azure terraform azure-stream-analytics azure-managed-identity

Use Azure Stream Analytics Managed Identity to access SQL DB using terraform

There is an option to create Managed Identity from terraform for Stream analytics job (azurerm_stream_analytics_job, using identity block).

And it is possible to use Managed Identity to connect to databases (as explained here)

But I could not find how to use managed identity to create input using azurerm_stream_analytics_reference_input_mssql

UPDATE:

To be clear, thats what I am after: And then

Solution

As Per July 2022

It does not look like terraform is supporting it (see documentation).

With this arm template, I was able to deploy ("authenticationMode": "Msi"):

{
  "$schema": "https://schema.management.azure.com/schemas/2019-04-01/deploymentTemplate.json#",
  "contentVersion": "1.0.0.0",
  "parameters": {
    "streamAnalyticsJobName": {
      "type": "string"
    },
    "streamAnalyticsJobNameInputName": {
      "type": "string"
    },
    "sqlServerName": {
      "type": "string"
    },
    "databaseName": {
      "type": "string"
    }
  },
  "resources": [
    {
      "type": "Microsoft.StreamAnalytics/streamingjobs/inputs",
      "apiVersion": "2017-04-01-preview",
      "name": "[format('{0}/{1}', parameters('streamAnalyticsJobName'), parameters('streamAnalyticsJobNameInputName'))]",
      "properties": {
        "type": "Reference",
        "datasource": {
          "type": "Microsoft.Sql/Server/Database",
          "properties": {
            "authenticationMode": "Msi",
            "server": "[parameters('sqlServerName')]",
            "database": "[parameters('databaseName')]",
            "refreshType": "Static",
            "fullSnapshotQuery": "SELECT Id, Name, FullName\nFrom dbo.Device\nFOR SYSTEM_TIME AS OF @snapshotTime --Optional, available if table Device is temporal"
          }
        }
      }
    }
  ]
}

So you could always use azurerm_template_deployment resource to deploy using terraform.