diff --git a/README.md b/README.md index c4fdd429..131f010c 100644 --- a/README.md +++ b/README.md @@ -18,17 +18,17 @@ 6. [Limitations - OS compatibility, etc.](#limitations) 7. [Development - Guide for contributing to the module](#development) -##Overview +## Overview The sqlserver module installs and manages Microsoft SQL Server 2012 and 2014 on Windows systems. -##Module Description +## Module Description Microsoft SQL Server is a database platform for Windows. The sqlserver module lets you use Puppet to install multiple instances of SQL Server, add SQL features and client tools, execute TSQL statements, and manage databases, users, roles, and server configuration options. -##Setup +## Setup -###Setup Requirements +### Setup Requirements The sqlserver module requires the following: @@ -37,23 +37,23 @@ The sqlserver module requires the following: * The contents of the SQL Server ISO file, mounted or extracted either locally or on a network share. * Windows Server 2012 or 2012R2. -###Beginning with sqlserver +### Beginning with sqlserver -To get started with the sqlserver module, include these settings in your manifest: +To get started with the sqlserver module, include in your manifest: -~~~puppet +```puppet sqlserver_instance{'MSSQLSERVER': features => ['SQL'], source => 'E:/', sql_sysadmin_accounts => ['myuser'], } -~~~ +``` This example installs MS SQL and creates an MS SQL instance named MSSQLSERVER. It also installs the base SQL feature set (Data Quality, FullText, Replication, and SQLEngine), specifies the location of the setup.exe, and creates a new SQL-only sysadmin, 'myuser'. A more advanced configuration, including installer switches: -~~~puppet +```puppet sqlserver_instance{'MSSQLSERVER': source => 'E:/', features => ['SQL'], @@ -70,41 +70,41 @@ sqlserver_instance{'MSSQLSERVER': 'INSTALLSHAREDWOWDIR' => 'C:\\Program Files (x86)\\Microsoft SQL Server', } } -~~~ +``` This example creates the same MS SQL instance as shown above with additional options: security mode (requiring password to be set) and other optional install switches. This is specified using a hash syntax. -##Usage +## Usage -Note: For clarification on Microsoft SQL Server terminology, please see [Microsoft SQL Server Terms](#microsoft-sql-server-terms) below. +**Note**: For clarification on Microsoft SQL Server terminology, please see [Microsoft SQL Server Terms](#microsoft-sql-server-terms) below. -###Install SQL Server tools and features not specific to a SQL Server instance +### Install SQL Server tools and features not specific to a SQL Server instance -~~~puppet +```puppet sqlserver_features { 'Generic Features': source => 'E:/', features => ['Tools'], } -~~~ +``` -~~~puppet +```puppet sqlserver_features { 'Generic Features': source => 'E:/', features => ['ADV_SSMS', 'BC', 'Conn', 'SDK', 'SSMS'], } -~~~ +``` -###Create a new database on an instance of SQL Server +### Create a new database on an instance of SQL Server -~~~puppet +```puppet sqlserver::database{ 'minviable': instance => 'MSSQLSERVER', } -~~~ +``` -###Set up a new login +### Set up a new login -~~~puppet +```puppet SQL Login sqlserver::login{'vagrant': instance => 'MSSQLSERVER', @@ -116,11 +116,11 @@ sqlserver::login{'WIN-D95P1A3V103\localAccount': instance => 'MSSQLSERVER', login_type => 'WINDOWS_LOGIN', } -~~~ +``` -###Create a new login and a user for a given database +### Create a new login and a user for a given database -~~~puppet +```puppet sqlserver::login{'loggingUser': password => 'Pupp3t1@', } @@ -130,11 +130,11 @@ sqlserver::user{'rp_logging-loggingUser': database => 'rp_logging', require => Sqlserver::Login['loggingUser'], } -~~~ +``` -###Manage the above user's permissions +### Manage the above user's permissions -~~~puppet +```puppet sqlserver::user::permissions{'INSERT-loggingUser-On-rp_logging': user => 'loggingUser', database => 'rp_logging', @@ -149,397 +149,831 @@ sqlserver::user::permissions{'Deny the Update as we should only insert': state => 'DENY', require => Sqlserver::User['rp_logging-loggingUser'], } -~~~ +``` -###Run custom TSQL statements +### Run custom TSQL statements -####Use `sqlserver_tsql` to trigger other classes or defines +#### Use `sqlserver_tsql` to trigger other classes or defined types -~~~puppet +```puppet sqlserver_tsql{ 'Query Logging DB Status': instance => 'MSSQLSERVER', onlyif => "IF (SELECT count(*) FROM myDb.dbo.logging_table WHERE message like 'FATAL%') > 1000 THROW 50000, 'Fatal Exceptions in Logging', 10", notify => Exec['Too Many Fatal Errors'] } -~~~ +``` -####Clean up regular logs with conditional checks +#### Clean up regular logs with conditional checks -~~~puppet +```puppet sqlserver_tsql{ 'Cleanup Old Logs': instance => 'MSSQLSERVER', command => "DELETE FROM myDb.dbo.logging_table WHERE log_date < '${log_max_date}'", onlyif => "IF exists(SELECT * FROM myDb.dbo.logging_table WHERE log_date < '${log_max_date}') THROW 50000, 'need log cleanup', 10", } -~~~ +``` -####If you want your statement to always execute, leave out the `onlyif` parameter +#### If you want your statement to always execute, leave out the `onlyif` parameter -~~~puppet +```puppet sqlserver_tsql{ 'Always running': instance => 'MSSQLSERVER', command => 'EXEC notified_executor()', } -~~~ +``` ## Reference ### Types +Parameters are optional unless otherwise noted. + #### `sqlserver_features` Installs and configures features such as SSMS and Master Data Service. -* `ensure`: Specifies whether the managed feature(s) should exist. Valid options: 'present' and 'absent'. Default: 'present'. +##### `ensure` + +Specifies whether the managed features should exist. Valid options: 'present' and 'absent'. + +Default: 'present'. + +##### `features` + +*Required.* + +Specifies one or more features to manage. Valid options: 'BC', 'Conn', 'SSMS', 'ADV_SSMS', 'SDK', 'IS', 'MDS', and 'Tools' (the Tools feature includes SSMS, ADV_SSMS, and Conn). + +##### `install_switches` + +Passes one or more installer switches to SQL Server Setup. If an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. Valid options: an array. + +> **Note**: If an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. +> +> For more information about installer switches and configuring SQL Server, see the links below: +> +> * [Installer Switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx) +> * [Configuration File](https://msdn.microsoft.com/en-us/library/dd239405.aspx) + + +Default: {}. + +##### `is_svc_account` + +Specifies a domain or system account to be used by Integration Services. Valid options: a string specifying an existing username. Default: 'NT AUTHORITY\NETWORK SERVICE'. + +##### `is_svc_password` -* `features`: *Required.* Specifies one or more features to manage. Valid options: 'BC', 'Conn', 'SSMS', 'ADV_SSMS', 'SDK', 'IS', 'MDS', and 'Tools' (the Tools feature includes SSMS, ADV_SSMS, and Conn). +*Required if `is_svc_account` points to a domain account. Invalid for system accounts.* -* `install_switches`: *Optional.* Passes one or more installer switches to SQL Server Setup. Please note that if an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. Valid options: an array. Default: {}. +Supplies the password for the Integration Services user account. Valid options: a string specifying a valid password. -* `is_svc_account`: *Optional.