Merge branch 'master' into fix/version-upgrade

dverma-cd · web-flow · commit c8cd09a1ec57 · 2024-11-07T17:29:50.000+05:30
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,21 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.2] - 2024-10-29
+### :sparkles: New Features
+- [`82e81ea`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/82e81ea77b10b1779c8223773727a564417b25a4) - Added diagnostic settings *(commit by [@13archit](https://github.com/13archit))*
+
+### :bug: Bug Fixes
+- [`34d3b5b`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/34d3b5bc24885be9d4bf692cc7b07718a4790560) - renamed _examples to examples and referenced it *(commit by [@vjdbj](https://github.com/vjdbj))*
+- [`706034d`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/706034dc905e57ce474e649bc4c146c0d38ca59a) - added versions in examples *(commit by [@vjdbj](https://github.com/vjdbj))*
+- [`96ad328`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/96ad3284773f4e8da8ced82e3875e36b3b21e6d2) - fixed versions in examples *(commit by [@vjdbj](https://github.com/vjdbj))*
+- [`9c39dad`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/9c39dad158dc968e1b9295154f926c31d2a81d28) - fixed tf version *(commit by [@vjdbj](https://github.com/vjdbj))*
+
+### :construction_worker: Build System
+- [`adc6d6c`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/adc6d6c7effd447a7f0650dfa5eb22c182e90382) - **deps**: bump clouddrove/subnet/azure in /_example/complete *(commit by [@dependabot[bot]](https://github.com/apps/dependabot))*
+- [`34215d5`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/34215d5ce62fa8c870c05c96f63c09aa5cd16802) - **deps**: bump clouddrove/subnet/azure *(commit by [@dependabot[bot]](https://github.com/apps/dependabot))*
+
+
 ## [1.0.1] - 2023-07-03
 ### :sparkles: New Features
 - [`c690aa3`](https://github.com/clouddrove/terraform-azure-flexible-mysql/commit/c690aa3ad0b3ae5d324c3820097e27cbaf7eb522) - auto changelog action added *(commit by [@themaheshyadav](https://github.com/themaheshyadav))*
@@ -27,3 +42,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 [1.0.0]: https://github.com/clouddrove/terraform-azure-flexible-mysql/compare/1.0.0...master
 
