Add optional block for virtual network rules

miljodir · Jan 14, 2025 · 939a94f · 939a94f
1 parent 981fe8b
commit 939a94f
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 0 deletions.
diff --git a/main.tf b/main.tf
@@ -116,6 +116,13 @@ resource "azurerm_mssql_firewall_rule" "sql" {
   end_ip_address   = each.value.end_ip_address
 }
 
+resource "azurerm_mssql_virtual_network_rule" "sql" {
+  for_each  = var.virtual_network_rules
+  name      = each.key
+  server_id = azurerm_mssql_server.sqlsrv.id
+  subnet_id = each.value.subnet_id
+}
+
 resource "azurerm_private_endpoint" "sqlsrv_pe" {
   count               = var.create_private_endpoint == true ? 1 : 0
   location            = azurerm_mssql_server.sqlsrv.location

diff --git a/variables.tf b/variables.tf
@@ -109,6 +109,15 @@ variable "firewall_rules" {
   default     = {}
 }
 
+variable "virtual_network_rules" {
+  type = map(object({
+    subnet_id = optional(string)
+  }))
+  description = "Map of objects containing information on virtual network rules to be created. A service endpoint for Microsoft.Sql is required at the target subnet."
+  default     = {}
+
+}
+
 variable "databases" {
   type = map(object({
     sku_name                    = optional(string),           # Sku name for database. Many possibilities .Defaults to "GP_S_Gen5_1" which means serverless 1 vcore.