We recommend using Azure Native.
azure.mssql.Database
Explore with Pulumi AI
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleAccount = new azure.storage.Account("example", {
name: "examplesa",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleServer = new azure.mssql.Server("example", {
name: "example-sqlserver",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "4dm1n157r470r",
administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
});
const exampleDatabase = new azure.mssql.Database("example", {
name: "example-db",
serverId: exampleServer.id,
collation: "SQL_Latin1_General_CP1_CI_AS",
licenseType: "LicenseIncluded",
maxSizeGb: 4,
readScale: true,
skuName: "S0",
zoneRedundant: true,
enclaveType: "VBS",
tags: {
foo: "bar",
},
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_account = azure.storage.Account("example",
name="examplesa",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_server = azure.mssql.Server("example",
name="example-sqlserver",
resource_group_name=example.name,
location=example.location,
version="12.0",
administrator_login="4dm1n157r470r",
administrator_login_password="4-v3ry-53cr37-p455w0rd")
example_database = azure.mssql.Database("example",
name="example-db",
server_id=example_server.id,
collation="SQL_Latin1_General_CP1_CI_AS",
license_type="LicenseIncluded",
max_size_gb=4,
read_scale=True,
sku_name="S0",
zone_redundant=True,
enclave_type="VBS",
tags={
"foo": "bar",
})
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("examplesa"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
Name: pulumi.String("example-sqlserver"),
ResourceGroupName: example.Name,
Location: example.Location,
Version: pulumi.String("12.0"),
AdministratorLogin: pulumi.String("4dm1n157r470r"),
AdministratorLoginPassword: pulumi.String("4-v3ry-53cr37-p455w0rd"),
})
if err != nil {
return err
}
_, err = mssql.NewDatabase(ctx, "example", &mssql.DatabaseArgs{
Name: pulumi.String("example-db"),
ServerId: exampleServer.ID(),
Collation: pulumi.String("SQL_Latin1_General_CP1_CI_AS"),
LicenseType: pulumi.String("LicenseIncluded"),
MaxSizeGb: pulumi.Int(4),
ReadScale: pulumi.Bool(true),
SkuName: pulumi.String("S0"),
ZoneRedundant: pulumi.Bool(true),
EnclaveType: pulumi.String("VBS"),
Tags: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "examplesa",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleServer = new Azure.MSSql.Server("example", new()
{
Name = "example-sqlserver",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "4dm1n157r470r",
AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
});
var exampleDatabase = new Azure.MSSql.Database("example", new()
{
Name = "example-db",
ServerId = exampleServer.Id,
Collation = "SQL_Latin1_General_CP1_CI_AS",
LicenseType = "LicenseIncluded",
MaxSizeGb = 4,
ReadScale = true,
SkuName = "S0",
ZoneRedundant = true,
EnclaveType = "VBS",
Tags =
{
{ "foo", "bar" },
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.mssql.Server;
import com.pulumi.azure.mssql.ServerArgs;
import com.pulumi.azure.mssql.Database;
import com.pulumi.azure.mssql.DatabaseArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("examplesa")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleServer = new Server("exampleServer", ServerArgs.builder()
.name("example-sqlserver")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("4dm1n157r470r")
.administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
.build());
var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()
.name("example-db")
.serverId(exampleServer.id())
.collation("SQL_Latin1_General_CP1_CI_AS")
.licenseType("LicenseIncluded")
.maxSizeGb(4)
.readScale(true)
.skuName("S0")
.zoneRedundant(true)
.enclaveType("VBS")
.tags(Map.of("foo", "bar"))
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: examplesa
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: example-sqlserver
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: 4dm1n157r470r
administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
exampleDatabase:
type: azure:mssql:Database
name: example
properties:
name: example-db
serverId: ${exampleServer.id}
collation: SQL_Latin1_General_CP1_CI_AS
licenseType: LicenseIncluded
maxSizeGb: 4
readScale: true
skuName: S0
zoneRedundant: true
enclaveType: VBS
tags:
foo: bar
Transparent Data Encryption(TDE) With A Customer Managed Key(CMK) During Create
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";
const example = new azure.core.ResourceGroup("example", {
name: "example-resources",
location: "West Europe",
});
const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
name: "example-admin",
location: example.location,
resourceGroupName: example.name,
});
const exampleAccount = new azure.storage.Account("example", {
name: "examplesa",
resourceGroupName: example.name,
location: example.location,
accountTier: "Standard",
accountReplicationType: "LRS",
});
const exampleServer = new azure.mssql.Server("example", {
name: "example-sqlserver",
resourceGroupName: example.name,
location: example.location,
version: "12.0",
administratorLogin: "4dm1n157r470r",
administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
});
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
const exampleKeyVault = new azure.keyvault.KeyVault("example", {
name: "mssqltdeexample",
location: example.location,
resourceGroupName: example.name,
enabledForDiskEncryption: true,
tenantId: exampleUserAssignedIdentity.tenantId,
softDeleteRetentionDays: 7,
purgeProtectionEnabled: true,
skuName: "standard",
accessPolicies: [
{
tenantId: current.tenantId,
objectId: current.objectId,
keyPermissions: [
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
],
},
{
tenantId: exampleUserAssignedIdentity.tenantId,
objectId: exampleUserAssignedIdentity.principalId,
keyPermissions: [
"Get",
"WrapKey",
"UnwrapKey",
],
},
],
});
const exampleKey = new azure.keyvault.Key("example", {
name: "example-key",
keyVaultId: exampleKeyVault.id,
keyType: "RSA",
keySize: 2048,
keyOpts: [
"unwrapKey",
"wrapKey",
],
}, {
dependsOn: [exampleKeyVault],
});
const exampleDatabase = new azure.mssql.Database("example", {
name: "example-db",
serverId: exampleServer.id,
collation: "SQL_Latin1_General_CP1_CI_AS",
licenseType: "LicenseIncluded",
maxSizeGb: 4,
readScale: true,
skuName: "S0",
zoneRedundant: true,
enclaveType: "VBS",
tags: {
foo: "bar",
},
identity: {
type: "UserAssigned",
identityIds: [exampleUserAssignedIdentity.id],
},
transparentDataEncryptionKeyVaultKeyId: exampleKey.id,
});
import pulumi
import pulumi_azure as azure
example = azure.core.ResourceGroup("example",
name="example-resources",
location="West Europe")
example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
name="example-admin",
location=example.location,
resource_group_name=example.name)
example_account = azure.storage.Account("example",
name="examplesa",
resource_group_name=example.name,
location=example.location,
account_tier="Standard",
account_replication_type="LRS")
example_server = azure.mssql.Server("example",
name="example-sqlserver",
resource_group_name=example.name,
location=example.location,
version="12.0",
administrator_login="4dm1n157r470r",
administrator_login_password="4-v3ry-53cr37-p455w0rd")
# Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
example_key_vault = azure.keyvault.KeyVault("example",
name="mssqltdeexample",
location=example.location,
resource_group_name=example.name,
enabled_for_disk_encryption=True,
tenant_id=example_user_assigned_identity.tenant_id,
soft_delete_retention_days=7,
purge_protection_enabled=True,
sku_name="standard",
access_policies=[
azure.keyvault.KeyVaultAccessPolicyArgs(
tenant_id=current["tenantId"],
object_id=current["objectId"],
key_permissions=[
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
],
),
azure.keyvault.KeyVaultAccessPolicyArgs(
tenant_id=example_user_assigned_identity.tenant_id,
object_id=example_user_assigned_identity.principal_id,
key_permissions=[
"Get",
"WrapKey",
"UnwrapKey",
],
),
])
example_key = azure.keyvault.Key("example",
name="example-key",
key_vault_id=example_key_vault.id,
key_type="RSA",
key_size=2048,
key_opts=[
"unwrapKey",
"wrapKey",
],
opts=pulumi.ResourceOptions(depends_on=[example_key_vault]))
example_database = azure.mssql.Database("example",
name="example-db",
server_id=example_server.id,
collation="SQL_Latin1_General_CP1_CI_AS",
license_type="LicenseIncluded",
max_size_gb=4,
read_scale=True,
sku_name="S0",
zone_redundant=True,
enclave_type="VBS",
tags={
"foo": "bar",
},
identity=azure.mssql.DatabaseIdentityArgs(
type="UserAssigned",
identity_ids=[example_user_assigned_identity.id],
),
transparent_data_encryption_key_vault_key_id=example_key.id)
package main
import (
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
Name: pulumi.String("example-resources"),
Location: pulumi.String("West Europe"),
})
if err != nil {
return err
}
exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
Name: pulumi.String("example-admin"),
Location: example.Location,
ResourceGroupName: example.Name,
})
if err != nil {
return err
}
