Skip to content

mattigruha/module-sql-database

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Module to create a SQL Database, SQL Server and auditing policy for the SQL Server

Requirements

Name Version
terraform >= 1.0.0
azurerm >= 3.0.0, < 4.0.0

Providers

Name Version
azurerm 3.85.0

Modules

No modules.

Resources

Name Type
azurerm_mssql_database.database resource
azurerm_mssql_server.db_server resource
azurerm_mssql_server_extended_auditing_policy.sql_srv_audit resource

Inputs

Name Description Type Default Required
ad_administrator_login_username Login username of the Azure AD administrator (optional) string null no
ad_administrator_object_id Object ID of the Azure AD administrator (optional) string null no
ad_administrator_tenant_id Tenant ID of the Azure AD administrator (optional) string null no
admin_login Administrator login for the SQL Server string n/a yes
admin_password Administrator password for the SQL Server string n/a yes
azuread_authentication_only Specifies whether or not Azure Active Directory only authentication is enabled. Defaults to true. bool true no
backup_interval_in_hours (Required) Point In Time Restore configuration. Value has to be between 1 and 240. number n/a yes
collation Collation of the database string "SQL_Latin1_General_CP1_CI_AS" no
database_name Name of the database string n/a yes
db_retention_days (Required) Point In Time Restore configuration. Value has to be between 1 and 35. number n/a yes
identity_ids List of user assigned identity ids set(string) [] no
identity_type Type of identity. Defaults to SystemAssigned. Possible values are UserAssigned. string "SystemAssigned" no
ledger_enabled Specifies whether or not the database is a ledger database. Defaults to false. bool false no
license_type License type of the database string "LicenseIncluded" no
location The location where the resource group is located string "West Europe" no
max_size_gb Maximum size of the database number n/a yes
outbound_network_restriction_enabled Allow outbound network access bool false no
public_network_access Allow public network access bool false no
resource_group_name Name of the resource group string n/a yes
sku_name Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2, HS_Gen4_1, BC_Gen5_2, ElasticPool, Basic, S0, P2 ,DW100c, DS100. Defaults to S0. string "S0" no
sql_server_name Name of the SQL Server string n/a yes
sql_server_version Version of the SQL Server string n/a yes
storage_account_type Specifies the storage account type to be used to store backups for this database. Valid values are Geo, Local, Zone and None. Defaults to Geo. string "Geo" no
tags Tags used for the resources map(string) n/a yes
user_assigned_identity_id If UserAssigned identity type is chosen, this variable needs to be provided with the ID. string null no
zone_redundant Specifies whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. Defaults to false. bool false no

Outputs

Name Description
SQL_server_id The ID of the SQL Server.
database_id The ID of the SQL Database.
principal_id The Principal ID for the Service Principal associated with the Identity of this SQL Server.
tenant_id The Tenant ID for the Service Principal associated with the Identity of this SQL Server.

Pre-existing resources you need when using this module include a resource group, (optionally) a user assigned identity and (optionally) a random password generator for the SQL Server admin user.

Create a new RG or use an existing one

resource "azurerm_resource_group" "rg" {
  name     = "test-sql-db-rg"
  location = "westeurope"

  tags = {
    Project     = ""
    Application = ""
    Environment = ""
    CreatedBy   = ""
    CreatedFor  = ""
  }
}

# Generate a random password for the SQL Server admin user (optional)
resource "random_password" "password" {
  length           = 16
  special          = true
  override_special = "!#$%&*()-_=+[]{}<>:?"
}

# Generate a user assigned identity resource (optional)
resource "azurerm_user_assigned_identity" "identity" {
  name                = "example-user-assigned-identity"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
}

# Calling the module and passing on the input variables
module "sql_database_module" {
  source = "../.." # Replace with the actual module source

  resource_group_name = azurerm_resource_group.rg.name
  sql_server_name     = ""
  location            = ""
  tags = {
    Project     = ""
    Application = ""
    Environment = ""
    CreatedBy   = ""
    CreatedFor  = ""
  }

  sql_server_version                   = "12.0"
  admin_login                          = ""
  admin_password                       = random_password.password.result
  public_network_access                = false
  outbound_network_restriction_enabled = false

  identity_type = "SystemAssigned" # "UserAssigned"
  # identity_ids              = [azurerm_user_assigned_identity.identity.id] # If you want to use user assigned identities, you need to create them first and pass them here
  # user_assigned_identity_id = azurerm_user_assigned_identity.identity.id
  ad_administrator_login_username = ""
  ad_administrator_object_id      = ""
  ad_administrator_tenant_id      = ""
  azuread_authentication_only     = true # Set to false if you want to only use the SQL Server admin user

  database_name        = ""
  collation            = "SQL_Latin1_General_CP1_CI_AS"
  license_type         = "LicenseIncluded"
  max_size_gb          =
  sku_name             = ""
  storage_account_type = ""
  ledger_enabled       = false
  zone_redundant       = false

  db_retention_days        = 7
  backup_interval_in_hours = 12
}

About

Module to create a SQL Database, SQL Server and auditing policy for the SQL Server.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages