admin_password |
The password associated with the admin_username user |
string |
null |
no |
admin_username |
The administrator login name for the new SQL Server |
string |
null |
no |
collation |
n/a |
string |
"SQL_Latin1_General_CP1_CI_AS" |
no |
create_resource_group |
Whether to create resource group and use it for all networking resources |
bool |
true |
no |
create_storage_account |
Make it true to create storage account for the audit policies. |
bool |
false |
no |
database_name |
The name of the database |
string |
"" |
no |
db_sku_name |
n/a |
string |
null |
no |
disabled_alerts |
Specifies an array of alerts that are disabled. Allowed values are: Sql_Injection, Sql_Injection_Vulnerability, Access_Anomaly, Data_Exfiltration, Unsafe_Action. |
list(any) |
[] |
no |
email_addresses_for_alerts |
A list of email addresses which alerts should be sent to. |
list(any) |
[] |
no |
enable_database_extended_auditing_policy |
Manages Extended Audit policy for SQL database |
bool |
false |
no |
enable_databases_extended_auditing_policy |
Whether to enable the extended auditing policy. Possible values are true and false. Defaults to true. |
bool |
true |
no |
enable_diagnostic |
Set to false to prevent the module from creating any resources. |
bool |
false |
no |
enable_extended_auditing_policy |
Whether to enable the extended auditing policy. Possible values are true and false. Defaults to true. |
bool |
true |
no |
enable_failover_group |
Create a failover group of databases on a collection of Azure SQL servers |
bool |
false |
no |
enable_firewall_rules |
Manage an Azure SQL Firewall Rule |
bool |
false |
no |
enable_log_monitoring |
Enable audit events to Azure Monitor? |
bool |
false |
no |
enable_private_endpoint |
Manages a Private Endpoint to SQL database |
bool |
false |
no |
enable_readonly_failover_policy |
n/a |
bool |
true |
no |
enable_sql_server_extended_auditing_policy |
Manages Extended Audit policy for SQL servers |
bool |
false |
no |
enable_threat_detection_policy |
n/a |
bool |
false |
no |
enable_vulnerability_assessment |
Manages the Vulnerability Assessment for a MS SQL Server |
bool |
false |
no |
enabled |
Set to false to prevent the module from creating any resources. |
bool |
true |
no |
enclave_type |
n/a |
string |
"VBS" |
no |
environment |
Project environment |
string |
"" |
no |
eventhub_authorization_rule_id |
Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG. |
string |
null |
no |
eventhub_name |
Eventhub Name to pass it to destination details of diagnosys setting of NSG. |
string |
null |
no |
existing_private_dns_zone |
Name of the existing private DNS zone |
string |
null |
no |
existing_subnet_id |
The resource id of existing subnet |
string |
null |
no |
existing_vnet_id |
The resoruce id of existing Virtual network |
string |
null |
no |
firewall_rules |
Range of IP addresses to allow firewall connections. |
list(object({ name = string start_ip_address = string end_ip_address = string })) |
[] |
no |
identity |
If you want your SQL Server to have an managed identity. Defaults to false. |
bool |
false |
no |
initialize_sql_script_execution |
Allow/deny to Create and initialize a Microsoft SQL Server database |
bool |
false |
no |
label_order |
Label order, e.g. sequence of application name and environment name ,environment ,'attribute' [webserver ,qa ,devops ,public ,] . |
list(any) |
[ "name", "environment" ] |
no |
license_type |
n/a |
string |
"LicenseIncluded" |
no |
location |
The location/region to keep all your network resources. To get the list of all locations with table format from azure cli, run 'az account list-locations -o table' |
string |
"" |
no |
log_analytics_destination_type |
Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table. |
string |
"AzureDiagnostics" |
no |
log_analytics_workspace_id |
Specifies the ID of a Log Analytics Workspace where Diagnostics Data to be sent |
string |
null |
no |
log_category |
Categories of logs to be recorded in diagnostic setting for MSSQL database. Acceptable values are SQLSecurityAuditEvents, SQLInsights, AutomaticTuning, or QueryStoreRuntimeStatistics. |
list(string) |
[ "SQLSecurityAuditEvents", "SQLInsights" ] |
no |
log_retention_days |
Specifies the number of days to keep in the Threat Detection audit logs |
string |
"30" |
no |
managedby |
ManagedBy, eg ''. |
string |
"" |
no |
max_size_gb |
n/a |
number |
2 |
no |
metric_enabled |
Whether metric diagnonsis should be enable in diagnostic settings for flexible Mysql. |
bool |
true |
no |
minimum_tls_version |
The Minimum TLS Version for all SQL Database and SQL Data Warehouse databases associated with the server. Valid values are: 1.0, 1.1 , 1.2 and Disabled. Defaults to 1.2. |
string |
"1.2" |
no |
name |
Name (e.g. app or cluster ). |
string |
"" |
no |
random_password_length |
The desired length of random password created by this module |
number |
32 |
no |
repository |
Terraform current module repo |
string |
"" |
no |
resource_group_name |
A container that holds related resources for an Azure solution |
string |
"" |
no |
secondary_sql_server_location |
Specifies the supported Azure location to create secondary sql server resource |
string |
"northeurope" |
no |
sql_server_version |
The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server) |
string |
null |
no |
sqldb_init_script_file |
SQL Script file name to create and initialize the database |
string |
"" |
no |
sqlserver_name |
SQL server Name |
string |
"" |
no |
storage_account_access_key |
The primary access key for the storage account. |
string |
null |
no |
storage_account_blob_endpoint |
The endpoint URL for blob storage in the primary location. |
string |
null |
no |
storage_account_id |
The name of the storage account to store the all monitoring logs |
string |
null |
no |
storage_account_name |
The name of the storage account name |
string |
null |
no |
tags |
A map of tags to add to all resources |
map(string) |
{} |
no |
threat_detection_audit_logs_retention_days |
Specifies the number of days to keep in the Threat Detection audit logs. |
number |
0 |
no |
virtual_network_name |
The name of the virtual network |
string |
"" |
no |