- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with sqlserver
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
The sqlserver module installs and manages Microsoft SQL Server 2012, 2014, 2016 and 2017 on Windows systems.
Microsoft SQL Server is a database platform for Windows. The sqlserver module lets you use Puppet to install multiple instances of SQL Server, add SQL features and client tools, execute TSQL statements, and manage databases, users, roles, and server configuration options.
The sqlserver module requires the following:
- .NET 3.5. (Installed automatically if not present. This might require an internet connection.)
- The contents of the SQL Server ISO file, mounted or extracted either locally or on a network share.
- Windows Server 2012, 2012 R2, or 2016.
To get started with the sqlserver module, include in your manifest:
sqlserver_instance{ 'MSSQLSERVER':
features => ['SQL'],
source => 'E:/',
sql_sysadmin_accounts => ['myuser'],
}This example installs MS SQL and creates an MS SQL instance named MSSQLSERVER. It also installs the base SQL feature set (Data Quality, FullText, Replication, and SQLEngine), specifies the location of the setup.exe, and creates a new SQL-only sysadmin, 'myuser'.
A more advanced configuration, including installer switches:
sqlserver_instance{ 'MSSQLSERVER':
source => 'E:/',
features => ['SQL'],
security_mode => 'SQL',
sa_pwd => 'p@ssw0rd!!',
sql_sysadmin_accounts => ['myuser'],
install_switches => {
'TCPENABLED' => 1,
'SQLBACKUPDIR' => 'C:\\MSSQLSERVER\\backupdir',
'SQLTEMPDBDIR' => 'C:\\MSSQLSERVER\\tempdbdir',
'INSTALLSQLDATADIR' => 'C:\\MSSQLSERVER\\datadir',
'INSTANCEDIR' => 'C:\\Program Files\\Microsoft SQL Server',
'INSTALLSHAREDDIR' => 'C:\\Program Files\\Microsoft SQL Server',
'INSTALLSHAREDWOWDIR' => 'C:\\Program Files (x86)\\Microsoft SQL Server',
}
}This example creates the same MS SQL instance as shown above with additional options: security mode (requiring password to be set) and other optional install switches. This is specified using a hash syntax.
Note: For clarification on Microsoft SQL Server terminology, please see Microsoft SQL Server Terms below.
sqlserver_features { 'Generic Features':
source => 'E:/',
features => ['ADV_SSMS', 'BC', 'Conn', 'SDK', 'SSMS'],
}sqlserver::database{ 'minviable':
instance => 'MSSQLSERVER',
}SQL Login
sqlserver::login{ 'vagrant':
instance => 'MSSQLSERVER',
password => 'Pupp3t1@',
}
# Windows Login
sqlserver::login{ 'WIN-D95P1A3V103\localAccount':
instance => 'MSSQLSERVER',
login_type => 'WINDOWS_LOGIN',
}sqlserver::login{ 'loggingUser':
password => 'Pupp3t1@',
}
sqlserver::user{ 'rp_logging-loggingUser':
user => 'loggingUser',
database => 'rp_logging',
require => Sqlserver::Login['loggingUser'],
}sqlserver::user::permissions{'INSERT-loggingUser-On-rp_logging':
user => 'loggingUser',
database => 'rp_logging',
permissions => 'INSERT',
require => Sqlserver::User['rp_logging-loggingUser'],
}
sqlserver::user::permissions{ 'Deny the Update as we should only insert':
user => 'loggingUser',
database => 'rp_logging',
permissions => 'UPDATE',
state => 'DENY',
require => Sqlserver::User['rp_logging-loggingUser'],
}sqlserver_tsql{ 'Query Logging DB Status':
instance => 'MSSQLSERVER',
onlyif => "IF (SELECT count(*) FROM myDb.dbo.logging_table WHERE
message like 'FATAL%') > 1000 THROW 50000, 'Fatal Exceptions in Logging', 10",
notify => Exec['Too Many Fatal Errors']
}sqlserver_tsql{ 'Cleanup Old Logs':
instance => 'MSSQLSERVER',
command => "DELETE FROM myDb.dbo.logging_table WHERE log_date < '${log_max_date}'",
onlyif => "IF exists(SELECT * FROM myDb.dbo.logging_table WHERE log_date < '${log_max_date}')
THROW 50000, 'need log cleanup', 10",
}sqlserver_tsql{ 'Always running':
instance => 'MSSQLSERVER',
command => 'EXEC notified_executor()',
}This advanced example:
-
Installs the basic SQL Server Engine from installation media mounted at 'D:' with TCP Enabled and various directories set.
