layout | page_title | description |
---|---|---|
Provider: MS SQL Server |
The provider can be used to configure objects in Microsoft SQL Server and Azure SQL instances. |
The provider can be used to configure objects in Microsoft SQL Server and Azure SQL instances.
Provider username and password, using sql_auth
field:
provider "mssql" {
hostname = "localhost"
port = 1433
sql_auth = {
username = "sa"
password = "sa_password"
}
}
In case of Azure SQL connections, Azure Active Directory auth tokens can be used to authenticate.
#### Service Principal Provide client ID (a.k.a. application ID), secret and tenant ID, using `azure_auth` field: ```terraform provider "mssql" { hostname = "example.database.windows.net" port = 1433
azure_auth = { client_id = "94e8d55d-cbbc-4e41-b21a-8923d83f9a85" client_secret = "client_secret" tenant_id = "a352c914-bfd9-4b7e-8b1d-554a58353f22" } }
<br/>
#### Default chained credentials
When `azure_auth` value is set to empty object (`{}`), the provider uses chained credentials built from `EnvironmentCredential` -> `ManagedIdentityCredential` -> `AzureCLICredential`.
See [DefaultAzureCredential docs](https://github.com/Azure/azure-sdk-for-go/wiki/Set-up-Your-Environment-for-Authentication#configure-defaultazurecredential) for details.
<br/>
#### Environment variables
When `azure_auth` value is set to empty object (`{}`) and following environment variables are set, the env variable values will be used for authentication, taking precedence over `DefaultAzureCredential`.
- `ARM_CLIENT_ID`
- `ARM_CLIENT_SECRET`
- `ARM_TENANT_ID`
<br/>
Example:
```terraform
provider "mssql" {
hostname = "example.database.windows.net"
port = 1433
azure_auth = {}
}
Provider can be used, with certain limitations, with computed provider configuration. For example, provider's hostname
can be sourced from azurerm_mssql_server.fully_qualified_domain_name
. As shown in this Azure SQL example
~> Warning When connection details are computed and not known during plan execution (e.g. SQL Server resource returning FQDN is planned to be recreated), the state cannot contain any previously created mssql_*
resources. In such case error will be reported, as the provider does not have enough information to generate correct plan.
azure_auth
(Attributes) When provided, Azure AD authentication will be used when connecting. (see below for nested schema)hostname
(String) FQDN or IP address of the SQL endpoint. Can be also set usingMSSQL_HOSTNAME
environment variable.port
(Number) TCP port of SQL endpoint. Defaults to1433
. Can be also set usingMSSQL_PORT
environment variable.sql_auth
(Attributes) When provided, SQL authentication will be used when connecting. (see below for nested schema)
Optional:
client_id
(String) Service Principal client (application) ID. When omitted, default, chained set of credentials will be used.client_secret
(String, Sensitive) Service Principal secret. When omitted, default, chained set of credentials will be used.tenant_id
(String) Azure AD tenant ID. Required only if Azure SQL Server's tenant is different than Service Principal's.
Required:
password
(String, Sensitive) Password for SQL authentication.username
(String) User name for SQL authentication.