Skip to content

Terraform module to deploy a managed PostgreSQL Flexible server on Azure

License

Notifications You must be signed in to change notification settings

StatCan/terraform-azurerm-flex-postgresql

Repository files navigation

Terraform for Azure Managed Database PostgreSQL Flexible Server

Creates a PostgreSQL instance using the Azure Database for PostgreSQL - Flexible Server.

Usage

Examples for this module along with various configurations can be found in the examples/ folder.

Requirements

Name Version
terraform >= 1.3.0, < 2.0.0
azurerm >= 3.15, < 4.0
postgresql 1.19.0

Providers

Name Version
azurerm 3.50.0
postgresql 1.19.0

Modules

Name Source Version
enc_key_vault git::https://gitlab.k8s.cloud.statcan.ca/cloudnative/platform/terraform/terraform-azure-key-vault.git v4.0.0

Inputs

Name Description Type Default Required
administrator_login The Administrator Login for the PostgreSQL Flexible Server. any n/a yes
administrator_password The Password associated with the administrator_login for the PostgreSQL Flexible Server. any n/a yes
databases The name, collation, and charset of the PostgreSQL database(s). (defaults: charset='utf8', collation='en_US.utf8') map(map(string)) n/a yes
firewall_rules Specifies the Start IP Address associated with this Firewall Rule. list(string) n/a yes
ip_rules List of public IP or IP ranges in CIDR Format. list(string) n/a yes
name The name of the PostgreSQL Flexible Server. any n/a yes
resource_group The name of the resource group in which to create the PostgreSQL Flexible Server. any n/a yes
active_directory_administrator n/a
list(object({
object_id = optional(string)
principal_name = optional(string)
principal_type = optional(string, "Group")
}))
[] no
delegated_subnet_id The subnet where you want the database created. The subnet must be delegated to Microsoft.DBforPostgreSQL/flexibleServers. string null no
diagnostics Diagnostic settings for those resources that support it.
object({
destination = string
eventhub_name = string
logs = list(string)
metrics = list(string)
})
null no
geo_redundant_backup_enabled Is Geo-Redundant backup enabled on the PostgreSQL Flexible Server. bool false no
kv_pointer_enable Flag kv_pointer_enable can either be true (state from key vault), or false (state from terraform). bool false no
kv_pointer_name The key vault name to be used when kv_pointer_enable is set to true. any null no
kv_pointer_rg The key vault resource group to be used when kv_pointer_enable is set to true. any null no
kv_pointer_sqladmin_password The sqladmin password to be looked up in key vault when kv_pointer_enable is set to true. any null no
kv_private_endpoints The name of an existing subnet to deploy and allocate private IP addresses from a virtual network. It is used to create a private endpoint between the key vault the module creates and the specified subnet.
list(object({
subnet_id = optional(string) // mutually exclusive with the vnet_name, vnet_rg_name and subnet_name fields
vnet_name = optional(string)
vnet_rg_name = optional(string)
subnet_name = optional(string)
dns_zone_rg_name = optional(string, "network-management-rg")
}))
[] no
kv_subnet_ids The subnets for the key vault. list(string) null no
location Specifies the supported Azure location where the resource exists. string "canadacentral" no
pgsql_version The version of the PostgreSQL Flexible Server. string "13" no
postgresql_configurations n/a map(string)
{
"azure.extensions": "POSTGIS,PGCRYPTO",
"checkpoint_warning": "0",
"client_min_messages": "log",
"connection_throttle.enable": "on",
"debug_pretty_print": "on",
"debug_print_parse": "off",
"debug_print_plan": "off",
"debug_print_rewritten": "off",
"log_checkpoints": "on",
"log_duration": "off",
"log_error_verbosity": "verbose",
"log_line_prefix": "%m [%p] %q[user=%u,db=%d,app=%a,client=%h] ",
"log_lock_waits": "off",
"log_min_duration_statement": "10",
"log_min_error_statement": "error",
"log_min_messages": "warning",
"log_statement": "ddl",
"maintenance_work_mem": "32000",
"max_wal_size": "512",
"min_wal_size": "512",
"pg_qs.query_capture_mode": "top",
"pg_qs.track_utility": "off",
"pg_stat_statements.track_utility": "off",
"pgaudit.log": "ddl",
"pgms_wait_sampling.query_capture_mode": "all",
"row_security": "on",
"temp_buffers": "16384",
"wal_buffers": "8192",
"wal_writer_delay": "200",
"wal_writer_flush_after": "128",
"work_mem": "2048000"
}
no
private_dns_zone_id The ID of the private DNS zone to create the PostgreSQL Flexible Server. The private DNS zone must end with the suffix .postgres.database.azure.com. string null no
public_network_access_enabled (Required) Whether or not public network access is allowed. bool false no
sa_create_log Creates a storage account to be used for diagnostics logging of the PostgreSQL database created if the variable is set to true. bool false no
sa_subnet_ids The subnets for the storage account. list(string) null no
sku_name Specifies the SKU Name for this PostgreSQL Flexible Server. string "GP_Standard_D4ds_v4" no
storagesize_mb Specifies the version of PostgreSQL to use. number 262144 no
tags A mapping of tags to assign to the resource. map(string)
{
"environment": "dev"
}
no

Outputs

Name Description
administrator_login n/a
fqdn n/a
id n/a

History

Date Release Change
2024-09-24 v0.5.0 Update args to leverage AzureRM > 4.0
2024-09-24 v0.4.1 Remove erroneous postgresql_extension
2024-03-13 v0.4.0 Refernce new Keyvault Module
2023-04-04 v0.3.0 Breakup subnet logic to individual components
2023-02-01 v0.2.0 Standards alignment and Customer Managed Key Support
2022-06-01 v0.1.0 Initial commit

About

Terraform module to deploy a managed PostgreSQL Flexible server on Azure

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Packages

No packages published

Languages