-
Uses only Windows-based authentication and installs with only the user that Puppet is executing as. Note that the 'sql_sysadmin_accounts' is only applicable during the instance installation and is not actively enforced.
-
Creates a
sqlserver::configresource, which is used in later resources to connect to the newly created instance. As we support only Windows-based authentication, a username and password is not required. -
Creates a local group called 'DB Administrators' and ensures that it is SQL System Administrator (sysadmin role); also creates the account that Puppet uses to install and manage the instance.
-
Ensures that the advanced options for
sp_configureare enabled, so that Puppet can manage themax memorysetting for the instance. -
Ensure that the
max memory(MB) configuration item is set to 2048 megabytes.
$sourceloc = 'D:/'
# Install a SQL Server default instance
sqlserver_instance{'MSSQLSERVER':
source => $sourceloc,
features => ['SQLEngine'],
sql_sysadmin_accounts => [$facts['id']],
install_switches => {
'TCPENABLED' => 1,
'SQLBACKUPDIR' => 'C:\\MSSQLSERVER\\backupdir',
'SQLTEMPDBDIR' => 'C:\\MSSQLSERVER\\tempdbdir',
'INSTALLSQLDATADIR' => 'C:\\MSSQLSERVER\\datadir',
'INSTANCEDIR' => 'C:\\Program Files\\Microsoft SQL Server',
'INSTALLSHAREDDIR' => 'C:\\Program Files\\Microsoft SQL Server',
'INSTALLSHAREDWOWDIR' => 'C:\\Program Files (x86)\\Microsoft SQL Server'
}
}
# Resource to connect to the DB instance
sqlserver::config { 'MSSQLSERVER':
admin_login_type => 'WINDOWS_LOGIN'
}
# Enforce SQL Server Administrators
$local_dba_group_name = 'DB Administrators'
$local_dba_group_netbios_name = "${facts['hostname']}\\DB Administrators"
group { $local_dba_group_name:
ensure => present
}
-> sqlserver::login { $local_dba_group_netbios_name :
login_type => 'WINDOWS_LOGIN',
}
-> sqlserver::role { 'sysadmin':
ensure => 'present',
instance => 'MSSQLSERVER',
type => 'SERVER',
members => [$local_dba_group_netbios_name, $facts['id']],
}
# Enforce memory consumption
sqlserver_tsql {'check advanced sp_configure':
command => 'EXEC sp_configure \'show advanced option\', \'1\'; RECONFIGURE;',
onlyif => 'sp_configure @configname=\'max server memory (MB)\'',
instance => 'MSSQLSERVER'
}
-> sqlserver::sp_configure { 'MSSQLSERVER-max memory':
config_name => 'max server memory (MB)',
instance => 'MSSQLSERVER',
reconfigure => true,
restart => true,
value => 2048
}Parameters are optional unless otherwise noted.
Installs and configures features such as SSMS and Master Data Service.
Specifies whether the managed features should exist. Valid options: 'present' and 'absent'.
Default: 'present'.
Required.
Specifies one or more features to manage. Valid options: 'BC', 'Conn', 'SSMS', 'ADV_SSMS', 'SDK', 'IS', 'MDS', 'BOL', 'DREPLAY_CTLR', 'DREPLAY_CLT'.
The 'Tools' value for this setting is deprecated. Specify 'BC', 'SSMS', 'ADV_SSMS', 'Conn', and 'SDK' explicitly.
Passes one or more installer switches to SQL Server Setup. If an option is set in both its own specific parameter and install_switches, the specifically named parameter takes precedence. For example, if you set the product key in both pid and in install_switches, SQL Server honors the pid parameter. Valid options: an array.
Note: If an option is set in both its own specific parameter and
install_switches, the specifically named parameter takes precedence. For example, if you set the product key in bothpidand ininstall_switches, SQL Server honors thepidparameter.For more information about installer switches and configuring SQL Server, see the links below:
Default: {}.
Specifies a domain or system account to be used by Integration Services. Valid options: a string specifying an existing username. Default: 'NT AUTHORITY\NETWORK SERVICE'.
Required if is_svc_account points to a domain account. Invalid for system accounts.
Supplies the password for the Integration Services user account. Valid options: a string specifying a valid password.
Specifies a product key for SQL Server. Valid options: a string containing a valid product key. If not specified, SQL Server runs in Evaluation mode.
Default: undef.
Required.
Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer.
