1. Packages
  2. Azure Classic
  3. API Docs
  4. mssql
  5. Database

We recommend using Azure Native.

Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi

azure.mssql.Database

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const example = new azure.core.ResourceGroup("example", {
        name: "example-resources",
        location: "West Europe",
    });
    const exampleAccount = new azure.storage.Account("example", {
        name: "examplesa",
        resourceGroupName: example.name,
        location: example.location,
        accountTier: "Standard",
        accountReplicationType: "LRS",
    });
    const exampleServer = new azure.mssql.Server("example", {
        name: "example-sqlserver",
        resourceGroupName: example.name,
        location: example.location,
        version: "12.0",
        administratorLogin: "4dm1n157r470r",
        administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
    });
    const exampleDatabase = new azure.mssql.Database("example", {
        name: "example-db",
        serverId: exampleServer.id,
        collation: "SQL_Latin1_General_CP1_CI_AS",
        licenseType: "LicenseIncluded",
        maxSizeGb: 4,
        readScale: true,
        skuName: "S0",
        zoneRedundant: true,
        enclaveType: "VBS",
        tags: {
            foo: "bar",
        },
    });
    
    import pulumi
    import pulumi_azure as azure
    
    example = azure.core.ResourceGroup("example",
        name="example-resources",
        location="West Europe")
    example_account = azure.storage.Account("example",
        name="examplesa",
        resource_group_name=example.name,
        location=example.location,
        account_tier="Standard",
        account_replication_type="LRS")
    example_server = azure.mssql.Server("example",
        name="example-sqlserver",
        resource_group_name=example.name,
        location=example.location,
        version="12.0",
        administrator_login="4dm1n157r470r",
        administrator_login_password="4-v3ry-53cr37-p455w0rd")
    example_database = azure.mssql.Database("example",
        name="example-db",
        server_id=example_server.id,
        collation="SQL_Latin1_General_CP1_CI_AS",
        license_type="LicenseIncluded",
        max_size_gb=4,
        read_scale=True,
        sku_name="S0",
        zone_redundant=True,
        enclave_type="VBS",
        tags={
            "foo": "bar",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-resources"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
    			Name:                   pulumi.String("examplesa"),
    			ResourceGroupName:      example.Name,
    			Location:               example.Location,
    			AccountTier:            pulumi.String("Standard"),
    			AccountReplicationType: pulumi.String("LRS"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
    			Name:                       pulumi.String("example-sqlserver"),
    			ResourceGroupName:          example.Name,
    			Location:                   example.Location,
    			Version:                    pulumi.String("12.0"),
    			AdministratorLogin:         pulumi.String("4dm1n157r470r"),
    			AdministratorLoginPassword: pulumi.String("4-v3ry-53cr37-p455w0rd"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = mssql.NewDatabase(ctx, "example", &mssql.DatabaseArgs{
    			Name:          pulumi.String("example-db"),
    			ServerId:      exampleServer.ID(),
    			Collation:     pulumi.String("SQL_Latin1_General_CP1_CI_AS"),
    			LicenseType:   pulumi.String("LicenseIncluded"),
    			MaxSizeGb:     pulumi.Int(4),
    			ReadScale:     pulumi.Bool(true),
    			SkuName:       pulumi.String("S0"),
    			ZoneRedundant: pulumi.Bool(true),
    			EnclaveType:   pulumi.String("VBS"),
    			Tags: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example-resources",
            Location = "West Europe",
        });
    
        var exampleAccount = new Azure.Storage.Account("example", new()
        {
            Name = "examplesa",
            ResourceGroupName = example.Name,
            Location = example.Location,
            AccountTier = "Standard",
            AccountReplicationType = "LRS",
        });
    
        var exampleServer = new Azure.MSSql.Server("example", new()
        {
            Name = "example-sqlserver",
            ResourceGroupName = example.Name,
            Location = example.Location,
            Version = "12.0",
            AdministratorLogin = "4dm1n157r470r",
            AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
        });
    
        var exampleDatabase = new Azure.MSSql.Database("example", new()
        {
            Name = "example-db",
            ServerId = exampleServer.Id,
            Collation = "SQL_Latin1_General_CP1_CI_AS",
            LicenseType = "LicenseIncluded",
            MaxSizeGb = 4,
            ReadScale = true,
            SkuName = "S0",
            ZoneRedundant = true,
            EnclaveType = "VBS",
            Tags = 
            {
                { "foo", "bar" },
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.storage.Account;
    import com.pulumi.azure.storage.AccountArgs;
    import com.pulumi.azure.mssql.Server;
    import com.pulumi.azure.mssql.ServerArgs;
    import com.pulumi.azure.mssql.Database;
    import com.pulumi.azure.mssql.DatabaseArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResourceGroup("example", ResourceGroupArgs.builder()
                .name("example-resources")
                .location("West Europe")
                .build());
    
            var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
                .name("examplesa")
                .resourceGroupName(example.name())
                .location(example.location())
                .accountTier("Standard")
                .accountReplicationType("LRS")
                .build());
    
            var exampleServer = new Server("exampleServer", ServerArgs.builder()
                .name("example-sqlserver")
                .resourceGroupName(example.name())
                .location(example.location())
                .version("12.0")
                .administratorLogin("4dm1n157r470r")
                .administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
                .build());
    
            var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()
                .name("example-db")
                .serverId(exampleServer.id())
                .collation("SQL_Latin1_General_CP1_CI_AS")
                .licenseType("LicenseIncluded")
                .maxSizeGb(4)
                .readScale(true)
                .skuName("S0")
                .zoneRedundant(true)
                .enclaveType("VBS")
                .tags(Map.of("foo", "bar"))
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:core:ResourceGroup
        properties:
          name: example-resources
          location: West Europe
      exampleAccount:
        type: azure:storage:Account
        name: example
        properties:
          name: examplesa
          resourceGroupName: ${example.name}
          location: ${example.location}
          accountTier: Standard
          accountReplicationType: LRS
      exampleServer:
        type: azure:mssql:Server
        name: example
        properties:
          name: example-sqlserver
          resourceGroupName: ${example.name}
          location: ${example.location}
          version: '12.0'
          administratorLogin: 4dm1n157r470r
          administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
      exampleDatabase:
        type: azure:mssql:Database
        name: example
        properties:
          name: example-db
          serverId: ${exampleServer.id}
          collation: SQL_Latin1_General_CP1_CI_AS
          licenseType: LicenseIncluded
          maxSizeGb: 4
          readScale: true
          skuName: S0
          zoneRedundant: true
          enclaveType: VBS
          tags:
            foo: bar
    

    Transparent Data Encryption(TDE) With A Customer Managed Key(CMK) During Create

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const example = new azure.core.ResourceGroup("example", {
        name: "example-resources",
        location: "West Europe",
    });
    const exampleUserAssignedIdentity = new azure.authorization.UserAssignedIdentity("example", {
        name: "example-admin",
        location: example.location,
        resourceGroupName: example.name,
    });
    const exampleAccount = new azure.storage.Account("example", {
        name: "examplesa",
        resourceGroupName: example.name,
        location: example.location,
        accountTier: "Standard",
        accountReplicationType: "LRS",
    });
    const exampleServer = new azure.mssql.Server("example", {
        name: "example-sqlserver",
        resourceGroupName: example.name,
        location: example.location,
        version: "12.0",
        administratorLogin: "4dm1n157r470r",
        administratorLoginPassword: "4-v3ry-53cr37-p455w0rd",
    });
    // Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
    const exampleKeyVault = new azure.keyvault.KeyVault("example", {
        name: "mssqltdeexample",
        location: example.location,
        resourceGroupName: example.name,
        enabledForDiskEncryption: true,
        tenantId: exampleUserAssignedIdentity.tenantId,
        softDeleteRetentionDays: 7,
        purgeProtectionEnabled: true,
        skuName: "standard",
        accessPolicies: [
            {
                tenantId: current.tenantId,
                objectId: current.objectId,
                keyPermissions: [
                    "Get",
                    "List",
                    "Create",
                    "Delete",
                    "Update",
                    "Recover",
                    "Purge",
                    "GetRotationPolicy",
                ],
            },
            {
                tenantId: exampleUserAssignedIdentity.tenantId,
                objectId: exampleUserAssignedIdentity.principalId,
                keyPermissions: [
                    "Get",
                    "WrapKey",
                    "UnwrapKey",
                ],
            },
        ],
    });
    const exampleKey = new azure.keyvault.Key("example", {
        name: "example-key",
        keyVaultId: exampleKeyVault.id,
        keyType: "RSA",
        keySize: 2048,
        keyOpts: [
            "unwrapKey",
            "wrapKey",
        ],
    }, {
        dependsOn: [exampleKeyVault],
    });
    const exampleDatabase = new azure.mssql.Database("example", {
        name: "example-db",
        serverId: exampleServer.id,
        collation: "SQL_Latin1_General_CP1_CI_AS",
        licenseType: "LicenseIncluded",
        maxSizeGb: 4,
        readScale: true,
        skuName: "S0",
        zoneRedundant: true,
        enclaveType: "VBS",
        tags: {
            foo: "bar",
        },
        identity: {
            type: "UserAssigned",
            identityIds: [exampleUserAssignedIdentity.id],
        },
        transparentDataEncryptionKeyVaultKeyId: exampleKey.id,
    });
    
