Merge pull request #1 from AnkitToTheNew/ankit

Ankit

.gitignore

@@ -0,0 +1,7 @@
+.terraform
+.terraform.lock.hcl
+main.tf
+terraform.tfvars
+!examples/**/main.tf
+!examples/**/terraform.tfvars
+terraform.tfstate*

VERSION

@@ -0,0 +1 @@
+v7.7.1

_data.tf

@@ -0,0 +1,31 @@
+data "azurecaf_name" "sql" {
+  name          = var.stack
+  resource_type = "azurerm_mssql_server"
+  prefixes      = var.name_prefix == "" ? null : [local.name_prefix]
+  suffixes      = compact([var.client_name, var.location_short, var.environment, local.name_suffix, var.use_caf_naming ? "" : "sql"])
+  use_slug      = var.use_caf_naming
+  clean_input   = true
+  separator     = "-"
+}
+
+data "azurecaf_name" "sql_pool" {
+  name          = var.stack
+  resource_type = "azurerm_mssql_elasticpool"
+  prefixes      = var.name_prefix == "" ? null : [local.name_prefix]
+  suffixes      = compact([var.client_name, var.location_short, var.environment, local.name_suffix, var.use_caf_naming ? "" : "pool"])
+  use_slug      = var.use_caf_naming
+  clean_input   = true
+  separator     = "-"
+}
+
+data "azurecaf_name" "sql_dbs" {
+  for_each = try({ for database in var.databases : database.name => database }, {})
+
+  name          = var.stack
+  resource_type = "azurerm_mssql_database"
+  prefixes      = var.name_prefix == "" ? null : [local.name_prefix]
+  suffixes      = compact([var.client_name, var.location_short, var.environment, local.name_suffix, each.key, var.use_caf_naming ? "" : "sqldb"])
+  use_slug      = var.use_caf_naming
+  clean_input   = true
+  separator     = "-"
+}

_locals.tf

@@ -0,0 +1,68 @@
+locals {
+  vcore_tiers                 = ["GeneralPurpose", "BusinessCritical"]
+  elastic_pool_vcore_family   = try(var.elastic_pool_sku.family, "Gen5")
+  elastic_pool_vcore_sku_name = var.elastic_pool_sku != null ? format("%s_%s", var.elastic_pool_sku.tier == "GeneralPurpose" ? "GP" : "BC", local.elastic_pool_vcore_family) : null
+  elastic_pool_dtu_sku_name   = var.elastic_pool_sku != null ? format("%sPool", var.elastic_pool_sku.tier) : null
+  elastic_pool_sku = var.elastic_pool_sku != null ? {
+    name     = contains(local.vcore_tiers, var.elastic_pool_sku.tier) ? local.elastic_pool_vcore_sku_name : local.elastic_pool_dtu_sku_name
+    capacity = var.elastic_pool_sku.capacity
+    tier     = var.elastic_pool_sku.tier
+    family   = contains(local.vcore_tiers, var.elastic_pool_sku.tier) ? local.elastic_pool_vcore_family : null
+  } : null
+
+  allowed_subnets = [
+    for id in var.allowed_subnets_ids : {
+      name      = split("/", id)[10]
+      subnet_id = id
+    }
+  ]
+
+  databases_users = var.create_databases_users ? [
+    for db in var.databases : {
+      username = format("%s_user", replace(db.name, "-", "_"))
+      database = db.name
+      roles    = ["db_owner"]
+    }
+  ] : []
+
+  standard_allowed_create_mode = {
+    "a" = "Default"
+    "b" = "Copy"
+    "c" = "Secondary"
+    "d" = "PointInTimeRestore"
+    "e" = "Restore"
+    "f" = "Recovery"
+    "g" = "RestoreExternalBackup"
+    "h" = "RestoreExternalBackup"
+    "i" = "RestoreLongTermRetentionBackup"
+    "j" = "OnlineSecondary"
+  }
+
+  datawarehouse_allowed_create_mode = {
+    "a" = "Default"
+    "b" = "PointInTimeRestore"
+    "c" = "Restore"
+    "d" = "Recovery"
+    "e" = "RestoreExternalBackup"
+    "f" = "RestoreExternalBackup"
+    "g" = "OnlineSecondary"
+  }
+}
+
+
+locals {
+  # Naming locals/constants
+  name_prefix = lower(var.name_prefix)
+  name_suffix = lower(var.name_suffix)
+
+  server_name       = coalesce(var.server_custom_name, data.azurecaf_name.sql.result)
+  elastic_pool_name = coalesce(var.elastic_pool_custom_name, data.azurecaf_name.sql_pool.result)
+}
+
+
+locals {
+  default_tags = var.default_tags_enabled ? {
+    env   = var.environment
+    stack = var.stack
+  } : {}
+}