_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
Name: pulumi.String("examplesa"),
ResourceGroupName: example.Name,
Location: example.Location,
AccountTier: pulumi.String("Standard"),
AccountReplicationType: pulumi.String("LRS"),
})
if err != nil {
return err
}
exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
Name: pulumi.String("example-sqlserver"),
ResourceGroupName: example.Name,
Location: example.Location,
Version: pulumi.String("12.0"),
AdministratorLogin: pulumi.String("4dm1n157r470r"),
AdministratorLoginPassword: pulumi.String("4-v3ry-53cr37-p455w0rd"),
})
if err != nil {
return err
}
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
Name: pulumi.String("mssqltdeexample"),
Location: example.Location,
ResourceGroupName: example.Name,
EnabledForDiskEncryption: pulumi.Bool(true),
TenantId: exampleUserAssignedIdentity.TenantId,
SoftDeleteRetentionDays: pulumi.Int(7),
PurgeProtectionEnabled: pulumi.Bool(true),
SkuName: pulumi.String("standard"),
AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: pulumi.Any(current.TenantId),
ObjectId: pulumi.Any(current.ObjectId),
KeyPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("List"),
pulumi.String("Create"),
pulumi.String("Delete"),
pulumi.String("Update"),
pulumi.String("Recover"),
pulumi.String("Purge"),
pulumi.String("GetRotationPolicy"),
},
},
&keyvault.KeyVaultAccessPolicyArgs{
TenantId: exampleUserAssignedIdentity.TenantId,
ObjectId: exampleUserAssignedIdentity.PrincipalId,
KeyPermissions: pulumi.StringArray{
pulumi.String("Get"),
pulumi.String("WrapKey"),
pulumi.String("UnwrapKey"),
},
},
},
})
if err != nil {
return err
}
exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
Name: pulumi.String("example-key"),
KeyVaultId: exampleKeyVault.ID(),
KeyType: pulumi.String("RSA"),
KeySize: pulumi.Int(2048),
KeyOpts: pulumi.StringArray{
pulumi.String("unwrapKey"),
pulumi.String("wrapKey"),
},
}, pulumi.DependsOn([]pulumi.Resource{
exampleKeyVault,
}))
if err != nil {
return err
}
_, err = mssql.NewDatabase(ctx, "example", &mssql.DatabaseArgs{
Name: pulumi.String("example-db"),
ServerId: exampleServer.ID(),
Collation: pulumi.String("SQL_Latin1_General_CP1_CI_AS"),
LicenseType: pulumi.String("LicenseIncluded"),
MaxSizeGb: pulumi.Int(4),
ReadScale: pulumi.Bool(true),
SkuName: pulumi.String("S0"),
ZoneRedundant: pulumi.Bool(true),
EnclaveType: pulumi.String("VBS"),
Tags: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
Identity: &mssql.DatabaseIdentityArgs{
Type: pulumi.String("UserAssigned"),
IdentityIds: pulumi.StringArray{
exampleUserAssignedIdentity.ID(),
},
},
TransparentDataEncryptionKeyVaultKeyId: exampleKey.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Azure = Pulumi.Azure;
return await Deployment.RunAsync(() =>
{
var example = new Azure.Core.ResourceGroup("example", new()
{
Name = "example-resources",
Location = "West Europe",
});
var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
{
Name = "example-admin",
Location = example.Location,
ResourceGroupName = example.Name,
});
var exampleAccount = new Azure.Storage.Account("example", new()
{
Name = "examplesa",
ResourceGroupName = example.Name,
Location = example.Location,
AccountTier = "Standard",
AccountReplicationType = "LRS",
});
var exampleServer = new Azure.MSSql.Server("example", new()
{
Name = "example-sqlserver",
ResourceGroupName = example.Name,
Location = example.Location,
Version = "12.0",
AdministratorLogin = "4dm1n157r470r",
AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
});
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
{
Name = "mssqltdeexample",
Location = example.Location,
ResourceGroupName = example.Name,
EnabledForDiskEncryption = true,
TenantId = exampleUserAssignedIdentity.TenantId,
SoftDeleteRetentionDays = 7,
PurgeProtectionEnabled = true,
SkuName = "standard",
AccessPolicies = new[]
{
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = current.TenantId,
ObjectId = current.ObjectId,
KeyPermissions = new[]
{
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy",
},
},
new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
{
TenantId = exampleUserAssignedIdentity.TenantId,
ObjectId = exampleUserAssignedIdentity.PrincipalId,
KeyPermissions = new[]
{
"Get",
"WrapKey",
"UnwrapKey",
},
},
},
});
var exampleKey = new Azure.KeyVault.Key("example", new()
{
Name = "example-key",
KeyVaultId = exampleKeyVault.Id,
KeyType = "RSA",
KeySize = 2048,
KeyOpts = new[]
{
"unwrapKey",
"wrapKey",
},
}, new CustomResourceOptions
{
DependsOn =
{
exampleKeyVault,
},
});
var exampleDatabase = new Azure.MSSql.Database("example", new()
{
Name = "example-db",
ServerId = exampleServer.Id,
Collation = "SQL_Latin1_General_CP1_CI_AS",
LicenseType = "LicenseIncluded",
MaxSizeGb = 4,
ReadScale = true,
SkuName = "S0",
ZoneRedundant = true,
EnclaveType = "VBS",
Tags =
{
{ "foo", "bar" },
},
Identity = new Azure.MSSql.Inputs.DatabaseIdentityArgs
{
Type = "UserAssigned",
IdentityIds = new[]
{
exampleUserAssignedIdentity.Id,
},
},
TransparentDataEncryptionKeyVaultKeyId = exampleKey.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.authorization.UserAssignedIdentity;
import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
import com.pulumi.azure.storage.Account;
import com.pulumi.azure.storage.AccountArgs;
import com.pulumi.azure.mssql.Server;
import com.pulumi.azure.mssql.ServerArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Key;
import com.pulumi.azure.keyvault.KeyArgs;
import com.pulumi.azure.mssql.Database;
import com.pulumi.azure.mssql.DatabaseArgs;
import com.pulumi.azure.mssql.inputs.DatabaseIdentityArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new ResourceGroup("example", ResourceGroupArgs.builder()
.name("example-resources")
.location("West Europe")
.build());
var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
.name("example-admin")
.location(example.location())
.resourceGroupName(example.name())
.build());
var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
.name("examplesa")
.resourceGroupName(example.name())
.location(example.location())
.accountTier("Standard")
.accountReplicationType("LRS")
.build());
var exampleServer = new Server("exampleServer", ServerArgs.builder()
.name("example-sqlserver")
.resourceGroupName(example.name())
.location(example.location())
.version("12.0")
.administratorLogin("4dm1n157r470r")
.administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
.build());
// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
.name("mssqltdeexample")
.location(example.location())
.resourceGroupName(example.name())
.enabledForDiskEncryption(true)
.tenantId(exampleUserAssignedIdentity.tenantId())
.softDeleteRetentionDays(7)
.purgeProtectionEnabled(true)
.skuName("standard")
.accessPolicies(
KeyVaultAccessPolicyArgs.builder()
.tenantId(current.tenantId())
.objectId(current.objectId())
.keyPermissions(
"Get",
"List",
"Create",
"Delete",
"Update",
"Recover",
"Purge",
"GetRotationPolicy")
.build(),
KeyVaultAccessPolicyArgs.builder()
.tenantId(exampleUserAssignedIdentity.tenantId())
.objectId(exampleUserAssignedIdentity.principalId())
.keyPermissions(
"Get",
"WrapKey",
"UnwrapKey")
.build())
.build());
var exampleKey = new Key("exampleKey", KeyArgs.builder()
.name("example-key")
.keyVaultId(exampleKeyVault.id())
.keyType("RSA")
.keySize(2048)
.keyOpts(
"unwrapKey",
"wrapKey")
.build(), CustomResourceOptions.builder()
.dependsOn(exampleKeyVault)
.build());
var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()
.name("example-db")
.serverId(exampleServer.id())
.collation("SQL_Latin1_General_CP1_CI_AS")
.licenseType("LicenseIncluded")
.maxSizeGb(4)
.readScale(true)
.skuName("S0")
.zoneRedundant(true)
.enclaveType("VBS")
.tags(Map.of("foo", "bar"))
.identity(DatabaseIdentityArgs.builder()
.type("UserAssigned")
.identityIds(exampleUserAssignedIdentity.id())
.build())
.transparentDataEncryptionKeyVaultKeyId(exampleKey.id())
.build());
}
}
resources:
example:
type: azure:core:ResourceGroup
properties:
name: example-resources
location: West Europe
exampleUserAssignedIdentity:
type: azure:authorization:UserAssignedIdentity
name: example
properties:
name: example-admin
location: ${example.location}
resourceGroupName: ${example.name}
exampleAccount:
type: azure:storage:Account
name: example
properties:
name: examplesa
resourceGroupName: ${example.name}
location: ${example.location}
accountTier: Standard
accountReplicationType: LRS
exampleServer:
type: azure:mssql:Server
name: example
properties:
name: example-sqlserver
resourceGroupName: ${example.name}
location: ${example.location}
version: '12.0'
administratorLogin: 4dm1n157r470r
administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
exampleDatabase:
type: azure:mssql:Database
name: example
properties:
name: example-db
serverId: ${exampleServer.id}
collation: SQL_Latin1_General_CP1_CI_AS
licenseType: LicenseIncluded
maxSizeGb: 4
readScale: true
skuName: S0
zoneRedundant: true
enclaveType: VBS
tags:
foo: bar
identity:
type: UserAssigned
identityIds:
- ${exampleUserAssignedIdentity.id}
