TD-590 Add minimums for passwords

modules/azure/mssql/main.tf

@@ -22,6 +22,10 @@ resource "random_password" "mssql_admin_password" {
   special          = true
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_mssql_server" "mssql_server" {

modules/azure/mysql/main.tf

@@ -20,6 +20,10 @@ resource "random_password" "mysql_admin_password" {
   special          = true
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_mysql_server" "mysql_server" {

modules/azure/mysql_flexible_server/main.tf

@@ -20,6 +20,10 @@ resource "random_password" "mysql_admin_password" {
   special          = true
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_mysql_flexible_server" "mysql_flexible_server" {

modules/azure/mysql_flexible_server_public/main.tf

@@ -20,6 +20,10 @@ resource "random_password" "mysql_admin_password" {
   special          = true
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_mysql_flexible_server" "mysql_flexible_server" {

modules/azure/postgresql/main.tf

@@ -20,6 +20,10 @@ resource "random_password" "postgresql_admin" {
   special          = false
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_postgresql_flexible_server" "postgresql_server" {

modules/azure/postgresql_public/main.tf

@@ -20,6 +20,10 @@ resource "random_password" "postgresql_admin" {
   special          = false
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }
 
 resource "azurerm_postgresql_flexible_server" "postgresql_server" {

modules/azure/synapse_workspace/main.tf

@@ -37,6 +37,11 @@ resource "random_password" "sql_admin_password" {
   upper            = true
   numeric          = true
   override_special = "_%@"
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
+
   keepers = {
     keeper = var.sql_admin_password_keeper
   }

modules/other/password_generator/main.tf

@@ -9,4 +9,8 @@ resource "random_password" "password" {
   special          = true
   override_special = "_%@"
   keepers          = var.password_keeper
+  min_lower        = 1
+  min_upper        = 1
+  min_numeric      = 1
+  min_special      = 1
 }

modules/other/password_generator/variables.tf

@@ -8,3 +8,27 @@ variable "password_keeper" {
   type        = map(string)
   description = "Random map of strings, when changed the password will rotate."
 }
+
+variable "min_lower" {
+  type        = number
+  description = "Minimum number of lower case characters of the password."
+  default     = 0
+}
+
+variable "min_upper" {
+  type        = number
+  description = "Minimum number of upper case characters of the password."
+  default     = 0
+}
+
+variable "min_numeric" {
+  type        = number
+  description = "Minimum number of numeric characters of the password."
+  default     = 0
+}
+
+variable "min_special" {
+  type        = number
+  description = "Minimum number of special characters of the password."
+  default     = 0
+}