* Specifies a domain or system account to be used by Integration Services. Valid options: a string containing an existing username. Default: 'NT AUTHORITY\NETWORK SERVICE'. +##### `pid` -* `is_svc_password`: *Required if `is_svc_account` points to a domain account. Invalid for system accounts.* Supplies the password for the Integration Services user account. Valid options: a string containing a valid password. +Specifies a product key for SQL Server. Valid options: a string containing a valid product key. If not specified, SQL Server runs in Evaluation mode. -* `pid`: *Optional.* Supplies a product key to configure which edition of SQL Server to use. Valid options: a string containing a valid product key. Default: undef (if not specified, SQL Server runs in Evaluation mode). +Default: `undef`. -* `source`: *Required.* Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer. +##### `source` -* `windows_feature_source`: *Optional.* Specifies the location of the Windows Feature source files. This may be needed to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information. +*Required.* -Please note that if an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. +Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer. -For more information about installer switches and configuring SQL Server, see the links below: +##### `windows_feature_source` -* [Installer Switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx) -* [Configuration File](https://msdn.microsoft.com/en-us/library/dd239405.aspx) +Specifies the location of the Windows Feature source files. You might need this to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information. #### `sqlserver_instance` Installs and configures a SQL Server instance. -* `agt_svc_account`: *Optional.* Specifies a domain or system account to be used by the SQL Server Agent service. Valid options: a string containing an existing username. +##### `agt_svc_account` + +Specifies a domain or system account to be used by the SQL Server Agent service. + +Valid options: a string specifying an existing username. + +##### `agt_svc_password` + +*Required if `agt_svc_account` points to a domain account. Invalid for system accounts.* + +Supplies the password for the Agent service's user account. + +Valid options: a string specifying a valid password. + +##### `as_svc_account` + +Specifies a domain or system account to be used by Analysis Services. + +Valid options: a string specifying an existing username. + +##### `as_svc_password` + +*Required if `as_svc_account` is specified.* + +Supplies the password for the Analysis Services user account. + +Valid options: a string specifying a valid password. -* `agt_svc_password`: *Required if `agt_svc_account` points to a domain account. Invalid for system accounts.* Supplies the password for the Agent service's user account. Valid options: a string containing a valid password. +##### `as_sysadmin_accounts` -* `as_svc_account`: *Optional.* Specifies a domain or system account to be used by Analysis Services. Valid options: a string containing an existing username. +*Required if your `features` array includes the value 'AS'.* -* `as_svc_password`: *Required if `as_svc_account` is specified.* Supplies the password for the Analysis Services user account. Valid options: a string containing a valid password. +Specifies one or more SQL or domain accounts to receive sysadmin status. -* `as_sysadmin_accounts`: *Required if your `features` array includes the value 'AS'.* Specifies one or more SQL or domain accounts to receive sysadmin status. Valid options: an array containing one or more valid usernames. +Valid options: an array specifying one or more valid usernames. -* `ensure`: Specifies whether the managed instance should exist. Valid options: 'present' and 'absent'. Default: 'present'. +##### `ensure` -* `features`: *Required.* Specifies one or more features to manage. The list of top-level features includes 'SQL', 'AS', and 'RS'. The 'SQL' feature includes the Database Engine, Replication, Full-Text, and Data Quality Services (DQS) server. Valid options: an array containing one or more of the strings 'SQL', 'SQLEngine', 'Replication', 'FullText', 'DQ', 'AS', and 'RS'. +Specifies whether the managed instance should exist. Valid options: 'present' and 'absent'. -* `install_switches`: *Optional.* Passes one or more extra installer switches to SQL Server Instance Setup. Valid options: a hash of [installer switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx). +Default: 'present'. -* `name`: *Optional.* Supplies a name for the instance. Valid options: a string containing a [valid instance name](https://msdn.microsoft.com/en-us/library/ms143531.aspx). Default: the title of your declared resource. +##### `features` -* `pid`: *Optional.* Supplies a product key to configure which edition of SQL Server to use. Valid options: a string containing a valid product key. Default: undef (if not specified, SQL Server runs in Evaluation mode). +*Required.* Specifies one or more features to manage. The list of top-level features includes 'SQL', 'AS', and 'RS'. The 'SQL' feature includes the Database Engine, Replication, Full-Text, and Data Quality Services (DQS) server. Valid options: an array containing one or more of the strings 'SQL', 'SQLEngine', 'Replication', 'FullText', 'DQ', 'AS', and 'RS'. -* `rs_svc_account`: *Optional.* Specifies a domain or system account to be used by the report service. Valid options: a string; cannot include any of the following characters: +##### `install_switches` - ~~~ - '"/ \ [ ] : ; | = , + * ? < >' - ~~~ +Passes one or more extra installer switches to SQL Server Instance Setup. Valid options: a hash of [installer switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx). - Default: if not specified, Setup uses the default built-in account for the current operating system (either NetworkService or LocalSystem). If you specify a domain user account, the domain must be less than 254 characters and the username must be less than 20 characters. +> **Note**: If an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. +> +>For more information about installer switches and configuring SQL Server, see the links below: +> +> * [Installer Switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx) +> * [Configuration File](https://msdn.microsoft.com/en-us/library/dd239405.aspx) -* `rs_svc_password`: *Required if `rs_svc_account` points to a domain account. Invalid for system accounts.* Supplies the password for the report server's user account. Valid options: a string containing a strong password (at least 8 characters, including uppercase and lowercase alphanumeric characters and at least one symbol character. Avoid words or names that might be listed in a dictionary). +##### `name` -* `sa_pwd`: *Required if `security_mode` is set to 'SQL'.* Sets a password for the SQL Server sa account. Valid options: a string containing a valid password. +Supplies a name for the instance. Valid options: a string containing a [valid instance name](https://msdn.microsoft.com/en-us/library/ms143531.aspx). -* `security_mode`: *Optional.