transparentDataEncryptionKeyVaultKeyId: ${exampleKey.id}
# Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
exampleKeyVault:
type: azure:keyvault:KeyVault
name: example
properties:
name: mssqltdeexample
location: ${example.location}
resourceGroupName: ${example.name}
enabledForDiskEncryption: true
tenantId: ${exampleUserAssignedIdentity.tenantId}
softDeleteRetentionDays: 7
purgeProtectionEnabled: true
skuName: standard
accessPolicies:
- tenantId: ${current.tenantId}
objectId: ${current.objectId}
keyPermissions:
- Get
- List
- Create
- Delete
- Update
- Recover
- Purge
- GetRotationPolicy
- tenantId: ${exampleUserAssignedIdentity.tenantId}
objectId: ${exampleUserAssignedIdentity.principalId}
keyPermissions:
- Get
- WrapKey
- UnwrapKey
exampleKey:
type: azure:keyvault:Key
name: example
properties:
name: example-key
keyVaultId: ${exampleKeyVault.id}
keyType: RSA
keySize: 2048
keyOpts:
- unwrapKey
- wrapKey
options:
dependson:
- ${exampleKeyVault}
Create Database Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Database(name: string, args: DatabaseArgs, opts?: CustomResourceOptions);
@overload
def Database(resource_name: str,
args: DatabaseArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Database(resource_name: str,
opts: Optional[ResourceOptions] = None,
server_id: Optional[str] = None,
read_replica_count: Optional[int] = None,
import_: Optional[DatabaseImportArgs] = None,
creation_source_database_id: Optional[str] = None,
elastic_pool_id: Optional[str] = None,
read_scale: Optional[bool] = None,
geo_backup_enabled: Optional[bool] = None,
identity: Optional[DatabaseIdentityArgs] = None,
recover_database_id: Optional[str] = None,
ledger_enabled: Optional[bool] = None,
recovery_point_id: Optional[str] = None,
long_term_retention_policy: Optional[DatabaseLongTermRetentionPolicyArgs] = None,
maintenance_configuration_name: Optional[str] = None,
max_size_gb: Optional[int] = None,
min_capacity: Optional[float] = None,
name: Optional[str] = None,
auto_pause_delay_in_minutes: Optional[int] = None,
enclave_type: Optional[str] = None,
create_mode: Optional[str] = None,
license_type: Optional[str] = None,
restore_dropped_database_id: Optional[str] = None,
restore_long_term_retention_backup_id: Optional[str] = None,
restore_point_in_time: Optional[str] = None,
sample_name: Optional[str] = None,
secondary_type: Optional[str] = None,
collation: Optional[str] = None,
short_term_retention_policy: Optional[DatabaseShortTermRetentionPolicyArgs] = None,
sku_name: Optional[str] = None,
storage_account_type: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
threat_detection_policy: Optional[DatabaseThreatDetectionPolicyArgs] = None,
transparent_data_encryption_enabled: Optional[bool] = None,
transparent_data_encryption_key_automatic_rotation_enabled: Optional[bool] = None,
transparent_data_encryption_key_vault_key_id: Optional[str] = None,
zone_redundant: Optional[bool] = None)
func NewDatabase(ctx *Context, name string, args DatabaseArgs, opts ...ResourceOption) (*Database, error)
public Database(string name, DatabaseArgs args, CustomResourceOptions? opts = null)
public Database(String name, DatabaseArgs args)
public Database(String name, DatabaseArgs args, CustomResourceOptions options)
type: azure:mssql:Database
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DatabaseArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DatabaseArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DatabaseArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DatabaseArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DatabaseArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var exampledatabaseResourceResourceFromMssqldatabase = new Azure.MSSql.Database("exampledatabaseResourceResourceFromMssqldatabase", new()
{
ServerId = "string",
ReadReplicaCount = 0,
Import = new Azure.MSSql.Inputs.DatabaseImportArgs
{
AdministratorLogin = "string",
AdministratorLoginPassword = "string",
AuthenticationType = "string",
StorageKey = "string",
StorageKeyType = "string",
StorageUri = "string",
StorageAccountId = "string",
},
CreationSourceDatabaseId = "string",
ElasticPoolId = "string",
ReadScale = false,
GeoBackupEnabled = false,
Identity = new Azure.MSSql.Inputs.DatabaseIdentityArgs
{
IdentityIds = new[]
{
"string",
},
Type = "string",
},
RecoverDatabaseId = "string",
LedgerEnabled = false,
RecoveryPointId = "string",
LongTermRetentionPolicy = new Azure.MSSql.Inputs.DatabaseLongTermRetentionPolicyArgs
{
ImmutableBackupsEnabled = false,
MonthlyRetention = "string",
WeekOfYear = 0,
WeeklyRetention = "string",
YearlyRetention = "string",
},
MaintenanceConfigurationName = "string",
MaxSizeGb = 0,
MinCapacity = 0,
Name = "string",
AutoPauseDelayInMinutes = 0,
EnclaveType = "string",
CreateMode = "string",
LicenseType = "string",
RestoreDroppedDatabaseId = "string",
RestoreLongTermRetentionBackupId = "string",
RestorePointInTime = "string",
SampleName = "string",
SecondaryType = "string",
Collation = "string",
ShortTermRetentionPolicy = new Azure.MSSql.Inputs.DatabaseShortTermRetentionPolicyArgs
{
RetentionDays = 0,
BackupIntervalInHours = 0,
},
SkuName = "string",
StorageAccountType = "string",
Tags =
{
{ "string", "string" },
},
ThreatDetectionPolicy = new Azure.MSSql.Inputs.DatabaseThreatDetectionPolicyArgs
{
DisabledAlerts = new[]
{
"string",
},
EmailAccountAdmins = "string",
EmailAddresses = new[]
{
"string",
},
RetentionDays = 0,
State = "string",
StorageAccountAccessKey = "string",
StorageEndpoint = "string",
},
TransparentDataEncryptionEnabled = false,
TransparentDataEncryptionKeyAutomaticRotationEnabled = false,
TransparentDataEncryptionKeyVaultKeyId = "string",
ZoneRedundant = false,
});
example, err := mssql.NewDatabase(ctx, "exampledatabaseResourceResourceFromMssqldatabase", &mssql.DatabaseArgs{
ServerId: pulumi.String("string"),
ReadReplicaCount: pulumi.Int(0),
Import: &mssql.DatabaseImportArgs{
AdministratorLogin: pulumi.String("string"),
AdministratorLoginPassword: pulumi.String("string"),
AuthenticationType: pulumi.String("string"),
StorageKey: pulumi.String("string"),
StorageKeyType: pulumi.String("string"),
StorageUri: pulumi.String("string"),
StorageAccountId: pulumi.String("string"),
},
CreationSourceDatabaseId: pulumi.String("string"),
ElasticPoolId: pulumi.String("string"),
ReadScale: pulumi.Bool(false),
GeoBackupEnabled: pulumi.Bool(false),
Identity: &mssql.DatabaseIdentityArgs{
IdentityIds: pulumi.StringArray{
pulumi.String("string"),
},
Type: pulumi.String("string"),
},
RecoverDatabaseId: pulumi.String("string"),
LedgerEnabled: pulumi.Bool(false),
RecoveryPointId: pulumi.String("string"),
LongTermRetentionPolicy: &mssql.DatabaseLongTermRetentionPolicyArgs{
ImmutableBackupsEnabled: pulumi.Bool(false),
MonthlyRetention: pulumi.String("string"),
WeekOfYear: pulumi.Int(0),
WeeklyRetention: pulumi.String("string"),
YearlyRetention: pulumi.String("string"),
},
MaintenanceConfigurationName: pulumi.String("string"),
MaxSizeGb: pulumi.Int(0),
MinCapacity: pulumi.Float64(0),
Name: pulumi.String("string"),
AutoPauseDelayInMinutes: pulumi.Int(0),
EnclaveType: pulumi.String("string"),
CreateMode: pulumi.String("string"),
LicenseType: pulumi.String("string"),
RestoreDroppedDatabaseId: pulumi.String("string"),
RestoreLongTermRetentionBackupId: pulumi.String("string"),
RestorePointInTime: pulumi.String("string"),
SampleName: pulumi.String("string"),
SecondaryType: pulumi.String("string"),
Collation: pulumi.String("string"),
ShortTermRetentionPolicy: &mssql.DatabaseShortTermRetentionPolicyArgs{
RetentionDays: pulumi.Int(0),
BackupIntervalInHours: pulumi.Int(0),
},
SkuName: pulumi.String("string"),
StorageAccountType: pulumi.String("string"),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
ThreatDetectionPolicy: &mssql.DatabaseThreatDetectionPolicyArgs{
DisabledAlerts: pulumi.StringArray{
pulumi.String("string"),
},
EmailAccountAdmins: pulumi.String("string"),
EmailAddresses: pulumi.StringArray{
pulumi.String("string"),
},
RetentionDays: pulumi.Int(0),
State: pulumi.String("string"),
StorageAccountAccessKey: pulumi.String("string"),
StorageEndpoint: pulumi.String("string"),
},
TransparentDataEncryptionEnabled: pulumi.Bool(false),
TransparentDataEncryptionKeyAutomaticRotationEnabled: pulumi.Bool(false),
TransparentDataEncryptionKeyVaultKeyId: pulumi.String("string"),
ZoneRedundant: pulumi.Bool(false),
})
var exampledatabaseResourceResourceFromMssqldatabase = new Database("exampledatabaseResourceResourceFromMssqldatabase", DatabaseArgs.builder()
.serverId("string")
.readReplicaCount(0)
.import_(DatabaseImportArgs.builder()
.administratorLogin("string")
.administratorLoginPassword("string")
.authenticationType("string")
.storageKey("string")
.storageKeyType("string")
.storageUri("string")
.storageAccountId("string")
.build())
.creationSourceDatabaseId("string")
.elasticPoolId("string")
.readScale(false)
.geoBackupEnabled(false)
.identity(DatabaseIdentityArgs.builder()
.identityIds("string")
.type("string")
.build())
.recoverDatabaseId("string")
.ledgerEnabled(false)
.recoveryPointId("string")
