Upgrade PSQL to v16

README.md

@@ -550,7 +550,7 @@ Important: During credentials rotation, SIMPHERA will not be available for a sho
 | <a name="input_map_roles"></a> [map\_roles](#input\_map\_roles) | Additional IAM roles to add to the aws-auth ConfigMap | <pre>list(object({<br>    rolearn  = string<br>    username = string<br>    groups   = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_map_users"></a> [map\_users](#input\_map\_users) | Additional IAM users to add to the aws-auth ConfigMap | <pre>list(object({<br>    userarn  = string<br>    username = string<br>    groups   = list(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_scan_schedule"></a> [scan\_schedule](#input\_scan\_schedule) | 6-field Cron expression describing the scan maintenance schedule. Must not overlap with variable install\_schedule. | `string` | `"cron(0 0 * * ? *)"` | no |
-| <a name="input_simpheraInstances"></a> [simpheraInstances](#input\_simpheraInstances) | A list containing the individual SIMPHERA instances, such as 'staging' and 'production'. | <pre>map(object({<br>    name                         = string<br>    postgresqlVersion            = string<br>    postgresqlStorage            = number<br>    postgresqlMaxStorage         = number<br>    db_instance_type_simphera    = string<br>    postgresqlStorageKeycloak    = number<br>    postgresqlMaxStorageKeycloak = number<br>    db_instance_type_keycloak    = string<br>    k8s_namespace                = string<br>    secretname                   = string<br>    enable_backup_service        = bool<br>    backup_retention             = number<br>    enable_deletion_protection   = bool<br><br>  }))</pre> | <pre>{<br>  "production": {<br>    "backup_retention": 35,<br>    "db_instance_type_keycloak": "db.t3.large",<br>    "db_instance_type_simphera": "db.t3.large",<br>    "enable_backup_service": true,<br>    "enable_deletion_protection": true,<br>    "k8s_namespace": "simphera",<br>    "name": "production",<br>    "postgresqlMaxStorage": 100,<br>    "postgresqlMaxStorageKeycloak": 100,<br>    "postgresqlStorage": 20,<br>    "postgresqlStorageKeycloak": 20,<br>    "postgresqlVersion": "11",<br>    "secretname": "aws-simphera-dev-production"<br>  }<br>}</pre> | no |
+| <a name="input_simpheraInstances"></a> [simpheraInstances](#input\_simpheraInstances) | A list containing the individual SIMPHERA instances, such as 'staging' and 'production'. | <pre>map(object({<br>    name                         = string<br>    postgresqlApplyImmediately   = bool<br>    postgresqlVersion            = string<br>    postgresqlStorage            = number<br>    postgresqlMaxStorage         = number<br>    db_instance_type_simphera    = string<br>    postgresqlStorageKeycloak    = number<br>    postgresqlMaxStorageKeycloak = number<br>    db_instance_type_keycloak    = string<br>    k8s_namespace                = string<br>    secretname                   = string<br>    enable_backup_service        = bool<br>    backup_retention             = number<br>    enable_deletion_protection   = bool<br><br>  }))</pre> | <pre>{<br>  "production": {<br>    "backup_retention": 35,<br>    "db_instance_type_keycloak": "db.t3.large",<br>    "db_instance_type_simphera": "db.t3.large",<br>    "enable_backup_service": true,<br>    "enable_deletion_protection": true,<br>    "k8s_namespace": "simphera",<br>    "name": "production",<br>    "postgresqlApplyImmediately": false,<br>    "postgresqlMaxStorage": 100,<br>    "postgresqlMaxStorageKeycloak": 100,<br>    "postgresqlStorage": 20,<br>    "postgresqlStorageKeycloak": 20,<br>    "postgresqlVersion": "16",<br>    "secretname": "aws-simphera-dev-production"<br>  }<br>}</pre> | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | The tags to be added to all resources. | `map(any)` | `{}` | no |
 | <a name="input_vpcCidr"></a> [vpcCidr](#input\_vpcCidr) | The CIDR for the virtual private cluster. | `string` | `"10.1.0.0/18"` | no |
 | <a name="input_vpcDatabaseSubnets"></a> [vpcDatabaseSubnets](#input\_vpcDatabaseSubnets) | List of CIDRs for the database subnets. | `list(any)` | <pre>[<br>  "10.1.24.0/22",<br>  "10.1.28.0/22",<br>  "10.1.32.0/22"<br>]</pre> | no |

