You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
ravi.periketi a9db05f94d Merge pull request 'add condition' (#3) from hotfix/service_id into master 2 weeks ago
examples add condition 2 weeks ago
.gitignore initial commit 1 month ago
.pre-commit-config.yaml initial commit 1 month ago
Jenkinsfile modify jenkinsfile 3 weeks ago
LICENSE initial commit 1 month ago
README.md add condition 2 weeks ago
locals.tf fix review 3 weeks ago
main.tf add condition 2 weeks ago
outputs.tf add exampples 3 weeks ago
variables.tf add condition 2 weeks ago
versions.tf fix example and more config to module 3 weeks ago

README.md

terraform-module-azurerm-sql

Usage

See examples folders for usage of this module.

Limitation

  • zone_redundant option for azurerm_sql_database resource will be avaliable from when we start using the azurerm provider version 2.0.0.
  • when cretaing the SQL databases from .bacpac file and new database at same time. Create databases with import file first and then create new databases.

Providers

Name Version
azurerm >= 1.36.0, < 2.0.0

Inputs

Name Description Type Default Required
enabled Enable or disable module bool true no
identity_type Specifies the identity type of the SQL server. At this time the only allowed value is SystemAssigned. string "SystemAssigned" no
identity_type_enabled Boolean flag which describes whether or not to enabled the identity block list(bool)
[
false
]
no
import_administrator_login List of SQL administrators names. list(string)
[
““
]
no
import_administrator_login_password List of SQL administrator passwords. list(string)
[
““
]
no
import_authentication_type Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword. list(string)
[
“SQL"
]
no
import_creation_mode Specifies the type of import operation being performed. The only allowable value is Import. string "Import" no
import_storage_key Specifies the access key for the storage account. list(string)
[
““
]
no
import_storage_key_type List which specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey. list(string)
[
“SharedAccessKey"
]
no
import_storage_uri List which specifies the blob URIs of the .bacpac file. list(string)
[
““
]
no
mssql_elastic_pool_max_size_bytes The max data size of the elastic pool in bytes. Conflicts with max_size_gb. list(number)
[
10737418240
]
no
mssql_elastic_pool_max_size_bytes_enabled The boolean flag which describes whether you want to specify max data size of the elastic pool in bytes. Conflicts with max_size_gb. list(bool)
[
false
]
no
mssql_elastic_pool_max_size_gb_enabled The boolean flag which describes whether you want to specify max data size of the elastic pool in gb. Conflicts with max_size_gb. list(bool)
[
false
]
no
mssql_elastic_pool_max_size_gbs The list of max data size of the elastic pool in gigabytes. Conflicts with max_size_bytes. list(number)
[
10
]
no
mssql_elastic_pool_names Names of the elastic pool. This needs to be globally unique. Changing this forces a new resource to be created.If enabled value is REQUIRED list(string)
[
““
]
no
mssql_elastic_pool_server_names The liat of SQL server names under which the elastic pool will be created. Changing this foreces a new resource to be created.If enabled value is REQUIRED list(string) [] no
mssql_elastic_pool_sku_capacities The scale up/out capacity, representing server's compute units. For more information see the documentation for your Elasticpool configuration: vCore-based (https://docs.microsoft.com/en-us/azure/sql-database/sql-database-vcore-resource-limits-elastic-pools) or DTU-based(https://docs.microsoft.com/en-us/azure/sql-database/sql-database-dtu-resource-limits-elastic-pools). If enabled value is REQUIRED list(number)
[
2
]
no
mssql_elastic_pool_sku_families The family of hardware Gen4 or Gen5. list(string)
[
“Gen5"
]
no
mssql_elastic_pool_sku_names The names of the SKUs for the elastic pool. The name of the SKU, will be either vCore based tier + family pattern (e.g. GP_Gen4, BC_Gen5) or the DTU based BasicPool, StandardPool, or PremiumPool pattern.If enabled value is REQUIRED list(string) [] no
mssql_elastic_pool_sku_tiers The tier of the particular SKU. Possible values are GeneralPurpose, BusinessCritical, Basic, Standard, or Premium. For more information see the documentation for your Elasticpool configuration: vCore-based or DTU-based.If enabled value is REQUIRED list(string)
[
“GeneralPurpose"
]
no
mssql_elastic_pool_tags Tags which will be associated to the elastic pool. map {} no
