Note
This repository is publicly accessible as part of our open-source initiative. We welcome contributions from the community alongside our organization's primary development efforts.
This example demonstrates the usage of this Terraform module with default settings.
resource "azurerm_resource_group" "example" {
name = "rg-example-dev-euw-01"
location = "westeurope"
}
resource "azurerm_virtual_network" "example" {
name = "vnet-example-dev-euw-01"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
address_space = ["10.0.0.0/16"]
}
resource "azurerm_subnet" "example" {
name = "snet-example-dev-euw-01"
resource_group_name = azurerm_resource_group.example.name
address_prefixes = ["10.0.2.0/24"]
virtual_network_name = azurerm_virtual_network.example.name
}
resource "azurerm_recovery_services_vault" "example" {
name = "rsv-example-dev-euw-01"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
sku = "Standard"
soft_delete_enabled = false
storage_mode_type = "GeoRedundant"
}
resource "azurerm_backup_policy_vm" "example" {
name = "bkpvm-example-dev-euw-01"
resource_group_name = azurerm_resource_group.example.name
policy_type = "V2"
recovery_vault_name = azurerm_recovery_services_vault.example.name
timezone = "UTC"
backup {
frequency = "Daily"
time = "23:00"
}
retention_daily {
count = 30
}
}
data "azurerm_client_config" "current" {}
resource "azurerm_key_vault" "example" {
name = "kv-example-dev-euw-01"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
purge_protection_enabled = false
sku_name = "standard"
tenant_id = data.azurerm_client_config.current.tenant_id
access_policy {
tenant_id = data.azurerm_client_config.current.tenant_id
object_id = data.azurerm_client_config.current.object_id
secret_permissions = ["Backup", "Delete", "Get", "List", "Purge", "Recover", "Restore", "Set"]
}
}
module "example" {
source = "cloudeteer/mssql-vm/azurerm"
name = "vm-example-dev-euw-01"
location = azurerm_resource_group.example.location
resource_group_name = azurerm_resource_group.example.name
backup_policy_id = azurerm_backup_policy_vm.example.id
key_vault_id = azurerm_key_vault.example.id
subnet_id = azurerm_subnet.example.id
computer_name = "example"
}The following providers are used by this module:
The following Modules are called:
Source: cloudeteer/vm/azurerm
Version: 0.0.20
The following resources are used by this module:
- azurerm_mssql_virtual_machine.this (resource)
- time_sleep.wait_60_seconds (resource)
The following input variables are optional (have default values):
Description: Password to use for the local administrator on this virtual machine. If not set, a password will be generated and stored in the Key Vault specified by key_vault_id.
Type: string
Default: null
Description: Username of the local administrator for the virtual machine.
Type: string
Default: "azureadmin"
Description: Should Extension Operations be allowed on this Virtual Machine?
Type: bool
Default: true
Description: A boolean flag to specify whether encryption is enabled for backups.
Type: bool
Default: false
Description: The password used to encrypt backups if encryption is enabled. Must be specified when encryption is enabled.
Type: string
Default: ""
Description: Frequency of full backups. Possible values: 'Daily', 'Weekly'.
Type: string
Default: "Weekly"
Description: The hour of the day to start full backups, in 24-hour format (0-23).
Type: number
Default: null
Description: The number of hours the full backup operation can run.
Type: number
Default: null
Description: Frequency of log backups, in minutes. Valid values are from 5 to 60.
Type: number
Default: 5
Description: The number of days to retain backups for the SQL virtual machine.
Type: number
Default: null
Description: The access key for the storage account to store SQL Server backups.
Type: string
Default: null
Description: The storage blob endpoint for the backup of the SQL virtual machine.
Type: string
Default: null
Description: A boolean flag to specify whether system databases are included in the backup.
Type: bool
Default: false
Description: The day of the week for auto patching. Possible values: 'Sunday', 'Monday', etc.
Type: string
Default: null
Description: The duration of the maintenance window in minutes for auto patching.
Type: number
Default: null
Description: The starting hour (0-23) of the maintenance window for auto patching.
Type: number
Default: null
Description: The ID of the backup policy to use.
