diff --git a/examples/azure-sql-database/README.md b/examples/azure-sql-database/README.md
new file mode 100644
index 000000000..dd0890061
--- /dev/null
+++ b/examples/azure-sql-database/README.md
@@ -0,0 +1,22 @@
+# Provision a SQL Database
+
+This sample creates a SQL Database at the "Basic" service level.  The template can support other tiers of service, details for each service can be found here:
+
+[SQL Database Pricing](https://azure.microsoft.com/en-us/pricing/details/sql-database/)
+
+## main.tf
+The `main.tf` file contains the actual resources that will be deployed. It also contains the Azure Resource Group definition and any defined variables. 
+
+## outputs.tf
+This data is outputted when `terraform apply` is called, and can be queried using the `terraform output` command.
+
+## provider.tf
+Azure requires that an application is added to Azure Active Directory to generate the `client_id`, `client_secret`, and `tenant_id` needed by Terraform (`subscription_id` can be recovered from your Azure account details). Please go [here](https://www.terraform.io/docs/providers/azurerm/) for full instructions on how to create this to populate your `provider.tf` file.
+
+## terraform.tfvars
+If a `terraform.tfvars` file is present in the current directory, Terraform automatically loads it to populate variables. We don't recommend saving usernames and password to version control, but you can create a local secret variables file and use `-var-file` to load it.
+
+## variables.tf
+The `variables.tf` file contains all of the input parameters that the user can specify when deploying this Terraform template.
+
+![graph](/examples/azure-sql-database/graph.png)
\ No newline at end of file
diff --git a/examples/azure-sql-database/deploy.ci.sh b/examples/azure-sql-database/deploy.ci.sh
new file mode 100755
index 000000000..d1dc01df5
--- /dev/null
+++ b/examples/azure-sql-database/deploy.ci.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+set -o errexit -o nounset
+
+docker run --rm -it \
+  -e ARM_CLIENT_ID \
+  -e ARM_CLIENT_SECRET \
+  -e ARM_SUBSCRIPTION_ID \
+  -e ARM_TENANT_ID \
+  -v $(pwd):/data \
+  --workdir=/data \
+  --entrypoint "/bin/sh" \
+  hashicorp/terraform:light \
+  -c "/bin/terraform get; \
+      /bin/terraform validate; \
+      /bin/terraform plan -out=out.tfplan -var resource_group=$KEY -var sql_admin=$KEY -var sql_password=a!@abcd9753w0w@h@12; \
+      /bin/terraform apply out.tfplan; \
+      /bin/terraform show;"
+
+# check that resources exist via azure cli
+docker run --rm -it \
+  azuresdk/azure-cli-python \
+  sh -c "az login --service-principal -u $ARM_CLIENT_ID -p $ARM_CLIENT_SECRET --tenant $ARM_TENANT_ID > /dev/null; \
+         az sql db show -g $KEY -n MySQLDatabase -s $KEY-sqlsvr; \
+         az sql server show -g $KEY -n $KEY-sqlsvr;"
+
+# cleanup deployed azure resources via terraform
+docker run --rm -it \
+  -e ARM_CLIENT_ID \
+  -e ARM_CLIENT_SECRET \
+  -e ARM_SUBSCRIPTION_ID \
+  -e ARM_TENANT_ID \
+  -v $(pwd):/data \
+  --workdir=/data \
+  --entrypoint "/bin/sh" \
+  hashicorp/terraform:light \
+  -c "/bin/terraform destroy -force -var resource_group=$KEY -var sql_admin=$KEY -var sql_password=a!@abcd9753w0w@h@12;"
\ No newline at end of file
diff --git a/examples/azure-sql-database/deploy.mac.sh b/examples/azure-sql-database/deploy.mac.sh
new file mode 100755
index 000000000..2c6ecc525
--- /dev/null
+++ b/examples/azure-sql-database/deploy.mac.sh
@@ -0,0 +1,16 @@
+#!/bin/bash
+
+set -o errexit -o nounset
+
+if docker -v; then
+
+  # generate a unique string for CI deployment
+  export KEY=$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-z' | head -c 12)
+  export PASSWORD=$a@abcd9753w0w@h@12
+  # =$KEY$(cat /dev/urandom | env LC_CTYPE=C tr -cd 'A-Z' | head -c 2)$(cat /dev/urandom | env LC_CTYPE=C tr -cd '0-9' | head -c 2)
+
+  /bin/sh ./deploy.ci.sh