mssql_elastic_pool_zone_redundant Whether or not this elastic pool is zone redundant. tier needs to be Premium for DTU based or BusinessCritical for vCore based sku. Defaults to false. list(bool)
[
false
]
no
mssql_elasticpool_enabled Boolean flag which describes whether or not to enable the elaticpool. bool false no
mssql_elatic_pool_families_enabled The boolean flag which describes whether to enabled the sku familiy or not. list(bool)
[
false
]
no
object_ids The IDs of the principal to set as the server administrator. If enabled value is REQUIRED list(string)
[
““
]
no
partner_servers_ids A list of secondary SQL servers IDs.If enabled value is REQUIRED list(string)
[
null
]
no
per_database_settings_max_capacities The maximum capacity any one database can consume.If enabled value is REQUIRED list(number)
[
1
]
no
per_database_settings_min_capacities The minimum capacity all databases are guaranteed.If enabled value is REQUIRED list(number)
[
0
]
no
read_write_failover_policy_grace_minutes Applies only if mode is Automatic. The list which specifies the grace period in minutes before failover with data loss is attempted.If enabled value is REQUIRED list(number)
[
30
]
no
read_write_failover_policy_modes A read/write policy failover mode. Possible values are Manual, Automatic.If enabled value is REQUIRED list(string)
[
““
]
no
readonly_failover_policy_modes A failover policy for the read-only endpoints.Possible values are Enabled, and Disabled. list(string)
[
“Disabled"
]
no
resource_group_name Name of the resource group where to create the SQL server. string "" no
sql_ad_admin_count The numebr AD admins we would like to create for the SQL server. number 1 no
sql_ad_admin_enabled Boolean flag which describes whether or not to enable the SQL active directory administrator. bool false no
sql_ad_admin_server_names the list of names of the SQL server for which AD administrator accounts will be created. Changing this will force to create new resource.If enabled value is REQUIRED list(string)
[
““
]
no
sql_ad_login_name The names of the SQL Server on which to set the administrator. Changing this forces a new resource to be created. If enabled value is REQUIRED list(string)
[
““
]
no
sql_database_collation List of names of the collation. Applies only if create_mode is Default. Azure default is SQL_LATIN1_GENERAL_CP1_CI_AS. Changing this forces a new resource to be created. list(string)
[
““
]
no
sql_database_count The number of databases this module will be creating. If enabled value is REQUIRED number 1 no
sql_database_create_modes Specifies how to create the database. Valid values are: Default, Copy, OnlineSecondary, NonReadableSecondary, PointInTimeRestore, Recovery, Restore or RestoreLongTermRetentionBackup. Must be Default to create a new database. Defaults to Default. Please see Azure SQL Database REST API. https://docs.microsoft.com/en-us/rest/api/sql/databases/createorupdate#createmode. If enabled value is REQUIRED list(string)
[
“Default"
]
no
sql_database_default_restore_point_in_time Default restore point in time for the SQL database when creation mode is not PoinInTime string "2020-01-02T15:04:05Z" no
sql_database_editions The list of edition of the database to be created. Applies only if create_mode is Default. Valid values are: Basic, Standard, Premium, DataWarehouse, Business, BusinessCritical, Free, GeneralPurpose, Hyperscale, Premium, PremiumRS, Standard, Stretch, System, System2, or Web. Please see Azure SQL Database Service Tiers. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-purchase-models list(string)
[
“GeneralPurpose"
]
no
sql_database_elastic_pool_names the list of names of the elastic database pool. list(string)
[
““
]
no
sql_database_id_end_indexes The list which corresponds to the end index (exclusive) of the database ID. This value should not be greater than the length of SQL database names variable.If enabled value is REQUIRED list(number)
[
1
]
no
sql_database_id_start_indexes The list of start indexes(inclusive) which corresponds to the database ID.If enabled value is REQUIRED list(number)
[
0
]
no
sql_database_import_enabled Boolean flag which describes whether the database is imported from .bacpc file or creating new database. list(bool)
[
false
]
no
sql_database_max_size_bytes The list of maximum size that the databases can grow to. Applies only if create_mode is Default. Please see Azure SQL Database Service Tiers. https://docs.microsoft.com/en-us/azure/sql-database/sql-database-purchase-models list(string)
[
““
]
no
sql_database_names The list of databases which will b created.If enabled value is REQUIRED list(string) [] no
