update (Azure-Samples#281)

sql-database/backup-database/backup-database.sh

@@ -0,0 +1,39 @@
+#!/bin/bash
+
+$subscription = "<subscriptionId>" # add subscription here
+$location = "East US"
+
+$randomIdentifier = $(Get-Random)
+
+$resourceGroup = "resource-$randomIdentifier"
+$server = "server-$randomIdentifier"
+$database = "database-$randomIdentifier"
+$storage = "storage$randomIdentifier"
+$container = "container-$randomIdentifier"
+
+$bacpac = "backup.bacpac"
+
+$login = "sampleLogin"
+$password = "samplePassword123!"
+
+echo "Using resource group $($resourceGroup) with login: $($login), password: $($password)..."
+
+echo "Creating resource groups..."
+az group create --name $resourceGroup --location $location
+
+echo "Creating $($storage)..."
+az storage account create --name $storage --resource-group $resourceGroup --location $location --sku Standard_LRS
+
+echo "Creating $($container) on $($storage)..."
+$key = az storage account keys list --account-name $storage --resource-group $resourceGroup -o json --query [0].value
+az storage container create --name $container --account-key $key --account-name $storage
+
+echo "Creating $($server)..."
+az sql server create --name $server --resource-group $resourceGroup --location $location --admin-user $login --admin-password $password
+az sql server firewall-rule create --resource-group $resourceGroup --server $server --name AllowAzureServices --start-ip-address 0.0.0.0 --end-ip-address 0.0.0.0
+
+echo "Creating $($database)..."
+az sql db create --name $database --resource-group $resourceGroup --server $server --edition GeneralPurpose --sample-name AdventureWorksLT
+
+echo "Backing up $($database)..."
+az sql db export --admin-password $password --admin-user $login --storage-key $key --storage-key-type StorageAccessKey --storage-uri "https://$storage.blob.core.windows.net/$container/$bacpac" --name $database --resource-group $resourceGroup --server $server

sql-database/copy-database-to-new-server/copy-database-to-new-server.sh

@@ -1,76 +1,34 @@
 #!/bin/bash
 
-# Connect-AzAccount
+$subscription = "<subscriptionId>" # add subscription here
+$location = "East US"
 
-$subscriptionId = ''
-$sourceResourceGroupName = "mySourceResourceGroup-$(Get-Random)"
-$sourceResourceGroupLocation = "westus2"
-$targetResourceGroupname = "myTargetResourceGroup-$(Get-Random)"
-$targetResourceGroupLocation = "eastus"
-$adminSqlLogin = "SqlAdmin"
-$password = "ChangeYourAdminPassword1"
-$sourceServerName = "source-server-$(Get-Random)"
-$targetServerName = "target-server-$(Get-Random)"
-$sourceDatabaseName = "mySampleDatabase"
-$targetDatabaseName = "CopyOfMySampleDatabase"
+$randomIdentifier = $(Get-Random)
 
-# The ip address range that you want to allow to access your servers
-$sourceStartIp = "0.0.0.0"
-$sourceEndIp = "0.0.0.0"
-$targetStartIp = "0.0.0.0"
-$targetEndIp = "0.0.0.0"
+$resourceGroup = "resource-$randomIdentifier"
+$server = "server-$randomIdentifier"
+$database = "database-$randomIdentifier"
 
-# set the subscription context for the Azure account
-az account set -s $subscriptionID
+$targetResourceGroup = "targetResource-$randomIdentifier"
+$targetLocation = "West US"
+$targetServer = "targetServer-$randomIdentifier"
+$targetDatabase = "targetDatabase-$randomIdentifier"
 
-# create two new resource groups
-az group create \
-   --name $sourceResourceGroupName \
-   --location $sourceResourceGroupLocation
-az group create \
-   --name $targetResourceGroupname \
-   --location $targetResourceGroupLocation
+$login = "sampleLogin"
+$password = "samplePassword123!"
 
-# create a server with a system wide unique server name
-az sql server create \
-   --name $sourceServerName \
-   --resource-group $sourceResourceGroupName \
-   --location $sourceResourceGroupLocation  \
-   --admin-user $adminSqlLogin \
-   --admin-password $password
-az sql server create \
-   --name $targetServerName \
-   --resource-group $targetResourceGroupname \
-   --location $targetResourceGroupLocation  \
-   --admin-user $adminSqlLogin \
-   --admin-password $password
+echo "Using resource group $($resourceGroup) with login: $($login), password: $($password)..."
 