Type: string
Default: null
Description: Specifies whether to skip platform scheduled patching when a user schedule is associated with the VM.
NOTE: Can only be set to true when patch_mode is set to AutomaticByPlatform.
Type: bool
Default: true
Description: Specifies the hostname to use for this virtual machine. If unspecified, it defaults to name.
Type: string
Default: null
Description: If set to true a Azure public IP address will be created and assigned to the default network interface.
Type: bool
Default: false
Description: A list of days on which backup can take place. Possible values are Monday, Tuesday, Wednesday, Thursday, Friday, Saturday and Sunday
Type: string
Default: null
Description: A boolean flag to enable or disable automatic backups for SQL backups.
Type: bool
Default: false
Description: A boolean flag to enable or disable auto patching.
Type: bool
Default: false
Description: Specifies whether Automatic Updates are enabled for Windows Virtual Machines. This feature is not supported on Linux Virtual Machines.
Type: bool
Default: true
Description: Enable (true) or disable (false) a backup protected VM.
Type: bool
Default: true
Description: A boolean flag to enable or disable the SQL instance configuration.
Type: bool
Default: true
Description: Should all of the disks (including the temp disk) attached to this Virtual Machine be encrypted by enabling Encryption at Host?
NOTE: Requires Microsoft.Compute/EncryptionAtHost to be enabled at the subscription level.
Type: bool
Default: true
Description: List of extensions to enable.
Possible values:
NetworkWatcherAgentAzureMonitorAgentAzurePolicyAntiMalware
Type: list(string)
Default:
[
"NetworkWatcherAgent",
"AzureMonitorAgent",
"AzurePolicy",
"AntiMalware"
]Description: Should the Windows VM be patched without requiring a reboot? more infos
NOTE: Hotpatching can only be enabled if the patch_mode is set to AutomaticByPlatform, the provision_vm_agent is set to true, your source_image_reference references a hotpatching enabled image, and the VM's size is set to a Azure generation 2 VM.
CAUTION: The setting bypass_platform_safety_checks_on_user_schedule_enabled is set to true by default. To enable hotpatching, change it to false.
Type: bool
Default: false
Description: The Azure managed identity to assign to the virtual machine.
Optional parameters:
| Parameter | Description |
|---|---|
type |
Specifies the type of Managed Service Identity that should be configured on this Windows Virtual Machine. Possible values are SystemAssigned, UserAssigned, or SystemAssigned, UserAssigned (to enable both). |
identity_ids |
Specifies a list of User Assigned Managed Identity IDs to be assigned to this Windows Virtual Machine. |
Type:
object({
type = optional(string)
identity_ids = optional(list(string))
})Default: null
Description: The URN or URN alias of the operating system image. Valid URN format is Publisher:Offer:SKU:Version. Use az vm image list to list possible URN values.
Valid URN aliases are:
Win2022DatacenterWin2022AzureEditionCoreWin2019DatacenterWin2016DatacenterWin2012R2DatacenterWin2012Datacenter
Alternative SQL Images:
MicrosoftSQLServer:sql2022-sles15:enterprise-gen2:latestMicrosoftSQLServer:sql2022-sles15:sqldev-gen2:latestMicrosoftSQLServer:sql2022-sles15:standard-gen2:latestMicrosoftSQLServer:sql2022-sles15:web-gen2:latestMicrosoftSQLServer:sql2022-ws2022:enterprise-gen2:latestMicrosoftSQLServer:sql2022-ws2022:sqldev-gen2:latestMicrosoftSQLServer:sql2022-ws2022:standard-gen2:latestMicrosoftSQLServer:sql2022-ws2022:web-gen2:latest
Type: string
Default: "MicrosoftSQLServer:sql2022-ws2022:standard-gen2:latest"
Description: Key Vault ID to store the generated admin password. Required when admin_password is not set.
Type: string
Default: null
Description: The Azure location where the virtual machine should reside.
Type: string
Default: null
Description: Maximum server memory as a percentage of the total memory. Used if max_server_memory_mb is not provided.
Type: number
Default: 80
Description: The name of the virtual machine. Changing this forces a new resource to be created.
Type: string
Default: null
Description: Operating system disk parameters.