* Specifies a security mode for SQL Server. Valid options: 'SQL'. Default: undef (if not specified, SQL Server uses Windows authentication). +Default: the existing title of your declared resource. -* `service_ensure`: Specifies whether the SQL Server service should be running. Valid options: 'automatic' (Puppet starts the service if it's not running), 'manual' (Puppet takes no action), and 'disable' (Puppet stops the service if it's running). +##### `pid` -* `source`: *Required.* Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer. +Specifies a product key for SQL Server. Valid options: a string containing a valid product key. If not specified, SQL Server runs in Evaluation mode. -* `sql_svc_account`: *Optional.* Specifies a domain or system account to be used by the SQL Server service. Valid options: a string containing an existing username. Default: undef. +Default: `undef`. -* `sql_svc_password`: *Required if `sql_svc_account` points to a domain account. Invalid for system accounts.* Supplies the password for the SQL Server service's user account. Valid options: a string containing a valid password. +##### `rs_svc_account` -* `sql_sysadmin_accounts`: *Required.* Specifies one or more SQL or system accounts to receive sysadmin status. Valid options: an array containing one or more valid usernames. +Specifies a domain or system account to be used by the report service. Valid options: a string; cannot include any of the following characters: `'"/ \ [ ] : ; | = , + * ? < >'`. If you specify a domain user account, the domain must be less than 254 characters and the username must be less than 20 characters. -* `windows_feature_source`: *Optional.* Specifies the location of the Windows Feature source files. This may be needed to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information. +Default: Default built-in account for the current operating system (either `NetworkService` or `LocalSystem`). -Please note that if an option is set in both its own specific parameter and `install_switches`, the specifically named parameter takes precedence. For example, if you set the product key in both `pid` and in `install_switches`, SQL Server honors the `pid` parameter. +##### `rs_svc_password` -For more information about installer switches and configuring SQL Server, see the links below: +*Required if `rs_svc_account` points to a domain account. Invalid for system accounts.* -* [Installer Switches](https://msdn.microsoft.com/en-us/library/ms144259.aspx) -* [Configuration File](https://msdn.microsoft.com/en-us/library/dd239405.aspx) +Supplies the password for the report server's user account. Valid options: a string containing a strong password (at least 8 characters, including uppercase and lowercase alphanumeric characters and at least one symbol character. Avoid words or names that might be listed in a dictionary). -####`sqlserver_tsql` +##### `sa_pwd` + +*Required if `security_mode` is set to 'SQL'.* + +Sets a password for the SQL Server sa account. Valid options: a string specifying a valid password. + +##### `security_mode` + +Specifies a security mode for SQL Server. Valid options: 'SQL'. If not specified, SQL Server uses Windows authentication. + +Default: `undef`. + +##### `service_ensure` + +Specifies whether the SQL Server service should be running. Valid options: 'automatic' (Puppet starts the service if it's not running), 'manual' (Puppet takes no action), and 'disable' (Puppet stops the service if it's running). + +##### `source` + +*Required.* + +Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer. + +##### `sql_svc_account` + +Specifies a domain or system account to be used by the SQL Server service. Valid options: a string specifying an existing username. + +Default: `undef`. + +##### `sql_svc_password` + +*Required if `sql_svc_account` points to a domain account. Invalid for system accounts.* + +Supplies the password for the SQL Server service's user account. Valid options: a string specifying a valid password. + +##### `sql_sysadmin_accounts` + +*Required.* + +Specifies one or more SQL or system accounts to receive sysadmin status. Valid options: an array specifying one or more valid usernames. + +##### `windows_feature_source` + +Specifies the location of the Windows Feature source files. This may be needed to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information. + +#### `sqlserver_tsql` Executes a TSQL query against a SQL Server instance. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `command` + +Supplies a TSQL statement to execute. Valid options: a string. + +##### `instance` + +*Required.* -* `command`: *Optional.* Supplies a TSQL statement to execute. Valid options: a string. +Specifies the SQL Server instance on which to execute the statement. Valid options: a string containing the name of an existing instance. -* `instance`: *Required.* Specifies the SQL Server instance on which to execute the statement. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Default: 'MSSQLSERVER'. -* `database`: *Optional* Specifies the default database to connect to. Default: 'master' +##### `database` -* `onlyif`: *Optional.* Supplies a TSQL statement to execute before running the `command` statement, determining whether to move forward. If the `onlyif` statement ends with a THROW or any non-standard exit, Puppet executes the `command` statement. Valid options: a string. +Specifies the default database to connect to. Default: 'master' -### Defines +##### `onlyif` + +Supplies a TSQL statement to execute before running the `command` statement, determining whether to move forward. If the `onlyif` statement ends with a THROW or any non-standard exit, Puppet executes the `command` statement. Valid options: a string. + +### Defined Types + +Parameters are optional unless otherwise noted. #### `sqlserver::config` Stores credentials for Puppet to use when managing a given SQL Server instance. -* `admin_login_type`: *Optional.* Specifies the type of login used to manage to SQL Server instace. The login type affects the `admin_user` and admin_pass` parameters which are described below. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'. Default: 'SQL_LOGIN'. +##### `admin_login_type` + +Specifies the type of login used to manage to SQL Server instace. The login type affects the `admin_user` and `admin_pass` parameters which are described below. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'. + +Default: 'SQL_LOGIN'. - When using SQL Server based authentication - `SQL_LOGIN` - * `admin_pass`: *Required.* Supplies the password for the specified `admin_user` account. Valid options: a string containing a valid password. + * `admin_pass`: *Required.* Supplies the password for the specified `admin_user` account. Valid options: a string specifying a valid password. * `admin_user`: *Required.* Specifies a login account with sysadmin rights on the server, to be used for managing the instance. Valid options: a string containing a username. - When using Windows based authentication - `WINDOWS_LOGIN` - * `admin_pass`: *Optional.