.longTermRetentionPolicy(DatabaseLongTermRetentionPolicyArgs.builder()
.immutableBackupsEnabled(false)
.monthlyRetention("string")
.weekOfYear(0)
.weeklyRetention("string")
.yearlyRetention("string")
.build())
.maintenanceConfigurationName("string")
.maxSizeGb(0)
.minCapacity(0)
.name("string")
.autoPauseDelayInMinutes(0)
.enclaveType("string")
.createMode("string")
.licenseType("string")
.restoreDroppedDatabaseId("string")
.restoreLongTermRetentionBackupId("string")
.restorePointInTime("string")
.sampleName("string")
.secondaryType("string")
.collation("string")
.shortTermRetentionPolicy(DatabaseShortTermRetentionPolicyArgs.builder()
.retentionDays(0)
.backupIntervalInHours(0)
.build())
.skuName("string")
.storageAccountType("string")
.tags(Map.of("string", "string"))
.threatDetectionPolicy(DatabaseThreatDetectionPolicyArgs.builder()
.disabledAlerts("string")
.emailAccountAdmins("string")
.emailAddresses("string")
.retentionDays(0)
.state("string")
.storageAccountAccessKey("string")
.storageEndpoint("string")
.build())
.transparentDataEncryptionEnabled(false)
.transparentDataEncryptionKeyAutomaticRotationEnabled(false)
.transparentDataEncryptionKeyVaultKeyId("string")
.zoneRedundant(false)
.build());
exampledatabase_resource_resource_from_mssqldatabase = azure.mssql.Database("exampledatabaseResourceResourceFromMssqldatabase",
server_id="string",
read_replica_count=0,
import_=azure.mssql.DatabaseImportArgs(
administrator_login="string",
administrator_login_password="string",
authentication_type="string",
storage_key="string",
storage_key_type="string",
storage_uri="string",
storage_account_id="string",
),
creation_source_database_id="string",
elastic_pool_id="string",
read_scale=False,
geo_backup_enabled=False,
identity=azure.mssql.DatabaseIdentityArgs(
identity_ids=["string"],
type="string",
),
recover_database_id="string",
ledger_enabled=False,
recovery_point_id="string",
long_term_retention_policy=azure.mssql.DatabaseLongTermRetentionPolicyArgs(
immutable_backups_enabled=False,
monthly_retention="string",
week_of_year=0,
weekly_retention="string",
yearly_retention="string",
),
maintenance_configuration_name="string",
max_size_gb=0,
min_capacity=0,
name="string",
auto_pause_delay_in_minutes=0,
enclave_type="string",
create_mode="string",
license_type="string",
restore_dropped_database_id="string",
restore_long_term_retention_backup_id="string",
restore_point_in_time="string",
sample_name="string",
secondary_type="string",
collation="string",
short_term_retention_policy=azure.mssql.DatabaseShortTermRetentionPolicyArgs(
retention_days=0,
backup_interval_in_hours=0,
),
sku_name="string",
storage_account_type="string",
tags={
"string": "string",
},
threat_detection_policy=azure.mssql.DatabaseThreatDetectionPolicyArgs(
disabled_alerts=["string"],
email_account_admins="string",
email_addresses=["string"],
retention_days=0,
state="string",
storage_account_access_key="string",
storage_endpoint="string",
),
transparent_data_encryption_enabled=False,
transparent_data_encryption_key_automatic_rotation_enabled=False,
transparent_data_encryption_key_vault_key_id="string",
zone_redundant=False)
const exampledatabaseResourceResourceFromMssqldatabase = new azure.mssql.Database("exampledatabaseResourceResourceFromMssqldatabase", {
serverId: "string",
readReplicaCount: 0,
"import": {
administratorLogin: "string",
administratorLoginPassword: "string",
authenticationType: "string",
storageKey: "string",
storageKeyType: "string",
storageUri: "string",
storageAccountId: "string",
},
creationSourceDatabaseId: "string",
elasticPoolId: "string",
readScale: false,
geoBackupEnabled: false,
identity: {
identityIds: ["string"],
type: "string",
},
recoverDatabaseId: "string",
ledgerEnabled: false,
recoveryPointId: "string",
longTermRetentionPolicy: {
immutableBackupsEnabled: false,
monthlyRetention: "string",
weekOfYear: 0,
weeklyRetention: "string",
yearlyRetention: "string",
},
maintenanceConfigurationName: "string",
maxSizeGb: 0,
minCapacity: 0,
name: "string",
autoPauseDelayInMinutes: 0,
enclaveType: "string",
createMode: "string",
licenseType: "string",
restoreDroppedDatabaseId: "string",
restoreLongTermRetentionBackupId: "string",
restorePointInTime: "string",
sampleName: "string",
secondaryType: "string",
collation: "string",
shortTermRetentionPolicy: {
retentionDays: 0,
backupIntervalInHours: 0,
},
skuName: "string",
storageAccountType: "string",
tags: {
string: "string",
},
threatDetectionPolicy: {
disabledAlerts: ["string"],
emailAccountAdmins: "string",
emailAddresses: ["string"],
retentionDays: 0,
state: "string",
storageAccountAccessKey: "string",
storageEndpoint: "string",
},
transparentDataEncryptionEnabled: false,
transparentDataEncryptionKeyAutomaticRotationEnabled: false,
transparentDataEncryptionKeyVaultKeyId: "string",
zoneRedundant: false,
});
type: azure:mssql:Database
properties:
autoPauseDelayInMinutes: 0
collation: string
createMode: string
creationSourceDatabaseId: string
elasticPoolId: string
enclaveType: string
geoBackupEnabled: false
identity:
identityIds:
- string
type: string
import:
administratorLogin: string
administratorLoginPassword: string
authenticationType: string
storageAccountId: string
storageKey: string
storageKeyType: string
storageUri: string
ledgerEnabled: false
licenseType: string
longTermRetentionPolicy:
immutableBackupsEnabled: false
monthlyRetention: string
weekOfYear: 0
weeklyRetention: string
yearlyRetention: string
maintenanceConfigurationName: string
maxSizeGb: 0
minCapacity: 0
name: string
readReplicaCount: 0
readScale: false
recoverDatabaseId: string
recoveryPointId: string
restoreDroppedDatabaseId: string
restoreLongTermRetentionBackupId: string
restorePointInTime: string
sampleName: string
secondaryType: string
serverId: string
shortTermRetentionPolicy:
backupIntervalInHours: 0
retentionDays: 0
skuName: string
storageAccountType: string
tags:
string: string
threatDetectionPolicy:
disabledAlerts:
- string
emailAccountAdmins: string
emailAddresses:
- string
retentionDays: 0
state: string
storageAccountAccessKey: string
storageEndpoint: string
transparentDataEncryptionEnabled: false
transparentDataEncryptionKeyAutomaticRotationEnabled: false
transparentDataEncryptionKeyVaultKeyId: string
zoneRedundant: false
Database Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Database resource accepts the following input properties:
- Server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- Auto
Pause intDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - Collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- Create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - Creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- Elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- Enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- Geo
Backup boolEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- Identity
Database
Identity - An
identity
block as defined below. - Import
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - Ledger
Enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - License
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - Long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - Maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- Max
Size intGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- Min
Capacity double - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- Name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- Read
Replica intCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- Read
Scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- Recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - Recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - Restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - Restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - Restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - Sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - Secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - Short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - Sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- Storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - Transparent
Data boolEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- Transparent
Data boolEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- Zone
Redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- Server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- Auto
Pause intDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - Collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- Create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - Creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- Elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- Enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- Geo
Backup boolEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- Identity
Database
Identity Args - An
identity
block as defined below. - Import
Database
Import Args - A
import
block as documented below. Mutually exclusive withcreate_mode
