Azure CosmosDB

This terraform module creates an Azure CosmosDB. Diagnostic settings are also deployed.

Global versioning rule for Claranet Azure modules

Module version	Terraform version	OpenTofu version	AzureRM version
>= 8.x.x	Unverified	1.8.x	>= 4.0
>= 7.x.x	1.3.x		>= 3.0
>= 6.x.x	1.x		>= 3.0
>= 5.x.x	0.15.x		>= 2.0
>= 4.x.x	0.13.x / 0.14.x		>= 2.0
>= 3.x.x	0.12.x		>= 2.0
>= 2.x.x	0.12.x		< 2.0
< 2.x.x	0.11.x		< 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with Hashicorp Terraform. Instead, we recommend to use OpenTofu.

module "cosmosdb" {
  source  = "claranet/cosmos-db/azurerm"
  version = "x.x.x"

  environment    = var.environment
  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  client_name    = var.client_name
  stack          = var.stack

  resource_group_name = module.rg.name

  logs_destinations_ids = [
    module.run.logs_storage_account_id,
    module.run.log_analytics_workspace_id,
  ]

  backup = {
    type                = "Periodic"
    interval_in_minutes = 60 * 3 # 3 hours
    retention_in_hours  = 24
    storage_redundancy  = "Zone"
  }

  extra_tags = {
    managed_by            = "Terraform"
    foo                   = "bar"
    monitor_autoscale_max = 2
  }
}

Providers

Name	Version
azurecaf	~> 1.2.28
azurerm	~> 4.0

Modules

Name	Source	Version
diagnostics	claranet/diagnostic-settings/azurerm	~> 8.0.0

Resources

Name	Type
azurerm_cosmosdb_account.main	resource
azurecaf_name.cosmosdb	data source

Inputs

Name	Description	Type	Default	Required
allowed_cidrs	CosmosDB Firewall Support: This value specifies the set of IP addresses or IP address ranges in CIDR form to be included as the allowed list of client IP's for a given database account.	list(string)	[]	no
analytical_storage_enabled	Enable Analytical Storage option for this Cosmos DB account. Defaults to false. Changing this forces a new resource to be created.	bool	false	no
analytical_storage_type	The schema type of the Analytical Storage for this Cosmos DB account. Possible values are FullFidelity and WellDefined.	string	null	no
backup	Backup block with type (Continuous or Periodic), tier (Continuous7Days or Continuous30Days), interval_in_minutes, retention_in_hours and storage_redundancy.	object({ type = string tier = optional(string) interval_in_minutes = optional(number) retention_in_hours = optional(number) storage_redundancy = optional(string) })	{ "interval_in_minutes": 180, "retention_in_hours": 168, "storage_redundancy": "Geo", "type": "Periodic" }	no
capabilities	Configures the capabilities to enable for this Cosmos DB account: Possible values are AllowSelfServeUpgradeToMongo36, DisableRateLimitingResponses, EnableAggregationPipeline, EnableCassandra, EnableGremlin,EnableMongo, EnableTable, EnableServerless, MongoDBv3.4 and mongoEnableDocLevelTTL.	list(string)	[]	no
client_name	Client name.	string	n/a	yes
consistency_policy_level	Consistency policy level. Allowed values are BoundedStaleness, Eventual, Session, Strong or ConsistentPrefix.	string	"BoundedStaleness"	no
consistency_policy_max_interval_in_seconds	When used with the Bounded Staleness consistency level, this value represents the time amount of staleness (in seconds) tolerated. Accepted range for this value is 5 - 86400 (1 day). Defaults to 10. Required when consistency_level is set to BoundedStaleness.	number	10	no
consistency_policy_max_staleness_prefix	When used with the Bounded Staleness consistency level, this value represents the number of stale requests tolerated. Accepted range for this value is 10 – 2147483647. Defaults to 200. Required when consistency_level is set to BoundedStaleness.	number	200	no
custom_name	Custom CosmosDB Server Name identifier.	string	""	no
default_tags_enabled	Option to enable or disable default tags.	bool	true	no
diagnostic_settings_custom_name	Custom name of the diagnostics settings, name will be default if not set.	string	"default"	no
environment	Environment name.	string	n/a	yes
extra_tags	Map of custom tags.	map(string)	{}	no
failover_locations	The name of the Azure region to host replicated data and their priority.	map(map(string))	null	no
free_tier_enabled	Enable the option to opt-in for the free database account within subscription.	bool	false	no
identity_ids	User Assigned Identities IDs to add to this resource. Mandatory if var.identity_type contains UserAssigned.	list(string)	null	no
identity_type	CosmosDB identity type. Possible values for type are: null, SystemAssigned, SystemAssigned, UserAssigned.	string	"SystemAssigned"	no
is_virtual_network_filter_enabled	Enables virtual network filtering for this Cosmos DB account.	bool	false	no
kind	Specifies the Kind of CosmosDB to create - possible values are GlobalDocumentDB and MongoDB.	string	"GlobalDocumentDB"	no
location	Azure location for CosmosDB.	string	n/a	yes
location_short	Short string for Azure location.	string	n/a	yes
logs_categories	Log categories to send to destinations.	list(string)	null	no
logs_destinations_ids	List of destination resources IDs for logs diagnostic destination. Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set. If you want to use Azure EventHub as a destination, you must provide a formatted string containing both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the | character.	list(string)	n/a	yes
logs_metrics_categories	Metrics categories to send to destinations.	list(string)	null	no
mongo_server_version	The Server Version of a MongoDB account. See possible values.	string	"7.0"	no
name_prefix	Optional prefix for the generated name.	string	""	no
name_suffix	Optional suffix for the generated name.	string	""	no
network_acl_bypass_for_azure_services_enabled	Whether to allow azure services to bypass ACLs.	bool	false	no
network_acl_bypass_ids	The list of resource Ids for Network Acl Bypass for this Cosmos DB account.	list(string)	null	no
offer_type	Specifies the Offer Type to use for this CosmosDB Account - currently this can only be set to Standard.	string	"Standard"	no
public_network_access_enabled	Whether or not public network access is allowed for this CosmosDB account.	bool	false	no
resource_group_name	Resource Group the resources will belong to.	string	n/a	yes
stack	Stack name.	string	n/a	yes
virtual_network_rule	Specifies a virtual_network_rules resource used to define which subnets are allowed to access this CosmosDB account.	list(object({ id = string ignore_missing_vnet_service_endpoint = bool }))	null	no
zone_redundancy_enabled	True to enabled zone redundancy on default primary location.	bool	true	no

Outputs

Name	Description
endpoint	The endpoint used to connect to the CosmosDB account.
id	The CosmosDB account ID.
identity_principal_id	CosmosDB account system identity principal ID.
module_diagnostics	Diagnostics settings module outputs.
name	The CosmosDB account name.
primary_master_key	The primary master key for the CosmosDB account.
primary_readonly_master_key	The primary read-only master key for the CosmosDB account.
read_endpoints	A list of read endpoints available for this CosmosDB account.
resource	CosmosDB resource object.
secondary_master_key	The secondary master key for the CosmosDB account.
secondary_readonly_master_key	The secondary read-only master key for the CosmosDB account.
write_endpoints	A list of write endpoints available for this CosmosDB account.

Related documentation

• Microsoft Azure documentation