azurermSqlServer

Manages a Microsoft SQL Azure Database Server.

\~> Note: The azurermSqlServer resource is deprecated in version 3.0 of the AzureRM provider and will be removed in version 4.0. Please use the azurermMssqlServer resource instead.

\~> Note: All arguments including the administrator login and password will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
  this,
  "example",
  {
    location: "West Europe",
    name: "database-rg",
  }
);
const azurermSqlServerExample = new azurerm.sqlServer.SqlServer(
  this,
  "example_1",
  {
    administrator_login: "mradministrator",
    administrator_login_password: "thisIsDog11",
    location: azurermResourceGroupExample.location,
    name: "mssqlserver",
    resource_group_name: azurermResourceGroupExample.name,
    tags: {
      environment: "production",
    },
    version: "12.0",
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSqlServerExample.overrideLogicalId("example");
const azurermStorageAccountExample = new azurerm.storageAccount.StorageAccount(
  this,
  "example_2",
  {
    account_replication_type: "LRS",
    account_tier: "Standard",
    location: azurermResourceGroupExample.location,
    name: "examplesa",
    resource_group_name: azurermResourceGroupExample.name,
  }
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermStorageAccountExample.overrideLogicalId("example");

Argument Reference

The following arguments are supported:

• name - (Required) The name of the Microsoft SQL Server. This needs to be globally unique within Azure. Changing this forces a new resource to be created.

• resourceGroupName - (Required) The name of the resource group in which to create the Microsoft SQL Server. Changing this forces a new resource to be created.

• location - (Required) Specifies the supported Azure location where the resource exists. Changing this forces a new resource to be created.

• version - (Required) The version for the new server. Valid values are: 2.0 (for v11 server) and 12.0 (for v12 server). Changing this forces a new resource to be created.

• administratorLogin - (Required) The administrator login name for the new server. Changing this forces a new resource to be created.

• administratorLoginPassword - (Required) The password associated with the administratorLogin user. Needs to comply with Azure's Password Policy

• connectionPolicy - (Optional) The connection policy the server will use. Possible values are default, proxy, and redirect. Defaults to default.

• identity - (Optional) An identity block as defined below.

• threatDetectionPolicy - (Optional) Threat detection policy configuration. The threatDetectionPolicy block supports fields documented below.

• tags - (Optional) A mapping of tags to assign to the resource.

An identity block supports the following:

• type - (Required) Specifies the type of Managed Service Identity that should be configured on this SQL Server. The only possible value is systemAssigned.

\~> NOTE: The assigned principalId and tenantId can be retrieved after the identity type has been set to systemAssigned and the Microsoft SQL Server has been created. More details are available below.

The threatDetectionPolicy block supports the following:

• state - (Optional) The State of the Policy. Possible values are disabled, enabled and new.
• disabledAlerts - (Optional) Specifies a list of alerts which should be disabled. Possible values include accessAnomaly, dataExfiltration, sqlInjection, sqlInjectionVulnerability and unsafeAction",.
• emailAccountAdmins - (Optional) Should the account administrators be emailed when this alert is triggered?
• emailAddresses - (Optional) A list of email addresses which alerts should be sent to.
• retentionDays - (Optional) Specifies the number of days to keep in the Threat Detection audit logs.
• storageAccountAccessKey - (Optional) Specifies the identifier key of the Threat Detection audit storage account. Required if state is enabled.
• storageEndpoint - (Optional) Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is enabled.

Attributes Reference

The following attributes are exported:

• id - The Microsoft SQL Server ID.
• fullyQualifiedDomainName - The fully qualified domain name of the Azure SQL Server (e.g. myServerName.database.windows.net)

An identity block exports the following:

• principalId - The Principal ID for the Service Principal associated with the Identity of this SQL Server.

• tenantId - The Tenant ID for the Service Principal associated with the Identity of this SQL Server.

-> You can access the Principal ID via ${azurermMssqlServerExampleIdentity0PrincipalId} and the Tenant ID via ${azurermMssqlServerExampleIdentity0TenantId}

Timeouts

The timeouts block allows you to specify timeouts for certain actions:

• create - (Defaults to 60 minutes) Used when creating the Microsoft SQL Server.
• update - (Defaults to 60 minutes) Used when updating the Microsoft SQL Server.
• read - (Defaults to 5 minutes) Used when retrieving the Microsoft SQL Server.
• delete - (Defaults to 60 minutes) Used when deleting the Microsoft SQL Server.

Import

SQL Servers can be imported using the resourceId, e.g.

terraform import azurerm_sql_server.example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/myresourcegroup/providers/Microsoft.Sql/servers/myserver