8.9 KiB
8.9 KiB
terraform-azurerm-database
Create an Azure SQL Database
This Terraform module creates a basic Azure SQL Database.
Usage
module "sql-database" {
source = "Azure/database/azurerm"
resource_group_name = "myapp"
location = "westus"
db_name = "mydatabase"
sql_admin_username = "mradministrator"
sql_password = "P@ssw0rd12345!"
tags = {
environment = "dev"
costcenter = "it"
}
}
Pre-Commit & Pr-Check & Test
Configurations
We assumed that you have setup service principal's credentials in your environment variables like below:
export ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
export ARM_TENANT_ID="<azure_subscription_tenant_id>"
export ARM_CLIENT_ID="<service_principal_appid>"
export ARM_CLIENT_SECRET="<service_principal_password>"
On Windows Powershell:
$env:ARM_SUBSCRIPTION_ID="<azure_subscription_id>"
$env:ARM_TENANT_ID="<azure_subscription_tenant_id>"
$env:ARM_CLIENT_ID="<service_principal_appid>"
$env:ARM_CLIENT_SECRET="<service_principal_password>"
We provide a docker image to run the pre-commit checks and tests for you: mcr.microsoft.com/azterraform:latest
To run the pre-commit task, we can run the following command:
$ docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform:latest make pre-commit
On Windows Powershell:
$ docker run --rm -v ${pwd}:/src -w /src mcr.microsoft.com/azterraform:latest make pre-commit
In pre-commit task, we will:
- Run
terraform fmt -recursive
command for your Terraform code. - Run
terrafmt fmt -f
command for markdown files and go code files to ensure that the Terraform code embedded in these files are well formatted. - Run
go mod tidy
andgo mod vendor
for test folder to ensure that all the dependencies have been synced. - Run
gofmt
for all go code files. - Run
gofumpt
for all go code files. - Run
terraform-docs
onREADME.md
file, then runmarkdown-table-formatter
to format markdown tables inREADME.md
.
Then we can run the pr-check task to check whether our code meets our pipeline's requirement(We strongly recommend you run the following command before you commit):
$ docker run --rm -v $(pwd):/src -w /src mcr.microsoft.com/azterraform:latest make pr-check
On Windows Powershell:
$ docker run --rm -v ${pwd}:/src -w /src mcr.microsoft.com/azterraform:latest make pr-check
To run the e2e-test, we can run the following command:
docker run --rm -v $(pwd):/src -w /src -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_CLIENT_SECRET mcr.microsoft.com/azterraform:latest make e2e-test
On Windows Powershell:
docker run --rm -v ${pwd}:/src -w /src -e ARM_SUBSCRIPTION_ID -e ARM_TENANT_ID -e ARM_CLIENT_ID -e ARM_CLIENT_SECRET mcr.microsoft.com/azterraform:latest make e2e-test
Prerequisites
Authors
Originally created by James Earle
License
Requirements
Name | Version |
---|---|
terraform | >= 1.2 |
azurerm | ~>3.0 |
Providers
Name | Version |
---|---|
azurerm | ~>3.0 |
Modules
No modules.
Resources
Name | Type |
---|---|
azurerm_resource_group.rg | resource |
azurerm_sql_active_directory_administrator.aad_admin | resource |
azurerm_sql_database.db | resource |
azurerm_sql_firewall_rule.fw | resource |
azurerm_sql_server.server | resource |
Inputs
Name | Description | Type | Default | Required |
---|---|---|---|---|
collation | The collation for the database. Default is SQL_Latin1_General_CP1_CI_AS | string |
"SQL_Latin1_General_CP1_CI_AS" |
no |
create_resource_group | Create a new resource group with name var.resource_group_name , or just use it as resource group's name. Default to true . Changing this forces a new resource to be created. |
bool |
true |
no |
db_edition | The edition of the database to be created. | string |
"Basic" |
no |
db_name | The name of the database to be created. | string |
n/a | yes |
end_ip_address | Defines the end IP address used in your database firewall rule. | string |
"0.0.0.0" |
no |
location | The location/region where the database and server are created. Changing this forces a new resource to be created. | string |
n/a | yes |
resource_group_name | Default resource group name that the database will be created in. | string |
"myapp-rg" |
no |
server_version | The version for the database server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). | string |
"12.0" |
no |
service_objective_name | The performance level for the database. For the list of acceptable values, see https://docs.microsoft.com/en-gb/azure/sql-database/sql-database-service-tiers. Default is Basic. | string |
"Basic" |
no |
sql_aad_administrator | object({ login = (Required) The login name of the principal to set as the server administrator object_id = (Required) The ID of the principal to set as the server administrator tenant_id = (Required) The Azure Tenant ID azuread_authentication_only = (Optional) Specifies whether only AD Users and administrators can be used to login ( true ) or also local database users (false ).}) |
object({ |
null |
no |
sql_admin_username | The administrator username of the SQL Server. | string |
n/a | yes |
sql_password | The administrator password of the SQL Server. | string |
n/a | yes |
start_ip_address | Defines the start IP address used in your database firewall rule. | string |
"0.0.0.0" |
no |
tags | The tags to associate with your network and subnets. | map(string) |
{ |
no |
tracing_tags_enabled | Whether enable tracing tags that generated by BridgeCrew Yor. | bool |
false |
no |
tracing_tags_prefix | Default prefix for generated tracing tags | string |
"avm_" |
no |
Outputs
Name | Description |
---|---|
connection_string | Connection string for the Azure SQL Database created. |
database_name | Database name of the Azure SQL Database created. |
sql_server_fqdn | Fully Qualified Domain Name (FQDN) of the Azure SQL Database created. |
sql_server_location | Location of the Azure SQL Database created. |
sql_server_name | Server name of the Azure SQL Database created. |
sql_server_version | Version the Azure SQL Database created. |