modules/simphera_aws_instance/postgresql.tf

@@ -1,8 +1,10 @@
 resource "aws_db_instance" "simphera" {
 
+  apply_immediately                   = var.postgresqlApplyImmediately
   allocated_storage                   = var.postgresqlStorage
   max_allocated_storage               = var.postgresqlMaxStorage
   auto_minor_version_upgrade          = true # [RDS.13] RDS automatic minor version upgrades should be enabled
+  allow_major_version_upgrade         = true
   engine                              = "postgres"
   engine_version                      = var.postgresqlVersion
   instance_class                      = var.db_instance_type_simphera
@@ -35,9 +37,12 @@ resource "aws_db_instance" "simphera" {
 }
 
 resource "aws_db_instance" "keycloak" {
+
+  apply_immediately                   = var.postgresqlApplyImmediately
   allocated_storage                   = var.postgresqlStorageKeycloak
   max_allocated_storage               = var.postgresqlMaxStorageKeycloak
   auto_minor_version_upgrade          = true # [RDS.13] RDS automatic minor version upgrades should be enabled
+  allow_major_version_upgrade         = true
   engine                              = "postgres"
   engine_version                      = var.postgresqlVersion
   instance_class                      = var.db_instance_type_keycloak

modules/simphera_aws_instance/variables.tf

@@ -24,10 +24,16 @@ variable "name" {
   description = "The name of the SIMPHERA instance. e.g. production"
 }
 
+variable "postgresqlApplyImmediately" {
+  type        = bool
+  description = "Apply PostgreSQL changes immediately (true) or during next maintenance window (false)"
+  default     = false
+}
+
 variable "postgresqlVersion" {
   type        = string
   description = "PostgreSQL Server version to deploy"
-  default     = "11"
+  default     = "16"
 }
 
 variable "postgresqlStorage" {

simphera-instances.tf

@@ -7,6 +7,7 @@ module "simphera_instance" {
   eks_oidc_issuer_url          = module.eks.eks_oidc_issuer_url
   eks_oidc_provider_arn        = module.eks.eks_oidc_provider_arn
   name                         = each.value.name
+  postgresqlApplyImmediately   = each.value.postgresqlApplyImmediately
   postgresqlVersion            = each.value.postgresqlVersion
   postgresqlStorage            = each.value.postgresqlStorage
   postgresqlMaxStorage         = each.value.postgresqlMaxStorage

terraform.json.example

@@ -50,11 +50,12 @@
       "enable_deletion_protection": true,
       "k8s_namespace": "simphera",
       "name": "production",
+      "postgresqlApplyImmediately": false,
       "postgresqlMaxStorage": 100,
       "postgresqlMaxStorageKeycloak": 100,
       "postgresqlStorage": 20,
       "postgresqlStorageKeycloak": 20,
-      "postgresqlVersion": "11",
+      "postgresqlVersion": "16",
       "secretname": "aws-simphera-dev-production"
     }
   },

terraform.tfvars.example

@@ -114,11 +114,12 @@ simpheraInstances = {
     "enable_deletion_protection" : true,
     "k8s_namespace" : "simphera",
     "name" : "production",
+    "postgresqlApplyImmediately" : false
     "postgresqlMaxStorage" : 100,
     "postgresqlMaxStorageKeycloak" : 100,
     "postgresqlStorage" : 20,
     "postgresqlStorageKeycloak" : 20,
-    "postgresqlVersion" : "11",
+    "postgresqlVersion" : "16",
     "secretname" : "aws-simphera-dev-production"
   }
 }

variables.tf

@@ -188,6 +188,7 @@ variable "map_users" {
 variable "simpheraInstances" {
   type = map(object({
     name                         = string
+    postgresqlApplyImmediately   = bool
     postgresqlVersion            = string
     postgresqlStorage            = number
     postgresqlMaxStorage         = number
@@ -206,7 +207,8 @@ variable "simpheraInstances" {
   default = {
     "production" = {
       name                         = "production"
-      postgresqlVersion            = "11"
+      postgresqlApplyImmediately   = false
+      postgresqlVersion            = "16"
       postgresqlStorage            = 20
       postgresqlMaxStorage         = 100
       postgresqlStorageKeycloak    = 20