HomeTerraform Moduledb-sql

db-sql

claranet/db-sql/azurerm

Terraform Module HCL AZURERM

Terraform module composition (feature) for Azure SQL Database (SQLServer based)

Install
module "db-sql" {
source = "claranet/db-sql/azurerm"
version = "8.4.2"
}
plain text: /constructs/tfmod-claranet-db-sql-azurerm/install.txt
⭐ Source on GitHub 📦 Registry page
README

Azure SQL ![Changelog](CHANGELOG.md) ![Notice](NOTICE) ![Apache V2 License](LICENSE) ![OpenTofu Registry](https://search.opentofu.org/module/claranet/db-sql/azurerm/) This Terraform module creates an Azure SQL Server and associated databases in an optional SQL Elastic Pool with DTU purchasing model or vCore purchasing model only along with Firewall rules and Diagnostic settings enabled. Migration from 8.x.x to 8.3.x The variable allowed_cidr_list variable has been renamed to allowed_cidrs and the resource azurerm_mssql_firewall_rule.main is now using a for_each loop to create the firewall rules (was using a count before). In order to migrate your state without recreating the firewall rules, you can run : ``bash tofu state rm module.sql.azurerm_mssql_firewall_rule.main ` Then add to your IA

Inputs (50)
NameTypeDescriptionDefault
environmentstringProject environment. required
locationstringAzure location. required
stackstringProject stack name. required
client_namestringClient name/account used in naming. required
location_shortstringShort string for Azure location. required
resource_group_namestringResource group name. required
logs_destinations_idslist(string)List of destination resources IDs for logs diagnostic destination. Can be `Stora required
administrator_loginstringAdministrator login for SQL Server. required
administrator_passwordstringAdministrator password for SQL Server. required
create_databases_usersboolTrue to create a user named <db>_user on each database with generated password atrue
threat_detection_policy_enabledboolTrue to enable thread detection policy on the databases.false
express_vulnerability_assessment_enabledboolTrue to enable express vulnerability assessment for this SQL Server.false
databases_extended_auditing_retention_daysnumberDatabases extended auditing logs retention.30
tls_minimum_versionstringThe TLS minimum version for all SQL Database associated with the server. Valid v"1.2"
databases_extended_auditing_enabledboolTrue to enable extended auditing for SQL databases.false
sql_server_extended_auditing_enabledboolTrue to enable extended auditing for SQL Server.false
sql_server_extended_auditing_retention_daysnumberServer extended auditing logs retention.30
threat_detection_policy_retention_daysnumberSpecifies the number of days to keep in the Threat Detection audit logs.7
security_storage_account_container_namestringStorage Account container name where to store SQL Server vulnerability assessmennull
allowed_cidrsanyList/map of allowed CIDR ranges to access the SQL server. Default to all Azure s{ "azure-services": "0.0.0.0/32" }
security_storage_account_access_keystringStorage Account access key used to store security logs and reports.null
server_extra_tagsmap(string)Extra tags to add on SQL Server or ElasticPool.{}
server_versionstringVersion of the SQL Server. Valid values are: 2.0 (for v11 server) and 12.0 (for "12.0"
elastic_pool_max_sizestringMaximum size of the Elastic Pool in gigabytes.null
single_databases_sku_namestringSpecifies the name of the SKU used by the database. For example, `GP_S_Gen5_2`, "GP_Gen5_2"
databases_zone_redundantboolTrue to have databases zone redundant, which means the replicas of the databasesnull
point_in_time_backup_interval_in_hoursnumberThe hours between each differential backup. This is only applicable to live data12
threat_detection_policy_disabled_alertslist(string)Specifies a list of alerts which should be disabled. Possible values include `Ac[]
elastic_pool_license_typestringSpecifies the license type applied to this database. Possible values are `Licensnull
… and 10 more inputs
Outputs (15)
elastic_pool_resource — SQL Elastic Pool resource.
elastic_pool_id — ID of the SQL Elastic Pool.
default_databases_users — Map of the SQL Databases dedicated users
administrator_password — SQL Administrator password.
databases_id — Map of the SQL Databases names => IDs.
default_administrator_databases_connection_strings — Map of the SQL Databases with administrator credentials connection strings
vulnerability_assessment_id — ID of the MS SQL Server Vulnerability Assessment.
custom_databases_users_roles — Map of the custom SQL Databases users roles
terraform_module — Information about this Terraform module.
databases_resource — SQL Databases resource list.
custom_databases_users — Map of the custom SQL Databases users
identity_principal_id — SQL Server system identity principal ID.
security_alert_policy_id — ID of the MS SQL Server Security Alert Policy
resource — SQL Server resource object.
administrator_login — SQL Administrator login.
Resources (9)
azurerm_mssql_databaseazurerm_mssql_database_extended_auditing_policyazurerm_mssql_elasticpoolazurerm_mssql_firewall_ruleazurerm_mssql_serverazurerm_mssql_server_extended_auditing_policyazurerm_mssql_server_security_alert_policyazurerm_mssql_server_vulnerability_assessmentazurerm_mssql_virtual_network_rule
Topics & Tags
terraformmoduleclaranetazure
Details
FrameworkTerraform Module
LanguageHCL
Version8.4.2
Cloud AZURERM
★ Stars16
Forks13
Total downloads19.0k
Inputs50
Outputs15
Resources9
Examples2
Submodules1
LicenseApache-2.0
Namespaceclaranet
Updated
Similar packages
caf-enterprise-scale

Azure landing zones Terraform module

★ 952azure
caf

Terraform supermodule for the Terraform platform engineering for Azure

★ 581azure
lz-vending

Terraform module to deploy landing zone subscriptions (and much more) in Azure

★ 210azure
label

Terraform Module to define a consistent naming convention by (namespace, stage,

★ 702terraform
Tools
⚖ Compare with another construct → 📋 View data schema