Photo by Dayne Topkin on Unsplash

How to Deploy an Azure SQL Server instance with a Private Endpoint using Terraform

In this story, we are going to deploy a SQL Server instance with a Private Endpoint, which is a private IP address within a specific VNet and subnet.

For very secure systems, located in healthcare, insurance, or banking environments, or for regulatory reasons, we can use a Private Link to secure the traffic to our databases.

Private Link allows us to connect to Azure SQL Server instances via a private endpoint and secures the connection between endpoints in Azure by eliminating data exposure to the public internet.

Note: this code is compatible and was tested with Terraform v13.x and Azure Provider v2.x

1. Configuring the Terraform Provider File

In this step, we are going to configure the Terraform and Azure providers. Providers create, manage, and update infrastructure resources, through API calls. We create the provider-variables.tf file and add the following code to the file:

Then we create the provider-main.tf file and add the following code:

2. Creating Network Resources

The first step is to create all network resources required to host our SQL Server instance. We create a file called network-variables.tf and we added the following code:

Then we create a file called network-main.tf and we added the following code:

3. Configuring the DNS Settings

In this step, we will create the private DNS records required. Create a file called network-dns.tf and add the following code:

4. Creating the SQL Server Instance and Database

In this step, we are going to create the SQL Server instance and the SQL Server database. Create a file called sqlserver-main.tf and add the following code:

5. Creating the Endpoint

In this final piece of code, we will create a file called network-endpoint.tf and add the following code to it. The code will create the endpoint for an existing SQL Server instance, so it will be available first.

6. The Output File

We created the output.tf file and add the following content.

7. Creating the Input Definition Variables File

In the last step, we are going to create input definition variables file terraform.tfvars and add the following code to the file:

The complete code to Deploy an Azure SQL Server instance with a Private Endpoint using Terraform is here → https://github.com/guillermo-musumeci/terraform-azure-sqlserver-private-endpoint

And that’s all folks. If you liked this story, please show your support by 👏 this story. Thank you for reading!

Certified AWS, Azure & GCP Architect | HashiCorp Ambassador | Terraform SME | KopiCloud Founder | Entrepreneur & Innovator | Book Author | Husband & Dad of ✌

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store