Optional parameters:
| Parameter | Description |
|---|---|
caching |
The Type of Caching which should be used for the Internal OS Disk. Possible values are None, ReadOnly and ReadWrite. |
disk_encryption_set_id |
The ID of the Disk Encryption Set which should be used to Encrypt this OS Disk. Conflicts with secure_vm_disk_encryption_set_id. |
| NOTE: The Disk Encryption Set must have the Reader Role Assignment scoped on the Key Vault - in addition to an Access Policy to the Key Vault. | |
disk_size_gb |
The Size of the Internal OS Disk in GB, if you wish to vary from the size used in the image this Virtual Machine is sourced from. |
| NOTE: If specified this must be equal to or larger than the size of the Image the Virtual Machine is based on. When creating a larger disk than exists in the image you'll need to repartition the disk to use the remaining space. | |
name |
The name which should be used for the Internal OS Disk. Default is name prefixed with osdisk-. |
security_encryption_type |
Encryption Type when the Virtual Machine is a Confidential VM. Possible values are VMGuestStateOnly and DiskWithVMGuestState. |
NOTE: vtpm_enabled must be set to true when security_encryption_type is specified. |
|
NOTE: encryption_at_host_enabled cannot be set to true when security_encryption_type is set to DiskWithVMGuestState. |
|
secure_vm_disk_encryption_set_id |
The ID of the Disk Encryption Set which should be used to Encrypt this OS Disk when the Virtual Machine is a Confidential VM. Conflicts with disk_encryption_set_id. |
NOTE: secure_vm_disk_encryption_set_id can only be specified when security_encryption_type is set to DiskWithVMGuestState. |
|
storage_account_type |
The Type of Storage Account which should back this the Internal OS Disk. Possible values are Standard_LRS, StandardSSD_LRS, Premium_LRS, StandardSSD_ZRS and Premium_ZRS. |
write_accelerator_enabled |
Should Write Accelerator be Enabled for this OS Disk? Defaults to false. |
NOTE: This requires that the storage_account_type is set to Premium_LRS and that caching is set to None. |
Type:
object({
caching = optional(string, "ReadWrite")
disk_size_gb = optional(string)
name = optional(string)
storage_account_type = optional(string, "Premium_LRS")
disk_encryption_set_id = optional(string)
write_accelerator_enabled = optional(bool, false)
secure_vm_disk_encryption_set_id = optional(string)
security_encryption_type = optional(string)
})Default:
{
"caching": "ReadWrite",
"storage_account_type": "Premium_LRS",
"write_accelerator_enabled": false
}Description: Specifies the mode of VM Guest Patching for the Virtual Machine. Possible values are AutomaticByPlatform or ImageDefault.
NOTE: If the patch_assessment_mode is set to AutomaticByPlatform then the provision_vm_agent field must be set to true.
Possible values:
AutomaticByPlatformImageDefault
Type: string
Default: "AutomaticByPlatform"
Description: Specifies the mode of in-guest patching to this Windows Virtual Machine. For more information on patch modes please see the product documentation.
NOTE: If patch_mode is set to AutomaticByPlatform then provision_vm_agent must also be set to true. If the Virtual Machine is using a hotpatching enabled image the patch_mode must always be set to AutomaticByPlatform.
Possible values:
AutomaticByOSAutomaticByPlatformManual
Type: string
Default: "AutomaticByPlatform"
Description: The static IP address to use. If not set (default), a dynamic IP address is assigned.
Type: string
Default: null
Description: Enable or disable R services for the MSSQL virtual machine.
Type: bool
Default: null
Description: The name of the resource group to deploy the MSSQL server. This should match the resource group used in the Virtual Machine module to ensure all related resources are managed within the same group.
Type: string
Default: null
Description: Specifies whether secure boot should be enabled on the virtual machine.
Type: bool
Default: true
Description: The SKU to use for this virtual machine.
Common sizes:
Standard_B2sStandard_B2msStandard_D2s_v5Standard_D4s_v5Standard_DC2s_v2Standard_DS1_v2Standard_DS2_v2Standard_E4s_v5Standard_E4bds_v5Standard_F2s_v2Standard_F4s_v2
Type: string
Default: "Standard_DS1_v2"
Description: The port number for SQL Server connectivity.