    import pulumi
    import pulumi_azure as azure
    
    example = azure.core.ResourceGroup("example",
        name="example-resources",
        location="West Europe")
    example_user_assigned_identity = azure.authorization.UserAssignedIdentity("example",
        name="example-admin",
        location=example.location,
        resource_group_name=example.name)
    example_account = azure.storage.Account("example",
        name="examplesa",
        resource_group_name=example.name,
        location=example.location,
        account_tier="Standard",
        account_replication_type="LRS")
    example_server = azure.mssql.Server("example",
        name="example-sqlserver",
        resource_group_name=example.name,
        location=example.location,
        version="12.0",
        administrator_login="4dm1n157r470r",
        administrator_login_password="4-v3ry-53cr37-p455w0rd")
    # Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
    example_key_vault = azure.keyvault.KeyVault("example",
        name="mssqltdeexample",
        location=example.location,
        resource_group_name=example.name,
        enabled_for_disk_encryption=True,
        tenant_id=example_user_assigned_identity.tenant_id,
        soft_delete_retention_days=7,
        purge_protection_enabled=True,
        sku_name="standard",
        access_policies=[
            azure.keyvault.KeyVaultAccessPolicyArgs(
                tenant_id=current["tenantId"],
                object_id=current["objectId"],
                key_permissions=[
                    "Get",
                    "List",
                    "Create",
                    "Delete",
                    "Update",
                    "Recover",
                    "Purge",
                    "GetRotationPolicy",
                ],
            ),
            azure.keyvault.KeyVaultAccessPolicyArgs(
                tenant_id=example_user_assigned_identity.tenant_id,
                object_id=example_user_assigned_identity.principal_id,
                key_permissions=[
                    "Get",
                    "WrapKey",
                    "UnwrapKey",
                ],
            ),
        ])
    example_key = azure.keyvault.Key("example",
        name="example-key",
        key_vault_id=example_key_vault.id,
        key_type="RSA",
        key_size=2048,
        key_opts=[
            "unwrapKey",
            "wrapKey",
        ],
        opts=pulumi.ResourceOptions(depends_on=[example_key_vault]))
    example_database = azure.mssql.Database("example",
        name="example-db",
        server_id=example_server.id,
        collation="SQL_Latin1_General_CP1_CI_AS",
        license_type="LicenseIncluded",
        max_size_gb=4,
        read_scale=True,
        sku_name="S0",
        zone_redundant=True,
        enclave_type="VBS",
        tags={
            "foo": "bar",
        },
        identity=azure.mssql.DatabaseIdentityArgs(
            type="UserAssigned",
            identity_ids=[example_user_assigned_identity.id],
        ),
        transparent_data_encryption_key_vault_key_id=example_key.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/mssql"
    	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/storage"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example-resources"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleUserAssignedIdentity, err := authorization.NewUserAssignedIdentity(ctx, "example", &authorization.UserAssignedIdentityArgs{
    			Name:              pulumi.String("example-admin"),
    			Location:          example.Location,
    			ResourceGroupName: example.Name,
    		})
    		if err != nil {
    			return err
    		}
    		_, err = storage.NewAccount(ctx, "example", &storage.AccountArgs{
    			Name:                   pulumi.String("examplesa"),
    			ResourceGroupName:      example.Name,
    			Location:               example.Location,
    			AccountTier:            pulumi.String("Standard"),
    			AccountReplicationType: pulumi.String("LRS"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleServer, err := mssql.NewServer(ctx, "example", &mssql.ServerArgs{
    			Name:                       pulumi.String("example-sqlserver"),
    			ResourceGroupName:          example.Name,
    			Location:                   example.Location,
    			Version:                    pulumi.String("12.0"),
    			AdministratorLogin:         pulumi.String("4dm1n157r470r"),
    			AdministratorLoginPassword: pulumi.String("4-v3ry-53cr37-p455w0rd"),
    		})
    		if err != nil {
    			return err
    		}
    		// Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
    		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
    			Name:                     pulumi.String("mssqltdeexample"),
    			Location:                 example.Location,
    			ResourceGroupName:        example.Name,
    			EnabledForDiskEncryption: pulumi.Bool(true),
    			TenantId:                 exampleUserAssignedIdentity.TenantId,
    			SoftDeleteRetentionDays:  pulumi.Int(7),
    			PurgeProtectionEnabled:   pulumi.Bool(true),
    			SkuName:                  pulumi.String("standard"),
    			AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
    				&keyvault.KeyVaultAccessPolicyArgs{
    					TenantId: pulumi.Any(current.TenantId),
    					ObjectId: pulumi.Any(current.ObjectId),
    					KeyPermissions: pulumi.StringArray{
    						pulumi.String("Get"),
    						pulumi.String("List"),
    						pulumi.String("Create"),
    						pulumi.String("Delete"),
    						pulumi.String("Update"),
    						pulumi.String("Recover"),
    						pulumi.String("Purge"),
    						pulumi.String("GetRotationPolicy"),
    					},
    				},
    				&keyvault.KeyVaultAccessPolicyArgs{
    					TenantId: exampleUserAssignedIdentity.TenantId,
    					ObjectId: exampleUserAssignedIdentity.PrincipalId,
    					KeyPermissions: pulumi.StringArray{
    						pulumi.String("Get"),
    						pulumi.String("WrapKey"),
    						pulumi.String("UnwrapKey"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		exampleKey, err := keyvault.NewKey(ctx, "example", &keyvault.KeyArgs{
    			Name:       pulumi.String("example-key"),
    			KeyVaultId: exampleKeyVault.ID(),
    			KeyType:    pulumi.String("RSA"),
    			KeySize:    pulumi.Int(2048),
    			KeyOpts: pulumi.StringArray{
    				pulumi.String("unwrapKey"),
    				pulumi.String("wrapKey"),
    			},
    		}, pulumi.DependsOn([]pulumi.Resource{
    			exampleKeyVault,
    		}))
    		if err != nil {
    			return err
    		}
    		_, err = mssql.NewDatabase(ctx, "example", &mssql.DatabaseArgs{
    			Name:          pulumi.String("example-db"),
    			ServerId:      exampleServer.ID(),
    			Collation:     pulumi.String("SQL_Latin1_General_CP1_CI_AS"),
    			LicenseType:   pulumi.String("LicenseIncluded"),
    			MaxSizeGb:     pulumi.Int(4),
    			ReadScale:     pulumi.Bool(true),
    			SkuName:       pulumi.String("S0"),
    			ZoneRedundant: pulumi.Bool(true),
    			EnclaveType:   pulumi.String("VBS"),
    			Tags: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    			Identity: &mssql.DatabaseIdentityArgs{
    				Type: pulumi.String("UserAssigned"),
    				IdentityIds: pulumi.StringArray{
    					exampleUserAssignedIdentity.ID(),
    				},
    			},
    			TransparentDataEncryptionKeyVaultKeyId: exampleKey.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example-resources",
            Location = "West Europe",
        });
    
        var exampleUserAssignedIdentity = new Azure.Authorization.UserAssignedIdentity("example", new()
        {
            Name = "example-admin",
            Location = example.Location,
            ResourceGroupName = example.Name,
        });
    
        var exampleAccount = new Azure.Storage.Account("example", new()
        {
            Name = "examplesa",
            ResourceGroupName = example.Name,
            Location = example.Location,
            AccountTier = "Standard",
            AccountReplicationType = "LRS",
        });
    
        var exampleServer = new Azure.MSSql.Server("example", new()
        {
            Name = "example-sqlserver",
            ResourceGroupName = example.Name,
            Location = example.Location,
            Version = "12.0",
            AdministratorLogin = "4dm1n157r470r",
            AdministratorLoginPassword = "4-v3ry-53cr37-p455w0rd",
        });
    
        // Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
        var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
        {
            Name = "mssqltdeexample",
            Location = example.Location,
            ResourceGroupName = example.Name,
            EnabledForDiskEncryption = true,
            TenantId = exampleUserAssignedIdentity.TenantId,
            SoftDeleteRetentionDays = 7,
            PurgeProtectionEnabled = true,
            SkuName = "standard",
            AccessPolicies = new[]
            {
                new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
                {
                    TenantId = current.TenantId,
                    ObjectId = current.ObjectId,
                    KeyPermissions = new[]
                    {
                        "Get",
                        "List",
                        "Create",
                        "Delete",
                        "Update",
                        "Recover",
                        "Purge",
                        "GetRotationPolicy",
                    },
                },
                new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
                {
                    TenantId = exampleUserAssignedIdentity.TenantId,
                    ObjectId = exampleUserAssignedIdentity.PrincipalId,
                    KeyPermissions = new[]
                    {
                        "Get",
                        "WrapKey",
                        "UnwrapKey",
                    },
                },
            },
        });
    
        var exampleKey = new Azure.KeyVault.Key("example", new()
        {
            Name = "example-key",
            KeyVaultId = exampleKeyVault.Id,
            KeyType = "RSA",
            KeySize = 2048,
            KeyOpts = new[]
            {
                "unwrapKey",
                "wrapKey",
            },
        }, new CustomResourceOptions
        {
            DependsOn =
            {
                exampleKeyVault,
            },
        });
    
        var exampleDatabase = new Azure.MSSql.Database("example", new()
        {
            Name = "example-db",
            ServerId = exampleServer.Id,
            Collation = "SQL_Latin1_General_CP1_CI_AS",
            LicenseType = "LicenseIncluded",
            MaxSizeGb = 4,
            ReadScale = true,
            SkuName = "S0",
            ZoneRedundant = true,
            EnclaveType = "VBS",
            Tags = 
            {
                { "foo", "bar" },
            },
            Identity = new Azure.MSSql.Inputs.DatabaseIdentityArgs
            {
                Type = "UserAssigned",
                IdentityIds = new[]
                {
                    exampleUserAssignedIdentity.Id,
                },
            },
            TransparentDataEncryptionKeyVaultKeyId = exampleKey.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.authorization.UserAssignedIdentity;
    import com.pulumi.azure.authorization.UserAssignedIdentityArgs;
    import com.pulumi.azure.storage.Account;
    import com.pulumi.azure.storage.AccountArgs;
    import com.pulumi.azure.mssql.Server;
    import com.pulumi.azure.mssql.ServerArgs;
    import com.pulumi.azure.keyvault.KeyVault;
    import com.pulumi.azure.keyvault.KeyVaultArgs;
    import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
    import com.pulumi.azure.keyvault.Key;
    import com.pulumi.azure.keyvault.KeyArgs;
    import com.pulumi.azure.mssql.Database;
    import com.pulumi.azure.mssql.DatabaseArgs;
    import com.pulumi.azure.mssql.inputs.DatabaseIdentityArgs;
    import com.pulumi.resources.CustomResourceOptions;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new ResourceGroup("example", ResourceGroupArgs.builder()
                .name("example-resources")
                .location("West Europe")
                .build());
    
            var exampleUserAssignedIdentity = new UserAssignedIdentity("exampleUserAssignedIdentity", UserAssignedIdentityArgs.builder()
                .name("example-admin")
                .location(example.location())
                .resourceGroupName(example.name())
                .build());
    
            var exampleAccount = new Account("exampleAccount", AccountArgs.builder()
                .name("examplesa")
                .resourceGroupName(example.name())
                .location(example.location())
                .accountTier("Standard")
                .accountReplicationType("LRS")
                .build());
    
            var exampleServer = new Server("exampleServer", ServerArgs.builder()
                .name("example-sqlserver")
                .resourceGroupName(example.name())
                .location(example.location())
                .version("12.0")
                .administratorLogin("4dm1n157r470r")
                .administratorLoginPassword("4-v3ry-53cr37-p455w0rd")
                .build());
    
            // Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
            var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
                .name("mssqltdeexample")
                .location(example.location())
                .resourceGroupName(example.name())
                .enabledForDiskEncryption(true)
                .tenantId(exampleUserAssignedIdentity.tenantId())
                .softDeleteRetentionDays(7)
                .purgeProtectionEnabled(true)
                .skuName("standard")
                .accessPolicies(            
                    KeyVaultAccessPolicyArgs.builder()
                        .tenantId(current.tenantId())
                        .objectId(current.objectId())
                        .keyPermissions(                    
                            "Get",
                            "List",
                            "Create",
                            "Delete",
                            "Update",
                            "Recover",
                            "Purge",
                            "GetRotationPolicy")
                        .build(),
                    KeyVaultAccessPolicyArgs.builder()
                        .tenantId(exampleUserAssignedIdentity.tenantId())
                        .objectId(exampleUserAssignedIdentity.principalId())
                        .keyPermissions(                    
                            "Get",
                            "WrapKey",
                            "UnwrapKey")
                        .build())
                .build());
    
            var exampleKey = new Key("exampleKey", KeyArgs.builder()
                .name("example-key")
                .keyVaultId(exampleKeyVault.id())
                .keyType("RSA")
                .keySize(2048)
                .keyOpts(            
                    "unwrapKey",
                    "wrapKey")
                .build(), CustomResourceOptions.builder()
                    .dependsOn(exampleKeyVault)
                    .build());
    
            var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()
                .name("example-db")
                .serverId(exampleServer.id())
                .collation("SQL_Latin1_General_CP1_CI_AS")
                .licenseType("LicenseIncluded")
                .maxSizeGb(4)
                .readScale(true)
                .skuName("S0")
                .zoneRedundant(true)
                .enclaveType("VBS")
                .tags(Map.of("foo", "bar"))
                .identity(DatabaseIdentityArgs.builder()
                    .type("UserAssigned")
                    .identityIds(exampleUserAssignedIdentity.id())
                    .build())
                .transparentDataEncryptionKeyVaultKeyId(exampleKey.id())
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:core:ResourceGroup
        properties:
          name: example-resources
          location: West Europe
      exampleUserAssignedIdentity:
        type: azure:authorization:UserAssignedIdentity
        name: example
        properties:
          name: example-admin
          location: ${example.location}
          resourceGroupName: ${example.name}
      exampleAccount:
        type: azure:storage:Account
        name: example
        properties:
          name: examplesa
          resourceGroupName: ${example.name}
          location: ${example.location}
          accountTier: Standard
          accountReplicationType: LRS
      exampleServer:
        type: azure:mssql:Server
        name: example
        properties:
          name: example-sqlserver
          resourceGroupName: ${example.name}
          location: ${example.location}
          version: '12.0'
          administratorLogin: 4dm1n157r470r
          administratorLoginPassword: 4-v3ry-53cr37-p455w0rd
      exampleDatabase:
        type: azure:mssql:Database
        name: example
        properties:
          name: example-db
          serverId: ${exampleServer.id}
          collation: SQL_Latin1_General_CP1_CI_AS
          licenseType: LicenseIncluded
          maxSizeGb: 4
          readScale: true
          skuName: S0
          zoneRedundant: true
          enclaveType: VBS
          tags:
            foo: bar
          identity:
            type: UserAssigned
            identityIds:
              - ${exampleUserAssignedIdentity.id}
          transparentDataEncryptionKeyVaultKeyId: ${exampleKey.id}
      # Create a key vault with access policies which allow for the current user to get, list, create, delete, update, recover, purge and getRotationPolicy for the key vault key and also add a key vault access policy for the Microsoft Sql Server instance User Managed Identity to get, wrap, and unwrap key(s)
      exampleKeyVault:
        type: azure:keyvault:KeyVault
        name: example
        properties:
          name: mssqltdeexample
          location: ${example.location}
          resourceGroupName: ${example.name}
          enabledForDiskEncryption: true
          tenantId: ${exampleUserAssignedIdentity.tenantId}
          softDeleteRetentionDays: 7
          purgeProtectionEnabled: true
          skuName: standard
          accessPolicies:
            - tenantId: ${current.tenantId}
              objectId: ${current.objectId}
              keyPermissions:
                - Get
                - List
                - Create
                - Delete
                - Update
                - Recover
                - Purge
                - GetRotationPolicy
            - tenantId: ${exampleUserAssignedIdentity.tenantId}
              objectId: ${exampleUserAssignedIdentity.principalId}
              keyPermissions:
                - Get
                - WrapKey
                - UnwrapKey
      exampleKey:
        type: azure:keyvault:Key
        name: example
        properties:
          name: example-key
          keyVaultId: ${exampleKeyVault.id}
          keyType: RSA
          keySize: 2048
          keyOpts:
            - unwrapKey
            - wrapKey
        options:
          dependson:
            - ${exampleKeyVault}
    