. - Ledger
Enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - License
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - Long
Term DatabaseRetention Policy Long Term Retention Policy Args - A
long_term_retention_policy
block as defined below. - Maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- Max
Size intGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- Min
Capacity float64 - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- Name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- Read
Replica intCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- Read
Scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- Recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - Recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - Restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - Restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - Restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - Sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - Secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - Short
Term DatabaseRetention Policy Short Term Retention Policy Args - A
short_term_retention_policy
block as defined below. - Sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- Storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - map[string]string
- A mapping of tags to assign to the resource.
- Threat
Detection DatabasePolicy Threat Detection Policy Args - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - Transparent
Data boolEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- Transparent
Data boolEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- Zone
Redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- server
Id String The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- auto
Pause IntegerDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation String
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode String - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source StringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool StringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type String Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup BooleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity - An
identity
block as defined below. - import_
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled Boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type String - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration StringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size IntegerGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity Double - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name String
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica IntegerCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale Boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database StringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point StringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped StringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long StringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point StringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name String - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type String - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - sku
Name String Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account StringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Map<String,String>
- A mapping of tags to assign to the resource.
- threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data BooleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data BooleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant Boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- auto
Pause numberDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup booleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity - An
identity
block as defined below. - import
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size numberGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity number - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica numberCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data booleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data booleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- server_
id str The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- auto_
pause_ intdelay_ in_ minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation str
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create_
mode str - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation_
source_ strdatabase_ id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic_
pool_ strid - Specifies the ID of the elastic pool containing this database.
- enclave_
type str Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo_
backup_ boolenabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity Args - An
identity
block as defined below. - import_
Database
Import Args - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger_
enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license_
type str - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long_
term_ Databaseretention_ policy Long Term Retention Policy Args - A
long_term_retention_policy
block as defined below. - maintenance_
configuration_ strname The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max_
size_ intgb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min_
capacity float - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name str
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read_
replica_ intcount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read_
scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover_
database_ strid - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery_
point_ strid - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore_
dropped_ strdatabase_ id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore_
long_ strterm_ retention_ backup_ id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore_
point_ strin_ time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample_
name str - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary_
type str - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - short_
term_ Databaseretention_ policy Short Term Retention Policy Args - A
short_term_retention_policy
block as defined below. - sku_
name str Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage_
account_ strtype - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- threat_
detection_ Databasepolicy Threat Detection Policy Args - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent_
data_ boolencryption_ enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent_
data_ boolencryption_ key_ automatic_ rotation_ enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent_
data_ strencryption_ key_ vault_ key_ id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone_
redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- server
Id String The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- auto
Pause NumberDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation String
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode String - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source StringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool StringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type String Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup BooleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity Property Map
- An
identity
block as defined below. - import Property Map
- A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled Boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type String - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term Property MapRetention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration StringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size NumberGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity Number - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name String
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica NumberCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale Boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database StringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point StringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped StringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long StringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point StringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name String - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type String - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - short
Term Property MapRetention Policy - A
short_term_retention_policy
block as defined below. - sku
Name String Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account StringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Map<String>
- A mapping of tags to assign to the resource.