* Valid options: undefined or an empty string `''` + * `admin_pass`: Valid options: undefined or an empty string `''` + + * `admin_user`: Valid options: undefined or an empty string `''` + +##### `instance_name` - * `admin_user`: *Optional.* Valid options: undefined or an empty string `''` +Specifies a SQL Server instance to manage. Valid options: a string containing the name of an existing instance. -* `instance_name`: *Optional.* Specifies a SQL Server instance to manage. Valid options: a string containing the name of an existing instance. Default: the title of your declared resource. +Default: the title of your declared resource. #### `sqlserver::database` Creates and configures a database within a given SQL Server instance. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `collation_name` + +Specifies a dictionary on which to base the database's default sort order. Valid options: to find out what values your system supports, run the query `SELECT * FROM sys.fn_helpcollations() WHERE name LIKE 'SQL%'`. + +Default: `undef`. + +##### `compatibility`: + +Specifies the version(s) of SQL Server with which the database should be compatible. Valid options: a compatibility level number (for example, 100 for SQL Server 2008 through SQL Server 2014). For a complete list of values, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/bb510680.aspx). + +##### `containment` + +Sets the database's containment type. For details on containment, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ff929071.aspx). Valid options: 'NONE' and 'PARTIAL' ('PARTIAL' requires the `sqlserver::sp_configure` defined type). + +Default: 'NONE'. + +##### `db_chaining` + +Determines whether the managed database can be the source or target of a cross-database ownership chain. Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. + +Default: 'OFF'. + +##### `db_name`: *Required.* + +Specifies a database to manage. Valid options: a string containing the name of the database. + +Default: the title of your declared resource. + +##### `default_fulltext_language` + +Sets the default fulltext language. Only applicable if `containment` is set to 'PARTIAL'. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). + +Default: 'English'. + +##### `default_language` + +Sets the default language. Only applicable if `containment` is set to 'PARTIAL'. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). + +Default: 'us_english'. + +##### `ensure` + +Specifies whether the managed database should exist. Valid options: 'present' and 'absent'. + +Default: 'present'. + +##### `filespec_filegrowth` + +Specifies the automatic growth increment of the filespec file. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of `filespec_maxsize`. If you do not include a suffix, SQL Server assumes the number is in megabytes. + +Default: `undef`. + +##### `filespec_filename` + +*Required if `filespec_name` is specified.* + +Specifies the operating system (physical) name of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path. + +Default: `undef`. + +##### `filespec_maxsize` + +Specifies the maximum size to which the filespec file can grow. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. + +Default: `undef`. + +##### `filespec_name` + +*Required if `filespec_filename` is specified.* + +Specifies the logical name of the filespec object within the SQL Server instance. This parameter is set at creation only; it is not affected by updates. Valid options: a string. Must be unique to the instance. + +Default: `undef`. + +##### `filespec_size` + +Specifies the size of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. + +Default: `undef`. + +##### `filestream_directory_name` + +Specifies a directory in which to store filestream data. You must set this option before creating a FileTable in the database. This parameter is set at creation only; it is not affected by updates. Requires the `sqlserver::sp_configure` defined type. Valid options: a string containing a Windows-compatible directory name. This name must be unique among all the Database_Directory names in the SQL Server instance. Uniqueness comparison is case-insensitive, regardless of SQL Server collation settings. + +Default: `undef`. + +##### `filestream_non_transacted_access` + +Specifies the level of non-transactional FILESTREAM access to the database. This parameter is set at creation only; it is not affected by updates. Requires the `sqlserver::sp_configure` defined type. Valid options: 'OFF', 'READ_ONLY', and 'FULL'. -* `collation_name`: *Optional.* Specifies a dictionary on which to base the database's default sort order. Valid options: to find out what values your system supports, run the query `SELECT * FROM sys.fn_helpcollations() WHERE name LIKE 'SQL%'`. Default: undef. +Default: `undef`. -* `compatibility`: *Optional.* Specifies the version(s) of SQL Server with which the database should be compatible. Valid options: a compatibility level number (e.g., 100 for SQL Server 2008 through SQL Server 2014). For a complete list of values, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/bb510680.aspx). +##### `instance` -* `containment`: *Optional.* Sets the database's containment type. For details on containment, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ff929071.aspx). Valid options: 'NONE' and 'PARTIAL' ('PARTIAL' requires the `sqlserver::sp_configure` define). Default: 'NONE'. +Specifies a SQL Server instance on which to manage the database. Valid options: a string containing the name of an existing instance. -* `db_chaining`: *Optional.* Determines whether the managed database can be the source or target of a cross-database ownership chain. Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. Default: 'OFF'. +Default: 'MSSQLSERVER'. -* `db_name`: *Required.* Specifies a database to manage. Valid options: a string containing the name of the database. Default: the title of your declared resource. +##### `log_filegrowth` -* `default_fulltext_language`: *Optional.* Sets the default fulltext language. Only applicable if `containment` is set to 'PARTIAL'. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). Default: 'English'. +Specifies the automatic growth increment of the log file. Cannot be specified if `os_file_name` is set to a UNC path. Does not apply to a FILESTREAM filegroup. This parameter is set at creation only; it is not affected by updates. Valid options: a number with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of `log_maxsize`. If you do not include a suffix, SQL Server assumes the number is in megabytes. -* `default_language`: *Optional.* Sets the default language. Only applicable if `containment` is set to 'PARTIAL'. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). Default: 'us_english'. +Default: `undef`. -* `ensure`: Specifies whether the managed database should exist. Valid options: 'present' and 'absent'. Default: 'present'. +##### `log_filename` -* `filespec_filegrowth`: *Optional.* Specifies the automatic growth increment of the filespec file. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of `filespec_maxsize`. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +*Required if `log_name` is specified.* -* `filespec_filename`: *Required if `filespec_name` is specified.