    Create Database Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Database(name: string, args: DatabaseArgs, opts?: CustomResourceOptions);
    @overload
    def Database(resource_name: str,
                 args: DatabaseArgs,
                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def Database(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 server_id: Optional[str] = None,
                 read_replica_count: Optional[int] = None,
                 import_: Optional[DatabaseImportArgs] = None,
                 creation_source_database_id: Optional[str] = None,
                 elastic_pool_id: Optional[str] = None,
                 read_scale: Optional[bool] = None,
                 geo_backup_enabled: Optional[bool] = None,
                 identity: Optional[DatabaseIdentityArgs] = None,
                 recover_database_id: Optional[str] = None,
                 ledger_enabled: Optional[bool] = None,
                 recovery_point_id: Optional[str] = None,
                 long_term_retention_policy: Optional[DatabaseLongTermRetentionPolicyArgs] = None,
                 maintenance_configuration_name: Optional[str] = None,
                 max_size_gb: Optional[int] = None,
                 min_capacity: Optional[float] = None,
                 name: Optional[str] = None,
                 auto_pause_delay_in_minutes: Optional[int] = None,
                 enclave_type: Optional[str] = None,
                 create_mode: Optional[str] = None,
                 license_type: Optional[str] = None,
                 restore_dropped_database_id: Optional[str] = None,
                 restore_long_term_retention_backup_id: Optional[str] = None,
                 restore_point_in_time: Optional[str] = None,
                 sample_name: Optional[str] = None,
                 secondary_type: Optional[str] = None,
                 collation: Optional[str] = None,
                 short_term_retention_policy: Optional[DatabaseShortTermRetentionPolicyArgs] = None,
                 sku_name: Optional[str] = None,
                 storage_account_type: Optional[str] = None,
                 tags: Optional[Mapping[str, str]] = None,
                 threat_detection_policy: Optional[DatabaseThreatDetectionPolicyArgs] = None,
                 transparent_data_encryption_enabled: Optional[bool] = None,
                 transparent_data_encryption_key_automatic_rotation_enabled: Optional[bool] = None,
                 transparent_data_encryption_key_vault_key_id: Optional[str] = None,
                 zone_redundant: Optional[bool] = None)
    func NewDatabase(ctx *Context, name string, args DatabaseArgs, opts ...ResourceOption) (*Database, error)
    public Database(string name, DatabaseArgs args, CustomResourceOptions? opts = null)
    public Database(String name, DatabaseArgs args)
    public Database(String name, DatabaseArgs args, CustomResourceOptions options)
    
    type: azure:mssql:Database
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DatabaseArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DatabaseArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DatabaseArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DatabaseArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DatabaseArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Example

    The following reference example uses placeholder values for all input properties.

    var exampledatabaseResourceResourceFromMssqldatabase = new Azure.MSSql.Database("exampledatabaseResourceResourceFromMssqldatabase", new()
    {
        ServerId = "string",
        ReadReplicaCount = 0,
        Import = new Azure.MSSql.Inputs.DatabaseImportArgs
        {
            AdministratorLogin = "string",
            AdministratorLoginPassword = "string",
            AuthenticationType = "string",
            StorageKey = "string",
            StorageKeyType = "string",
            StorageUri = "string",
            StorageAccountId = "string",
        },
        CreationSourceDatabaseId = "string",
        ElasticPoolId = "string",
        ReadScale = false,
        GeoBackupEnabled = false,
        Identity = new Azure.MSSql.Inputs.DatabaseIdentityArgs
        {
            IdentityIds = new[]
            {
                "string",
            },
            Type = "string",
        },
        RecoverDatabaseId = "string",
        LedgerEnabled = false,
        RecoveryPointId = "string",
        LongTermRetentionPolicy = new Azure.MSSql.Inputs.DatabaseLongTermRetentionPolicyArgs
        {
            ImmutableBackupsEnabled = false,
            MonthlyRetention = "string",
            WeekOfYear = 0,
            WeeklyRetention = "string",
            YearlyRetention = "string",
        },
        MaintenanceConfigurationName = "string",
        MaxSizeGb = 0,
        MinCapacity = 0,
        Name = "string",
        AutoPauseDelayInMinutes = 0,
        EnclaveType = "string",
        CreateMode = "string",
        LicenseType = "string",
        RestoreDroppedDatabaseId = "string",
        RestoreLongTermRetentionBackupId = "string",
        RestorePointInTime = "string",
        SampleName = "string",
        SecondaryType = "string",
        Collation = "string",
        ShortTermRetentionPolicy = new Azure.MSSql.Inputs.DatabaseShortTermRetentionPolicyArgs
        {
            RetentionDays = 0,
            BackupIntervalInHours = 0,
        },
        SkuName = "string",
        StorageAccountType = "string",
        Tags = 
        {
            { "string", "string" },
        },
        ThreatDetectionPolicy = new Azure.MSSql.Inputs.DatabaseThreatDetectionPolicyArgs
        {
            DisabledAlerts = new[]
            {
                "string",
            },
            EmailAccountAdmins = "string",
            EmailAddresses = new[]
            {
                "string",
            },
            RetentionDays = 0,
            State = "string",
            StorageAccountAccessKey = "string",
            StorageEndpoint = "string",
        },
        TransparentDataEncryptionEnabled = false,
        TransparentDataEncryptionKeyAutomaticRotationEnabled = false,
        TransparentDataEncryptionKeyVaultKeyId = "string",
        ZoneRedundant = false,
    });
    
    example, err := mssql.NewDatabase(ctx, "exampledatabaseResourceResourceFromMssqldatabase", &mssql.DatabaseArgs{
    	ServerId:         pulumi.String("string"),
    	ReadReplicaCount: pulumi.Int(0),
    	Import: &mssql.DatabaseImportArgs{
    		AdministratorLogin:         pulumi.String("string"),
    		AdministratorLoginPassword: pulumi.String("string"),
    		AuthenticationType:         pulumi.String("string"),
    		StorageKey:                 pulumi.String("string"),
    		StorageKeyType:             pulumi.String("string"),
    		StorageUri:                 pulumi.String("string"),
    		StorageAccountId:           pulumi.String("string"),
    	},
    	CreationSourceDatabaseId: pulumi.String("string"),
    	ElasticPoolId:            pulumi.String("string"),
    	ReadScale:                pulumi.Bool(false),
    	GeoBackupEnabled:         pulumi.Bool(false),
    	Identity: &mssql.DatabaseIdentityArgs{
    		IdentityIds: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		Type: pulumi.String("string"),
    	},
    	RecoverDatabaseId: pulumi.String("string"),
    	LedgerEnabled:     pulumi.Bool(false),
    	RecoveryPointId:   pulumi.String("string"),
    	LongTermRetentionPolicy: &mssql.DatabaseLongTermRetentionPolicyArgs{
    		ImmutableBackupsEnabled: pulumi.Bool(false),
    		MonthlyRetention:        pulumi.String("string"),
    		WeekOfYear:              pulumi.Int(0),
    		WeeklyRetention:         pulumi.String("string"),
    		YearlyRetention:         pulumi.String("string"),
    	},
    	MaintenanceConfigurationName:     pulumi.String("string"),
    	MaxSizeGb:                        pulumi.Int(0),
    	MinCapacity:                      pulumi.Float64(0),
    	Name:                             pulumi.String("string"),
    	AutoPauseDelayInMinutes:          pulumi.Int(0),
    	EnclaveType:                      pulumi.String("string"),
    	CreateMode:                       pulumi.String("string"),
    	LicenseType:                      pulumi.String("string"),
    	RestoreDroppedDatabaseId:         pulumi.String("string"),
    	RestoreLongTermRetentionBackupId: pulumi.String("string"),
    	RestorePointInTime:               pulumi.String("string"),
    	SampleName:                       pulumi.String("string"),
    	SecondaryType:                    pulumi.String("string"),
    	Collation:                        pulumi.String("string"),
    	ShortTermRetentionPolicy: &mssql.DatabaseShortTermRetentionPolicyArgs{
    		RetentionDays:         pulumi.Int(0),
    		BackupIntervalInHours: pulumi.Int(0),
    	},
    	SkuName:            pulumi.String("string"),
    	StorageAccountType: pulumi.String("string"),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	ThreatDetectionPolicy: &mssql.DatabaseThreatDetectionPolicyArgs{
    		DisabledAlerts: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		EmailAccountAdmins: pulumi.String("string"),
    		EmailAddresses: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		RetentionDays:           pulumi.Int(0),
    		State:                   pulumi.String("string"),
    		StorageAccountAccessKey: pulumi.String("string"),
    		StorageEndpoint:         pulumi.String("string"),
    	},
    	TransparentDataEncryptionEnabled:                     pulumi.Bool(false),
    	TransparentDataEncryptionKeyAutomaticRotationEnabled: pulumi.Bool(false),
    	TransparentDataEncryptionKeyVaultKeyId:               pulumi.String("string"),
    	ZoneRedundant:                                        pulumi.Bool(false),
    })
    
    var exampledatabaseResourceResourceFromMssqldatabase = new Database("exampledatabaseResourceResourceFromMssqldatabase", DatabaseArgs.builder()
        .serverId("string")
        .readReplicaCount(0)
        .import_(DatabaseImportArgs.builder()
            .administratorLogin("string")
            .administratorLoginPassword("string")
            .authenticationType("string")
            .storageKey("string")
            .storageKeyType("string")
            .storageUri("string")
            .storageAccountId("string")
            .build())
        .creationSourceDatabaseId("string")
        .elasticPoolId("string")
        .readScale(false)
        .geoBackupEnabled(false)
        .identity(DatabaseIdentityArgs.builder()
            .identityIds("string")
            .type("string")
            .build())
        .recoverDatabaseId("string")
        .ledgerEnabled(false)
        .recoveryPointId("string")
        .longTermRetentionPolicy(DatabaseLongTermRetentionPolicyArgs.builder()
            .immutableBackupsEnabled(false)
            .monthlyRetention("string")
            .weekOfYear(0)
            .weeklyRetention("string")
            .yearlyRetention("string")
            .build())
        .maintenanceConfigurationName("string")
        .maxSizeGb(0)
        .minCapacity(0)
        .name("string")
        .autoPauseDelayInMinutes(0)
        .enclaveType("string")
        .createMode("string")
        .licenseType("string")
        .restoreDroppedDatabaseId("string")
        .restoreLongTermRetentionBackupId("string")
        .restorePointInTime("string")
        .sampleName("string")
        .secondaryType("string")
        .collation("string")
        .shortTermRetentionPolicy(DatabaseShortTermRetentionPolicyArgs.builder()
            .retentionDays(0)
            .backupIntervalInHours(0)
            .build())
        .skuName("string")
        .storageAccountType("string")
        .tags(Map.of("string", "string"))
        .threatDetectionPolicy(DatabaseThreatDetectionPolicyArgs.builder()
            .disabledAlerts("string")
            .emailAccountAdmins("string")
            .emailAddresses("string")
            .retentionDays(0)
            .state("string")
            .storageAccountAccessKey("string")
            .storageEndpoint("string")
            .build())
        .transparentDataEncryptionEnabled(false)
        .transparentDataEncryptionKeyAutomaticRotationEnabled(false)
        .transparentDataEncryptionKeyVaultKeyId("string")
        .zoneRedundant(false)
        .build());
    