- threat
Detection Property MapPolicy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data BooleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data BooleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant Boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
Outputs
All input properties are implicitly available as output properties. Additionally, the Database resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing Database Resource
Get an existing Database resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DatabaseState, opts?: CustomResourceOptions): Database
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
auto_pause_delay_in_minutes: Optional[int] = None,
collation: Optional[str] = None,
create_mode: Optional[str] = None,
creation_source_database_id: Optional[str] = None,
elastic_pool_id: Optional[str] = None,
enclave_type: Optional[str] = None,
geo_backup_enabled: Optional[bool] = None,
identity: Optional[DatabaseIdentityArgs] = None,
import_: Optional[DatabaseImportArgs] = None,
ledger_enabled: Optional[bool] = None,
license_type: Optional[str] = None,
long_term_retention_policy: Optional[DatabaseLongTermRetentionPolicyArgs] = None,
maintenance_configuration_name: Optional[str] = None,
max_size_gb: Optional[int] = None,
min_capacity: Optional[float] = None,
name: Optional[str] = None,
read_replica_count: Optional[int] = None,
read_scale: Optional[bool] = None,
recover_database_id: Optional[str] = None,
recovery_point_id: Optional[str] = None,
restore_dropped_database_id: Optional[str] = None,
restore_long_term_retention_backup_id: Optional[str] = None,
restore_point_in_time: Optional[str] = None,
sample_name: Optional[str] = None,
secondary_type: Optional[str] = None,
server_id: Optional[str] = None,
short_term_retention_policy: Optional[DatabaseShortTermRetentionPolicyArgs] = None,
sku_name: Optional[str] = None,
storage_account_type: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
threat_detection_policy: Optional[DatabaseThreatDetectionPolicyArgs] = None,
transparent_data_encryption_enabled: Optional[bool] = None,
transparent_data_encryption_key_automatic_rotation_enabled: Optional[bool] = None,
transparent_data_encryption_key_vault_key_id: Optional[str] = None,
zone_redundant: Optional[bool] = None) -> Database
func GetDatabase(ctx *Context, name string, id IDInput, state *DatabaseState, opts ...ResourceOption) (*Database, error)
public static Database Get(string name, Input<string> id, DatabaseState? state, CustomResourceOptions? opts = null)
public static Database get(String name, Output<String> id, DatabaseState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Auto
Pause intDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - Collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- Create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - Creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- Elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- Enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- Geo
Backup boolEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- Identity
Database
Identity - An
identity
block as defined below. - Import
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - Ledger
Enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - License
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - Long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - Maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- Max
Size intGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- Min
Capacity double - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- Name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- Read
Replica intCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- Read
Scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- Recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - Recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - Restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - Restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - Restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - Sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - Secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - Server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- Short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - Sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- Storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Dictionary<string, string>
- A mapping of tags to assign to the resource.
- Threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - Transparent
Data boolEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- Transparent
Data boolEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- Zone
Redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- Auto
Pause intDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - Collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- Create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - Creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- Elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- Enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- Geo
Backup boolEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- Identity
Database
Identity Args - An
identity
block as defined below. - Import
Database
Import Args - A
import
block as documented below. Mutually exclusive withcreate_mode
. - Ledger
Enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - License
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - Long
Term DatabaseRetention Policy Long Term Retention Policy Args - A
long_term_retention_policy
block as defined below. - Maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- Max
Size intGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- Min
Capacity float64 - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- Name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- Read
Replica intCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- Read
Scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- Recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - Recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - Restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - Restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - Restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - Sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - Secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - Server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- Short
Term DatabaseRetention Policy Short Term Retention Policy Args - A
short_term_retention_policy
block as defined below. - Sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- Storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - map[string]string
- A mapping of tags to assign to the resource.
- Threat
Detection DatabasePolicy Threat Detection Policy Args - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - Transparent
Data boolEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- Transparent
Data boolEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- Transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- Zone
Redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- auto
Pause IntegerDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation String
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode String - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source StringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool StringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type String Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup BooleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity - An
identity
block as defined below. - import_
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled Boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type String - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration StringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size IntegerGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity Double - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name String
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica IntegerCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale Boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database StringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point StringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped StringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long StringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point StringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name String - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type String - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - server
Id String The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - sku
Name String Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account StringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Map<String,String>
- A mapping of tags to assign to the resource.
- threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data BooleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data BooleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant Boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- auto
Pause numberDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation string
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode string - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source stringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool stringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type string Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup booleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity - An
identity
block as defined below. - import
Database
Import - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type string - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term DatabaseRetention Policy Long Term Retention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration stringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size numberGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity number - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name string
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica numberCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database stringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point stringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped stringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long stringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point stringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name string - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type string - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - server
Id string The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- short
Term DatabaseRetention Policy Short Term Retention Policy - A
short_term_retention_policy
block as defined below. - sku
Name string Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account stringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - {[key: string]: string}
- A mapping of tags to assign to the resource.
- threat
Detection DatabasePolicy Threat Detection Policy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data booleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data booleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data stringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- auto_
pause_ intdelay_ in_ minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation str
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create_
mode str - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation_
source_ strdatabase_ id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic_
pool_ strid - Specifies the ID of the elastic pool containing this database.
- enclave_
type str Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo_
backup_ boolenabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity
Database
Identity Args - An
identity
block as defined below. - import_
Database
Import Args - A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger_
enabled bool - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license_
type str - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long_
term_ Databaseretention_ policy Long Term Retention Policy Args - A
long_term_retention_policy
block as defined below. - maintenance_
configuration_ strname The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max_
size_ intgb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min_
capacity float - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name str
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read_
replica_ intcount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read_
scale bool - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover_
database_ strid - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery_
point_ strid - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore_
dropped_ strdatabase_ id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore_
long_ strterm_ retention_ backup_ id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore_
point_ strin_ time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample_
name str - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary_
type str - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - server_
id str The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- short_
term_ Databaseretention_ policy Short Term Retention Policy Args - A
short_term_retention_policy
block as defined below. - sku_
name str Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage_
account_ strtype - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Mapping[str, str]
- A mapping of tags to assign to the resource.
- threat_
detection_ Databasepolicy Threat Detection Policy Args - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent_
data_ boolencryption_ enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent_
data_ boolencryption_ key_ automatic_ rotation_ enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent_
data_ strencryption_ key_ vault_ key_ id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone_
redundant bool - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
- auto
Pause NumberDelay In Minutes - Time in minutes after which database is automatically paused. A value of
-1
means that automatic pause is disabled. This property is only settable for Serverless databases. - collation String
- Specifies the collation of the database. Changing this forces a new resource to be created.
