Skip to content

azurermSqlFirewallRule

Allows you to manage an Azure SQL Firewall Rule.

-> Note: The azurermSqlFirewallRule resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the azurermMssqlFirewallRule resource instead.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "example-resources",
  }
);
const azurermSqlServerExample = new azurerm.sqlServer.SqlServer(
  this,
  "example_1",
  {
    administrator_login: "4dm1n157r470r",
    administrator_login_password: "4-v3ry-53cr37-p455w0rd",
    location: azurermResourceGroupExample.location,
    name: "mysqlserver",
    resource_group_name: azurermResourceGroupExample.name,
    version: "12.0",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSqlServerExample.overrideLogicalId("example");
const azurermSqlFirewallRuleExample =
  new azurerm.sqlFirewallRule.SqlFirewallRule(this, "example_2", {
    end_ip_address: "10.0.17.62",
    name: "FirewallRule1",
    resource_group_name: azurermResourceGroupExample.name,
    server_name: azurermSqlServerExample.name,
    start_ip_address: "10.0.17.62",
  });
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSqlFirewallRuleExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

  • name - (Required) The name of the firewall rule. Changing this forces a new resource to be created.

  • resourceGroupName - (Required) The name of the resource group in which to create the SQL Server. Changing this forces a new resource to be created.

  • serverName - (Required) The name of the SQL Server on which to create the Firewall Rule. Changing this forces a new resource to be created.

  • startIpAddress - (Required) The starting IP address to allow through the firewall for this rule.

  • endIpAddress - (Required) The ending IP address to allow through the firewall for this rule.

-> NOTE: The Azure feature allowAccessToAzureServices can be enabled by setting startIpAddress and endIpAddress to 0000 which (is documented in the Azure API Docs).

Attributes Reference

The following attributes are exported:

  • id - The SQL Firewall Rule ID.

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

  • create - (Defaults to 30 minutes) Used when creating the SQL Firewall Rule.
  • update - (Defaults to 30 minutes) Used when updating the SQL Firewall Rule.
  • read - (Defaults to 5 minutes) Used when retrieving the SQL Firewall Rule.
  • delete - (Defaults to 30 minutes) Used when deleting the SQL Firewall Rule.

Import

SQL Firewall Rules can be imported using the resourceId, e.g.

terraform import azurerm_sql_firewall_rule.rule1 /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/servers/myserver/firewallRules/rule1