    exampledatabase_resource_resource_from_mssqldatabase = azure.mssql.Database("exampledatabaseResourceResourceFromMssqldatabase",
        server_id="string",
        read_replica_count=0,
        import_=azure.mssql.DatabaseImportArgs(
            administrator_login="string",
            administrator_login_password="string",
            authentication_type="string",
            storage_key="string",
            storage_key_type="string",
            storage_uri="string",
            storage_account_id="string",
        ),
        creation_source_database_id="string",
        elastic_pool_id="string",
        read_scale=False,
        geo_backup_enabled=False,
        identity=azure.mssql.DatabaseIdentityArgs(
            identity_ids=["string"],
            type="string",
        ),
        recover_database_id="string",
        ledger_enabled=False,
        recovery_point_id="string",
        long_term_retention_policy=azure.mssql.DatabaseLongTermRetentionPolicyArgs(
            immutable_backups_enabled=False,
            monthly_retention="string",
            week_of_year=0,
            weekly_retention="string",
            yearly_retention="string",
        ),
        maintenance_configuration_name="string",
        max_size_gb=0,
        min_capacity=0,
        name="string",
        auto_pause_delay_in_minutes=0,
        enclave_type="string",
        create_mode="string",
        license_type="string",
        restore_dropped_database_id="string",
        restore_long_term_retention_backup_id="string",
        restore_point_in_time="string",
        sample_name="string",
        secondary_type="string",
        collation="string",
        short_term_retention_policy=azure.mssql.DatabaseShortTermRetentionPolicyArgs(
            retention_days=0,
            backup_interval_in_hours=0,
        ),
        sku_name="string",
        storage_account_type="string",
        tags={
            "string": "string",
        },
        threat_detection_policy=azure.mssql.DatabaseThreatDetectionPolicyArgs(
            disabled_alerts=["string"],
            email_account_admins="string",
            email_addresses=["string"],
            retention_days=0,
            state="string",
            storage_account_access_key="string",
            storage_endpoint="string",
        ),
        transparent_data_encryption_enabled=False,
        transparent_data_encryption_key_automatic_rotation_enabled=False,
        transparent_data_encryption_key_vault_key_id="string",
        zone_redundant=False)
    
    const exampledatabaseResourceResourceFromMssqldatabase = new azure.mssql.Database("exampledatabaseResourceResourceFromMssqldatabase", {
        serverId: "string",
        readReplicaCount: 0,
        "import": {
            administratorLogin: "string",
            administratorLoginPassword: "string",
            authenticationType: "string",
            storageKey: "string",
            storageKeyType: "string",
            storageUri: "string",
            storageAccountId: "string",
        },
        creationSourceDatabaseId: "string",
        elasticPoolId: "string",
        readScale: false,
        geoBackupEnabled: false,
        identity: {
            identityIds: ["string"],
            type: "string",
        },
        recoverDatabaseId: "string",
        ledgerEnabled: false,
        recoveryPointId: "string",
        longTermRetentionPolicy: {
            immutableBackupsEnabled: false,
            monthlyRetention: "string",
            weekOfYear: 0,
            weeklyRetention: "string",
            yearlyRetention: "string",
        },
        maintenanceConfigurationName: "string",
        maxSizeGb: 0,
        minCapacity: 0,
        name: "string",
        autoPauseDelayInMinutes: 0,
        enclaveType: "string",
        createMode: "string",
        licenseType: "string",
        restoreDroppedDatabaseId: "string",
        restoreLongTermRetentionBackupId: "string",
        restorePointInTime: "string",
        sampleName: "string",
        secondaryType: "string",
        collation: "string",
        shortTermRetentionPolicy: {
            retentionDays: 0,
            backupIntervalInHours: 0,
        },
        skuName: "string",
        storageAccountType: "string",
        tags: {
            string: "string",
        },
        threatDetectionPolicy: {
            disabledAlerts: ["string"],
            emailAccountAdmins: "string",
            emailAddresses: ["string"],
            retentionDays: 0,
            state: "string",
            storageAccountAccessKey: "string",
            storageEndpoint: "string",
        },
        transparentDataEncryptionEnabled: false,
        transparentDataEncryptionKeyAutomaticRotationEnabled: false,
        transparentDataEncryptionKeyVaultKeyId: "string",
        zoneRedundant: false,
    });
    
    type: azure:mssql:Database
    properties:
        autoPauseDelayInMinutes: 0
        collation: string
        createMode: string
        creationSourceDatabaseId: string
        elasticPoolId: string
        enclaveType: string
        geoBackupEnabled: false
        identity:
            identityIds:
                - string
            type: string
        import:
            administratorLogin: string
            administratorLoginPassword: string
            authenticationType: string
            storageAccountId: string
            storageKey: string
            storageKeyType: string
            storageUri: string
        ledgerEnabled: false
        licenseType: string
        longTermRetentionPolicy:
            immutableBackupsEnabled: false
            monthlyRetention: string
            weekOfYear: 0
            weeklyRetention: string
            yearlyRetention: string
        maintenanceConfigurationName: string
        maxSizeGb: 0
        minCapacity: 0
        name: string
        readReplicaCount: 0
        readScale: false
        recoverDatabaseId: string
        recoveryPointId: string
        restoreDroppedDatabaseId: string
        restoreLongTermRetentionBackupId: string
        restorePointInTime: string
        sampleName: string
        secondaryType: string
        serverId: string
        shortTermRetentionPolicy:
            backupIntervalInHours: 0
            retentionDays: 0
        skuName: string
        storageAccountType: string
        tags:
            string: string
        threatDetectionPolicy:
            disabledAlerts:
                - string
            emailAccountAdmins: string
            emailAddresses:
                - string
            retentionDays: 0
            state: string
            storageAccountAccessKey: string
            storageEndpoint: string
        transparentDataEncryptionEnabled: false
        transparentDataEncryptionKeyAutomaticRotationEnabled: false
        transparentDataEncryptionKeyVaultKeyId: string
        zoneRedundant: false
    

    Database Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Database resource accepts the following input properties:

    ServerId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    AutoPauseDelayInMinutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    Collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    CreateMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    CreationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    ElasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    EnclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    GeoBackupEnabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    Identity DatabaseIdentity
    An identity block as defined below.
    Import DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    LedgerEnabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    LicenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    LongTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    MaintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    MaxSizeGb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    MinCapacity double
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    Name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    ReadReplicaCount int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    ReadScale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    RecoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    RecoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    RestoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    RestoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    RestorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    SampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    SecondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    ShortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    SkuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    StorageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    ThreatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    TransparentDataEncryptionEnabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    TransparentDataEncryptionKeyAutomaticRotationEnabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    TransparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    ZoneRedundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    ServerId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    AutoPauseDelayInMinutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    Collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    CreateMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    CreationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    ElasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    EnclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    GeoBackupEnabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    Identity DatabaseIdentityArgs
    An identity block as defined below.
    Import DatabaseImportArgs
    A import block as documented below. Mutually exclusive with create_mode.
    LedgerEnabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    LicenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    LongTermRetentionPolicy DatabaseLongTermRetentionPolicyArgs
    A long_term_retention_policy block as defined below.
    MaintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    MaxSizeGb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    MinCapacity float64
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    Name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    ReadReplicaCount int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    ReadScale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    RecoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    RecoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    RestoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    RestoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    RestorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    SampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    SecondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    ShortTermRetentionPolicy DatabaseShortTermRetentionPolicyArgs
    A short_term_retention_policy block as defined below.
    SkuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    StorageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    ThreatDetectionPolicy DatabaseThreatDetectionPolicyArgs
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    TransparentDataEncryptionEnabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    TransparentDataEncryptionKeyAutomaticRotationEnabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    TransparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    ZoneRedundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    serverId String

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    autoPauseDelayInMinutes Integer
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation String
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode String
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId String

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId String
    Specifies the ID of the elastic pool containing this database.
    enclaveType String

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled Boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentity
    An identity block as defined below.
    import_ DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled Boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType String
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName String

