Azurerm_mssql_database not building a DB

Hey.
I am building an azure-dev ops pipeline to build infrastructure in Azure.
The resource : azurerm_mssql_database is not building an sql database.

Here is my main.tf file - if i take out the azurerm_mssql_database resource - it builds fine.

When i go into the resource group and look at the logs it just says ’
The resource operation completed with terminal provisioning state ‘Failed’.’
I have put the TF_LOGS in and again there is nothing to report, just basically operation failed. I have tried by updating the terraform and build it different ways and i cannot see why its not working. Any help would be amazing.

locals {

  

  resourceGroupName       = "rg-${var.locationname}-${var.resourcename}-${var.environment}"

  sqlServerName           = "sqlsvr-${lower(var.locationname)}-${lower(var.resourcename)}-${lower(var.environment)}"

  raptSqlDatabaseName     = "sqldb-RAPT-${var.locationname}-${var.resourcename}"

  clSqlDatabaseName       = "sqldb-CL-${var.locationname}-${var.resourcename}"

  appInsightsName         = "appi-${var.locationname}-${var.resourcename}-${var.environment}"

  analyticWorkspaceName   = "Loga-DA-${var.locationname}-${var.resourcename}-${var.environment}"

  sql_ad_login            = "${var.sql_administrator_ad_login}"

  object_id               = "${var.sql_administrator_ad_login_id}"

  sql_ad_group            = "azSG-ATP-Users-${var.environment}"

  # vnetName                = "vnet-${var.locationname}-${var.resourcename}-${var.environment}"

  # privateEndpointName     = "pep-${var.resourcename}-sql-${lower(var.environment)}"

  # networkSecuriyGroupId   = "/subscriptions/${var.subscription_id}/resourceGroups/${var.nsg_resource_group}/providers/Microsoft.Network/networkSecurityGroups/${var.nsg_name}"

}

resource "azurerm_mssql_server" "main" {

  name                         = local.sqlServerName

  resource_group_name          = local.resourceGroupName

  location                     = var.location

  version                      = "12.0"

  minimum_tls_version          = "1.2"

  administrator_login          = var.sql_administrator_login

  administrator_login_password = var.sql_administrator_login_password

  tags = var.tags

}

resource "azurerm_sql_active_directory_administrator" "main" {

  server_name         = azurerm_mssql_server.main.name

  resource_group_name = local.resourceGroupName

  login               = local.sql_ad_login

  tenant_id           = data.azurerm_client_config.current.tenant_id

  object_id           = local.object_id

}

resource "azurerm_sql_firewall_rule" "main" {

  name                = var.sql_firewall_rule

  resource_group_name = local.resourceGroupName

  server_name         = azurerm_mssql_server.main.name

  start_ip_address    = "0.0.0.0"

  end_ip_address      = "0.0.0.0"

}

resource "azurerm_mssql_database" "sqldb" {

  name                        = "Sample DB"

  server_id                   = azurerm_mssql_server.main.id

  collation                   = "SQL_Latin1_General_CP1_CI_AS"

  license_type                = "LicenseIncluded"

  max_size_gb                 = 4

  read_scale                  = true

  sku_name                    = "BC_Gen5_2"

  zone_redundant              = true

 

}

# ---- Log Analystics Workspace ---

resource "azurerm_log_analytics_workspace" "main" {

  name                 = local.analyticWorkspaceName

  resource_group_name  = local.resourceGroupName

  location             = var.location

  retention_in_days    = 30

  tags                 = var.tags

}

# ---- Diagnostics ----

resource "azurerm_application_insights" "main" {

  name                = local.appInsightsName

  resource_group_name = local.resourceGroupName

  location            = var.location

  application_type    = "web"

  tags                = var.tags

}

 #---- Diagnostic Logging ----

resource "azurerm_monitor_diagnostic_setting" "main" {

  name                       = "Diagnostic Settings - Master"

  target_resource_id         = "${azurerm_mssql_server.main.id}/databases/master"

  log_analytics_workspace_id = azurerm_log_analytics_workspace.main.id

 

  log {

    category = "SQLSecurityAuditEvents"

    enabled  = true

    retention_policy {

      enabled = false

    }

  }

  metric {

    category = "AllMetrics"

    retention_policy {

      enabled = false

    }

  }

  lifecycle {

    ignore_changes = [log, metric]

  }

}

resource "azurerm_mssql_server_extended_auditing_policy" "main" {

  server_id              = azurerm_mssql_server.main.id

  log_monitoring_enabled = true

}