sql_database_read_scale Read-only connections will be redirected to a high-available replica. Please see https://docs.microsoft.com/en-us/azure/sql-database/sql-database-read-scale-out. list(bool)
[
false
]
no
sql_database_requested_service_objective_id A list of GUID/UUID corresponding to a configured Service Level Objective for the Azure SQL database which can be used to configure a performance level.The default is for West Us location. Please check https://docs.microsoft.com/en-us/cli/azure/sql/db?view=azure-cli-latest#az-sql-db-list-editions link for the supported GUIDS in respective locations. list(string)
[
“3d6269f6-9ca1-4192-a947-5bff42c8c2aa"
]
no
sql_database_requested_service_objective_id_enabled Boolean flag which descibes whether to enable the service objective ID or not. list(bool)
[
false
]
no
sql_database_requested_service_objective_name The service objective name for the database. Valid values depend on edition and location and may include S0, S1, S2, S3, P1, P2, P4, P6, P11 and ElasticPool. You can list the available names with the cli: shell az sql db list-editions -l westus --edition Standard -o table. For further information please see Azure CLI - az sql db. https://docs.microsoft.com/en-us/cli/azure/sql/db?view=azure-cli-latest#az-sql-db-list-editions list(string)
[
“GP_S_Gen5_2"
]
no
sql_database_restore_point_in_times List which specifies point in time for the restore. Only applies if create_mode is PointInTimeRestore e.g. 2013-11-08T22:00:40Z. list(string)
[
““
]
no
sql_database_server_names The liat of SQL server names under which the database will be created. Changing this foreces a new resource to be created.If enabled value is REQUIRED list(string) [] no
sql_database_tags Tags which will be associted to the SQL database. map {} no
sql_databases_enabled Boolean flag which describes whether or not to create the SQL databases. bool false no
sql_existing_database_ids A list of existing database IDs. list(list(string))
[
null
]
no
sql_failover_group_count The number of failover group the module will create. number 1 no
sql_failover_group_databases_exist Boolean flag which describes whether the database already exist or not.If enabled value is REQUIRED bool false no
sql_failover_group_enabled Boolean flag which describes whether or not to enable the SQL failover group. bool false no
sql_failover_group_names The list of names of the failover group. Changing this forces a new resource to be created.If enabled value is REQUIRED list(string)
[
““
]
no
sql_failover_group_server_names the list of names of the SQL server under for which the failover group will be created. Changing this will force to create new resource.If enabled value is REQUIRED list(string)
[
““
]
no
sql_failover_group_tags Tags which will be associated to the SQL failover groups. map {} no
sql_firewall_rule_count The number of firewall rules we would like to create. number 1 no
sql_firewall_rule_enabled Boolean flag which describes whether or not create SQL firewall rule. bool false no
sql_firewall_rule_end_ip_address The list of ending IP address to allow through the firewall for this rule.If enabled value is REQUIRED list(string)
[
““
]
no
sql_firewall_rule_names Names of the firewall rules.If enabled value is REQUIRED list(string)
[
““
]
no
sql_firewall_rule_server_names the list of names of the SQL server under which the firewall rules will be created. Changing this will force to create new resource.If enabled value is REQUIRED list(string)
[
““
]
no
sql_firewall_rule_start_ip_address List of starting IP address to allow through the firewall for this rule.If enabled value is REQUIRED list(string)
[
““
]
no
sql_ignore_missing_vnet_service_endpoints Creates the virtual network rule before the subnet has the virtual network service endpoint enabled. The default value is false. NOTE: If ignore_missing_vnet_service_endpoint is false, and the target subnet does not contain the Microsoft.SQL endpoint in the service_endpoints array, the deployment will fail when it tries to create the SQL virtual network rule. list(bool)
[
false
]
no
sql_server_administrator_login_passwords List of password associated with the administrator_login user. Needs to comply with Azure's Password Policy https://docs.microsoft.com/en-us/sql/relational-databases/security/password-policy?redirectedfrom=MSDN&view=sql-server-ver15 REQUIRED list(string) [] no
sql_server_administrator_logins The list of administrator login name for the new server. Changing this forces a new resource to be created.REQUIRED list(string) [] no