_outputs.tf

@@ -0,0 +1,99 @@
+output "sql_administrator_login" {
+  description = "SQL Administrator login"
+  value       = var.administrator_login
+  sensitive   = false
+}
+
+output "sql_administrator_password" {
+  description = "SQL Administrator password"
+  value       = var.administrator_password
+  sensitive   = false
+}
+
+output "sql_server" {
+  description = "SQL Server"
+  value       = azurerm_mssql_server.sql
+}
+
+output "sql_elastic_pool" {
+  description = "SQL Elastic Pool"
+  value       = try(azurerm_mssql_elasticpool.elastic_pool[0], null)
+}
+
+output "sql_databases" {
+  description = "SQL Databases"
+  value       = var.elastic_pool_enabled ? azurerm_mssql_database.elastic_pool_database : azurerm_mssql_database.single_database
+}
+
+output "sql_elastic_pool_id" {
+  description = "ID of the SQL Elastic Pool"
+  value       = var.elastic_pool_enabled ? azurerm_mssql_elasticpool.elastic_pool[0].id : null
+}
+
+output "sql_databases_id" {
+  description = "Map of the SQL Databases IDs"
+  value       = var.elastic_pool_enabled ? { for db in azurerm_mssql_database.elastic_pool_database : db.name => db.id } : { for db in azurerm_mssql_database.single_database : db.name => db.id }
+}
+
+output "default_administrator_databases_connection_strings" {
+  description = "Map of the SQL Databases with administrator credentials connection strings"
+  value = var.elastic_pool_enabled ? {
+    for db in azurerm_mssql_database.elastic_pool_database : db.name => formatlist(
+      "Server=tcp:%s;Database=%s;User ID=%s;Password=%s;Encrypt=true;",
+      azurerm_mssql_server.sql.fully_qualified_domain_name,
+      db.name,
+      var.administrator_login,
+      var.administrator_password
+    )
+    } : {
+    for db in azurerm_mssql_database.single_database : db.name => formatlist(
+      "Server=tcp:%s;Database=%s;User ID=%s;Password=%s;Encrypt=true;",
+      azurerm_mssql_server.sql.fully_qualified_domain_name,
+      db.name,
+      var.administrator_login,
+      var.administrator_password
+    )
+  }
+  sensitive = false
+}
+
+output "default_databases_users" {
+  description = "Map of the SQL Databases dedicated users"
+  value = {
+    for db_user in local.databases_users :
+    db_user.database => { "user_name" = db_user.username, "password" = module.databases_users[format("%s-%s", db_user.username, db_user.database)].database_user_password }
+  }
+  sensitive = false
+}
+
+output "custom_databases_users" {
+  description = "Map of the custom SQL Databases users"
+  value = {
+    for custom_user in var.custom_users :
+    custom_user.database => { "user_name" = custom_user.name, "password" = module.custom_users[format("%s-%s", custom_user.name, custom_user.database)].database_user_password }...
+  }
+  sensitive = false
+}
+
+output "custom_databases_users_roles" {
+  description = "Map of the custom SQL Databases users roles"
+  value = {
+    for custom_user in var.custom_users :
+    join("-", [custom_user.name, custom_user.database]) => module.custom_users[join("-", [custom_user.name, custom_user.database])].database_user_roles
+  }
+}
+
+output "identity" {
+  description = "Identity block with principal ID and tenant ID used for this SQL Server"
+  value       = try(azurerm_mssql_server.sql.identity[0], null)
+}
+
+output "security_alert_policy_id" {
+  description = "ID of the MS SQL Server Security Alert Policy"
+  value       = try(azurerm_mssql_server_security_alert_policy.sql_server["enabled"].id, null)
+}
+
+output "vulnerability_assessment_id" {
+  description = "ID of the MS SQL Server Vulnerability Assessment"
+  value       = try(azurerm_mssql_server_vulnerability_assessment.sql_server["enabled"].id, null)
+}

_variables-logs.tf

@@ -0,0 +1,28 @@
+# Diag settings / logs parameters
+
+variable "logs_destinations_ids" {
+  type        = list(string)
+  description = <<EOD
+List of destination resources IDs for logs diagnostic destination.
+Can be `Storage Account`, `Log Analytics Workspace` and `Event Hub`. No more than one of each can be set.
+If you want to specify an Azure EventHub to send logs and metrics to, you need to provide a formated string with both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the `|` character.
+EOD
+}
+
+variable "logs_categories" {
+  type        = list(string)
+  description = "Log categories to send to destinations."
+  default     = null
+}
+
+variable "logs_metrics_categories" {
+  type        = list(string)
+  description = "Metrics categories to send to destinations."
+  default     = null
+}
+
+variable "custom_diagnostic_settings_name" {
+  description = "Custom name of the diagnostics settings, name will be 'default' if not set."
+  type        = string
+  default     = "default"
+}

_variables-naming.tf

@@ -0,0 +1,37 @@
+# Generic naming variables
+variable "name_prefix" {
+  description = "Optional prefix for the generated name"
+  type        = string
+  default     = ""
+}
+
+variable "name_suffix" {
+  description = "Optional suffix for the generated name"
+  type        = string
+  default     = ""
+}
+
+variable "use_caf_naming" {
+  description = "Use the Azure CAF naming provider to generate default resource name. `server_custom_name` and `elastic_pool_custom_name` override this if set. Legacy default name is used if this is set to `false`."
+  type        = bool
+  default     = true
+}
+
+# Custom naming override
+variable "server_custom_name" {
+  description = "Name of the SQL Server, generated if not set."
+  type        = string
+  default     = ""
+}
+
+variable "elastic_pool_custom_name" {
+  description = "Name of the SQL Elastic Pool, generated if not set."
+  type        = string
+  default     = ""
+}
+
+variable "use_caf_naming_for_databases" {
+  description = "Use the Azure CAF naming provider to generate databases names."
+  type        = bool
+  default     = false
+}

_variables-tags.tf

@@ -0,0 +1,23 @@
+variable "default_tags_enabled" {
+  description = "Option to enable or disable default tags"
+  type        = bool
+  default     = true
+}
+
+variable "extra_tags" {
+  description = "Extra tags to add"
+  type        = map(string)
+  default     = {}
+}
+
+variable "server_extra_tags" {
+  description = "Extra tags to add on SQL Server or ElasticPool"
+  type        = map(string)
+  default     = {}
+}
+
+variable "elastic_pool_extra_tags" {
+  description = "Extra tags to add on ElasticPool"
+  type        = map(string)
+  default     = {}
+}