generated from Azure/terraform-verified-module
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathresources.sqldb.tf
130 lines (103 loc) · 6.68 KB
/
resources.sqldb.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
# Copyright (c) Microsoft Corporation.
# Licensed under the MIT License.
resource "azurerm_mssql_database" "single_database" {
for_each = try({ for db in var.databases : db.name => db if !var.enable_elastic_pool }, {})
name = var.use_naming_for_databases ? data.azurenoopsutils_resource_name.sql_dbs[each.key].result : each.key
server_id = azurerm_mssql_server.primary_sql.id
sku_name = var.single_databases_sku_name
license_type = each.value.license_type
collation = var.databases_collation
max_size_gb = can(regex("Secondary|OnlineSecondary", each.value.create_mode)) ? null : each.value.max_size_gb
zone_redundant = can(regex("^DW", var.single_databases_sku_name)) && var.databases_zone_redundant != null ? var.databases_zone_redundant : false
min_capacity = can(regex("^GP_S", var.single_databases_sku_name)) ? each.value.min_capacity : null
auto_pause_delay_in_minutes = can(regex("^GP_S", var.single_databases_sku_name)) ? each.value.auto_pause_delay_in_minutes : null
read_scale = can(regex("^P|BC", var.single_databases_sku_name)) && each.value.read_scale != null ? each.value.read_scale : false
read_replica_count = can(regex("^HS", var.single_databases_sku_name)) ? each.value.read_replica_count : null
#https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.sql.models.database.createmode?view=azure-dotnet
create_mode = can(regex("^DW", var.single_databases_sku_name)) ? lookup(local.datawarehouse_allowed_create_mode, each.value.create_mode, "Default") : try(lookup(local.standard_allowed_create_mode, each.value.create_mode), "Default")
creation_source_database_id = can(regex("Copy|Secondary|PointInTimeRestore|Recovery|RestoreExternalBackup|Restore|RestoreExternalBackupSecondary", each.value.create_mode)) ? each.value.creation_source_database_id : null
restore_point_in_time = each.value.create_mode == "PointInTimeRestore" ? each.value.restore_point_in_time : null
recover_database_id = each.value.create_mode == "Recovery" ? each.value.recover_database_id : null
restore_dropped_database_id = each.value.create_mode == "Restore" ? each.value.restore_dropped_database_id : null
storage_account_type = each.value.storage_account_type
dynamic "threat_detection_policy" {
for_each = var.enable_threat_detection_policy ? ["enabled"] : []
content {
state = "Enabled"
email_account_admins = "Enabled"
email_addresses = var.alerting_email_addresses
retention_days = var.threat_detection_policy_retention_days
disabled_alerts = var.threat_detection_policy_disabled_alerts
storage_endpoint = var.security_storage_account_blob_endpoint
storage_account_access_key = var.security_storage_account_access_key
}
}
short_term_retention_policy {
retention_days = var.point_in_time_restore_retention_days
}
dynamic "long_term_retention_policy" {
for_each = coalesce(
try(var.backup_retention.weekly_retention, ""),
try(var.backup_retention.monthly_retention, ""),
try(var.backup_retention.yearly_retention, ""),
try(var.backup_retention.week_of_year, ""),
"empty"
) == "empty" ? [] : ["enabled"]
content {
weekly_retention = try(format("P%sW", var.backup_retention.weekly_retention), null)
monthly_retention = try(format("P%sM", var.backup_retention.monthly_retention), null)
yearly_retention = try(format("P%sY", var.backup_retention.yearly_retention), null)
week_of_year = var.backup_retention.week_of_year
}
}
tags = merge(local.default_tags, var.add_tags, try(each.value.database_add_tags, {}))
}
resource "azurerm_mssql_database" "elastic_pool_database" {
for_each = try({ for db in var.databases : db.name => db if var.enable_elastic_pool }, {})
name = var.use_naming_for_databases ? data.azurenoopsutils_resource_name.sql_dbs[each.key].result : each.key
server_id = azurerm_mssql_server.primary_sql.id
sku_name = "ElasticPool"
license_type = each.value.license_type
elastic_pool_id = one(azurerm_mssql_elasticpool.elastic_pool[*].id)
collation = var.databases_collation
max_size_gb = can(regex("Secondary|OnlineSecondary", each.value.create_mode)) ? null : each.value.max_size_gb
zone_redundant = can(regex("^DW", var.single_databases_sku_name)) && var.databases_zone_redundant != null ? var.databases_zone_redundant : false
#https://docs.microsoft.com/en-us/dotnet/api/microsoft.azure.management.sql.models.database.createmode?view=azure-dotnet
create_mode = try(lookup(local.standard_allowed_create_mode, each.value.create_mode), "Default")
creation_source_database_id = can(regex("Copy|Secondary|PointInTimeRestore|Recovery|RestoreExternalBackup|Restore|RestoreExternalBackupSecondary", each.value.create_mode)) ? each.value.creation_source_database_id : null
restore_point_in_time = each.value.create_mode == "PointInTimeRestore" ? each.value.restore_point_in_time : null
recover_database_id = each.value.create_mode == "Recovery" ? each.value.recover_database_id : null
restore_dropped_database_id = each.value.create_mode == "Restore" ? each.value.restore_dropped_database_id : null
storage_account_type = each.value.storage_account_type
dynamic "threat_detection_policy" {
for_each = var.enable_threat_detection_policy ? ["enabled"] : []
content {
state = "Enabled"
email_account_admins = "Enabled"
email_addresses = var.alerting_email_addresses
retention_days = var.threat_detection_policy_retention_days
disabled_alerts = var.threat_detection_policy_disabled_alerts
storage_endpoint = var.security_storage_account_blob_endpoint
storage_account_access_key = var.security_storage_account_access_key
}
}
short_term_retention_policy {
retention_days = var.point_in_time_restore_retention_days
}
dynamic "long_term_retention_policy" {
for_each = coalesce(
try(var.backup_retention.weekly_retention, ""),
try(var.backup_retention.monthly_retention, ""),
try(var.backup_retention.yearly_retention, ""),
try(var.backup_retention.week_of_year, ""),
"empty"
) == "empty" ? [] : ["enabled"]
content {
weekly_retention = try(format("P%sW", var.backup_retention.weekly_retention), null)
monthly_retention = try(format("P%sM", var.backup_retention.monthly_retention), null)
yearly_retention = try(format("P%sY", var.backup_retention.yearly_retention), null)
week_of_year = var.backup_retention.week_of_year
}
}
tags = merge(local.default_tags, var.add_tags, try(each.value.database_add_tags, {}))
}