databases/mssql_server¶
Overview¶
This page documents the Terraform module implementation, key configuration surfaces, and how it integrates with CAF.
Dependency diagram (Mermaid)¶
graph TD
azurecaf_name.mssql["azurecaf_name.mssql"]
azurerm_key_vault_secret.sql_admin_password["azurerm_key_vault_secret.sql_admin_password"]
azurerm_mssql_firewall_rule.firewall_rules["azurerm_mssql_firewall_rule.firewall_rules"]
azurerm_mssql_server.mssql["azurerm_mssql_server.mssql"]
azurerm_mssql_server_extended_auditing_policy.mssql["azurerm_mssql_server_extended_auditing_policy.mssql"]
azurerm_mssql_server_security_alert_policy.mssql["azurerm_mssql_server_security_alert_policy.mssql"]
azurerm_mssql_server_transparent_data_encryption.tde["azurerm_mssql_server_transparent_data_encryption.tde"]
azurerm_mssql_server_vulnerability_assessment.mssql["azurerm_mssql_server_vulnerability_assessment.mssql"]
azurerm_mssql_virtual_network_rule.network_rules["azurerm_mssql_virtual_network_rule.network_rules"]
data.azurerm_storage_account.mssql_auditing["data.azurerm_storage_account.mssql_auditing"]
data.azurerm_storage_account.mssql_security_alert["data.azurerm_storage_account.mssql_security_alert"]
data.azurerm_storage_account.mssql_va["data.azurerm_storage_account.mssql_va"]
module.private_endpoint["module.private_endpoint"]
random_password.sql_admin["random_password.sql_admin"]
remote:keyvault_keys["remote:keyvault_keys"]
azurerm_key_vault_secret.sql_admin_password --> azurecaf_name.mssql
azurerm_key_vault_secret.sql_admin_password --> random_password.sql_admin
azurerm_mssql_firewall_rule.firewall_rules --> azurerm_mssql_server.mssql
azurerm_mssql_server.mssql --> azurecaf_name.mssql
azurerm_mssql_server.mssql --> azurerm_key_vault_secret.sql_admin_password
azurerm_mssql_server_extended_auditing_policy.mssql --> azurerm_mssql_server.mssql
azurerm_mssql_server_extended_auditing_policy.mssql --> data.azurerm_storage_account.mssql_auditing
azurerm_mssql_server_security_alert_policy.mssql --> azurerm_mssql_server.mssql
azurerm_mssql_server_security_alert_policy.mssql --> data.azurerm_storage_account.mssql_security_alert
azurerm_mssql_server_transparent_data_encryption.tde --> azurerm_mssql_server.mssql
azurerm_mssql_server_transparent_data_encryption.tde --> remote:keyvault_keys
azurerm_mssql_server_vulnerability_assessment.mssql --> azurerm_mssql_server_security_alert_policy.mssql
azurerm_mssql_server_vulnerability_assessment.mssql --> data.azurerm_storage_account.mssql_va
azurerm_mssql_virtual_network_rule.network_rules --> azurerm_mssql_server.mssql
module.private_endpoint --> azurerm_mssql_server.mssql
Module Reference¶
Category: databases
Path: modules/databases/mssql_server
Azure Resources: azurecaf_name, azurerm_key_vault_secret, azurerm_mssql_firewall_rule, azurerm_mssql_server, azurerm_mssql_server_extended_auditing_policy, azurerm_mssql_server_security_alert_policy, azurerm_mssql_server_transparent_data_encryption, azurerm_mssql_server_vulnerability_assessment, azurerm_mssql_virtual_network_rule, random_password
Inputs¶
| Name | Description | Type | Required | Default | Validation |
|---|---|---|---|---|---|
"global_settings" |
"Global settings object (see module README.md)" | any |
yes | - |
- |
"client_config" |
"Client configuration object (see module README.md)." | any |
yes | - |
- |
"settings" |
"The settings for the Azure resource." | any |
yes | - |
- |
"resource_group_name" |
"(Required) The name of the resource group where to create the resource." | string |
yes | - |
- |
"location" |
"(Required) Specifies the supported Azure location where to create the resource. Changing this forces a new resource ... | string |
yes | - |
- |
"storage_accounts" |
any |
yes | - |
- | |
"azuread_groups" |
any |
yes | - |
- | |
"vnets" |
any |
yes | - |
- | |
"private_endpoints" |
any |
yes | - |
- | |
"resource_groups" |
any |
yes | - |
- | |
"resource_group" |
any |
yes | - |
- | |
"base_tags" |
"Base tags for the resource to be inherited from the resource group." | bool |
yes | - |
- |
"private_dns" |
any |
no | {} |
- | |
"keyvault_id" |
any |
yes | - |
- | |
"remote_objects" |
any |
yes | - |
- | |
"managed_identities" |
any |
no | {} |
- |
Outputs¶
| Name | Description | Sensitive | Value |
|---|---|---|---|
"id" |
- | azurerm_mssql_server.mssql.id |
|
"fully_qualified_domain_name" |
- | azurerm_mssql_server.mssql.fully_qualified_domain_name |
|
"rbac_id" |
- | try(azurerm_mssql_server.mssql.identity[0].principal_id, null) |
|
"identity" |
- | try(azurerm_mssql_server.mssql.identity, null) |
|
"azuread_administrator" |
- | try(azurerm_mssql_server.mssql.azuread_administrator, null) |
|
"name" |
- | azurecaf_name.mssql.result |
|
"resource_group_name" |
- | local.resource_group_name |
|
"location" |
- | local.location |
Sources¶
modules/databases/mssql_server/auditing.tfmodules/databases/mssql_server/locals.tfmodules/databases/mssql_server/main.tfmodules/databases/mssql_server/managed_identities.tfmodules/databases/mssql_server/outputs.tfmodules/databases/mssql_server/private_endpoints.tfmodules/databases/mssql_server/security_alert.tfmodules/databases/mssql_server/server.tfmodules/databases/mssql_server/variables.tfmodules/databases/mssql_server/vulnerability_assessment.tf