-# create a server firewall rule that allows access from the specified IP range
-az sql server firewall-rule create --end-ip-address $sourceEndIp \
-   --name "AllowedIPs" \
-   --resource-group $sourceResourceGroupName \
-   --server $sourceServerName \
-   --start-ip-address $sourcestartip 
-az sql server firewall-rule create --end-ip-address $targetEndIp \
-   --name "AllowedIPs" \
-   --resource-group $targetResourceGroupname \
-   --server $targetServerName \
-   --start-ip-address $targetStartIp
+echo "Creating $($resourceGroup) (and $($targetResourceGroup))..."
+az group create --name $resourceGroup --location $location
+az group create --name $targetResourceGroup --location $targetLocation
 
-# create a blank database in the source-server with an S0 performance level
-az sql db create --name $sourceDatabaseName \
-   --resource-group $sourceResourceGroupName \
-   --server $sourceServerName \
-   --service-objective S0
+echo "Creating $($server) in $($location) (and $($targetServer) in $($targetLocation))..."
+az sql server create --name $server --resource-group $resourceGroup --location $location --admin-user $login --admin-password $password
+az sql server create --name $targetServer --resource-group $targetResourceGroup --location $targetLocation --admin-user $login --admin-password $password
 
-# copy source database to the target server 
-az sql db copy --dest-name $targetDatabaseName \
-    --dest-resource-group $targetResourceGroupname \
-    --dest-server $targetServerName \
-    --name $sourceDatabaseName \
-    --resource-group $sourceResourceGroupName \
-    --server $sourceServerName
+echo "Creating $($database) on $($server)..."
+az sql db create --name $database --resource-group $resourceGroup --server $server --service-objective S0
 
-# clean up deployment 
-# az group delete --name $sourceResourceGroupName
-# az group delete --name $targetResourceGroupname
+echo "Copying $($database) (on $($server)) to $($targetDatabase) (on $($targetServer))..."
+az sql db copy --dest-name $targetDatabase --dest-resource-group $targetResourceGroup --dest-server $targetServer --name $database --resource-group $resourceGroup --server $server

sql-database/database-auditing-and-threat-detection/database-auditing-and-threat-detection.sh

@@ -1,71 +1,36 @@
 #!/bin/bash
 
-# Connect-AzAccount
+$subscription = "<subscriptionId>" # add subscription here
+$location = "East US"
 
-$subscriptionId = ''
-$resourceGroupName = "myResourceGroup-$(Get-Random)"
-$location = "southcentralus"
-$adminSqlLogin = "SqlAdmin"
-$password = "ChangeYourAdminPassword1"
-$serverName = "server-$(Get-Random)"
-$databaseName = "mySampleDatabase"
+$randomIdentifier = $(Get-Random)
 
-# The ip address range that you want to allow to access your server
-$startIp = "0.0.0.0"
-$endIp = "0.0.0.0"
-$storageAccountName = $("sql$(Get-Random)")
-$notificationEmailReceipient = "changeto@your.email;changeto@your.email"
+$resourceGroup = "resource-$randomIdentifier"
+$server = "server-$randomIdentifier"
+$database = "database-$randomIdentifier"
+$storage = "storage$randomIdentifier"
 
-# set the subscription context for the Azure account
-az account set -s $subscriptionID
+$notification = "changeto@your.email;changeto@your.email"
 
-# create a new resource group
-az group create \
-   --name $resourceGroupName \
-   --location $location
+$login = "sampleLogin"
+$password = "samplePassword123!"
 
-# create a new server with a system wide unique server name
-az sql server create \
-   --name $serverName \
-   --resource-group $resourceGroupName \
-   --location $location  \
-   --admin-user $adminSqlLogin \
-   --admin-password $password
+echo "Using resource group $($resourceGroup) with login: $($login), password: $($password)..."
 
-# create a server firewall rule that allows access from the specified IP range
-az sql server firewall-rule create --end-ip-address $endIp \
-   --name "AllowedIPs" \
-   --resource-group $resourceGroupName \
-   --server $serverName \
-   --start-ip-address $startIp 
+echo "Creating $($resourceGroup)..."
+az group create --name $resourceGroup --location $location
 
-# create a blank database with S0 performance level
-az sql db create --name $databaseName \
-   --resource-group $resourceGroupName \
-   --server $serverName \
-   --service-objective S0
+echo "Creating $($server) in $($location) ..."
+az sql server create --name $server --resource-group $resourceGroup --location $location --admin-user $login --admin-password $password
 
-# create a Storage Account 
-az storage account create --name $storageAccountName \
-    --resource-group $resourceGroupName \
-    --location $location \
-    --sku Standard_LRS
+echo "Creating $($database) on $($server)..."
+az sql db create --name $database --resource-group $resourceGroup --server $server --service-objective S0
 
-# set an auditing policy
-az sql db audit-policy update --name $databaseName \
-    --resource-group $resourceGroupName \
-    --server $serverName \
-    --state Enabled \
-    --storage-account $storageAccountName
+echo "Creating $($storage)..."
+az storage account create --name $storage --resource-group $resourceGroup --location $location --sku Standard_LRS
 
-# set a threat detection policy
-az sql db threat-policy update --email-account-admins Disabled \
---email-addresses $notificationEmailReceipient \
---name $databaseName \
---resource-group $resourceGroupName \
---server $serverName \
---state Enabled \
---storage-account $storageAccountName
+echo "Setting access policy on $($storage)..."
+az sql db audit-policy update --name $database --resource-group $resourceGroup --server $server --state Enabled --storage-account $storage
 
-# clean up deployment 
-# az group delete --name $resourceGroupName
+echo "Setting threat detection policy on $($storage)..."
+az sql db threat-policy update --email-account-admins Disabled --email-addresses $notification --name $database --resource-group $resourceGroup --server $server --state Enabled --storage-account $storage