Skip to content

Commit 81022a3

Browse files
dploegerdploeger
committed
feat: support virtual network firewall rules
1 parent 03619e4 commit 81022a3

File tree

3 files changed

+26
-3
lines changed

3 files changed

+26
-3
lines changed

README.md

Lines changed: 12 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,7 @@ The following resources are used by this module:
3737
- [azurerm_mysql_database.db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_database) (resource)
3838
- [azurerm_mysql_firewall_rule.firewall](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_firewall_rule) (resource)
3939
- [azurerm_mysql_server.server](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_server) (resource)
40+
- [azurerm_mysql_virtual_network_rule.virtualnetworks](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/mysql_virtual_network_rule) (resource)
4041

4142
## Required Inputs
4243

@@ -98,13 +99,13 @@ Description: A hash of permissions to access the database server by ip. The
9899
Type:
99100

100101
```hcl
101-
object({
102+
map(object({
102103
start = string,
103104
end = string
104-
})
105+
}))
105106
```
106107

107-
Default: `[]`
108+
Default: `{}`
108109

109110
### backup\_retention\_days
110111

@@ -154,6 +155,14 @@ Type: `string`
154155

155156
Default: `""`
156157

158+
### virtual\_networks
159+
160+
Description: Maps of prefix => virtual network id that has access to the server
161+
162+
Type: `map(string)`
163+
164+
Default: `{}`
165+
157166
## Outputs
158167

159168
The following outputs are exported:

firewall.tf

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,11 @@ resource "azurerm_mysql_firewall_rule" "firewall" {
66
resource_group_name = var.resource_group
77
server_name = azurerm_mysql_server.server.name
88
}
9+
10+
resource "azurerm_mysql_virtual_network_rule" "virtualnetworks" {
11+
for_each = var.virtual_networks
12+
name = "${var.project}${var.stage}dbfwnet${each.key}"
13+
resource_group_name = var.resource_group
14+
server_name = azurerm_mysql_server.server.name
15+
subnet_id = each.value
16+
}

vars.tf

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -85,3 +85,9 @@ variable "allowed_ips" {
8585
}))
8686
default = {}
8787
}
88+
89+
variable "virtual_networks" {
90+
type = map(string)
91+
description = "Maps of prefix => virtual network id that has access to the server"
92+
default = {}
93+
}

0 commit comments

Comments
 (0)