forked from bridgecrewio/terragoat
-
Notifications
You must be signed in to change notification settings - Fork 0
/
sql.tf
110 lines (101 loc) · 4.37 KB
/
sql.tf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
resource "azurerm_sql_firewall_rule" "example" {
name = "terragoat-firewall-rule-${var.environment}"
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
start_ip_address = "10.0.17.62"
end_ip_address = "10.0.17.62"
}
resource "azurerm_sql_server" "example" {
name = "terragoat-sqlserver-${var.environment}${random_integer.rnd_int.result}"
resource_group_name = azurerm_resource_group.example.name
location = azurerm_resource_group.example.location
version = "12.0"
administrator_login = "ariel"
administrator_login_password = "Aa12345678"
tags = merge({
environment = var.environment
terragoat = "true"
}, {
git_commit = "81738b80d571fa3034633690d13ffb460e1e7dea"
git_file = "terraform/azure/sql.tf"
git_last_modified_at = "2020-06-19 21:14:50"
git_last_modified_by = "Adin.Ermie@outlook.com"
git_modifiers = "Adin.Ermie/nimrodkor"
git_org = "bridgecrewio"
git_repo = "terragoat"
yor_trace = "e5ec3432-e61f-4244-b59e-9ecc24ddd4cb"
})
}
resource "azurerm_mssql_server_security_alert_policy" "example" {
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_sql_server.example.name
state = "Enabled"
storage_endpoint = azurerm_storage_account.example.primary_blob_endpoint
storage_account_access_key = azurerm_storage_account.example.primary_access_key
disabled_alerts = [
"Sql_Injection",
"Data_Exfiltration"
]
retention_days = 20
}
resource "azurerm_mysql_server" "example" {
name = "terragoat-mysql-${var.environment}${random_integer.rnd_int.result}"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
administrator_login = "terragoat-${var.environment}"
administrator_login_password = random_string.password.result
sku_name = "B_Gen5_2"
storage_mb = 5120
version = "5.7"
auto_grow_enabled = true
backup_retention_days = 7
infrastructure_encryption_enabled = true
public_network_access_enabled = true
ssl_enforcement_enabled = false
tags = {
git_commit = "81738b80d571fa3034633690d13ffb460e1e7dea"
git_file = "terraform/azure/sql.tf"
git_last_modified_at = "2020-06-19 21:14:50"
git_last_modified_by = "Adin.Ermie@outlook.com"
git_modifiers = "Adin.Ermie/nimrodkor"
git_org = "bridgecrewio"
git_repo = "terragoat"
yor_trace = "1ac18c16-09a4-41c9-9a66-6f514050178e"
}
}
resource "azurerm_postgresql_server" "example" {
name = "terragoat-postgresql-${var.environment}${random_integer.rnd_int.result}"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku_name = "B_Gen5_2"
storage_mb = 5120
backup_retention_days = 7
geo_redundant_backup_enabled = false
auto_grow_enabled = true
administrator_login = "terragoat"
administrator_login_password = "Aa12345678"
version = "9.5"
ssl_enforcement_enabled = false
tags = {
git_commit = "81738b80d571fa3034633690d13ffb460e1e7dea"
git_file = "terraform/azure/sql.tf"
git_last_modified_at = "2020-06-19 21:14:50"
git_last_modified_by = "Adin.Ermie@outlook.com"
git_modifiers = "Adin.Ermie/nimrodkor"
git_org = "bridgecrewio"
git_repo = "terragoat"
yor_trace = "9eae126d-9404-4511-9c32-2243457df459"
}
}
resource "azurerm_postgresql_configuration" "thrtottling_config" {
name = "connection_throttling"
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_postgresql_server.example.name
value = "off"
}
resource "azurerm_postgresql_configuration" "example" {
name = "log_checkpoints"
resource_group_name = azurerm_resource_group.example.name
server_name = azurerm_postgresql_server.example.name
value = "off"
}