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb Integer

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity Double
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name String
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount Integer
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale Boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId String
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId String
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId String
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId String
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime String
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName String
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType String
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    shortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    skuName String

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType String
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    threatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled Boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled Boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId String

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant Boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    serverId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    autoPauseDelayInMinutes number
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    enclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentity
    An identity block as defined below.
    import DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb number

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity number
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount number
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    shortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    skuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    threatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    server_id str

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    auto_pause_delay_in_minutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation str
    Specifies the collation of the database. Changing this forces a new resource to be created.
    create_mode str
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creation_source_database_id str

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elastic_pool_id str
    Specifies the ID of the elastic pool containing this database.
    enclave_type str

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geo_backup_enabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentityArgs
    An identity block as defined below.
    import_ DatabaseImportArgs
    A import block as documented below. Mutually exclusive with create_mode.
    ledger_enabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    license_type str
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    long_term_retention_policy DatabaseLongTermRetentionPolicyArgs
    A long_term_retention_policy block as defined below.
    maintenance_configuration_name str

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    max_size_gb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    min_capacity float
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name str
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    read_replica_count int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    read_scale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recover_database_id str
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recovery_point_id str
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restore_dropped_database_id str
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restore_long_term_retention_backup_id str
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restore_point_in_time str
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sample_name str
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondary_type str
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    short_term_retention_policy DatabaseShortTermRetentionPolicyArgs
    A short_term_retention_policy block as defined below.
    sku_name str

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storage_account_type str
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    threat_detection_policy DatabaseThreatDetectionPolicyArgs
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparent_data_encryption_enabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparent_data_encryption_key_automatic_rotation_enabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparent_data_encryption_key_vault_key_id str

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zone_redundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    serverId String

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    autoPauseDelayInMinutes Number
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation String
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode String
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId String

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId String
    Specifies the ID of the elastic pool containing this database.
    enclaveType String

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled Boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity Property Map
    An identity block as defined below.
    import Property Map
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled Boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType String
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy Property Map
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName String

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb Number

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity Number
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name String
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount Number
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale Boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId String
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId String
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId String
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId String
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime String
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName String
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType String
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    shortTermRetentionPolicy Property Map
    A short_term_retention_policy block as defined below.
    skuName String

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType String
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Map<String>
    A mapping of tags to assign to the resource.
    threatDetectionPolicy Property Map
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled Boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled Boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId String

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant Boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Database resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Database Resource

    Get an existing Database resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DatabaseState, opts?: CustomResourceOptions): Database
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            auto_pause_delay_in_minutes: Optional[int] = None,
            collation: Optional[str] = None,
            create_mode: Optional[str] = None,
            creation_source_database_id: Optional[str] = None,
            elastic_pool_id: Optional[str] = None,
            enclave_type: Optional[str] = None,
            geo_backup_enabled: Optional[bool] = None,
            identity: Optional[DatabaseIdentityArgs] = None,
            import_: Optional[DatabaseImportArgs] = None,
            ledger_enabled: Optional[bool] = None,
            license_type: Optional[str] = None,
            long_term_retention_policy: Optional[DatabaseLongTermRetentionPolicyArgs] = None,
            maintenance_configuration_name: Optional[str] = None,
            max_size_gb: Optional[int] = None,
            min_capacity: Optional[float] = None,
            name: Optional[str] = None,
            read_replica_count: Optional[int] = None,
            read_scale: Optional[bool] = None,
            recover_database_id: Optional[str] = None,
            recovery_point_id: Optional[str] = None,
            restore_dropped_database_id: Optional[str] = None,
            restore_long_term_retention_backup_id: Optional[str] = None,
            restore_point_in_time: Optional[str] = None,
            sample_name: Optional[str] = None,
            secondary_type: Optional[str] = None,
            server_id: Optional[str] = None,
            short_term_retention_policy: Optional[DatabaseShortTermRetentionPolicyArgs] = None,
            sku_name: Optional[str] = None,
            storage_account_type: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            threat_detection_policy: Optional[DatabaseThreatDetectionPolicyArgs] = None,
            transparent_data_encryption_enabled: Optional[bool] = None,
            transparent_data_encryption_key_automatic_rotation_enabled: Optional[bool] = None,
            transparent_data_encryption_key_vault_key_id: Optional[str] = None,
            zone_redundant: Optional[bool] = None) -> Database
    func GetDatabase(ctx *Context, name string, id IDInput, state *DatabaseState, opts ...ResourceOption) (*Database, error)
    public static Database Get(string name, Input<string> id, DatabaseState? state, CustomResourceOptions? opts = null)
    public static Database get(String name, Output<String> id, DatabaseState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AutoPauseDelayInMinutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    Collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    CreateMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    CreationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    ElasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    EnclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    GeoBackupEnabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    Identity DatabaseIdentity
    An identity block as defined below.
    Import DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    LedgerEnabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    LicenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    LongTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    MaintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    MaxSizeGb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    MinCapacity double
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    Name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    ReadReplicaCount int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    ReadScale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    RecoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    RecoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    RestoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    RestoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    RestorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    SampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    SecondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    ServerId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    ShortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    SkuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    StorageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    Tags Dictionary<string, string>
    A mapping of tags to assign to the resource.
    ThreatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    TransparentDataEncryptionEnabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    TransparentDataEncryptionKeyAutomaticRotationEnabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    TransparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    ZoneRedundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    AutoPauseDelayInMinutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    Collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    CreateMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    CreationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    ElasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    EnclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    GeoBackupEnabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    Identity DatabaseIdentityArgs
    An identity block as defined below.
    Import DatabaseImportArgs
    A import block as documented below. Mutually exclusive with create_mode.
    LedgerEnabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    LicenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    LongTermRetentionPolicy DatabaseLongTermRetentionPolicyArgs
    A long_term_retention_policy block as defined below.
    MaintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    MaxSizeGb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    MinCapacity float64
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    Name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    ReadReplicaCount int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    ReadScale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    RecoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    RecoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    RestoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    RestoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    RestorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    SampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    SecondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    ServerId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    ShortTermRetentionPolicy DatabaseShortTermRetentionPolicyArgs
    A short_term_retention_policy block as defined below.
    SkuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    StorageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    Tags map[string]string
    A mapping of tags to assign to the resource.
    ThreatDetectionPolicy DatabaseThreatDetectionPolicyArgs
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    TransparentDataEncryptionEnabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    TransparentDataEncryptionKeyAutomaticRotationEnabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    TransparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    ZoneRedundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    autoPauseDelayInMinutes Integer
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation String
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode String
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId String

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId String
    Specifies the ID of the elastic pool containing this database.
    enclaveType String

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled Boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentity
    An identity block as defined below.
    import_ DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled Boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType String
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName String

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb Integer

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity Double
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name String
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount Integer
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale Boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId String
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId String
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId String
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId String
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime String
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName String
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType String
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    serverId String

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    shortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    skuName String

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType String
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Map<String,String>
    A mapping of tags to assign to the resource.
    threatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled Boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled Boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId String

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant Boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    autoPauseDelayInMinutes number
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation string
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode string
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId string

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId string
    Specifies the ID of the elastic pool containing this database.
    enclaveType string

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentity
    An identity block as defined below.
    import DatabaseImport
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType string
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy DatabaseLongTermRetentionPolicy
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName string

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb number

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity number
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name string
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount number
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId string
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId string
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId string
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId string
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime string
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName string
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType string
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    serverId string

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    shortTermRetentionPolicy DatabaseShortTermRetentionPolicy
    A short_term_retention_policy block as defined below.
    skuName string

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType string
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags {[key: string]: string}
    A mapping of tags to assign to the resource.
    threatDetectionPolicy DatabaseThreatDetectionPolicy
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId string

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    auto_pause_delay_in_minutes int
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation str
    Specifies the collation of the database. Changing this forces a new resource to be created.
    create_mode str
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creation_source_database_id str

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elastic_pool_id str
    Specifies the ID of the elastic pool containing this database.
    enclave_type str

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geo_backup_enabled bool

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity DatabaseIdentityArgs
    An identity block as defined below.
    import_ DatabaseImportArgs
    A import block as documented below. Mutually exclusive with create_mode.
    ledger_enabled bool
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    license_type str
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    long_term_retention_policy DatabaseLongTermRetentionPolicyArgs
    A long_term_retention_policy block as defined below.
    maintenance_configuration_name str

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    max_size_gb int

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    min_capacity float
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name str
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    read_replica_count int
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    read_scale bool
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recover_database_id str
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recovery_point_id str
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restore_dropped_database_id str
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restore_long_term_retention_backup_id str
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restore_point_in_time str
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sample_name str
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondary_type str
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    server_id str

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    short_term_retention_policy DatabaseShortTermRetentionPolicyArgs
    A short_term_retention_policy block as defined below.
    sku_name str

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storage_account_type str
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Mapping[str, str]
    A mapping of tags to assign to the resource.
    threat_detection_policy DatabaseThreatDetectionPolicyArgs
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparent_data_encryption_enabled bool

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparent_data_encryption_key_automatic_rotation_enabled bool

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparent_data_encryption_key_vault_key_id str

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zone_redundant bool
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.
    autoPauseDelayInMinutes Number
    Time in minutes after which database is automatically paused. A value of -1 means that automatic pause is disabled. This property is only settable for Serverless databases.
    collation String
    Specifies the collation of the database. Changing this forces a new resource to be created.
    createMode String
    The create mode of the database. Possible values are Copy, Default, OnlineSecondary, PointInTimeRestore, Recovery, Restore, RestoreExternalBackup, RestoreExternalBackupSecondary, RestoreLongTermRetentionBackup and Secondary. Mutually exclusive with import. Changing this forces a new resource to be created. Defaults to Default.
    creationSourceDatabaseId String

    The ID of the source database from which to create the new database. This should only be used for databases with create_mode values that use another database as reference. Changing this forces a new resource to be created.