* Specifies the operating system (physical) name of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path. Default: undef. +Specifies the operating system (physical) name of the log file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path. -* `filespec_maxsize`: *Optional.* Specifies the maximum size to which the filespec file can grow. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +Default: `undef`. -* `filespec_name`: *Required if `filespec_filename` is specified.* Specifies the logical name of the filespec object within the SQL Server instance. This parameter is set at creation only; it is not affected by updates. Valid options: a string. Must be unique to the instance. Default: undef. +##### `log_maxsize` +Specifies the maximum size to which the log file can grow. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. -* `filespec_size`: *Optional.* Specifies the size of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +Default: `undef`. -* `filestream_directory_name`: *Optional.* Specifies a directory in which to store filestream data. You must set this option before creating a FileTable in the database. This parameter is set at creation only; it is not affected by updates. Requires the `sqlserver::sp_configure` define. Valid options: a string containing a Windows-compatible directory name. This name must be unique among all the Database_Directory names in the SQL Server instance. Uniqueness comparison is case-insensitive, regardless of SQL Server collation settings. Default: undef. +##### `log_name` -* `filestream_non_transacted_access`: *Optional.* Specifies the level of non-transactional FILESTREAM access to the database. This parameter is set at creation only; it is not affected by updates. Requires the `sqlserver::sp_configure` define. Valid options: 'OFF', 'READ_ONLY', and 'FULL'. Default: undef. +*Required if `log_filename` is specified.* -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the database. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Specifies the logical name of the log object within SQL Server. This parameter is set at creation only; it is not affected by updates. Valid options: a string. -* `log_filegrowth`: *Optional.* Specifies the automatic growth increment of the log file. Cannot be specified if `os_file_name` is set to a UNC path. Does not apply to a FILESTREAM filegroup. This parameter is set at creation only; it is not affected by updates. Valid options: a number with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of `log_maxsize`. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +Default: `undef`. -* `log_filename`: *Required if `log_name` is specified.* Specifies the operating system (physical) name of the log file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path. Default: undef. +##### `log_size` -* `log_maxsize`: *Optional.* Specifies the maximum size to which the log file can grow. Cannot be specified if `os_file_name` is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +Specifies the size of the file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. -* `log_name`: *Required if `log_filename` is specified.* Specifies the logical name of the log object within SQL Server. This parameter is set at creation only; it is not affected by updates. Valid options: a string. Default: undef. +Default: `undef`. -* `log_size`: *Optional.* Specifies the size of the file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes. Default: undef. +##### `nested_triggers` -* `nested_triggers`: *Optional.* Specifies whether to enable cascading triggers. Only applicable if `containment` is set to 'PARTIAL'. For more about nested triggers, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms178101.aspx). Valid options: 'ON' and 'OFF'. Default: undef. +Specifies whether to enable cascading triggers. Only applicable if `containment` is set to 'PARTIAL'. For more about nested triggers, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms178101.aspx). Valid options: 'ON' and 'OFF'. -* `transform_noise_words`: *Optional.* Specifies whether to remove noise or stop words, such as "is", "the", "this". Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. Default: undef. +Default: `undef`. -* `trustworthy`: *Optional.* Determines whether database modules (such as views, user-defined functions, or stored procedures) that use an impersonation context can access resources outside the database. Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. Default: 'OFF'. +##### `transform_noise_words` -* `two_digit_year_cutoff`: *Optional.* Sets the year at which the system will treat the year as four digits instead of two. For example, if set to '1999', 1998 is abbreviated to '98' and 2014 is abbreviated to '2014'. Only applicable if `containment` is set to 'PARTIAL'. Valid options: any year between 1753 and 9999. Default: 2049. +Specifies whether to remove noise or stop words, such as "is", "the", "this". Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. -**For more information about these settings in SQL Server, please see:** +Default: `undef`. -* [Contained Databases](http://msdn.microsoft.com/en-us/library/ff929071.aspx) -* [Create Database TSQL](http://msdn.microsoft.com/en-us/library/ms176061.aspx) -* [Alter Database TSQL](http://msdn.microsoft.com/en-us/library/ms174269.aspx) -* [System Languages](http://msdn.microsoft.com/en-us/library/ms190303.aspx) +##### `trustworthy` -Note that FILESTREAM usage might require some manual configuration of SQL Server. Please see [Enable and Configure FILESTREAM](http://msdn.microsoft.com/en-us/library/cc645923.aspx) for details. +Determines whether database modules (such as views, user-defined functions, or stored procedures) that use an impersonation context can access resources outside the database. Only applicable if `containment` is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'. + +Default: 'OFF'. + +##### `two_digit_year_cutoff` + +Sets the year at which the system will treat the year as four digits instead of two. For example, if set to '1999', 1998 is abbreviated to '98' and 2014 is abbreviated to '2014'. Only applicable if `containment` is set to 'PARTIAL'. Valid options: any year between 1753 and 9999. + +Default: 2049. + +>For more information about these settings in SQL Server, please see: +> +> * [Contained Databases](http://msdn.microsoft.com/en-us/library/ff929071.aspx) +> * [Create Database TSQL](http://msdn.microsoft.com/en-us/library/ms176061.aspx) +> * [Alter Database TSQL](http://msdn.microsoft.com/en-us/library/ms174269.aspx) +> * [System Languages](http://msdn.microsoft.com/en-us/library/ms190303.aspx) +> +> FILESTREAM usage might require some manual configuration of SQL Server. Please see [Enable and Configure FILESTREAM](http://msdn.microsoft.com/en-us/library/cc645923.aspx) for details. #### `sqlserver::login` -Requires the `sqlserver::config` define. +Requires the `sqlserver::config` defined type. + +##### `check_expiration`: + +Specifies whether SQL Server should prompt the user to change their password if it has expired. Only applicable if `login_type` is set to 'SQL_LOGIN'. Valid options: `true` and `false`. + +Default: `false`. + +##### `check_policy` + +Specifies whether to enforce the password policy. Only applicable if `login_type` is set to 'SQL_LOGIN'. Valid options: `true` and `false`. + +Default: `true`. + +##### `default_database` + +Specifies a database for the login to connect to by default. Valid options: a string containing the name of an existing database. -* `check_expiration`: *Optional.