- create
Mode String - The create mode of the database. Possible values are
Copy
,Default
,OnlineSecondary
,PointInTimeRestore
,Recovery
,Restore
,RestoreExternalBackup
,RestoreExternalBackupSecondary
,RestoreLongTermRetentionBackup
andSecondary
. Mutually exclusive withimport
. Changing this forces a new resource to be created. Defaults toDefault
. - creation
Source StringDatabase Id The ID of the source database from which to create the new database. This should only be used for databases with
create_mode
values that use another database as reference. Changing this forces a new resource to be created.NOTE: When configuring a secondary database, please be aware of the constraints for the
sku_name
property, as noted below, for both the primary and secondary databases. Thesku_name
of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.- elastic
Pool StringId - Specifies the ID of the elastic pool containing this database.
- enclave
Type String Specifies the type of enclave to be used by the elastic pool. When
enclave_type
is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifyingDefault
orVBS
) removing theenclave_type
field from the configuration file will force the creation of a new resource.-> Possible values areDefault
orVBS
.NOTE:
enclave_type
is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.NOTE: Geo Replicated and Failover databases must have the same
enclave_type
.NOTE: The default value for the
enclave_type
field is unset notDefault
.- geo
Backup BooleanEnabled A boolean that specifies if the Geo Backup Policy is enabled. Defaults to
true
.NOTE:
geo_backup_enabled
is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.- identity Property Map
- An
identity
block as defined below. - import Property Map
- A
import
block as documented below. Mutually exclusive withcreate_mode
. - ledger
Enabled Boolean - A boolean that specifies if this is a ledger database. Defaults to
false
. Changing this forces a new resource to be created. - license
Type String - Specifies the license type applied to this database. Possible values are
LicenseIncluded
andBasePrice
. - long
Term Property MapRetention Policy - A
long_term_retention_policy
block as defined below. - maintenance
Configuration StringName The name of the Public Maintenance Configuration window to apply to the database. Valid values include
SQL_Default
,SQL_EastUS_DB_1
,SQL_EastUS2_DB_1
,SQL_SoutheastAsia_DB_1
,SQL_AustraliaEast_DB_1
,SQL_NorthEurope_DB_1
,SQL_SouthCentralUS_DB_1
,SQL_WestUS2_DB_1
,SQL_UKSouth_DB_1
,SQL_WestEurope_DB_1
,SQL_EastUS_DB_2
,SQL_EastUS2_DB_2
,SQL_WestUS2_DB_2
,SQL_SoutheastAsia_DB_2
,SQL_AustraliaEast_DB_2
,SQL_NorthEurope_DB_2
,SQL_SouthCentralUS_DB_2
,SQL_UKSouth_DB_2
,SQL_WestEurope_DB_2
,SQL_AustraliaSoutheast_DB_1
,SQL_BrazilSouth_DB_1
,SQL_CanadaCentral_DB_1
,SQL_CanadaEast_DB_1
,SQL_CentralUS_DB_1
,SQL_EastAsia_DB_1
,SQL_FranceCentral_DB_1
,SQL_GermanyWestCentral_DB_1
,SQL_CentralIndia_DB_1
,SQL_SouthIndia_DB_1
,SQL_JapanEast_DB_1
,SQL_JapanWest_DB_1
,SQL_NorthCentralUS_DB_1
,SQL_UKWest_DB_1
,SQL_WestUS_DB_1
,SQL_AustraliaSoutheast_DB_2
,SQL_BrazilSouth_DB_2
,SQL_CanadaCentral_DB_2
,SQL_CanadaEast_DB_2
,SQL_CentralUS_DB_2
,SQL_EastAsia_DB_2
,SQL_FranceCentral_DB_2
,SQL_GermanyWestCentral_DB_2
,SQL_CentralIndia_DB_2
,SQL_SouthIndia_DB_2
,SQL_JapanEast_DB_2
,SQL_JapanWest_DB_2
,SQL_NorthCentralUS_DB_2
,SQL_UKWest_DB_2
,SQL_WestUS_DB_2
,SQL_WestCentralUS_DB_1
,SQL_FranceSouth_DB_1
,SQL_WestCentralUS_DB_2
,SQL_FranceSouth_DB_2
,SQL_SwitzerlandNorth_DB_1
,SQL_SwitzerlandNorth_DB_2
,SQL_BrazilSoutheast_DB_1
,SQL_UAENorth_DB_1
,SQL_BrazilSoutheast_DB_2
,SQL_UAENorth_DB_2
. Defaults toSQL_Default
.NOTE:
maintenance_configuration_name
is only applicable ifelastic_pool_id
is not set.- max
Size NumberGb The max size of the database in gigabytes.
NOTE: This value should not be configured when the
create_mode
isSecondary
orOnlineSecondary
, as the sizing of the primary is then used as per Azure documentation.- min
Capacity Number - Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
- name String
- The name of the MS SQL Database. Changing this forces a new resource to be created.
- read
Replica NumberCount - The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
- read
Scale Boolean - If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
- recover
Database StringId - The ID of the database to be recovered. This property is only applicable when the
create_mode
isRecovery
. - recovery
Point StringId - The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the
create_mode
isRecovery
. - restore
Dropped StringDatabase Id - The ID of the database to be restored. This property is only applicable when the
create_mode
isRestore
. - restore
Long StringTerm Retention Backup Id - The ID of the long term retention backup to be restored. This property is only applicable when the
create_mode
isRestoreLongTermRetentionBackup
. - restore
Point StringIn Time - Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for
create_mode
=PointInTimeRestore
databases. - sample
Name String - Specifies the name of the sample schema to apply when creating this database. Possible value is
AdventureWorksLT
. - secondary
Type String - How do you want your replica to be made? Valid values include
Geo
andNamed
. Defaults toGeo
. Changing this forces a new resource to be created. - server
Id String The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.
NOTE: This setting is still required for "Serverless" SKUs
- short
Term Property MapRetention Policy - A
short_term_retention_policy
block as defined below. - sku
Name String Specifies the name of the SKU used by the database. For example,
GP_S_Gen5_2
,HS_Gen4_1
,BC_Gen5_2
,ElasticPool
,Basic
,S0
,P2
,DW100c
,DS100
. Changing this from the HyperScale service tier to another service tier will create a new resource.NOTE: The default
sku_name
value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using thecreation_source_database_id
property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing thesku_name
of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the samesku_name
in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.- storage
Account StringType - Specifies the storage account type used to store backups for this database. Possible values are
Geo
,GeoZone
,Local
andZone
. Defaults toGeo
. - Map<String>
- A mapping of tags to assign to the resource.
- threat
Detection Property MapPolicy - Threat detection policy configuration. The
threat_detection_policy
block supports fields documented below. - transparent
Data BooleanEncryption Enabled If set to true, Transparent Data Encryption will be enabled on the database. Defaults to
true
.NOTE:
transparent_data_encryption_enabled
can only be set tofalse
on DW (e.g, DataWarehouse) server SKUs.- transparent
Data BooleanEncryption Key Automatic Rotation Enabled Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are
true
orfalse
. Defaults tofalse
.NOTE: When the
sku_name
isDW100c
, thetransparent_data_encryption_key_automatic_rotation_enabled
and thetransparent_data_encryption_key_vault_key_id
properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.- transparent
Data StringEncryption Key Vault Key Id The fully versioned
Key Vault
Key
URL (e.g.'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>
) to be used as theCustomer Managed Key
(CMK/BYOK) for theTransparent Data Encryption
(TDE) layer.NOTE: To successfully deploy a
Microsoft SQL Database
in CMK/BYOK TDE theKey Vault
must haveSoft-delete
andpurge protection
enabled to protect from data loss due to accidental key and/or key vault deletion. TheKey Vault
and theMicrosoft SQL Server
User Managed Identity Instance
must belong to the sameAzure Active Directory
tenant
.- zone
Redundant Boolean - Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
Supporting Types
DatabaseIdentity, DatabaseIdentityArgs
- Identity
Ids List<string> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
- Identity
Ids []string - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- Type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
- identity
Ids List<String> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
- identity
Ids string[] - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- type string
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
- identity_
ids Sequence[str] - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- type str
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
- identity
Ids List<String> - Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
- type String
- Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is
UserAssigned
.
