From f6178fcb9eb544618bedb1cc73b4c2f5043719c1 Mon Sep 17 00:00:00 2001
From: Alexander Guth <alexander.guth@pwc.com>
Date: Tue, 7 Jun 2022 09:04:16 +0200
Subject: [PATCH] imporve docs a bit

---
 docs/resources/user.md | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/docs/resources/user.md b/docs/resources/user.md
index 319cf2d..591a49a 100644
--- a/docs/resources/user.md
+++ b/docs/resources/user.md
@@ -4,6 +4,8 @@ The `mssql_user` resource creates and manages a user on a SQL Server database.
 
 ## Example Usage
 
+### Basic usage
+
 ```hcl
 resource "mssql_user" "example" {
   server {
@@ -19,6 +21,36 @@ resource "mssql_user" "example" {
 }
 ```
 
+### Using managed identities
+
+```hcl
+resource "azurerm_resource_group" "example" {
+  name     = "example-resources"
+  location = "West Europe"
+}
+
+resource "azurerm_user_assigned_identity" "example" {
+  resource_group_name = azurerm_resource_group.example.name
+  location            = azurerm_resource_group.example.location
+
+  name = "my-sql-identity"
+}
+
+resource "mssql_user" "example" {
+  server {
+    host = "example-sql-server.database.windows.net"
+    azure_login {
+    }
+  }
+
+  database  = "my-database"
+  username  = azurerm_user_assigned_identity.example.name
+  object_id = azurerm_user_assigned_identity.example.client_id
+
+  roles     = ["db_datareader"]
+}
+```
+
 > Note that in order to create an external user referencing an Azure AD entity (user, application), the Azure SQL Server needs to be a member of an Azure AD group assigned the Azure AD role `Directory Readers`. If it is not possible to give the Azure SQL Server this role (through the group), you can use the `object id` of the Azure AD entity instead.
 
 ## Argument Reference