description
200 OK

ManagedInstanceAdministrator

Successfully updated the managed instance administrator.
201 Created

ManagedInstanceAdministrator

Successfully created the managed instance administrator.
202 Accepted

Accepted
Other Status Codes

*** Error Responses: ***

  • 400 InvalidManagedServerAdministratorType - Invalid administrator type specified in properties.

  • 400 InvalidResourceRequestBody - The resource or resource properties in the request body is empty or invalid.

  • 400 InvalidManagedServerAzureADAdminDeleteOperation - User tried to delete managed server Azure Active Azure admin when AzureADOnlyAuthentication is set, please use azureADOnlyAuthentications API first.

  • 400 InvalidManagedServerAADOnlyAuthTypePropertyName - Managed Server Azure Active Directory only authentication type should be Default

  • 400 InvalidParameterValue - An invalid value was given to a parameter.

  • 400 InvalidLoginName - The provided login name is invalid.

  • 400 PrincipalNotFoundInTenant - AzureAD Lookup returned no results for this name.

  • 400 ServerPrincipalHasDuplicateDisplayNameInAad - AzureAD Lookup returned multiple results for this name.

  • 400 ManagedInstanceIsBusy - Managed Instance is busy with another request.

  • 400 InvalidPrincipalType - This principal type is not supported in Windows Azure SQL Database.

  • 400 ServerPrincipalCreateLoginBadSyntax - There was an Syntax Error when executing Create Login statement for Azure AD Administrator.

  • 400 ServicePrincipalLookupInAadFailed - AzureAD Lookup failed due to service infrastructure errors.

  • 400 TenantNotFoundInActiveDirectory - Tenant is not available in active directory.

  • 400 InvalidUsername - Supplied user name contains invalid characters.

  • 400 ManagedInstanceHasNoPermissionsToAccessAad - Attempt to perform operation, which involves a non-existing login or login on which executing principal has no permissions.

  • 403 ServicePrincipalLookupInAadFailedIdentityForbidden - AzureAD Lookup failed because MSI was not granted read permissions on AAD.

  • 404 ServerNotInSubscription - Specified server does not exist on the specified subscription.

  • 404 ManagedInstanceNotInSubscriptionResourceGroup - Specified managed instance does not exist in the specified resource group and subscription.

  • 404 SubscriptionNotFound - The requested subscription was not found.

  • 404 OperationIdNotFound - The operation with Id does not exist.

  • 404 ResourceNotFound - The requested resource was not found.

  • 409 OperationCancelled - The operation has been cancelled by user.

  • 409 OperationInterrupted - The operation on the resource could not be completed because it was interrupted by another operation on the same resource.

  • 409 ServerPrincipalAlreadyExists - Attempt to create server principal with non-unique name.

  • 409 ServerPrincipalCurrentlyLoggedIn - Self-explanatory.

  • 409 ServerPrincipalOwnsJobs - Attempt to remove a login when it has active jobs.

  • 409 ServerPrincipalIsGrantorOfPermissions - Attempt to drop a server principal, which is a grantor of permissions.

  • 409 ServerPrincipalOwnsDatabase - Change the owner of the database(s) before dropping the login.

  • 409 ServerPrincipalUsedInTriggerOrEventNotification - Attempt to drop login, which is used as an execution context of a trigger or event notification.

  • 409 ServerPrincipalOwnsObjects - Attempt to drop a login, which owns objects.

  • 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyCreateUpdateRequests - Requests beyond max requests that can be processed by available resources.

  • 429 SubscriptionTooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 500 OperationTimedOut - The operation timed out and automatically rolled back. Please retry the operation.

  • 500 ActiveDirectoryLookupTimedOut - The operation could not be completed at this time. Please try again later.

  • 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 503 TooManyRequests - Requests beyond max requests that can be processed by available resources.

  • 504 RequestTimeout - Service request exceeded the allowed timeout.

Examples

Create administrator of managed instance
Update administrator of managed instance

Create administrator of managed instance

Sample Request

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory?api-version=2021-11-01

{
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  }
}

Sample Response

Status code:
200 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory",
  "name": "ActiveDirectory",
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  },
  "type": "Microsoft.Sql/managedInstances/administrators"
}
Status code:
201 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory",
  "name": "ActiveDirectory",
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  },
  "type": "Microsoft.Sql/managedInstances/administrators"
}
Status code:
202

Update administrator of managed instance

Sample Request

PUT https://management.azure.com/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory?api-version=2021-11-01

{
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  }
}

Sample Response

Status code:
200 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory",
  "name": "ActiveDirectory",
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  },
  "type": "Microsoft.Sql/managedInstances/administrators"
}
Status code:
201 
{
  "id": "/subscriptions/00000000-1111-2222-3333-444444444444/resourceGroups/Default-SQL-SouthEastAsia/providers/Microsoft.Sql/managedInstances/managedInstance/administrators/ActiveDirectory",
  "name": "ActiveDirectory",
  "properties": {
    "administratorType": "ActiveDirectory",
    "login": "bob@contoso.com",
    "sid": "44444444-3333-2222-1111-000000000000",
    "tenantId": "55555555-4444-3333-2222-111111111111"
  },
  "type": "Microsoft.Sql/managedInstances/administrators"
}
Status code:
202

Definitions

Name Description
AdministratorName
ManagedInstanceAdministrator

An Azure SQL managed instance administrator.
ManagedInstanceAdministratorType

Type of the managed instance administrator.

AdministratorName

Name Type Description
ActiveDirectory

string

ManagedInstanceAdministrator

An Azure SQL managed instance administrator.

Name Type Description
id

string

Resource ID.
name

string

Resource name.
properties.administratorType

ManagedInstanceAdministratorType

Type of the managed instance administrator.
properties.login

string

Login name of the managed instance administrator.
properties.sid

string

SID (object ID) of the managed instance administrator.
properties.tenantId

string

Tenant ID of the managed instance administrator.
type

string

Resource type.

ManagedInstanceAdministratorType

Type of the managed instance administrator.

Name Type Description
ActiveDirectory

string