Specifies the location of the Windows Feature source files. You might need this to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information.
Installs and configures a SQL Server instance.
Specifies a domain or system account to be used by the SQL Server Agent service.
Valid options: a string specifying an existing username.
Required if agt_svc_account points to a domain account. Invalid for system accounts.
Supplies the password for the Agent service's user account.
Valid options: a string specifying a valid password.
Specifies a domain or system account to be used by Analysis Services.
Valid options: a string specifying an existing username.
Required if as_svc_account is specified.
Supplies the password for the Analysis Services user account.
Valid options: a string specifying a valid password.
Required if your features array includes the value 'AS'.
Specifies one or more SQL or domain accounts to receive sysadmin status.
Valid options: an array specifying one or more valid usernames.
Specifies whether the managed instance should exist. Valid options: 'present' and 'absent'.
Default: 'present'.
Required. Specifies one or more features to manage. The list of top-level features includes 'AS' and 'RS'. Valid options: an array containing one or more of the strings 'SQL', 'SQLEngine', 'Replication', 'FullText', 'DQ', 'AS', 'RS', 'POLYBASE', and 'ADVANCEDANALYTICS'.
The 'SQL' value for this setting is deprecated. Specify 'DQ', 'FullText', 'Replication', and 'SQLEngine' explicitly.
Passes one or more extra installer switches to SQL Server Instance Setup. Valid options: a hash of installer switches.
Note: If an option is set in both its own specific parameter and
install_switches, the specifically named parameter takes precedence. For example, if you set the product key in bothpidand ininstall_switches, SQL Server honors thepidparameter.For more information about installer switches and configuring SQL Server, see the links below:
Supplies a name for the instance. Valid options: a string containing a valid instance name.
Default: the existing title of your declared resource.
Specifies a product key for SQL Server. Valid options: a string containing a valid product key. If not specified, SQL Server runs in Evaluation mode.
Default: undef.
Applicable only if the POLYBASE feature for SQL Server 2016 is being installed.
Specifies a domain or system account for the Polybase Engine service.
Valid options: a string specifying an existing username.
Applicable only if the POLYBASE feature for SQL Server 2016 is being installed.
Specifies the password for the Polybase Engine service
Valid options: a string specifying a valid password.
Specifies a domain or system account to be used by the report service. Valid options: a string; cannot include any of the following characters: '"/ \ [ ] : ; | = , + * ? < >'. If you specify a domain user account, the domain must be less than 254 characters and the username must be less than 20 characters.
Default: Default built-in account for the current operating system (either NetworkService or LocalSystem).
Required if rs_svc_account points to a domain account. Invalid for system accounts.
Supplies the password for the report server's user account. Valid options: a string containing a strong password (at least 8 characters, including uppercase and lowercase alphanumeric characters and at least one symbol character. Avoid words or names that might be listed in a dictionary).
Required if security_mode is set to 'SQL'.
Sets a password for the SQL Server sa account. Valid options: a string specifying a valid password.
Specifies a security mode for SQL Server. Valid options: 'SQL'. If not specified, SQL Server uses Windows authentication.
Default: undef.
Required.
Locates the SQL Server installer. Valid options: a string containing the path to an executable. Puppet must have permission to execute the installer.
Specifies a domain or system account to be used by the SQL Server service. Valid options: a string specifying an existing username.
Default: undef.
Required if sql_svc_account points to a domain account. Invalid for system accounts.
Supplies the password for the SQL Server service's user account. Valid options: a string specifying a valid password.
Required.
Specifies one or more SQL or system accounts to receive sysadmin status. Valid options: an array specifying one or more valid usernames.
Specifies the location of the Windows Feature source files. This may be needed to install the .Net Framework. See https://support.microsoft.com/en-us/kb/2734782 for more information.
Executes a TSQL query against a SQL Server instance.
Requires the sqlserver::config defined type for access to the parent instance.
Supplies a TSQL statement to execute. Valid options: a string.
Required.
Specifies the SQL Server instance on which to execute the statement. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Specifies the default database to connect to. Default: 'master'
Supplies a TSQL statement to execute before running the command statement, determining whether to move forward. If the onlyif statement ends with a THROW or any non-standard exit, Puppet executes the command statement. Valid options: a string.
Parameters are optional unless otherwise noted.
Stores credentials for Puppet to use when managing a given SQL Server instance.
Specifies the type of login used to manage to SQL Server instance. The login type affects the admin_user and admin_pass parameters which are described below. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'.
Default: 'SQL_LOGIN'.
