I am trying to create a sql.ServerVulnerabilityAssessment resource in the following way:
server_vulnerability_assessment=sql.ServerVulnerabilityAssessment('sva',
storage_container_path = container_path,
storage_account_access_key = storage_account_primary_key,
resource_group_name = resource_group.name,
server_name = sql_server.name,
recurring_scans=sql.VulnerabilityAssessmentRecurringScansPropertiesArgs(
is_enabled = True,
email_subscription_admins = False,
emails = [
"<emails>" # not showing obviously
]
)
)
where the
container_path = 'https://{}.blob.core.windows.net/{}'.format(storage_account.name,storage_container.name)
and i get the error:
azure-native:sql:ServerVulnerabilityAssessment (sva):
error: autorest/azure: Service returned an error. Status=400 Code="DataSecurityInvalidUserSuppliedParameter" Message="\"Invalid parameter 'storageContainerPath'. Value should be a valid blob storage container endpoint (e.g. https://MyAccount.blob.core.windows.net/containername).\""
If I hardcode the values storage_account.name and storage_container.name it works without any error. Why cannot retrieve the values of these two properties there?
on running pulumi up if I choose to display the details i get the following for the storageContainerPath:
https://<pulumi.output.Output object at 0x7f1b0c8e9810>.blob.core.windows.net/<pulumi.output.Output object at 0x7f1b0c9236a0>
What am I doing wrong?
Obviously I can hardcode those values but why it does not work this way when for example the sql_server.name it gets correctly?
Storage Account and Container names are Pulumi outputs, meaning they may not be known yet at the time when the program runs. You need to format the path using Output.all:
container_path = Output.all(storage_account.name, storage_container.name)
.apply(lambda l: f"https://{l[0]}.blob.core.windows.net/{l[1]}")
You can find more explanation and examples in Inputs and Outputs.