Azure Synapse Terraform Module

Dynamic Terraform Module to create Azure Synapse Workspace and all Related Resources.

Table of Contents

• Module versioning rule
• Supported Features
• How to Use
  • Basic
• Examples
• Requirements
• Providers
• Modules
• Resources
• Inputs
• Outputs
• License

Module versioning rule

Module version	Azure Provider version
>= 1.x.x	=> 3.22

Supported Features

• Synapse Workspace
• Synapse Role Assignments
• Azure Role Assignments
• Synapse Firewall Rules
• Spark Pools
• SQL Pools
• Linked Services
• Azure Integration Runtime
• Self Hosted Integration Runtime
• Integration with Microsoft Purview

How to Use

Basic

module "synapse" {
  source                               = "fdmsantos/synapse/azurerm"
  version                              = "x.x.x"
  name                                 = "synapse"
  resource_group_name                  = "<resource_group>"
  location                             = "<location>"
  storage_data_lake_gen2_filesystem_id = "<storage_data_lake_gen2_filesystem_id>"
  storage_account_id                   = "<storage_account_id>"
}

Examples

• complete - Creates Synapse Workspace with all supported features.

Requirements

Name	Version
terraform	>= 0.13.1
azurerm	>= 3.22
http	>= 3.4
random	>= 3.6

Providers

Name	Version
azurerm	>= 3.22
http	>= 3.4
random	>= 3.6

Modules

No modules.

Resources

Name	Type
azurerm_role_assignment.storage_blob_contributor	resource
azurerm_role_assignment.this	resource
azurerm_synapse_firewall_rule.azureservices	resource
azurerm_synapse_firewall_rule.client_ip	resource
azurerm_synapse_firewall_rule.this	resource
azurerm_synapse_integration_runtime_azure.this	resource
azurerm_synapse_integration_runtime_self_hosted.this	resource
azurerm_synapse_linked_service.this	resource
azurerm_synapse_role_assignment.this	resource
azurerm_synapse_spark_pool.this	resource
azurerm_synapse_sql_pool.this	resource
azurerm_synapse_workspace.this	resource
random_password.sql_password	resource
http_http.client_ip	data source

Inputs

Name	Description	Type	Default	Required
aad_admin	Credentials of the Azure AD Administrator of this Synapse Workspace.	object({ login = string tenant_id = string object_id = string })	null	no
add_storage_contributor_role	If true, add Storage Contributor Role to Synapse Workspace identity.	bool	true	no
allow_azure_services_access	If true, allow Azure Services and Resources to access this workspace.	bool	false	no
allow_own_ip	If true, create firewall rule to allow client IP to Synapse Workspace.	bool	false	no
auth_sql_administrator	Specifies The login name of the SQL administrator. Changing this forces a new resource to be created.	string	null	no
auth_sql_administrator_password	The Password associated with the sql_administrator_login for the SQL administrator.	string	null	no
azure_integration_runtimes	Manages a Azure Synapse Azure Integration Runtimes.	map(object({ location = optional(string, "AutoResolve") compute_type = optional(string, "General") core_count = optional(number, 8) description = optional(string, null) time_to_live_min = optional(number, 0) }))	{}	no
azure_role_assignments	Manages a Azure Role Assignment to Synapse Workspace.	list(object({ role_name = string principal_id = string }))	[]	no
azuread_authentication_only	Azure Active Directory Authentication the only way to authenticate with resources inside this synapse Workspace.	bool	false	no
firewall_rules	Allows you to Manages a Synapse Firewall Rules.	list(object({ name = string start_ip_address = string end_ip_address = string }))	[]	no
github	Integrate Synapse Workspace with Github.	object({ account_name = string repository_name = string branch_name = string root_folder = string last_commit_id = optional(string) git_url = optional(string) })	null	no
identity_ids	Specifies a list of User Assigned Managed Identity IDs to be assigned to this Synapse Workspace.	list(string)	[]	no
identity_type	Specifies the type of Managed Service Identity that should be associated with this Logic App.	string	null	no
linked_services	Manages a Synapse Linked Services.	map(object({ type = string type_properties_json = string additional_properties = optional(map(string), {}) annotations = optional(list(string), []) description = optional(string, null) parameters = optional(map(string), {}) integration_runtime_name = optional(string, null) integration_runtime_parameters = optional(map(string), {}) }))	{}	no
location	Specifies the Azure Region where the synapse Workspace should exist. Changing this forces a new resource to be created.	string	n/a	yes
name	Specifies the name which should be used for this synapse Workspace. Changing this forces a new resource to be created.	string	n/a	yes
purview_id	The ID of purview account.	string	null	no
resource_group_name	Specifies the name of the Resource Group where the synapse Workspace should exist. Changing this forces a new resource to be created.	string	n/a	yes
self_hosted_integration_runtimes	Manages a Self Hosted Synapse Azure Integration Runtimes.	map(object({ description = optional(string, null) }))	{}	no
spark_pools	Manages a Synapse Spark Pools.	map(object({ node_size_family = optional(string, "None") node_size = optional(string, "Small") node_count = optional(number, null) cache_size = optional(number, null) compute_isolation_enabled = optional(bool, false) dynamic_executor_allocation_enabled = optional(bool, false) min_executors = optional(number, null) max_executors = optional(number, null) session_level_packages_enabled = optional(bool, false) spark_log_folder = optional(string, "/logs") spark_events_folder = optional(string, "/events") spark_version = optional(string, "3.4") autoscale_max_node_count = optional(number, null) autoscale_min_node_count = optional(number, null) autopause_delay_in_minutes = optional(number, null) requirements_content = optional(string, null) requirements_filename = optional(string, "requirements.txt") spark_config_content = optional(string, null) spark_config_filename = optional(string, "config.txt") }))	{}	no
sql_pools	Manages a Synapse SQL Pools.	map(object({ sku_name = string create_mode = optional(string, "Default") collation = optional(string, "SQL_LATIN1_GENERAL_CP1_CI_AS") data_encrypted = optional(bool, false) recovery_database_id = optional(string, null) geo_backup_policy_enabled = optional(bool, true) storage_account_type = optional(string, "GRS") restore_source_database_id = optional(string, null) restore_point_in_time = optional(string, false) }))	{}	no
storage_account_id	Storage Account ID used by Synapse Workspace. Necessary if add_storage_contributor_role is true.	string	false	no
storage_data_lake_gen2_filesystem_id	Specifies the ID of storage data lake gen2 filesystem resource. Changing this forces a new resource to be created.	string	n/a	yes
synapse_role_assignments	Manages a Synapse Role Assignment.	list(object({ role_name = string principal_id = string principal_type = optional(string, null) }))	[]	no
tags	A mapping of tags which should be assigned to the Synapse Workspace.	map(string)	null	no

Outputs

Name	Description
azure_integration_runtimes_id	The Azure Integration Runtimes ID.
endpoints	A list of Connectivity endpoints for this Synapse Workspace.
id	The ID of the synapse Workspace.
identity	The Principal ID and Tenant ID for the Service Principal associated with the Managed Service Identity of this Synapse Workspace.
linked_services_id	The Linked Services ID.
self_hosted_integration_runtimes_id	The Self Hosted Integration Runtimes ID.
spark_pools_id	The Spark Pools ID.
sql_administrator_password	SQL administrator password.
sql_pools_id	The SQL Pools ID.

License

Apache 2 Licensed. See LICENSE for full details.