-
When using SQL Server based authentication -
SQL_LOGIN-
admin_pass: Required. Supplies the password for the specifiedadmin_useraccount. Valid options: a string specifying a valid password. -
admin_user: Required. Specifies a login account with sysadmin rights on the server, to be used for managing the instance. Valid options: a string containing a username.
-
-
When using Windows based authentication -
WINDOWS_LOGIN-
admin_pass: Valid options: undefined or an empty string'' -
admin_user: Valid options: undefined or an empty string''
-
Specifies a SQL Server instance to manage. Valid options: a string containing the name of an existing instance.
Default: the title of your declared resource.
Creates and configures a database within a given SQL Server instance.
Requires the sqlserver::config defined type for access to the parent instance.
Specifies a dictionary on which to base the database's default sort order. Valid options: to find out what values your system supports, run the query SELECT * FROM sys.fn_helpcollations() WHERE name LIKE 'SQL%'.
Default: undef.
Specifies the version(s) of SQL Server with which the database should be compatible. Valid options: a compatibility level number (for example, 100 for SQL Server 2008 through SQL Server 2014). For a complete list of values, see the SQL Server documentation.
Sets the database's containment type. For details on containment, see the SQL Server documentation. Valid options: 'NONE' and 'PARTIAL' ('PARTIAL' requires the sqlserver::sp_configure defined type).
Default: 'NONE'.
Determines whether the managed database can be the source or target of a cross-database ownership chain. Only applicable if containment is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'.
Default: 'OFF'.
Specifies a database to manage. Valid options: a string containing the name of the database.
Default: the title of your declared resource.
Sets the default fulltext language. Only applicable if containment is set to 'PARTIAL'. Valid options: see the SQL Server documentation.
Default: 'English'.
Sets the default language. Only applicable if containment is set to 'PARTIAL'. Valid options: see the SQL Server documentation.
Default: 'us_english'.
Specifies whether the managed database should exist. Valid options: 'present' and 'absent'.
Default: 'present'.
Specifies the automatic growth increment of the filespec file. Cannot be specified if os_file_name is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of filespec_maxsize. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Required if filespec_name is specified.
Specifies the operating system (physical) name of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path.
Default: undef.
Specifies the maximum size to which the filespec file can grow. Cannot be specified if os_file_name is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Required if filespec_filename is specified.
Specifies the logical name of the filespec object within the SQL Server instance. This parameter is set at creation only; it is not affected by updates. Valid options: a string. Must be unique to the instance.
Default: undef.
Specifies the size of the filespec file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Specifies a directory in which to store filestream data. You must set this option before creating a FileTable in the database. This parameter is set at creation only; it is not affected by updates. Requires the sqlserver::sp_configure defined type. Valid options: a string containing a Windows-compatible directory name. This name must be unique among all the Database_Directory names in the SQL Server instance. Uniqueness comparison is case-insensitive, regardless of SQL Server collation settings.
Default: undef.
Specifies the level of non-transactional FILESTREAM access to the database. This parameter is set at creation only; it is not affected by updates. Requires the sqlserver::sp_configure defined type. Valid options: 'OFF', 'READ_ONLY', and 'FULL'.
Default: undef.
Specifies a SQL Server instance on which to manage the database. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Specifies the automatic growth increment of the log file. Cannot be specified if os_file_name is set to a UNC path. Does not apply to a FILESTREAM filegroup. This parameter is set at creation only; it is not affected by updates. Valid options: a number with an optional suffix of 'KB', 'MB', 'GB', or 'TB', no greater than the value of log_maxsize. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Required if log_name is specified.
Specifies the operating system (physical) name of the log file. This parameter is set at creation only; it is not affected by updates. Valid options: a string containing an absolute path.
Default: undef.
Specifies the maximum size to which the log file can grow. Cannot be specified if os_file_name is set to a UNC path. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Required if log_filename is specified.
Specifies the logical name of the log object within SQL Server. This parameter is set at creation only; it is not affected by updates. Valid options: a string.
Default: undef.
Specifies the size of the file. This parameter is set at creation only; it is not affected by updates. Valid options: a number, no greater than 2147483647, with an optional suffix of 'KB', 'MB', 'GB', or 'TB'. If you do not include a suffix, SQL Server assumes the number is in megabytes.
Default: undef.
Specifies whether to enable cascading triggers. Only applicable if containment is set to 'PARTIAL'. For more about nested triggers, see the SQL Server documentation. Valid options: 'ON' and 'OFF'.