Type: number
Default: null
Description: The SQL connectivity type. Possible values are 'LOCAL', 'PRIVATE', and 'PUBLIC'.
Type: string
Default: null
Description: Specifies if the SQL Server is optimized for adhoc workloads. Possible values are true and false. Defaults to false.
Type: bool
Default: false
Description: Collation of the SQL Server. Defaults to SQL_Latin1_General_CP1_CI_AS. Changing this forces a new resource to be created.
Type: string
Default: "SQL_Latin1_General_CP1_CI_AS"
Description: Specifies if Instant File Initialization is enabled for the SQL Server. Possible values are true and false. Defaults to false. Changing this forces a new resource to be created.
Type: bool
Default: false
Description: Specifies if Lock Pages in Memory is enabled for the SQL Server. Possible values are true and false. Defaults to false. Changing this forces a new resource to be created.
Type: bool
Default: false
Description: Maximum Degree of Parallelism of the SQL Server. Possible values are between 0 and 32767. Defaults to 0.
Type: number
Default: 0
Description: Maximum amount of memory that SQL Server Memory Manager can allocate to the SQL Server process. Possible values are between 128 and 2147483647. Defaults to 2147483647.
Type: number
Default: 128
Description: Minimum amount of memory that SQL Server Memory Manager can allocate to the SQL Server process. Possible values are between 0 and 2147483647. Defaults to 0.
Type: number
Default: 0
Description: The SQL Server license type (PAYG or AHUB).
Type: string
Default: "PAYG"
Description: # TODO
Type:
object({
disk_type = string
storage_workload_type = string
system_db_on_data_disk_enabled = optional(bool, false)
data_settings = optional(object({
default_file_path = string
luns = optional(list(number), [])
# disk settings
disk_size_gb = optional(number)
caching = optional(string, "ReadWrite")
# create_option = "Empty" ? related to disk_type ?
storage_account_type = optional(string, "Premium_LRS") # or UltraSSD_LRS
}))
log_settings = optional(object({
default_file_path = string
luns = optional(list(number), [])
# disk settings
disk_size_gb = optional(number)
caching = optional(string, "ReadWrite")
# create_option = "Empty" ? related to disk_type ?
storage_account_type = optional(string, "Premium_LRS") # or UltraSSD_LRS
}))
temp_db_settings = optional(object({
default_file_path = string
luns = optional(list(number), [])
data_file_count = optional(number, 8)
data_file_size_mb = optional(number, 256)
data_file_growth_in_mb = optional(number, 512)
log_file_size_mb = optional(number, 256)
log_file_growth_mb = optional(number, 512)
# disk settings
disk_size_gb = optional(number)
caching = optional(string, "ReadWrite")
# create_option = "Empty" ? related to disk_type ?
storage_account_type = optional(string, "Premium_LRS") # or UltraSSD_LRSÏ
}))
})Default: null
Description: If set to true, the secrets generated by this module will be stored in the Key Vault specified by key_vault_id.
Type: bool
Default: true
Description: The ID of the subnet where the virtual machine's primary network interface should be located.
Type: string
Default: null
Description: A mapping of tags which should be assigned to all resources in this module.
Type: map(string)
Default: {}
Description: A mapping of tags which should be assigned to the Virtual Machine. This map will be merged with tags.
Type: map(string)
Default: {}
Description: Specifies the Time Zone which should be used by the Virtual Machine, the possible values are defined here. Setting timezone is not supported on Linux Virtual Machines.
Type: string
Default: null
Description: Specifies if vTPM (virtual Trusted Platform Module) and Trusted Launch is enabled for the Virtual Machine.
Type: bool
Default: true
Description: Availability Zone in which this Windows Virtual Machine should be located.
Type: string
Default: null
We welcome all kinds of contributions, whether it's reporting bugs, submitting feature requests, or directly contributing to the development. Please read our Contributing Guidelines to learn how you can best contribute.
Thank you for your interest and support!
© 2024 CLOUDETEER GmbH
This project is licensed under the MIT License.