databases/mssql_server¶
Overview¶
This page documents the Terraform module implementation, key configuration surfaces, and how it integrates with CAF.
Dependency diagram (Mermaid)¶
graph TD
azurecaf_name.mssql["azurecaf_name.mssql"]
azurerm_key_vault_secret.sql_admin_password["azurerm_key_vault_secret.sql_admin_password"]
azurerm_mssql_firewall_rule.firewall_rules["azurerm_mssql_firewall_rule.firewall_rules"]
azurerm_mssql_server.mssql["azurerm_mssql_server.mssql"]
azurerm_mssql_server_extended_auditing_policy.mssql["azurerm_mssql_server_extended_auditing_policy.mssql"]
azurerm_mssql_server_security_alert_policy.mssql["azurerm_mssql_server_security_alert_policy.mssql"]
azurerm_mssql_server_transparent_data_encryption.tde["azurerm_mssql_server_transparent_data_encryption.tde"]
azurerm_mssql_server_vulnerability_assessment.mssql["azurerm_mssql_server_vulnerability_assessment.mssql"]
azurerm_mssql_virtual_network_rule.network_rules["azurerm_mssql_virtual_network_rule.network_rules"]
data.azurerm_storage_account.mssql_auditing["data.azurerm_storage_account.mssql_auditing"]
data.azurerm_storage_account.mssql_security_alert["data.azurerm_storage_account.mssql_security_alert"]
data.azurerm_storage_account.mssql_va["data.azurerm_storage_account.mssql_va"]
module.private_endpoint["module.private_endpoint"]
random_password.sql_admin["random_password.sql_admin"]
azurerm_key_vault_secret.sql_admin_password --> azurecaf_name.mssql
azurerm_key_vault_secret.sql_admin_password --> random_password.sql_admin
azurerm_mssql_firewall_rule.firewall_rules --> azurerm_mssql_server.mssql
azurerm_mssql_server.mssql --> azurecaf_name.mssql
azurerm_mssql_server.mssql --> azurerm_key_vault_secret.sql_admin_password
azurerm_mssql_server_extended_auditing_policy.mssql --> azurerm_mssql_server.mssql
azurerm_mssql_server_extended_auditing_policy.mssql --> data.azurerm_storage_account.mssql_auditing
azurerm_mssql_server_security_alert_policy.mssql --> azurerm_mssql_server.mssql
azurerm_mssql_server_security_alert_policy.mssql --> data.azurerm_storage_account.mssql_security_alert
azurerm_mssql_server_transparent_data_encryption.tde --> azurerm_mssql_server.mssql
azurerm_mssql_server_vulnerability_assessment.mssql --> azurerm_mssql_server_security_alert_policy.mssql
azurerm_mssql_server_vulnerability_assessment.mssql --> data.azurerm_storage_account.mssql_va
azurerm_mssql_virtual_network_rule.network_rules --> azurerm_mssql_server.mssql
module.private_endpoint --> azurerm_mssql_server.mssql
Module Reference¶
Category: databases
Path: modules/databases/mssql_server
Azure Resources: azurecaf_name, azurerm_key_vault_secret, azurerm_mssql_firewall_rule, azurerm_mssql_server, azurerm_mssql_server_extended_auditing_policy, azurerm_mssql_server_security_alert_policy, azurerm_mssql_server_transparent_data_encryption, azurerm_mssql_server_vulnerability_assessment, azurerm_mssql_virtual_network_rule, random_password
Inputs¶
| Name | Description | Type | Required | Default | Validation |
|---|---|---|---|---|---|
global_settings |
Global settings object (see module README.md) | any |
yes | - |
- |
client_config |
Client configuration object (see module README.md). | any |
yes | - |
- |
settings |
The settings for the Azure resource. | any |
yes | - |
- |
resource_group_name |
(Required) The name of the resource group where to create the resource. | string |
yes | - |
- |
location |
(Required) Specifies the supported Azure location where to create the resource. Changing this forces a new resource t... | string |
yes | - |
- |
storage_accounts |
any |
yes | - |
- | |
azuread_groups |
any |
yes | - |
- | |
vnets |
any |
yes | - |
- | |
private_endpoints |
any |
yes | - |
- | |
resource_groups |
any |
yes | - |
- | |
resource_group |
any |
yes | - |
- | |
base_tags |
Base tags for the resource to be inherited from the resource group. | bool |
yes | - |
- |
private_dns |
any |
no | {} |
- | |
keyvault_id |
any |
yes | - |
- | |
remote_objects |
any |
yes | - |
- |
Outputs¶
| Name | Description | Sensitive | Value |
|---|---|---|---|
id |
- | azurerm_mssql_server.mssql.id |
|
fully_qualified_domain_name |
- | azurerm_mssql_server.mssql.fully_qualified_domain_name |
|
rbac_id |
- | try(azurerm_mssql_server.mssql.identity[0].principal_id, null) |
|
identity |
- | try(azurerm_mssql_server.mssql.identity, null) |
|
azuread_administrator |
- | try(azurerm_mssql_server.mssql.azuread_administrator, null) |
|
name |
- | azurecaf_name.mssql.result |
|
resource_group_name |
- | local.resource_group_name |
|
location |
- | local.location |
Sources¶
modules/databases/mssql_server/auditing.tfmodules/databases/mssql_server/locals.tfmodules/databases/mssql_server/main.tfmodules/databases/mssql_server/outputs.tfmodules/databases/mssql_server/private_endpoints.tfmodules/databases/mssql_server/security_alert.tfmodules/databases/mssql_server/server.tfmodules/databases/mssql_server/variables.tfmodules/databases/mssql_server/vulnerability_assessment.tf