Terraform Azure RM Module for Database
MIT License
This Terraform module creates a basic Azure SQL Database.
module "sql-database" {
source = "Azure/database/azurerm"
resource_group_name = "myapp"
location = "westus"
db_name = "mydatabase"
sql_admin_username = "mradministrator"
sql_password = "P@ssw0rd12345!"
tags = {
environment = "dev"
costcenter = "it"
}
}
We assumed that you have setup service principal's credentials in your environment variables like below:
export ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
export ARM_TENANT_ID="<azure_subscription_tenant_id>"
export ARM_CLIENT_ID="<service_principal_appid>"
export ARM_CLIENT_SECRET="<service_principal_password>"
On Windows Powershell:
$env:ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
$env:ARM_TENANT_ID="<azure_subscription_tenant_id>"
$env:ARM_CLIENT_ID="<service_principal_appid>"
$env:ARM_CLIENT_SECRET="<service_principal_password>"
We provide a docker image to run the pre-commit checks and tests for you: mcr.microsoft.com/azterraform:latest
To run the pre-commit task, we can run the following command:
$ docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform:latest make pre-commit
On Windows Powershell:
$ docker run --rm -v ${pwd}:/src -w /src mcr.microsoft.com/azterraform:latest make pre-commit
In pre-commit task, we will:
terraform fmt -recursive
command for your Terraform code.terrafmt fmt -f
command for markdown files and go code files to ensure that the Terraform code embedded in these files are well formatted.go mod tidy
and go mod vendor
for test folder to ensure that all the dependencies have been synced.gofmt
for all go code files.gofumpt
for all go code files.terraform-docs
on README.md
file, then run markdown-table-formatter
to format markdown tables in README.md
.Then we can run the pr-check task to check whether our code meets our pipeline's requirement(We strongly recommend you run the following command before you commit):
$ docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform:latest make pr-check
On Windows Powershell:
$ docker run --rm -v ${pwd}:/src -w /src mcr.microsoft.com/azterraform:latest make pr-check
To run the e2e-test, we can run the following command:
docker run --rm -v $(pwd):/src -w /src -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_CLIENT_SECRET mcr.microsoft.com/azterraform:latest make e2e-test
On Windows Powershell:
docker run --rm -v ${pwd}:/src -w /src -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_CLIENT_SECRET mcr.microsoft.com/azterraform:latest make e2e-test
Originally created by James Earle
Name | Version |
---|---|
terraform | >= 1.2 |
azurerm | ~>3.0 |
Name | Version |
---|---|
azurerm | ~>3.0 |
No modules.
Name | Type |
---|---|
azurerm_resource_group.rg | resource |
azurerm_sql_active_directory_administrator.aad_admin | resource |
azurerm_sql_database.db | resource |
azurerm_sql_firewall_rule.fw | resource |
azurerm_sql_server.server | resource |
Name | Description | Type | Default | Required |
---|---|---|---|---|
collation | The collation for the database. Default is SQL_Latin1_General_CP1_CI_AS | string |
"SQL_Latin1_General_CP1_CI_AS" |
no |
create_resource_group | Create a new resource group with name var.resource_group_name , or just use it as resource group's name. Default to true . Changing this forces a new resource to be created. |
bool |
true |
no |
db_edition | The edition of the database to be created. | string |
"Basic" |
no |
db_name | The name of the database to be created. | string |
n/a | yes |
end_ip_address | Defines the end IP address used in your database firewall rule. | string |
"0.0.0.0" |
no |
location | The location/region where the database and server are created. Changing this forces a new resource to be created. | string |
n/a | yes |
resource_group_name | Default resource group name that the database will be created in. | string |
"myapp-rg" |
no |
server_version | The version for the database server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). | string |
"12.0" |
no |
service_objective_name | The performance level for the database. For the list of acceptable values, see https://docs.microsoft.com/en-gb/azure/sql-database/sql-database-service-tiers. Default is Basic. | string |
"Basic" |
no |
sql_aad_administrator | object({ login = (Required) The login name of the principal to set as the server administrator object_id = (Required) The ID of the principal to set as the server administrator tenant_id = (Required) The Azure Tenant ID azuread_authentication_only = (Optional) Specifies whether only AD Users and administrators can be used to login (true ) or also local database users (false ).}) |
object({ login = string object_id = string tenant_id = string azuread_authentication_only = optional(bool) }) | null |
no |
sql_admin_username | The administrator username of the SQL Server. | string |
n/a | yes |
sql_password | The administrator password of the SQL Server. | string |
n/a | yes |
start_ip_address | Defines the start IP address used in your database firewall rule. | string |
"0.0.0.0" |
no |
tags | The tags to associate with your network and subnets. | map(string) |
{ "tag1": "", "tag2": ""} | no |
tracing_tags_enabled | Whether enable tracing tags that generated by BridgeCrew Yor. | bool |
false |
no |
tracing_tags_prefix | Default prefix for generated tracing tags | string |
"avm_" |
no |
Name | Description |
---|---|
connection_string | Connection string for the Azure SQL Database created. |
database_name | Database name of the Azure SQL Database created. |
sql_server_fqdn | Fully Qualified Domain Name (FQDN) of the Azure SQL Database created. |
sql_server_location | Location of the Azure SQL Database created. |
sql_server_name | Server name of the Azure SQL Database created. |
sql_server_version | Version the Azure SQL Database created. |