* Specifies whether SQL Server should prompt the user to change their password if it has expired. Only applicable if `login_type` is set to 'SQL_LOGIN'. Valid options: 'true' and 'false'. Default: 'false'. +Default: 'master'. -* `check_policy`: *Optional.* Specifies whether to enforce the password policy. Only applicable if `login_type` is set to 'SQL_LOGIN'. Valid options: 'true' and 'false'. Default: 'true'. +##### `default_language` -* `default_database`: *Optional.* Specifies a database for the login to connect to by default. Valid options: a string containing the name of an existing database. Default: 'master'. +Specifies a default language. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). -* `default_language`: *Optional.* Specifies a default language. Valid options: see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms190303.aspx). Default: 'us_english'. +Default: 'us_english'. -* `disabled`: *Optional.* Specifies whether the managed login should be disabled. Valid options: 'true' and 'false'. Default: 'false'. +##### `disabled` -* `ensure`: Specifies whether the managed login should exist. Valid options: 'present' and 'absent'. Default: 'present'. +Specifies whether the managed login should be disabled. Valid options: `true` and `false`. -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the login. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Default: `false`. -* `login`: *Required.* Specifies a Windows or SQL login to manage. Valid options: a string containing an existing login. +##### `ensure` -* `login_type`: *Optional.* Specifies the type of login to use. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'. Default: 'SQL_LOGIN'. +Specifies whether the managed login should exist. Valid options: 'present' and 'absent'. -* `password`: *Required if `login_type` is set to 'SQL_LOGIN'.* Sets a password for the managed login. Valid options: a string. +Default: 'present'. -* `svrroles`: *Optional.* Assigns one or more pre-installed server roles to the login. Valid options: a hash of `permission => value` pairs, where a value of 0 means disabled and a value of 1 means enabled. For example, `{'diskadmin' => 1, 'dbcreator' => 1, 'sysadmin' => 0}`. For a complete list of valid permissions, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms188659.aspx). +##### `instance` -**For more information about these settings in SQL Server, please see:** +Specifies a SQL Server instance on which to manage the login. Valid options: a string containing the name of an existing instance. -* [Server Role Members](http://msdn.microsoft.com/en-us/library/ms186320.aspx) -* [Create Login](http://technet.microsoft.com/en-us/library/ms189751.aspx) -* [Alter Login](http://technet.microsoft.com/en-us/library/ms189828.aspx) +Default: 'MSSQLSERVER'. + +##### `login` + +*Required.* + +Specifies a Windows or SQL login to manage. Valid options: a string containing an existing login. + +##### `login_type` + +Specifies the type of login to use. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'. + +Default: 'SQL_LOGIN'. + +##### `password` + +*Required if `login_type` is set to 'SQL_LOGIN'.* + +Sets a password for the managed login. Valid options: a string. + +##### `svrroles` + +Assigns one or more pre-installed server roles to the login. Valid options: a hash of `permission => value` pairs, where a value of 0 means disabled and a value of 1 means enabled. For example, `{'diskadmin' => 1, 'dbcreator' => 1, 'sysadmin' => 0}`. For a complete list of valid permissions, see the [SQL Server documentation](http://msdn.microsoft.com/en-us/library/ms188659.aspx). + +> **For more information about these settings in SQL Server, please see:** +> +> * [Server Role Members](http://msdn.microsoft.com/en-us/library/ms186320.aspx) +> * [Create Login](http://technet.microsoft.com/en-us/library/ms189751.aspx) +> * [Alter Login](http://technet.microsoft.com/en-us/library/ms189828.aspx) #### `sqlserver::login::permissions` Configures the permissions associated with a given login account. -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the permissions. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +##### `instance` +a string specifying an existing username +Specifies a SQL Server instance on which to manage the permissions. Valid options: a string containing the name of an existing instance. + +Default: 'MSSQLSERVER'. -* `login`: *Required.* Specifies a SQL or Windows login to manage. Valid options: a string containing an existing login. +##### `login` -* `permissions`: *Required.* Specifies one or more permissions to manage. Valid options: a string or an array of strings, where each string contains a [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) (e.g., 'SELECT', 'INSERT', 'UPDATE', or 'DELETE'). +*Required.* -* `state`: *Optional.* Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. Default: 'GRANT'. +Specifies a SQL or Windows login to manage. Valid options: a string containing an existing login. -* `with_grant_option`: *Optional.* Determines whether the account can grant these permissions to others. Valid options: 'true' and 'false'. Default: 'false'. +##### `permissions` + +*Required.* + +Specifies one or more permissions to manage. Valid options: a string or an array of strings, where each string contains a [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) (for example, 'SELECT', 'INSERT', 'UPDATE', or 'DELETE'). + +##### `state` + +Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. + +Default: 'GRANT'. + +##### `with_grant_option` + +Determines whether the account can grant these permissions to others. Valid options: `true` and `false`. + +Default: `false`. #### `sqlserver::user` Creates and configures a user account within a given database. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `database` + +*Required.* + +Specifies the database in which to manage the user. Valid options: a string containing the name of an existing database. + +##### `default_schema` + +Specifies a SQL schema or namespace for the user to connect to by default. Valid options: a string. -* `database`: *Required.* Specifies the database in which to manage the user. Valid options: a string containing the name of an existing database. +Default: 'dbo' unless changed at the server level. -* `default_schema`: *Optional.* Specifies a SQL schema or namespace for the user to connect to by default. Valid options: a string. Default: 'dbo' unless changed at the server level. +##### `ensure` -* `ensure`: Specifies whether the managed user should exist. Valid options: 'present' and 'absent'. Default: 'present'. +Specifies whether the managed user should exist. Valid options: 'present' and 'absent'. -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the user. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Default: 'present'. -* `login`: *Optional.* Associates the user with a login. Valid options: a string containing an existing login. Default: undef (if not specified, SQL Server assumes the username and login are the same). +##### `instance` -* `password`: *Optional.* Assigns a password to the user. Only valid if the database's `containment` parameter is set to 'PARTIAL'. Valid options: a string containing a valid password. +Specifies a SQL Server instance on which to manage the user. Valid options: a string containing the name of an existing instance. -* `user`: *Required.* Specifies a user to manage. Valid options: a string containing a username. Default: the title of your declared resource. +Default: 'MSSQLSERVER'. + +##### `login` + +Associates the user with a login. Valid options: a string containing an existing login. If not specified, SQL Server assumes the username and login are the same. + +Default: `undef`. + +##### `password` + +Assigns a password to the user. Only valid if the database's `containment` parameter is set to 'PARTIAL'. Valid options: a string specifying a valid password. + +##### `user` + +*Required.* + +Specifies a user to manage. Valid options: a string containing a username. + +Default: the title of your declared resource. #### `sqlserver::user::permissions` Configures the permissions associated with a user account within a given database. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `database` + +*Required.* + +Specifies the database in which to manage the user's permissions. Valid options: a string containing the name of an existing database. + +##### `instance` -* `database`: *Required.* Specifies the database in which to manage the user's permissions. Valid options: a string containing the name of an existing database. +Specifies the SQL Server instance on which the user and database exist. Valid options: a string containing the name of an existing instance. -* `instance`: *Optional.* Specifies the SQL Server instance on which the user and database exist. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Default: 'MSSQLSERVER'. -* `permissions`: *Required.* Specifies one or more permissions to manage. Valid options: an array containing one or more [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) formatted as strings (e.g., `['SELECT', 'INSERT', 'UPDATE', 'DELETE']`). +##### `permissions` -* `state`: *Optional.* Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. Default: 'GRANT'. +*Required.* -* `user`: *Required.* Specifies which user's permissions to manage. Valid options: a string containing a username. Default: the title of your declared resource. +Specifies one or more permissions to manage. Valid options: an array containing one or more [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) formatted as strings (for example, `['SELECT', 'INSERT', 'UPDATE', 'DELETE']`). -* `with_grant_option`: *Optional.* Determines whether the affected user can grant these permissions to others. Valid options: 'true' and 'false'. Default: 'false'. +##### `state` -**For more information about these settings and permissions in SQL Server, please see:** +Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. -* [Permissions (Database Engine)](https://msdn.microsoft.com/en-us/library/ms191291.aspx) -* [Grant Database Permissions](https://msdn.microsoft.com/en-us/library/ms178569.aspx) +Default: 'GRANT'. + +##### `user` + +*Required.* + +Specifies which user's permissions to manage. Valid options: a string containing a username. + +Default: the title of your declared resource. + +##### `with_grant_option` + +Determines whether the affected user can grant these permissions to others. Valid options: `true` and `false`. + +Default: `false`. + +> **For more information about these settings and permissions in SQL Server, please see:** +> +> * [Permissions (Database Engine)](https://msdn.microsoft.com/en-us/library/ms191291.aspx) +> * [Grant Database Permissions](https://msdn.microsoft.com/en-us/library/ms178569.aspx) #### `sqlserver::role` Creates and configures a server-wide or database-specific role. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `authorization` + +Sets the role's owner. Valid options: a string containing an existing login or username. + +Default: the value of `user` in the corresponding `sqlserver::config` resource. + +##### `database` + +Specifies the database on which to create the role. Only valid if `type` is set to 'DATABASE'. Valid options: a string specifying the name of an existing database. + +Default: 'master'. + +##### `ensure` + +Specifies whether the managed role should exist. Valid options: 'absent' and 'present'. + +Default: 'present'. + +##### `instance` + +Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance. + +Default: 'MSSQLSERVER'. + +##### `members` + +Assigns one or more members to the role. Valid options: an array of one or more logins and/or usernames. + +Default: {}. + +##### `members_purge` + +Specifies whether to drop any existing members of the role that are not explicitly included in the `members` parameter. **Use with caution.** If set to `true` and `members` is an empty array, Puppet drops all members from the role. Valid options: `true` and `false`. + +Default: `false`. -* `authorization`: *Optional.* Sets the role's owner. Valid options: a string containing an existing login or username. Default: the value of `user` in the corresponding `sqlserver::config` resource. +##### `permissions` -* `database`: *Optional.* Specifies the database on which to create the role. Only valid if `type` is set to 'DATABASE'. Valid options: a string containing the name of an existing database. Default: 'master'. +*Required.* -* `ensure`: Specifies whether the managed role should exist. Valid options: 'absent' and 'present'. Default: 'present'. +Associates one or more permissions with the role. Valid options: a hash of one or more key => value pairs, where each key is the desired permission state and each value is an array of strings specifying the permissions to be managed. -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +**Valid hash keys:** +* 'GRANT' +* 'GRANT_WITH_OPTION' (lets the user grant this permission to others) +* 'DENY' +* 'REVOKE' (removes any explicit statements of this permission and falls back on inherited levels) -* `members`: *Optional.* Assigns one or more members to the role. Valid options: an array of one or more logins and/or usernames. Default: {}. +**Valid hash values:** An array of one or more strings containing [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx). -* `members_purge`: *Optional.* Specifies whether to drop any existing members of the role that are not explicitly included in the `members` parameter. **Use with caution.** If set to 'true' and `members` is an empty array, Puppet drops all members from the role. Valid options: 'true' and 'false'. Default: 'false'. +**Example:** `{'GRANT' => ['CONNECT', 'CREATE ANY DATABASE'] }` -* `permissions`: *Required.