    NOTE: When configuring a secondary database, please be aware of the constraints for the sku_name property, as noted below, for both the primary and secondary databases. The sku_name of the secondary database may be inadvertently changed to match that of the primary when an incompatible combination of SKUs is detected by the provider.

    elasticPoolId String
    Specifies the ID of the elastic pool containing this database.
    enclaveType String

    Specifies the type of enclave to be used by the elastic pool. When enclave_type is not specified (e.g., the default) enclaves are not enabled on the database. <!-- TODO: Uncomment in 4.0: Once enabled (e.g., by specifying Default or VBS) removing the enclave_type field from the configuration file will force the creation of a new resource.-> Possible values are Default or VBS.

    NOTE: enclave_type is currently not supported for DW (e.g, DataWarehouse) and DC-series SKUs.

    NOTE: Geo Replicated and Failover databases must have the same enclave_type.

    NOTE: The default value for the enclave_type field is unset not Default.

    geoBackupEnabled Boolean

    A boolean that specifies if the Geo Backup Policy is enabled. Defaults to true.

    NOTE: geo_backup_enabled is only applicable for DataWarehouse SKUs (DW*). This setting is ignored for all other SKUs.

    identity Property Map
    An identity block as defined below.
    import Property Map
    A import block as documented below. Mutually exclusive with create_mode.
    ledgerEnabled Boolean
    A boolean that specifies if this is a ledger database. Defaults to false. Changing this forces a new resource to be created.
    licenseType String
    Specifies the license type applied to this database. Possible values are LicenseIncluded and BasePrice.
    longTermRetentionPolicy Property Map
    A long_term_retention_policy block as defined below.
    maintenanceConfigurationName String

    The name of the Public Maintenance Configuration window to apply to the database. Valid values include SQL_Default, SQL_EastUS_DB_1, SQL_EastUS2_DB_1, SQL_SoutheastAsia_DB_1, SQL_AustraliaEast_DB_1, SQL_NorthEurope_DB_1, SQL_SouthCentralUS_DB_1, SQL_WestUS2_DB_1, SQL_UKSouth_DB_1, SQL_WestEurope_DB_1, SQL_EastUS_DB_2, SQL_EastUS2_DB_2, SQL_WestUS2_DB_2, SQL_SoutheastAsia_DB_2, SQL_AustraliaEast_DB_2, SQL_NorthEurope_DB_2, SQL_SouthCentralUS_DB_2, SQL_UKSouth_DB_2, SQL_WestEurope_DB_2, SQL_AustraliaSoutheast_DB_1, SQL_BrazilSouth_DB_1, SQL_CanadaCentral_DB_1, SQL_CanadaEast_DB_1, SQL_CentralUS_DB_1, SQL_EastAsia_DB_1, SQL_FranceCentral_DB_1, SQL_GermanyWestCentral_DB_1, SQL_CentralIndia_DB_1, SQL_SouthIndia_DB_1, SQL_JapanEast_DB_1, SQL_JapanWest_DB_1, SQL_NorthCentralUS_DB_1, SQL_UKWest_DB_1, SQL_WestUS_DB_1, SQL_AustraliaSoutheast_DB_2, SQL_BrazilSouth_DB_2, SQL_CanadaCentral_DB_2, SQL_CanadaEast_DB_2, SQL_CentralUS_DB_2, SQL_EastAsia_DB_2, SQL_FranceCentral_DB_2, SQL_GermanyWestCentral_DB_2, SQL_CentralIndia_DB_2, SQL_SouthIndia_DB_2, SQL_JapanEast_DB_2, SQL_JapanWest_DB_2, SQL_NorthCentralUS_DB_2, SQL_UKWest_DB_2, SQL_WestUS_DB_2, SQL_WestCentralUS_DB_1, SQL_FranceSouth_DB_1, SQL_WestCentralUS_DB_2, SQL_FranceSouth_DB_2, SQL_SwitzerlandNorth_DB_1, SQL_SwitzerlandNorth_DB_2, SQL_BrazilSoutheast_DB_1, SQL_UAENorth_DB_1, SQL_BrazilSoutheast_DB_2, SQL_UAENorth_DB_2. Defaults to SQL_Default.

    NOTE: maintenance_configuration_name is only applicable if elastic_pool_id is not set.

    maxSizeGb Number

    The max size of the database in gigabytes.

    NOTE: This value should not be configured when the create_mode is Secondary or OnlineSecondary, as the sizing of the primary is then used as per Azure documentation.

    minCapacity Number
    Minimal capacity that database will always have allocated, if not paused. This property is only settable for Serverless databases.
    name String
    The name of the MS SQL Database. Changing this forces a new resource to be created.
    readReplicaCount Number
    The number of readonly secondary replicas associated with the database to which readonly application intent connections may be routed. This property is only settable for Hyperscale edition databases.
    readScale Boolean
    If enabled, connections that have application intent set to readonly in their connection string may be routed to a readonly secondary replica. This property is only settable for Premium and Business Critical databases.
    recoverDatabaseId String
    The ID of the database to be recovered. This property is only applicable when the create_mode is Recovery.
    recoveryPointId String
    The ID of the Recovery Services Recovery Point Id to be restored. This property is only applicable when the create_mode is Recovery.
    restoreDroppedDatabaseId String
    The ID of the database to be restored. This property is only applicable when the create_mode is Restore.
    restoreLongTermRetentionBackupId String
    The ID of the long term retention backup to be restored. This property is only applicable when the create_mode is RestoreLongTermRetentionBackup.
    restorePointInTime String
    Specifies the point in time (ISO8601 format) of the source database that will be restored to create the new database. This property is only settable for create_mode= PointInTimeRestore databases.
    sampleName String
    Specifies the name of the sample schema to apply when creating this database. Possible value is AdventureWorksLT.
    secondaryType String
    How do you want your replica to be made? Valid values include Geo and Named. Defaults to Geo. Changing this forces a new resource to be created.
    serverId String

    The id of the MS SQL Server on which to create the database. Changing this forces a new resource to be created.

    NOTE: This setting is still required for "Serverless" SKUs

    shortTermRetentionPolicy Property Map
    A short_term_retention_policy block as defined below.
    skuName String

    Specifies the name of the SKU used by the database. For example, GP_S_Gen5_2,HS_Gen4_1,BC_Gen5_2, ElasticPool, Basic,S0, P2 ,DW100c, DS100. Changing this from the HyperScale service tier to another service tier will create a new resource.

    NOTE: The default sku_name value may differ between Azure locations depending on local availability of Gen4/Gen5 capacity. When databases are replicated using the creation_source_database_id property, the source (primary) database cannot have a higher SKU service tier than any secondary databases. When changing the sku_name of a database having one or more secondary databases, this resource will first update any secondary databases as necessary. In such cases it's recommended to use the same sku_name in your configuration for all related databases, as not doing so may cause an unresolvable diff during subsequent plans.

    storageAccountType String
    Specifies the storage account type used to store backups for this database. Possible values are Geo, GeoZone, Local and Zone. Defaults to Geo.
    tags Map<String>
    A mapping of tags to assign to the resource.
    threatDetectionPolicy Property Map
    Threat detection policy configuration. The threat_detection_policy block supports fields documented below.
    transparentDataEncryptionEnabled Boolean

    If set to true, Transparent Data Encryption will be enabled on the database. Defaults to true.

    NOTE: transparent_data_encryption_enabled can only be set to false on DW (e.g, DataWarehouse) server SKUs.

    transparentDataEncryptionKeyAutomaticRotationEnabled Boolean

    Boolean flag to specify whether TDE automatically rotates the encryption Key to latest version or not. Possible values are true or false. Defaults to false.

    NOTE: When the sku_name is DW100c, the transparent_data_encryption_key_automatic_rotation_enabled and the transparent_data_encryption_key_vault_key_id properties should not be specified, as database-level CMK is not supported for Data Warehouse SKUs.

    transparentDataEncryptionKeyVaultKeyId String

    The fully versioned Key Vault Key URL (e.g. 'https://<YourVaultName>.vault.azure.net/keys/<YourKeyName>/<YourKeyVersion>) to be used as the Customer Managed Key(CMK/BYOK) for the Transparent Data Encryption(TDE) layer.