+
+else
+  echo "Docker is used to run terraform commands, please install before run:  https://docs.docker.com/docker-for-mac/install/"
+fi
\ No newline at end of file
diff --git a/examples/azure-sql-database/graph.png b/examples/azure-sql-database/graph.png
new file mode 100644
index 000000000..bf5ee196b
Binary files /dev/null and b/examples/azure-sql-database/graph.png differ
diff --git a/examples/azure-sql-database/main.tf b/examples/azure-sql-database/main.tf
new file mode 100644
index 000000000..8c5d08e6b
--- /dev/null
+++ b/examples/azure-sql-database/main.tf
@@ -0,0 +1,39 @@
+# provider "azurerm" {
+#   subscription_id = "REPLACE-WITH-YOUR-SUBSCRIPTION-ID"
+#   client_id       = "REPLACE-WITH-YOUR-CLIENT-ID"
+#   client_secret   = "REPLACE-WITH-YOUR-CLIENT-SECRET"
+#   tenant_id       = "REPLACE-WITH-YOUR-TENANT-ID"
+# }
+
+resource "azurerm_resource_group" "rg" {
+  name     = "${var.resource_group}"
+  location = "${var.location}"
+}
+
+resource "azurerm_sql_database" "db" {
+  name                             = "mysqldatabase"
+  resource_group_name              = "${azurerm_resource_group.rg.name}"
+  location                         = "${var.location}"
+  edition                          = "Basic"
+  collation                        = "SQL_Latin1_General_CP1_CI_AS"
+  create_mode                      = "Default"
+  requested_service_objective_name = "Basic"
+  server_name                      = "${azurerm_sql_server.server.name}"
+}
+
+resource "azurerm_sql_server" "server" {
+  name                         = "${var.resource_group}-sqlsvr"
+  resource_group_name          = "${azurerm_resource_group.rg.name}"
+  location                     = "${var.location}"
+  version                      = "12.0"
+  administrator_login          = "${var.sql_admin}"
+  administrator_login_password = "${var.sql_password}"
+}
+
+resource "azurerm_sql_firewall_rule" "fw" {
+  name                = "firewallrules"
+  resource_group_name = "${azurerm_resource_group.rg.name}"
+  server_name         = "${azurerm_sql_server.server.name}"
+  start_ip_address    = "0.0.0.0"
+  end_ip_address      = "0.0.0.0"
+}
diff --git a/examples/azure-sql-database/outputs.tf b/examples/azure-sql-database/outputs.tf
new file mode 100644
index 000000000..89d7e3cc0
--- /dev/null
+++ b/examples/azure-sql-database/outputs.tf
@@ -0,0 +1,7 @@
+output "database_name" {
+  value = "${azurerm_sql_database.db.name}"
+}
+
+output "sql_server_fqdn" {
+  value = "${azurerm_sql_server.server.fully_qualified_domain_name}"
+}
diff --git a/examples/azure-sql-database/variables.tf b/examples/azure-sql-database/variables.tf
new file mode 100644
index 000000000..8b8622fc5
--- /dev/null
+++ b/examples/azure-sql-database/variables.tf
@@ -0,0 +1,16 @@
+variable "resource_group" {
+  description = "The name of the resource group in which to create the virtual network."
+}
+
+variable "location" {
+  description = "The location/region where the virtual network is created. Changing this forces a new resource to be created."
+  default     = "southcentralus"
+}
+
+variable "sql_admin" {
+  description = "The administrator username of the SQL Server."
+}
+
+variable "sql_password" {
+  description = "The administrator password of the SQL Server."
+}
diff --git a/examples/azure-vnet-two-subnets/README.md b/examples/azure-vnet-two-subnets/README.md
index dcd42e79e..17ecb5893 100644
--- a/examples/azure-vnet-two-subnets/README.md
+++ b/examples/azure-vnet-two-subnets/README.md
@@ -17,4 +17,4 @@ If a `terraform.tfvars` file is present in the current directory, Terraform auto
 ## variables.tf
 The `variables.tf` file contains all of the input parameters that the user can specify when deploying this Terraform template.
 
-![graph](/examples/azure-vnet-two-subnets/graph.png)
\ No newline at end of file
+![graph](/examples/azure-vnet-two-subnets/graph.png)