 [1.0.1]: https://github.com/clouddrove/terraform-azure-flexible-mysql/compare/1.0.0...1.0.1
+
+[1.0.2]: https://github.com/clouddrove/terraform-azure-flexible-mysql/compare/1.0.1...1.0.2
+
diff --git a/docs/io.md b/docs/io.md
@@ -10,20 +10,23 @@
 | charset | Specifies the Charset for the MySQL Database, which needs to be a valid MySQL Charset. Changing this forces a new resource to be created. | `string` | `""` | no |
 | collation | Specifies the Collation for the MySQL Database, which needs to be a valid MySQL Collation. Changing this forces a new resource to be created. | `string` | `""` | no |
 | create\_mode | The creation mode. Can be used to restore or replicate existing servers. Possible values are `Default`, `Replica`, `GeoRestore`, and `PointInTimeRestore`. Defaults to `Default` | `string` | `"Default"` | no |
+| custom\_tags | n/a | `map(string)` | `{}` | no |
 | db\_name | Specifies the name of the MySQL Database, which needs to be a valid MySQL identifier. Changing this forces a new resource to be created. | `string` | `""` | no |
 | delegated\_subnet\_id | The resource ID of the subnet | `string` | `""` | no |
 | enable\_diagnostic | Set to false to prevent the module from creating any resources. | `bool` | `true` | no |
 | enable\_private\_endpoint | Manages a Private Endpoint to Azure database for MySQL | `bool` | `false` | no |
 | enabled | Set to false to prevent the module from creating any resources. | `bool` | `true` | no |
 | end\_ip\_address | n/a | `string` | `""` | no |
+| entra\_authentication | Azure Entra authentication configuration block for Azure MySQL Flexible Server | <pre>object({<br>    user_assigned_identity_id = optional(string, null)<br>    login                     = optional(string, null)<br>    object_id                 = optional(string, null)<br>  })</pre> | `{}` | no |
 | environment | Environment (e.g. `prod`, `dev`, `staging`). | `string` | `""` | no |
 | eventhub\_authorization\_rule\_id | Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG. | `string` | `null` | no |
 | eventhub\_name | Eventhub Name to pass it to destination details of diagnosys setting of NSG. | `string` | `null` | no |
 | existing\_private\_dns\_zone | Name of the existing private DNS zone | `bool` | `false` | no |
 | existing\_private\_dns\_zone\_id | n/a | `string` | `""` | no |
 | existing\_private\_dns\_zone\_name | The name of the Private DNS zone (without a terminating dot). Changing this forces a new resource to be created. | `string` | `""` | no |
 | geo\_redundant\_backup\_enabled | Should geo redundant backup enabled? Defaults to false. Changing this forces a new MySQL Flexible Server to be created. | `bool` | `true` | no |
-| high\_availability | Map of high availability configuration: https://docs.microsoft.com/en-us/azure/mysql/flexible-server/concepts-high-availability. `null` to disable high availability | <pre>object({<br>    mode                      = string<br>    standby_availability_zone = optional(number)<br>  })</pre> | <pre>{<br>  "mode": "SameZone",<br>  "standby_availability_zone": 1<br>}</pre> | no |
+| high\_availability | Map of high availability configuration: https://docs.microsoft.com/en-us/azure/mysql/flexible-server/concepts-high-availability. `null` to disable high availability | <pre>object({<br>    mode                      = string<br>    standby_availability_zone = optional(number)<br>  })</pre> | `null` | no |
+| identity\_type | Type of managed identity to set | `string` | `null` | no |
 | iops | The storage IOPS for the MySQL Flexible Server. Possible values are between 360 and 20000. | `number` | `360` | no |
 | key\_vault\_id | Specifies the URL to a Key Vault Key (either from a Key Vault Key, or the Key URL for the Key Vault Secret | `string` | `""` | no |
 | key\_vault\_key\_id | The URL to a Key Vault Key | `string` | `null` | no |
@@ -50,6 +53,7 @@
 | source\_server\_id | The resource ID of the source MySQL Flexible Server to be restored. Required when create\_mode is PointInTimeRestore, GeoRestore, and Replica. Changing this forces a new MySQL Flexible Server to be created. | `string` | `null` | no |
 | start\_ip\_address | n/a | `string` | `""` | no |
 | storage\_account\_id | Storage account id to pass it to destination details of diagnosys setting of NSG. | `string` | `null` | no |
+| user\_assigned\_identity\_ids | List of user-assigned managed identity IDs | `list(string)` | `[]` | no |
 | values | Specifies the value of the MySQL Flexible Server Configuration. See the MySQL documentation for valid values. Changing this forces a new resource to be created. | `list(string)` | `[]` | no |
 | virtual\_network\_id | The name of the virtual network | `string` | `""` | no |
 | zone | Specifies the Availability Zone in which this MySQL Flexible Server should be located. Possible values are 1, 2 and 3. | `number` | `null` | no |
@@ -63,3 +67,6 @@
 | azurerm\_private\_dns\_zone\_virtual\_network\_link\_id | The ID of the Private DNS Zone Virtual Network Link. |
 | existing\_private\_dns\_zone\_virtual\_network\_link\_id | The ID of the Private DNS Zone Virtual Network Link. |
 | mysql\_flexible\_server\_id | The ID of the MySQL Flexible Server. |
+
+| password\_result | Password Value |
+
diff --git a/main.tf b/main.tf
@@ -42,7 +42,7 @@ resource "random_password" "main" {
 