    NOTE: To successfully deploy a Microsoft SQL Database in CMK/BYOK TDE the Key Vault must have Soft-delete and purge protection enabled to protect from data loss due to accidental key and/or key vault deletion. The Key Vault and the Microsoft SQL Server User Managed Identity Instance must belong to the same Azure Active Directory tenant.

    zoneRedundant Boolean
    Whether or not this database is zone redundant, which means the replicas of this database will be spread across multiple availability zones. This property is only settable for Premium and Business Critical databases.

    Supporting Types

    DatabaseIdentity, DatabaseIdentityArgs

    IdentityIds List<string>
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    Type string
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.
    IdentityIds []string
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    Type string
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.
    identityIds List<String>
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    type String
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.
    identityIds string[]
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    type string
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.
    identity_ids Sequence[str]
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    type str
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.
    identityIds List<String>
    Specifies a list of User Assigned Managed Identity IDs to be assigned to this SQL Database.
    type String
    Specifies the type of Managed Service Identity that should be configured on this SQL Database. Possible value is UserAssigned.

    DatabaseImport, DatabaseImportArgs

    AdministratorLogin string
    Specifies the name of the SQL administrator.
    AdministratorLoginPassword string
    Specifies the password of the SQL administrator.
    AuthenticationType string
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    StorageKey string
    Specifies the access key for the storage account.
    StorageKeyType string
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    StorageUri string
    Specifies the blob URI of the .bacpac file.
    StorageAccountId string
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
    AdministratorLogin string
    Specifies the name of the SQL administrator.
    AdministratorLoginPassword string
    Specifies the password of the SQL administrator.
    AuthenticationType string
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    StorageKey string
    Specifies the access key for the storage account.
    StorageKeyType string
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    StorageUri string
    Specifies the blob URI of the .bacpac file.
    StorageAccountId string
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
    administratorLogin String
    Specifies the name of the SQL administrator.
    administratorLoginPassword String
    Specifies the password of the SQL administrator.
    authenticationType String
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    storageKey String
    Specifies the access key for the storage account.
    storageKeyType String
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    storageUri String
    Specifies the blob URI of the .bacpac file.
    storageAccountId String
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
    administratorLogin string
    Specifies the name of the SQL administrator.
    administratorLoginPassword string
    Specifies the password of the SQL administrator.
    authenticationType string
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    storageKey string
    Specifies the access key for the storage account.
    storageKeyType string
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    storageUri string
    Specifies the blob URI of the .bacpac file.
    storageAccountId string
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
    administrator_login str
    Specifies the name of the SQL administrator.
    administrator_login_password str
    Specifies the password of the SQL administrator.
    authentication_type str
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    storage_key str
    Specifies the access key for the storage account.
    storage_key_type str
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    storage_uri str
    Specifies the blob URI of the .bacpac file.
    storage_account_id str
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.
    administratorLogin String
    Specifies the name of the SQL administrator.
    administratorLoginPassword String
    Specifies the password of the SQL administrator.
    authenticationType String
    Specifies the type of authentication used to access the server. Valid values are SQL or ADPassword.
    storageKey String
    Specifies the access key for the storage account.
    storageKeyType String
    Specifies the type of access key for the storage account. Valid values are StorageAccessKey or SharedAccessKey.
    storageUri String
    Specifies the blob URI of the .bacpac file.
    storageAccountId String
    The resource id for the storage account used to store BACPAC file. If set, private endpoint connection will be created for the storage account. Must match storage account used for storage_uri parameter.

    DatabaseLongTermRetentionPolicy, DatabaseLongTermRetentionPolicyArgs

    ImmutableBackupsEnabled bool
    Specifies if the backups are immutable. Defaults to false.
    MonthlyRetention string
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    WeekOfYear int
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    WeeklyRetention string
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    YearlyRetention string
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.
    ImmutableBackupsEnabled bool
    Specifies if the backups are immutable. Defaults to false.
    MonthlyRetention string
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    WeekOfYear int
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    WeeklyRetention string
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    YearlyRetention string
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.
    immutableBackupsEnabled Boolean
    Specifies if the backups are immutable. Defaults to false.
    monthlyRetention String
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    weekOfYear Integer
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    weeklyRetention String
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    yearlyRetention String
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.
    immutableBackupsEnabled boolean
    Specifies if the backups are immutable. Defaults to false.
    monthlyRetention string
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    weekOfYear number
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    weeklyRetention string
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    yearlyRetention string
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.
    immutable_backups_enabled bool
    Specifies if the backups are immutable. Defaults to false.
    monthly_retention str
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    week_of_year int
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    weekly_retention str
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    yearly_retention str
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.
    immutableBackupsEnabled Boolean
    Specifies if the backups are immutable. Defaults to false.
    monthlyRetention String
    The monthly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 120 months. e.g. P1Y, P1M, P4W or P30D.
    weekOfYear Number
    The week of year to take the yearly backup. Value has to be between 1 and 52.
    weeklyRetention String
    The weekly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 520 weeks. e.g. P1Y, P1M, P1W or P7D.
    yearlyRetention String
    The yearly retention policy for an LTR backup in an ISO 8601 format. Valid value is between 1 to 10 years. e.g. P1Y, P12M, P52W or P365D.

    DatabaseShortTermRetentionPolicy, DatabaseShortTermRetentionPolicyArgs

    RetentionDays int
    Point In Time Restore configuration. Value has to be between 1 and 35.
    BackupIntervalInHours int
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.
    RetentionDays int
    Point In Time Restore configuration. Value has to be between 1 and 35.
    BackupIntervalInHours int
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.
    retentionDays Integer
    Point In Time Restore configuration. Value has to be between 1 and 35.
    backupIntervalInHours Integer
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.
    retentionDays number
    Point In Time Restore configuration. Value has to be between 1 and 35.
    backupIntervalInHours number
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.
    retention_days int
    Point In Time Restore configuration. Value has to be between 1 and 35.
    backup_interval_in_hours int
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.
    retentionDays Number
    Point In Time Restore configuration. Value has to be between 1 and 35.
    backupIntervalInHours Number
    The hours between each differential backup. This is only applicable to live databases but not dropped databases. Value has to be 12 or 24. Defaults to 12 hours.

    DatabaseThreatDetectionPolicy, DatabaseThreatDetectionPolicyArgs

    DisabledAlerts List<string>
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    EmailAccountAdmins string
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    EmailAddresses List<string>
    A list of email addresses which alerts should be sent to.
    RetentionDays int
    Specifies the number of days to keep in the Threat Detection audit logs.
    State string
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    StorageAccountAccessKey string
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    StorageEndpoint string
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.
    DisabledAlerts []string
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    EmailAccountAdmins string
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    EmailAddresses []string
    A list of email addresses which alerts should be sent to.
    RetentionDays int
    Specifies the number of days to keep in the Threat Detection audit logs.
    State string
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    StorageAccountAccessKey string
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    StorageEndpoint string
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.
    disabledAlerts List<String>
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    emailAccountAdmins String
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    emailAddresses List<String>
    A list of email addresses which alerts should be sent to.
    retentionDays Integer
    Specifies the number of days to keep in the Threat Detection audit logs.
    state String
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    storageAccountAccessKey String
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    storageEndpoint String
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.
    disabledAlerts string[]
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    emailAccountAdmins string
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    emailAddresses string[]
    A list of email addresses which alerts should be sent to.
    retentionDays number
    Specifies the number of days to keep in the Threat Detection audit logs.
    state string
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    storageAccountAccessKey string
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    storageEndpoint string
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.
    disabled_alerts Sequence[str]
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    email_account_admins str
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    email_addresses Sequence[str]
    A list of email addresses which alerts should be sent to.
    retention_days int
    Specifies the number of days to keep in the Threat Detection audit logs.
    state str
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    storage_account_access_key str
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    storage_endpoint str
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.
    disabledAlerts List<String>
    Specifies a list of alerts which should be disabled. Possible values include Access_Anomaly, Sql_Injection and Sql_Injection_Vulnerability.
    emailAccountAdmins String
    Should the account administrators be emailed when this alert is triggered? Possible values are Enabled or Disabled. Defaults to Disabled.
    emailAddresses List<String>
    A list of email addresses which alerts should be sent to.
    retentionDays Number
    Specifies the number of days to keep in the Threat Detection audit logs.
    state String
    The State of the Policy. Possible values are Enabled or Disabled. Defaults to Disabled.
    storageAccountAccessKey String
    Specifies the identifier key of the Threat Detection audit storage account. Required if state is Enabled.
    storageEndpoint String
    Specifies the blob storage endpoint (e.g. https://example.blob.core.windows.net). This blob storage will hold all Threat Detection audit logs. Required if state is Enabled.

    Import

    SQL Database can be imported using the resource id, e.g.

    $ pulumi import azure:mssql/database:Database example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.Sql/servers/server1/databases/example1
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure Classic v5.80.0 published on Monday, Jun 10, 2024 by Pulumi