azurermMssqlVirtualNetworkRule
Allows you to manage rules for allowing traffic between an Azure SQL server and a subnet of a virtual network.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-sql-server-vnet-rule",
}
);
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
this,
"example_1",
{
address_space: ["10.7.29.0/29"],
location: azurermResourceGroupExample.location,
name: "example-vnet",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermMssqlServerExample = new azurerm.mssqlServer.MssqlServer(
this,
"example_2",
{
administrator_login: "4dm1n157r470r",
administrator_login_password: "4-v3ry-53cr37-p455w0rd",
location: azurermResourceGroupExample.location,
name: "uniqueazuresqlserver",
resource_group_name: azurermResourceGroupExample.name,
version: "12.0",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermMssqlServerExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_3", {
address_prefixes: ["10.7.29.0/29"],
name: "example-subnet",
resource_group_name: azurermResourceGroupExample.name,
service_endpoints: ["Microsoft.Sql"],
virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermMssqlVirtualNetworkRuleExample =
new azurerm.mssqlVirtualNetworkRule.MssqlVirtualNetworkRule(
this,
"example_4",
{
name: "sql-vnet-rule",
server_id: azurermMssqlServerExample.id,
subnet_id: azurermSubnetExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermMssqlVirtualNetworkRuleExample.overrideLogicalId("example");
Argument Reference
The following arguments are supported:
-
name- (Required) The name of the SQL virtual network rule. Changing this forces a new resource to be created. -
serverId- (Required) The resource ID of the SQL Server to which this SQL virtual network rule will be applied. Changing this forces a new resource to be created. -
subnetId- (Required) The ID of the subnet from which the SQL server will accept communications. -
ignoreMissingVnetServiceEndpoint- (Optional) Create the virtual network rule before the subnet has the virtual network service endpoint enabled. Defaults tofalse.
\~> NOTE: If ignoreMissingVnetServiceEndpoint is false, and the target subnet does not contain the microsoftSql endpoint in the serviceEndpoints array, the deployment will fail when it tries to create the SQL virtual network rule.
Attributes Reference
The following attributes are exported:
id- The ID of the SQL virtual network rule.
Timeouts
The timeouts block allows you to specify timeouts for certain actions:
create- (Defaults to 30 minutes) Used when creating the SQL Virtual Network Rule.update- (Defaults to 30 minutes) Used when updating the SQL Virtual Network Rule.read- (Defaults to 5 minutes) Used when retrieving the SQL Virtual Network Rule.delete- (Defaults to 30 minutes) Used when deleting the SQL Virtual Network Rule.
Import
SQL Virtual Network Rules can be imported using the resourceId, e.g.