 resource "azurerm_mysql_flexible_server" "main" {
   count                             = var.enabled ? 1 : 0
-  name                              = format("%s-mysql-flexible-server", module.labels.id)
+  name                              = var.mysql_server_name != null ? var.mysql_server_name : format("%s-mysql-flexible-server", module.labels.id)
   resource_group_name               = local.resource_group_name
   location                          = var.location
   administrator_login               = var.admin_username
@@ -69,6 +69,14 @@ resource "azurerm_mysql_flexible_server" "main" {
       standby_availability_zone = lookup(high_availability.value, "standby_availability_zone", 1)
     }
   }
+  dynamic "identity" {
+    for_each = toset(var.identity_type != null ? [var.identity_type] : [])
+    content {
+      type         = var.identity_type
+      identity_ids = var.identity_type == "UserAssigned" ? var.user_assigned_identity_ids : []
+    }
+
+  }
 
   dynamic "identity" {
     for_each = var.cmk_enabled ? [true] : []
@@ -94,13 +102,33 @@ resource "azurerm_mysql_flexible_server" "main" {
   version = var.mysql_version
   zone    = var.zone
 
-  tags = module.labels.tags
+  tags = var.custom_tags == null ? module.labels.tags : var.custom_tags
 
   depends_on = [azurerm_private_dns_zone_virtual_network_link.main, azurerm_private_dns_zone_virtual_network_link.main2]
 }
 
 ##-----------------------------------------------------------------------------
 ## Below resource will create mysql flexible database.
+
+##----------------------------------------------------------------------------- 
+## Below resource will create mysql server active directory administrator. 
+##-----------------------------------------------------------------------------
+
+resource "azurerm_mysql_flexible_server_active_directory_administrator" "main" {
+  count = length(var.entra_authentication.object_id[*]) > 0 ? 1 : 0
+
+  server_id   = join("", azurerm_mysql_flexible_server.main.*.id)
+  identity_id = var.entra_authentication.user_assigned_identity_id
+  login       = var.entra_authentication.login
+  object_id   = var.entra_authentication.object_id
+  tenant_id   = data.azurerm_client_config.current.tenant_id
+
+  depends_on = [azurerm_mysql_flexible_server.main]
+}
+
+##----------------------------------------------------------------------------- 
+## Below resource will create mysql flexible database. 
+
 ##-----------------------------------------------------------------------------
 
 resource "azurerm_mysql_flexible_database" "main" {
@@ -110,7 +138,7 @@ resource "azurerm_mysql_flexible_database" "main" {
   server_name         = azurerm_mysql_flexible_server.main[0].name
   charset             = var.charset
   collation           = var.collation
-  depends_on          = [azurerm_mysql_flexible_server.main]
+  depends_on          = [azurerm_mysql_flexible_server_active_directory_administrator.main]
 }
 
 ##-----------------------------------------------------------------------------
@@ -132,7 +160,7 @@ resource "azurerm_private_dns_zone" "main" {
   count               = var.enabled && var.private_dns ? 1 : 0
   name                = "privatelink.mysql.database.azure.com"
   resource_group_name = local.resource_group_name
-  tags                = module.labels.tags
+  tags                = var.custom_tags == null ? module.labels.tags : var.custom_tags
 }
 
 ##-----------------------------------------------------------------------------
@@ -145,7 +173,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "main" {
   virtual_network_id    = var.virtual_network_id
   resource_group_name   = local.resource_group_name
   registration_enabled  = var.registration_enabled
-  tags                  = module.labels.tags
+  tags                  = var.custom_tags == null ? module.labels.tags : var.custom_tags
 }
 
