From b94b251b69eff8837047927fae2754c20ae86477 Mon Sep 17 00:00:00 2001 From: Hanumesh Date: Fri, 18 Oct 2024 18:54:14 +0530 Subject: [PATCH 1/4] Added enhancements --- main.tf | 36 ++++++++++++++++++++++++++++-------- variables.tf | 42 ++++++++++++++++++++++++++++++++++++++---- 2 files changed, 66 insertions(+), 12 deletions(-) diff --git a/main.tf b/main.tf index 708debd..a0c6380 100644 --- a/main.tf +++ b/main.tf @@ -30,7 +30,7 @@ module "labels" { ##----------------------------------------------------------------------------- resource "random_password" "main" { - count = var.admin_password == null ? 1 : 0 + count = var.create_password ? 1 : 0 length = var.admin_password_length min_upper = 4 min_lower = 2 @@ -44,7 +44,7 @@ resource "random_password" "main" { resource "azurerm_mysql_flexible_server" "main" { count = var.enabled ? 1 : 0 - name = format("%s-mysql-flexible-server", module.labels.id) + name = var.mysql_server_name != null ? var.mysql_server_name : format("%s-mysql-flexible-server", module.labels.id) resource_group_name = local.resource_group_name location = var.location administrator_login = var.admin_username @@ -71,15 +71,35 @@ resource "azurerm_mysql_flexible_server" "main" { standby_availability_zone = lookup(high_availability.value, "standby_availability_zone", 1) } } + identity { + type = var.identity_type + identity_ids = var.identity_type == "UserAssigned" ? var.user_assigned_identity_ids : [] + } version = var.mysql_version zone = var.zone - tags = module.labels.tags + tags = var.custom_tags == null ? module.labels.tags : var.custom_tags depends_on = [azurerm_private_dns_zone_virtual_network_link.main, azurerm_private_dns_zone_virtual_network_link.main2] } +##----------------------------------------------------------------------------- +## Below resource will create mysql server active directory administrator. +##----------------------------------------------------------------------------- + +resource "azurerm_mysql_flexible_server_active_directory_administrator" "main" { + count = length(var.entra_authentication.object_id[*]) > 0 ? 1 : 0 + + server_id = join("", azurerm_mysql_flexible_server.main.*.id) + identity_id = var.entra_authentication.user_assigned_identity_id + login = var.entra_authentication.login + object_id = var.entra_authentication.object_id + tenant_id = data.azurerm_client_config.current.tenant_id + + depends_on = [ azurerm_mysql_flexible_server.main ] +} + ##----------------------------------------------------------------------------- ## Below resource will create mysql flexible database. ##----------------------------------------------------------------------------- @@ -91,7 +111,7 @@ resource "azurerm_mysql_flexible_database" "main" { server_name = join("", azurerm_mysql_flexible_server.main.*.name) charset = var.charset collation = var.collation - depends_on = [azurerm_mysql_flexible_server.main] + depends_on = [azurerm_mysql_flexible_server_active_directory_administrator.main] } ##----------------------------------------------------------------------------- @@ -99,7 +119,7 @@ resource "azurerm_mysql_flexible_database" "main" { ##----------------------------------------------------------------------------- resource "azurerm_mysql_flexible_server_configuration" "main" { - count = var.enabled ? length(var.server_configuration_names) : 0 + count = var.enabled && var.server_parameters_enabled ? length(var.server_configuration_names) : 0 name = element(var.server_configuration_names, count.index) resource_group_name = local.resource_group_name server_name = join("", azurerm_mysql_flexible_server.main.*.name) @@ -122,7 +142,7 @@ resource "azurerm_private_dns_zone" "main" { count = var.enabled && var.private_dns ? 1 : 0 name = "privatelink.mysql.database.azure.com" resource_group_name = local.resource_group_name - tags = module.labels.tags + tags = var.custom_tags == null ? module.labels.tags : var.custom_tags } ##----------------------------------------------------------------------------- @@ -135,7 +155,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "main" { virtual_network_id = var.virtual_network_id resource_group_name = local.resource_group_name registration_enabled = var.registration_enabled - tags = module.labels.tags + tags = var.custom_tags == null ? module.labels.tags : var.custom_tags } ##----------------------------------------------------------------------------- @@ -148,7 +168,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "main2" { virtual_network_id = var.virtual_network_id resource_group_name = var.main_rg_name registration_enabled = var.registration_enabled - tags = module.labels.tags + tags = var.custom_tags == null ? module.labels.tags : var.custom_tags } resource "azurerm_monitor_diagnostic_setting" "mysql" { diff --git a/variables.tf b/variables.tf index d78a3fa..07585d7 100644 --- a/variables.tf +++ b/variables.tf @@ -245,10 +245,7 @@ variable "high_availability" { mode = string standby_availability_zone = optional(number) }) - default = { - mode = "SameZone" - standby_availability_zone = 1 - } + default = null } variable "enable_diagnostic" { @@ -298,4 +295,41 @@ variable "eventhub_authorization_rule_id" { type = string default = null description = "Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG." +} + +variable "custom_tags" { + type = map(string) + default = {} +} + +variable "identity_type" { + description = "Type of managed identity to set" + type = string + default = null +} + +variable "user_assigned_identity_ids" { + description = "List of user-assigned managed identity IDs" + type = list(string) + default = [] +} + +variable "entra_authentication" { + description = "Azure Entra authentication configuration block for Azure MySQL Flexible Server" + type = object({ + user_assigned_identity_id = optional(string, null) + login = optional(string, null) + object_id = optional(string, null) + }) + default = {} +} + +variable "server_parameters_enabled" { + type = bool + default = true +} + +variable "create_password" { + type = bool + default = false } \ No newline at end of file From b68748fa7a433339c733ea990de80b260ddee636 Mon Sep 17 00:00:00 2001 From: Ankitha B H <76145952+AnkithaBH@users.noreply.github.com> Date: Mon, 28 Oct 2024 19:49:43 +0530 Subject: [PATCH 2/4] Reverting changes made to password and server configuration --- main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index a0c6380..e96d5b5 100644 --- a/main.tf +++ b/main.tf @@ -30,7 +30,7 @@ module "labels" { ##----------------------------------------------------------------------------- resource "random_password" "main" { - count = var.create_password ? 1 : 0 + count = var.admin_password == null ? 1 : 0 length = var.admin_password_length min_upper = 4 min_lower = 2 @@ -119,7 +119,7 @@ resource "azurerm_mysql_flexible_database" "main" { ##----------------------------------------------------------------------------- resource "azurerm_mysql_flexible_server_configuration" "main" { - count = var.enabled && var.server_parameters_enabled ? length(var.server_configuration_names) : 0 + count = var.enabled && ? length(var.server_configuration_names) : 0 name = element(var.server_configuration_names, count.index) resource_group_name = local.resource_group_name server_name = join("", azurerm_mysql_flexible_server.main.*.name) From e4a1e82f7fd8b3549d448cd0cdd1d27b5a605ee5 Mon Sep 17 00:00:00 2001 From: Ankitha B H <76145952+AnkithaBH@users.noreply.github.com> Date: Mon, 28 Oct 2024 19:51:21 +0530 Subject: [PATCH 3/4] Reverting server configuration --- main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tf b/main.tf index e96d5b5..f356956 100644 --- a/main.tf +++ b/main.tf @@ -119,7 +119,7 @@ resource "azurerm_mysql_flexible_database" "main" { ##----------------------------------------------------------------------------- resource "azurerm_mysql_flexible_server_configuration" "main" { - count = var.enabled && ? length(var.server_configuration_names) : 0 + count = var.enabled ? length(var.server_configuration_names) : 0 name = element(var.server_configuration_names, count.index) resource_group_name = local.resource_group_name server_name = join("", azurerm_mysql_flexible_server.main.*.name) From 106db4027a3cc9184822691ca9ca7ce345f3c987 Mon Sep 17 00:00:00 2001 From: Ankitha B H <76145952+AnkithaBH@users.noreply.github.com> Date: Mon, 28 Oct 2024 19:53:39 +0530 Subject: [PATCH 4/4] Removing server parameters and password variables --- variables.tf | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/variables.tf b/variables.tf index 07585d7..d19783c 100644 --- a/variables.tf +++ b/variables.tf @@ -323,13 +323,3 @@ variable "entra_authentication" { }) default = {} } - -variable "server_parameters_enabled" { - type = bool - default = true -} - -variable "create_password" { - type = bool - default = false -} \ No newline at end of file