Default: undef.
Specifies whether to remove noise or stop words, such as "is", "the", "this". Only applicable if containment is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'.
Default: undef.
Determines whether database modules (such as views, user-defined functions, or stored procedures) that use an impersonation context can access resources outside the database. Only applicable if containment is set to 'PARTIAL'. Valid options: 'ON' and 'OFF'.
Default: 'OFF'.
Sets the year at which the system will treat the year as four digits instead of two. For example, if set to '1999', 1998 is abbreviated to '98' and 2014 is abbreviated to '2014'. Only applicable if containment is set to 'PARTIAL'. Valid options: any year between 1753 and 9999.
Default: 2049.
For more information about these settings in SQL Server, please see:
FILESTREAM usage might require some manual configuration of SQL Server. Please see Enable and Configure FILESTREAM for details.
Requires the sqlserver::config defined type.
Specifies whether SQL Server should prompt the user to change their password if it has expired. Only applicable if login_type is set to 'SQL_LOGIN'. Valid options: true and false.
Default: false.
Specifies whether to enforce the password policy. Only applicable if login_type is set to 'SQL_LOGIN'. Valid options: true and false.
Default: true.
Specifies a database for the login to connect to by default. Valid options: a string containing the name of an existing database.
Default: 'master'.
Specifies a default language. Valid options: see the SQL Server documentation.
Default: 'us_english'.
Specifies whether the managed login should be disabled. Valid options: true and false.
Default: false.
Specifies whether the managed login should exist. Valid options: 'present' and 'absent'.
Default: 'present'.
Specifies a SQL Server instance on which to manage the login. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Required.
Specifies a Windows or SQL login to manage. Valid options: a string containing an existing login.
Specifies the type of login to use. Valid options: 'SQL_LOGIN' and 'WINDOWS_LOGIN'.
Default: 'SQL_LOGIN'.
Required if login_type is set to 'SQL_LOGIN'.
Sets a password for the managed login. Valid options: a string.
Assigns one or more pre-installed server roles to the login. Valid options: a hash of permission => value pairs, where a value of 0 means disabled and a value of 1 means enabled. For example, {'diskadmin' => 1, 'dbcreator' => 1, 'sysadmin' => 0}. For a complete list of valid permissions, see the SQL Server documentation.
For more information about these settings in SQL Server, please see:
Configures the permissions associated with a given login account.
Specifies a SQL Server instance on which to manage the permissions. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Required.
Specifies a SQL or Windows login to manage. Valid options: a string containing an existing login.
Required.
Specifies one or more permissions to manage. Valid options: a string or an array of strings, where each string contains a SQL Server permissions (for example, 'SELECT', 'INSERT', 'UPDATE', or 'DELETE').
Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels.
Default: 'GRANT'.
Determines whether the account can grant these permissions to others. Valid options: true and false.
Default: false.
Creates and configures a user account within a given database.
Requires the sqlserver::config defined type for access to the parent instance.
Required.
Specifies the database in which to manage the user. Valid options: a string containing the name of an existing database.
Specifies a SQL schema or namespace for the user to connect to by default. Valid options: a string.
Default: 'dbo' unless changed at the server level.
Specifies whether the managed user should exist. Valid options: 'present' and 'absent'.
Default: 'present'.
Specifies a SQL Server instance on which to manage the user. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Associates the user with a login. Valid options: a string containing an existing login. If not specified, SQL Server assumes the username and login are the same.
Default: undef.
Assigns a password to the user. Only valid if the database's containment parameter is set to 'PARTIAL'. Valid options: a string specifying a valid password.
Required.
Specifies a user to manage. Valid options: a string containing a username.
Default: the title of your declared resource.
Configures the permissions associated with a user account within a given database.
Requires the sqlserver::config defined type for access to the parent instance.
Required.
Specifies the database in which to manage the user's permissions. Valid options: a string containing the name of an existing database.
Specifies the SQL Server instance on which the user and database exist. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Required.
Specifies one or more permissions to manage. Valid options: an array containing one or more SQL Server permissions formatted as strings (for example, ['SELECT', 'INSERT', 'UPDATE', 'DELETE']).
Determines the state of the specified permissions. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels.
Default: 'GRANT'.
Required.
Specifies which user's permissions to manage. Valid options: a string containing a username.
Default: the title of your declared resource.
Determines whether the affected user can grant these permissions to others. Valid options: true and false.
Default: false.
For more information about these settings and permissions in SQL Server, please see:
Creates and configures a server-wide or database-specific role.