* Associates one or more permissions with the role. Valid options: a hash of one or more key => value pairs, where each key is the desired permission state and each value is an array of strings specifying the permissions to be managed. +##### `role` - **Valid hash keys:** - * 'GRANT' - * 'GRANT_WITH_OPTION' (lets the user grant this permission to others) - * 'DENY' - * 'REVOKE' (removes any explicit statements of this permission and falls back on inherited levels) +Sets the role's name. Valid options: a string. Must be unique to the instance. - **Valid hash values:** An array of one or more strings containing [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx). +Default: the title of your declared resource. - **Example:** `{'GRANT' => ['CONNECT', 'CREATE ANY DATABASE'] }` +##### `type` -* `role`: *Optional.* Sets the role's name. Valid options: a string. Must be unique to the instance. Default: the title of your declared resource. +Specifies the context in which to create the role. Valid options: 'SERVER' and 'DATABASE'. -* `type`: *Optional.* Specifies the context in which to create the role. Valid options: 'SERVER' and 'DATABASE'. Default: 'SERVER'. +Default: 'SERVER'. #### `sqlserver::role::permissions` Configures the permissions associated with a given role. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. -* `database`: *Optional.* Specifies the database in which the role exists. Only valid if `type` is set to 'DATABASE'. Valid options: a string containing the name of an existing database. Default: 'master'. +##### `database` -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +Specifies the database in which the role exists. Only valid if `type` is set to 'DATABASE'. Valid options: a string containing the name of an existing database. -* `permissions`: *Required.* Specifies one or more permissions to manage. Valid options: an array containing one or more [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) (e.g., 'SELECT', 'INSERT', 'UPDATE', and 'DELETE'). +Default: 'master'. -* `role`: *Required.* Specifies which role's permissions to manage. Valid options: a string containing the name of an existing role. +##### `instance` -* `state`: *Optional.* Determines the state of the specified permission. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. Default: 'GRANT'. +Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance. -* `type`: *Optional.* Specifies the permission context in which to create the role. Valid options: 'SERVER' and 'DATABASE'. Default: 'SERVER'. +Default: 'MSSQLSERVER'. -* `with_grant_option`: *Optional.* Determines whether role members can grant these permissions to others. Valid options: 'true' and 'false' ('true' valid only if `state` is set to 'GRANT'). Default: 'false'. +##### `permissions` + +*Required.* + +Specifies one or more permissions to manage. Valid options: an array containing one or more [SQL Server permissions](https://technet.microsoft.com/en-us/library/ms191291%28v=sql.105%29.aspx) (for example, 'SELECT', 'INSERT', 'UPDATE', and 'DELETE'). + +##### `role` + +*Required.* + +Specifies which role's permissions to manage. Valid options: a string containing the name of an existing role. + +##### `state` + +Determines the state of the specified permission. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels. + +Default: 'GRANT'. + +##### `type` + +Specifies the permission context in which to create the role. Valid options: 'SERVER' and 'DATABASE'. + +Default: 'SERVER'. + +##### `with_grant_option` + +Determines whether role members can grant these permissions to others. Valid options: `true` and `false` (`true` valid only if `state` is set to 'GRANT'). + +Default: `false`. #### `sqlserver::sp_configure` Updates and reconfigures SQL Server options using the sp_configure function. Required for partial containment or filestream functionality. -Requires the `sqlserver::config` define for access to the parent instance. +Requires the `sqlserver::config` defined type for access to the parent instance. + +##### `config_name` + +Specifies an option to manage in sys.configurations. Valid options: a string containing the config name. + +Default: the title of your declared resource. + +##### `instance` + +Specifies a SQL Server instance on which to manage the option. Valid options: a string containing the name of an existing instance. + +Default: 'MSSQLSERVER'. + +##### `reconfigure` + +Specifies whether to run RECONFIGURE after updating the option. Valid options: `true` and `false`. + +Default: `true`. + +##### `restart` + +Specifies whether to notify the SQL Server service to restart after updating the option. Valid options: `true` and `false`. -* `config_name`: *Optional.* Specifies an option to manage in sys.configurations. Valid options: a string containing the config name. Default: the title of your declared resource. +Default: `false`. -* `instance`: *Optional.* Specifies a SQL Server instance on which to manage the option. Valid options: a string containing the name of an existing instance. Default: 'MSSQLSERVER'. +##### `value` -* `reconfigure`: *Optional.* Specifies whether to run RECONFIGURE after updating the option. Valid options: 'true' and 'false'. Default: 'true'. +*Required.* -* `restart`: *Optional.* Specifies whether to notify the SQL Server service to restart after updating the option. Valid options: 'true' and 'false'. Default: 'false'. +Supplies a value for the specified option. Valid options: an integer. -* `value`: *Required.* Supplies a value for the specified option. Valid options: an integer. +##### `with_override` -* `with_override`: *Optional.* Disables configuration value checking when updating the option. Valid only if `reconfigure` is set to 'true'. Valid options: 'true' and 'false'. Default: 'false'. +Disables configuration value checking when updating the option. Valid only if `reconfigure` is set to `true`. Valid options: `true` and `false`. -**For more information about these settings in SQL Server, please see:** +Default: `false`. -* [Reconfigure](http://msdn.microsoft.com/en-us/library/ms176069.aspx) -* [Server Configuration Options](http://msdn.microsoft.com/en-us/library/ms189631.aspx) +> **For more information about these settings in SQL Server, please see:** +> +> * [Reconfigure](http://msdn.microsoft.com/en-us/library/ms176069.aspx) +> * [Server Configuration Options](http://msdn.microsoft.com/en-us/library/ms189631.aspx) -### Microsoft SQL Server Terms +### Microsoft SQL Server terms Terminology differs somewhat between various database systems; please refer to this list of terms for clarification. @@ -549,13 +983,13 @@ Terminology differs somewhat between various database systems; please refer to t * **Role:** a database-level or server-level permissions group. * **User:** a database-level account, typically mapped to a login. -##Limitations +## Limitations This module is available only for Windows Server 2012 or 2012R2, and works with Puppet Enterprise 3.7 and later. ## Development -This module was built by Puppet Inc specifically for use with Puppet Enterprise (PE). +This module was built by Puppet specifically for use with Puppet Enterprise (PE). If you run into an issue with this module, or if you would like to request a feature, please [file a ticket](https://tickets.puppet.com/browse/MODULES/).