DatabaseImport, DatabaseImportArgs
- Administrator
Login string - Specifies the name of the SQL administrator.
- Administrator
Login stringPassword - Specifies the password of the SQL administrator.
- Authentication
Type string - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - Storage
Key string - Specifies the access key for the storage account.
- Storage
Key stringType - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - Storage
Uri string - Specifies the blob URI of the .bacpac file.
- Storage
Account stringId - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
- Administrator
Login string - Specifies the name of the SQL administrator.
- Administrator
Login stringPassword - Specifies the password of the SQL administrator.
- Authentication
Type string - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - Storage
Key string - Specifies the access key for the storage account.
- Storage
Key stringType - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - Storage
Uri string - Specifies the blob URI of the .bacpac file.
- Storage
Account stringId - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
- administrator
Login String - Specifies the name of the SQL administrator.
- administrator
Login StringPassword - Specifies the password of the SQL administrator.
- authentication
Type String - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - storage
Key String - Specifies the access key for the storage account.
- storage
Key StringType - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - storage
Uri String - Specifies the blob URI of the .bacpac file.
- storage
Account StringId - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
- administrator
Login string - Specifies the name of the SQL administrator.
- administrator
Login stringPassword - Specifies the password of the SQL administrator.
- authentication
Type string - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - storage
Key string - Specifies the access key for the storage account.
- storage
Key stringType - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - storage
Uri string - Specifies the blob URI of the .bacpac file.
- storage
Account stringId - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
- administrator_
login str - Specifies the name of the SQL administrator.
- administrator_
login_ strpassword - Specifies the password of the SQL administrator.
- authentication_
type str - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - storage_
key str - Specifies the access key for the storage account.
- storage_
key_ strtype - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - storage_
uri str - Specifies the blob URI of the .bacpac file.
- storage_
account_ strid - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
- administrator
Login String - Specifies the name of the SQL administrator.
- administrator
Login StringPassword - Specifies the password of the SQL administrator.
- authentication
Type String - Specifies the type of authentication used to access the server. Valid values are
SQL
orADPassword
. - storage
Key String - Specifies the access key for the storage account.
- storage
Key StringType - Specifies the type of access key for the storage account. Valid values are
StorageAccessKey
orSharedAccessKey
. - storage
Uri String - Specifies the blob URI of the .bacpac file.
- storage
Account StringId - The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
DatabaseLongTermRetentionPolicy, DatabaseLongTermRetentionPolicyArgs
- Immutable
Backups boolEnabled - Specifies if the backups are immutable. Defaults to
false
. - Monthly
Retention string - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - Week
Of intYear - The week of year to take the yearly backup. Value has to be between
1
and52
. - Weekly
Retention string - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - Yearly
Retention string - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
- Immutable
Backups boolEnabled - Specifies if the backups are immutable. Defaults to
false
. - Monthly
Retention string - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - Week
Of intYear - The week of year to take the yearly backup. Value has to be between
1
and52
. - Weekly
Retention string - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - Yearly
Retention string - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
- immutable
Backups BooleanEnabled - Specifies if the backups are immutable. Defaults to
false
. - monthly
Retention String - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - week
Of IntegerYear - The week of year to take the yearly backup. Value has to be between
1
and52
. - weekly
Retention String - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - yearly
Retention String - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
- immutable
Backups booleanEnabled - Specifies if the backups are immutable. Defaults to
false
. - monthly
Retention string - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - week
Of numberYear - The week of year to take the yearly backup. Value has to be between
1
and52
. - weekly
Retention string - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - yearly
Retention string - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
- immutable_
backups_ boolenabled - Specifies if the backups are immutable. Defaults to
false
. - monthly_
retention str - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - week_
of_ intyear - The week of year to take the yearly backup. Value has to be between
1
and52
. - weekly_
retention str - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - yearly_
retention str - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
- immutable
Backups BooleanEnabled - Specifies if the backups are immutable. Defaults to
false
. - monthly
Retention String - The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g.
P1Y
,P1M
,P4W
orP30D
. - week
Of NumberYear - The week of year to take the yearly backup. Value has to be between
1
and52
. - weekly
Retention String - The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g.
P1Y
,P1M
,P1W
orP7D
. - yearly
Retention String - The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g.
P1Y
,P12M
,P52W
orP365D
.
DatabaseShortTermRetentionPolicy, DatabaseShortTermRetentionPolicyArgs
- Retention
Days int - Point In Time Restore configuration. Value has to be between
1
and35
. - Backup
Interval intIn Hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
- Retention
Days int - Point In Time Restore configuration. Value has to be between
1
and35
. - Backup
Interval intIn Hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
- retention
Days Integer - Point In Time Restore configuration. Value has to be between
1
and35
. - backup
Interval IntegerIn Hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
- retention
Days number - Point In Time Restore configuration. Value has to be between
1
and35
. - backup
Interval numberIn Hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
- retention_
days int - Point In Time Restore configuration. Value has to be between
1
and35
. - backup_
interval_ intin_ hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
- retention
Days Number - Point In Time Restore configuration. Value has to be between
1
and35
. - backup
Interval NumberIn Hours - The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be
12
or24
. Defaults to12
hours.
DatabaseThreatDetectionPolicy, DatabaseThreatDetectionPolicyArgs
- Disabled
Alerts List<string> - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - Email
Account stringAdmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - Email
Addresses List<string> - A list of email addresses which alerts should be sent to.
- Retention
Days int - Specifies the number of days to keep in the Threat Detection audit logs.
- State string
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - Storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - Storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
- Disabled
Alerts []string - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - Email
Account stringAdmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - Email
Addresses []string - A list of email addresses which alerts should be sent to.
- Retention
Days int - Specifies the number of days to keep in the Threat Detection audit logs.
- State string
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - Storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - Storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
- disabled
Alerts List<String> - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - email
Account StringAdmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - email
Addresses List<String> - A list of email addresses which alerts should be sent to.
- retention
Days Integer - Specifies the number of days to keep in the Threat Detection audit logs.
- state String
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - storage
Account StringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - storage
Endpoint String - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
- disabled
Alerts string[] - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - email
Account stringAdmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - email
Addresses string[] - A list of email addresses which alerts should be sent to.
- retention
Days number - Specifies the number of days to keep in the Threat Detection audit logs.
- state string
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - storage
Account stringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - storage
Endpoint string - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
- disabled_
alerts Sequence[str] - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - email_
account_ stradmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - email_
addresses Sequence[str] - A list of email addresses which alerts should be sent to.
- retention_
days int - Specifies the number of days to keep in the Threat Detection audit logs.
- state str
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - storage_
account_ straccess_ key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - storage_
endpoint str - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
- disabled
Alerts List<String> - Specifies a list of alerts which should be disabled. Possible values include
Access_Anomaly
,Sql_Injection
andSql_Injection_Vulnerability
. - email
Account StringAdmins - Should the account administrators be emailed when this alert is triggered? Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - email
Addresses List<String> - A list of email addresses which alerts should be sent to.
- retention
Days Number - Specifies the number of days to keep in the Threat Detection audit logs.
- state String
- The State of the Policy. Possible values are
Enabled
orDisabled
. Defaults toDisabled
. - storage
Account StringAccess Key - Specifies the identifier key of the Threat Detection audit storage account. Required if
state
isEnabled
. - storage
Endpoint String - Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if
state
isEnabled
.
Import
SQL Database can be imported using the resource id
, e.g.
$ pulumi import azure:mssql/database:Database example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/server1/databases/example1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Azure Classic pulumi/pulumi-azure
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
azurerm
Terraform Provider.