Requires the sqlserver::config defined type for access to the parent instance.
Sets the role's owner. Valid options: a string containing an existing login or username.
Default: the value of user in the corresponding sqlserver::config resource.
Specifies the database on which to create the role. Only valid if type is set to 'DATABASE'. Valid options: a string specifying the name of an existing database.
Default: 'master'.
Specifies whether the managed role should exist. Valid options: 'absent' and 'present'.
Default: 'present'.
Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Assigns one or more members to the role. Valid options: an array of one or more logins and/or usernames.
Default: {}.
Specifies whether to drop any existing members of the role that are not explicitly included in the members parameter. Use with caution. If set to true and members is an empty array, Puppet drops all members from the role. Valid options: true and false.
Default: false.
Required.
Associates one or more permissions with the role. Valid options: a hash of one or more key => value pairs, where each key is the desired permission state and each value is an array of strings specifying the permissions to be managed.
Valid hash keys:
- 'GRANT'
- 'GRANT_WITH_OPTION' (lets the user grant this permission to others)
- 'DENY'
- 'REVOKE' (removes any explicit statements of this permission and falls back on inherited levels)
Valid hash values: An array of one or more strings containing SQL Server permissions.
Example: {'GRANT' => ['CONNECT', 'CREATE ANY DATABASE'] }
Sets the role's name. Valid options: a string. Must be unique to the instance.
Default: the title of your declared resource.
Specifies the context in which to create the role. Valid options: 'SERVER' and 'DATABASE'.
Default: 'SERVER'.
Configures the permissions associated with a given role.
Requires the sqlserver::config defined type for access to the parent instance.
Specifies the database in which the role exists. Only valid if type is set to 'DATABASE'. Valid options: a string containing the name of an existing database.
Default: 'master'.
Specifies a SQL Server instance on which to manage the role. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Required.
Specifies one or more permissions to manage. Valid options: an array containing one or more SQL Server permissions (for example, 'SELECT', 'INSERT', 'UPDATE', and 'DELETE').
Required.
Specifies which role's permissions to manage. Valid options: a string containing the name of an existing role.
Determines the state of the specified permission. Valid options: 'GRANT', 'DENY', and 'REVOKE'. If set to 'REVOKE', Puppet removes any explicit statements of these permissions and falls back on inherited levels.
Default: 'GRANT'.
Specifies the permission context in which to create the role. Valid options: 'SERVER' and 'DATABASE'.
Default: 'SERVER'.
Determines whether role members can grant these permissions to others. Valid options: true and false (true valid only if state is set to 'GRANT').
Default: false.
Updates and reconfigures SQL Server options using the sp_configure function. Required for partial containment or filestream functionality.
Requires the sqlserver::config defined type for access to the parent instance.
Specifies an option to manage in sys.configurations. Valid options: a string containing the config name.
Default: the title of your declared resource.
Specifies a SQL Server instance on which to manage the option. Valid options: a string containing the name of an existing instance.
Default: 'MSSQLSERVER'.
Specifies whether to run RECONFIGURE after updating the option. Valid options: true and false.
Default: true.
Specifies whether to notify the SQL Server service to restart after updating the option. Valid options: true and false.
Default: false.
Required.
Supplies a value for the specified option. Valid options: an integer.
Disables configuration value checking when updating the option. Valid only if reconfigure is set to true. Valid options: true and false.
Default: false.
For more information about these settings in SQL Server, please see:
Terminology differs somewhat between various database systems; please refer to this list of terms for clarification.
- Database: a collection of information organized into related tables of data and definitions of data objects.
- Instance: an installed and running database service.
- Login: a server-level account with permissions to one or more databases.
- Role: a database-level or server-level permissions group.
- User: a database-level account, typically mapped to a login.
SQL 2017 detection support has been added. This support is limited to functionality already present for other versions. No new SQL 2017 specific functionality has been added in this release.
This module can manage only a single version of SQL Server on a given host (one and only one of SQL Server 2012, 2014 or 2016). The module is able to manage multiple SQL Server instances of the same version.
This module cannot manage the SQL Server Native Client SDK (also known as SNAC_SDK). The SQL Server installation media can install the SDK, but it is not able to uninstall the SDK. Note that the 'sqlserver_features' fact detects the presence of the SDK.
This module was built by Puppet specifically for use with Puppet Enterprise (PE).
If you run into an issue with this module, or if you would like to request a feature, please file a ticket.
If you have problems getting this module up and running, please contact Support.