sql_server_count The number of SQL server this module will create. REQUIRED number 1 no
sql_server_locations Location of the SQL server. REQUIRED list(string) [] no
sql_server_names The list of name of the SQL Server. This needs to be globally unique within Azure.REQUIRED list(string) [] no
sql_server_tags Tag which will be associated to the SQL server. map {} no
sql_server_versions The list of versions for the new server.Vaild vaules are 2.0(for v11 server) and 12.0(for v12 server).REQUIRED list(string) [] no
sql_source_database_default_deletion_date Default source database deletion date for the SQL database when creation mode is not PoinInTime string "2020-01-02T15:04:05Z" no
sql_source_database_deletion_dates List which specifies the deletion date time of the source database. Only applies to deleted databases where create_mode is PointInTimeRestore. list(string)
[
““
]
no
sql_source_database_ids The URIs of the source database if create_mode vaule is not Default. list(string)
[
““
]
no
sql_vnet_rule_count Number of VNET rules we would like create for the SQL server. number 1 no
sql_vnet_rule_enabled Boolean flag which describes whether or not to enable the SQL virtual network rule. bool false no
sql_vnet_rule_names The names of the SQL virtual network rule. Changing this forces a new resource to be created. Cannot be empty and must only contain alphanumeric characters and hyphens. Cannot start with a number, and cannot start or end with a hyphen.If enabled value is REQUIRED list(string)
[
““
]
no
sql_vnet_rule_server_names the list of names of the SQL server under which the VNET rules will be created. Changing this will force to create new resource.If enabled value is REQUIRED list(string)
[
““
]
no
sql_vnet_subnet_ids The IDs of the subnet that the SQL server will be connected to.If enabled value is REQUIRED list(string)
[
““
]
no
tags Tags shared by all resources of this module. Will be merged with any other specific tags by resource map {} no
tenant_ids The Azure Tenant IDs list(string)
[
““
]
no
threat_detection_policy_disabled_alerts Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability. list(list(string))
[
null
]
no
threat_detection_policy_email_account_admins List which descsibes should the account administrators be emailed when this alert is triggered?. Possible values are Enabled, Disabled list(string)
[
“Disabled"
]
no
threat_detection_policy_email_addresses A list of email addresses which alerts should be sent to. list(list(string))
[
null
]
no
threat_detection_policy_enabled List of boolean flags which describes the threat detection policy block to be enabled or not. list(bool)
[
false
]
no
threat_detection_policy_retention_days A list specifies the number of days to keep in the Threat Detection audit logs. list(number)
[
10
]
no
threat_detection_policy_state The list which describes state of the policy. Possible values are Enabled, Disabled or New list(string)
[
““
]
no
threat_detection_policy_storage_account_access_key Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled. list(string)
[
““
]
no
threat_detection_policy_storage_endpoint Specifies the blob storage endpoint (e.g. https://MyAccount.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled. list(string)
[
““
]
no
threat_detection_policy_use_server_default List which provides the information about should the default server policy be used? Defaults to Disabled. list(string)
[
“Disabled"
]
no

Outputs

Name Description
mssql_elastic_pool_ids The IDs of the MS SQL elastic pools.
sql_ad_admin_ids The IDs od the SQL AD administratot.
sql_database_creation_date The dates at which SQL database was created.
sql_database_ids The IDs of the SQL databases.
sql_database_secondary_locations The default secondary location of the SQL databases.
sql_failover_group_databases The list of databases in the failover group.
sql_failover_group_ids The IDs of the failover groups.
sql_failover_group_locations The locations of the failover group
sql_failover_group_partner_servers The list of partner server information for the failover group.
sql_failover_group_role The local replication roles of the failover group instances.
sql_failover_group_servers The names of the primary SQL database server.
sql_firewall_rule_ids The IDs of the SQL firewall rules.
sql_server_fqdns The fully qualified domain names of the SQL servers.
sql_server_ids IDs of the SQL servers.
sql_vnet_rule_ids The IDs of the SQL virtual network rules.