Skip to content

Latest commit

 

History

History
88 lines (84 loc) · 8.64 KB

File metadata and controls

88 lines (84 loc) · 8.64 KB

Inputs

Name Description Type Default Required
admin_password The password associated with the admin_username user string null no
admin_username The administrator login name for the new SQL Server string null no
collation n/a string "SQL_Latin1_General_CP1_CI_AS" no
create_resource_group Whether to create resource group and use it for all networking resources bool true no
create_storage_account Make it true to create storage account for the audit policies. bool false no
database_name The name of the database string "" no
db_sku_name n/a string null no
disabled_alerts Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action. list(any) [] no
email_addresses_for_alerts A list of email addresses which alerts should be sent to. list(any) [] no
enable_database_extended_auditing_policy Manages Extended Audit policy for SQL database bool false no
enable_databases_extended_auditing_policy Whether to enable the extended auditing policy. Possible values are true and false. Defaults to true. bool true no
enable_diagnostic Set to false to prevent the module from creating any resources. bool false no
enable_extended_auditing_policy Whether to enable the extended auditing policy. Possible values are true and false. Defaults to true. bool true no
enable_failover_group Create a failover group of databases on a collection of Azure SQL servers bool false no
enable_firewall_rules Manage an Azure SQL Firewall Rule bool false no
enable_log_monitoring Enable audit events to Azure Monitor? bool false no
enable_private_endpoint Manages a Private Endpoint to SQL database bool false no
enable_readonly_failover_policy n/a bool true no
enable_sql_server_extended_auditing_policy Manages Extended Audit policy for SQL servers bool false no
enable_threat_detection_policy n/a bool false no
enable_vulnerability_assessment Manages the Vulnerability Assessment for a MS SQL Server bool false no
enabled Set to false to prevent the module from creating any resources. bool true no
enclave_type n/a string "VBS" no
environment Project environment string "" no
eventhub_authorization_rule_id Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG. string null no
eventhub_name Eventhub Name to pass it to destination details of diagnosys setting of NSG. string null no
existing_private_dns_zone Name of the existing private DNS zone string null no
existing_subnet_id The resource id of existing subnet string null no
existing_vnet_id The resoruce id of existing Virtual network string null no
firewall_rules Range of IP addresses to allow firewall connections.
list(object({
name = string
start_ip_address = string
end_ip_address = string
}))
[] no
identity If you want your SQL Server to have an managed identity. Defaults to false. bool false no
initialize_sql_script_execution Allow/deny to Create and initialize a Microsoft SQL Server database bool false no
label_order Label order, e.g. sequence of application name and environment name,environment,'attribute' [webserver,qa,devops,public,] . list(any)
[
"name",
"environment"
]
no
license_type n/a string "LicenseIncluded" no
location The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table' string "" no
log_analytics_destination_type Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table. string "AzureDiagnostics" no
log_analytics_workspace_id Specifies the ID of a Log Analytics Workspace where Diagnostics Data to be sent string null no
log_category Categories of logs to be recorded in diagnostic setting for MSSQL database. Acceptable values are SQLSecurityAuditEvents, SQLInsights, AutomaticTuning, or QueryStoreRuntimeStatistics. list(string)
[
"SQLSecurityAuditEvents",
"SQLInsights"
]
no
log_retention_days Specifies the number of days to keep in the Threat Detection audit logs string "30" no
managedby ManagedBy, eg ''. string "" no
max_size_gb n/a number 2 no
metric_enabled Whether metric diagnonsis should be enable in diagnostic settings for flexible Mysql. bool true no
minimum_tls_version The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are: 1.0, 1.1 , 1.2 and Disabled. Defaults to 1.2. string "1.2" no
name Name (e.g. app or cluster). string "" no
random_password_length The desired length of random password created by this module number 32 no
repository Terraform current module repo string "" no
resource_group_name A container that holds related resources for an Azure solution string "" no
secondary_sql_server_location Specifies the supported Azure location to create secondary sql server resource string "northeurope" no
sql_server_version The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server) string null no
sqldb_init_script_file SQL Script file name to create and initialize the database string "" no
sqlserver_name SQL server Name string "" no
storage_account_access_key The primary access key for the storage account. string null no
storage_account_blob_endpoint The endpoint URL for blob storage in the primary location. string null no
storage_account_id The name of the storage account to store the all monitoring logs string null no
storage_account_name The name of the storage account name string null no
tags A map of tags to add to all resources map(string) {} no
threat_detection_audit_logs_retention_days Specifies the number of days to keep in the Threat Detection audit logs. number 0 no
virtual_network_name The name of the virtual network string "" no

Outputs

Name Description
primary_sql_server_fqdn The fully qualified domain name of the primary Azure SQL Server
primary_sql_server_id The primary Microsoft SQL Server ID
primary_sql_server_private_endpoint id of the Primary SQL server Private Endpoint
primary_sql_server_private_endpoint_fqdn Priamary SQL server private endpoint IPv4 Addresses
primary_sql_server_private_endpoint_ip Priamary SQL server private endpoint IPv4 Addresses
resource_group_location The location of the resource group in which resources are created
resource_group_name The name of the resource group in which resources are created
secondary_sql_server_fqdn The fully qualified domain name of the secondary Azure SQL Server
secondary_sql_server_id The secondary Microsoft SQL Server ID
secondary_sql_server_private_endpoint id of the Primary SQL server Private Endpoint
secondary_sql_server_private_endpoint_fqdn Secondary SQL server private endpoint IPv4 Addresses
secondary_sql_server_private_endpoint_ip Secondary SQL server private endpoint IPv4 Addresses
sql_database_id The SQL Database ID
sql_database_name The SQL Database Name
sql_failover_group_id A failover group of databases on a collection of Azure SQL servers.
sql_server_admin_password SQL database administrator login password
sql_server_admin_user SQL database administrator login id
sql_server_private_dns_zone_domain DNS zone name of SQL server Private endpoints dns name records
storage_account_id The ID of the storage account
storage_account_name The name of the storage account