 ##-----------------------------------------------------------------------------
@@ -158,7 +186,7 @@ resource "azurerm_private_dns_zone_virtual_network_link" "main2" {
   virtual_network_id    = var.virtual_network_id
   resource_group_name   = var.main_rg_name
   registration_enabled  = var.registration_enabled
-  tags                  = module.labels.tags
+  tags                  = var.custom_tags == null ? module.labels.tags : var.custom_tags
 }
 
 resource "azurerm_monitor_diagnostic_setting" "mysql" {
diff --git a/output.tf b/output.tf
@@ -7,14 +7,23 @@ output "azurerm_private_dns_zone_virtual_network_link_id" {
   value       = azurerm_private_dns_zone_virtual_network_link.main[0].id
   description = "The ID of the Private DNS Zone Virtual Network Link."
 }
+
 output "existing_private_dns_zone_virtual_network_link_id" {
   value = length(azurerm_private_dns_zone_virtual_network_link.main2) > 0 ? azurerm_private_dns_zone_virtual_network_link.main2[0].id : null
 }
+
 output "azurerm_mysql_flexible_server_configuration_id" {
   value       = azurerm_mysql_flexible_server_configuration.main[0].id
   description = "The ID of the MySQL Flexible Server Configuration."
 }
+
 output "azurerm_private_dns_zone_id" {
   value       = azurerm_private_dns_zone.main[0].id
   description = "The Private DNS Zone ID."
 }
+
+output "password_result" {
+  value       = var.admin_password == null ? random_password.main[0].result : var.admin_password
+  description = "Password Value"
+  sensitive   = true
+}
diff --git a/variables.tf b/variables.tf
@@ -36,8 +36,6 @@ variable "resource_group_name" {
   default     = ""
 }
 
-
-
 variable "enabled" {
   type        = bool
   description = "Set to false to prevent the module from creating any resources."
@@ -215,10 +213,7 @@ variable "high_availability" {
     mode                      = string
     standby_availability_zone = optional(number)
   })
-  default = {
-    mode                      = "SameZone"
-    standby_availability_zone = 1
-  }
+  default = null
 }
 
 variable "enable_diagnostic" {
@@ -294,3 +289,30 @@ variable "key_vault_with_rbac" {
   type    = bool
   default = false
 }
+
+variable "custom_tags" {
+  type    = map(string)
+  default = {}
+}
+
+variable "identity_type" {
+  description = "Type of managed identity to set"
+  type        = string
+  default     = null
+}
+
+variable "user_assigned_identity_ids" {
+  description = "List of user-assigned managed identity IDs"
+  type        = list(string)
+  default     = []
+}
+
+variable "entra_authentication" {
+  description = "Azure Entra authentication configuration block for Azure MySQL Flexible Server"
+  type = object({
+    user_assigned_identity_id = optional(string, null)
+    login                     = optional(string, null)
+    object_id                 = optional(string, null)
+  })
+  default = {}
+}

Original file line number	Diff line number	Diff line change
`@@ -7,14 +7,23 @@ output "azurerm_private_dns_zone_virtual_network_link_id" {`
`7`	`7`	`value = azurerm_private_dns_zone_virtual_network_link.main[0].id`
`8`	`8`	`description = "The ID of the Private DNS Zone Virtual Network Link."`
`9`	`9`	`}`
	`10`	`+`
`10`	`11`	`output "existing_private_dns_zone_virtual_network_link_id" {`
`11`	`12`	`value = length(azurerm_private_dns_zone_virtual_network_link.main2) > 0 ? azurerm_private_dns_zone_virtual_network_link.main2[0].id : null`
`12`	`13`	`}`
	`14`	`+`
`13`	`15`	`output "azurerm_mysql_flexible_server_configuration_id" {`
`14`	`16`	`value = azurerm_mysql_flexible_server_configuration.main[0].id`
`15`	`17`	`description = "The ID of the MySQL Flexible Server Configuration."`
`16`	`18`	`}`
	`19`	`+`
`17`	`20`	`output "azurerm_private_dns_zone_id" {`
`18`	`21`	`value = azurerm_private_dns_zone.main[0].id`
`19`	`22`	`description = "The Private DNS Zone ID."`
`20`	`23`	`}`
	`24`	`+`
	`25`	`+output "password_result" {`
	`26`	`+ value = var.admin_password == null ? random_password.main[0].result : var.admin_password`
	`27`	`+ description = "Password Value"`
	`28`	`+ sensitive = true`
	`29`	`+}`