Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/claranet/terraform-azurerm-db-postgresql-flexible
Terraform module composition (feature) for Azure PostGreSQL Flexible Database
https://github.com/claranet/terraform-azurerm-db-postgresql-flexible
azure claranet module terraform
Last synced: about 3 hours ago
JSON representation
Terraform module composition (feature) for Azure PostGreSQL Flexible Database
- Host: GitHub
- URL: https://github.com/claranet/terraform-azurerm-db-postgresql-flexible
- Owner: claranet
- License: apache-2.0
- Created: 2022-02-09T16:34:46.000Z (over 2 years ago)
- Default Branch: master
- Last Pushed: 2024-10-16T22:30:32.000Z (23 days ago)
- Last Synced: 2024-10-18T22:43:04.611Z (21 days ago)
- Topics: azure, claranet, module, terraform
- Language: HCL
- Homepage:
- Size: 141 KB
- Stars: 10
- Watchers: 9
- Forks: 7
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Azure Managed Database - PostgreSQL flexible
[](CHANGELOG.md) [](NOTICE) [](LICENSE) [](https://search.opentofu.org/module/claranet/db-postgresql/azurerm/)
This module creates an [Azure PostgreSQL Flexible server](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server) with [databases](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) along with logging activated [firewall rules](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_firewall_rule).
A user is created for each databases created with this module. This module does not allow users to create new objects in the public schema regarding the [CVE-2018-1058](https://wiki.postgresql.org/wiki/A_Guide_to_CVE-2018-1058%3A_Protect_Your_Search_Path#Do_not_allow_users_to_create_new_objects_in_the_public_schema).
## Global versioning rule for Claranet Azure modules
| Module version | Terraform version | OpenTofu version | AzureRM version |
| -------------- | ----------------- | ---------------- | --------------- |
| >= 8.x.x | **Unverified** | 1.8.x | >= 4.0 |
| >= 7.x.x | 1.3.x | | >= 3.0 |
| >= 6.x.x | 1.x | | >= 3.0 |
| >= 5.x.x | 0.15.x | | >= 2.0 |
| >= 4.x.x | 0.13.x / 0.14.x | | >= 2.0 |
| >= 3.x.x | 0.12.x | | >= 2.0 |
| >= 2.x.x | 0.12.x | | < 2.0 |
| < 2.x.x | 0.11.x | | < 2.0 |
## Contributing
If you want to contribute to this repository, feel free to use our [pre-commit](https://pre-commit.com/) git hook configuration
which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.
More details are available in the [CONTRIBUTING.md](./CONTRIBUTING.md#pull-request-process) file.
## Usage
This module is optimized to work with the [Claranet terraform-wrapper](https://github.com/claranet/terraform-wrapper) tool
which set some terraform variables in the environment needed by this module.
More details about variables set by the `terraform-wrapper` available in the [documentation](https://github.com/claranet/terraform-wrapper#environment).
⚠️ Since modules version v8.0.0, we do not maintain/check anymore the compatibility with
[Hashicorp Terraform](https://github.com/hashicorp/terraform/). Instead, we recommend to use [OpenTofu](https://github.com/opentofu/opentofu/).
```hcl
module "azure_region" {
source = "claranet/regions/azurerm"
version = "x.x.x"
azure_region = var.azure_region
}
module "rg" {
source = "claranet/rg/azurerm"
version = "x.x.x"
location = module.azure_region.location
client_name = var.client_name
environment = var.environment
stack = var.stack
}
module "logs" {
source = "claranet/run/azurerm//modules/logs"
version = "x.x.x"
client_name = var.client_name
environment = var.environment
stack = var.stack
location = module.azure_region.location
location_short = module.azure_region.location_short
resource_group_name = module.rg.resource_group_name
}
module "postgresql_flexible" {
source = "claranet/db-postgresql-flexible/azurerm"
version = "x.x.x"
client_name = var.client_name
location = module.azure_region.location
location_short = module.azure_region.location_short
environment = var.environment
stack = var.stack
resource_group_name = module.rg.resource_group_name
tier = "GeneralPurpose"
size = "D2s_v3"
storage_mb = 32768
postgresql_version = 13
allowed_cidrs = {
"1" = "10.0.0.0/24"
"2" = "12.34.56.78/32"
}
backup_retention_days = 14
geo_redundant_backup_enabled = true
administrator_login = "azureadmin"
databases = {
mydatabase = {
collation = "en_US.utf8"
charset = "UTF8"
}
}
maintenance_window = {
day_of_week = 3
start_hour = 3
start_minute = 0
}
logs_destinations_ids = [
module.logs.logs_storage_account_id,
module.logs.log_analytics_workspace_id
]
extra_tags = {
foo = "bar"
}
}
provider "postgresql" {
host = module.postgresql_flexible.postgresql_flexible_fqdn
port = 5432
username = module.postgresql_flexible.postgresql_flexible_administrator_login
password = module.postgresql_flexible.postgresql_flexible_administrator_password
sslmode = "require"
superuser = false
}
module "postgresql_users" {
source = "claranet/users/postgresql"
version = "x.x.x"
for_each = module.postgresql_flexible.postgresql_flexible_databases_names
administrator_login = module.postgresql_flexible.postgresql_flexible_administrator_login
database = each.key
}
module "postgresql_configuration" {
source = "claranet/database-configuration/postgresql"
version = "x.x.x"
for_each = module.postgresql_flexible.postgresql_flexible_databases_names
administrator_login = module.postgresql_flexible.postgresql_flexible_administrator_login
database_admin_user = module.postgresql_users[each.key].user
database = each.key
schema_name = each.key
}
```
## Providers
| Name | Version |
|------|---------|
| azurecaf | ~> 1.2, >= 1.2.22 |
| azurerm | ~> 3.105 |
| random | >= 2.0 |
## Modules
| Name | Source | Version |
|------|--------|---------|
| diagnostics | claranet/diagnostic-settings/azurerm | ~> 7.0.0 |
## Resources
| Name | Type |
|------|------|
| [azurerm_postgresql_flexible_server.postgresql_flexible_server](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server) | resource |
| [azurerm_postgresql_flexible_server_configuration.postgresql_flexible_config](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_configuration) | resource |
| [azurerm_postgresql_flexible_server_database.postgresql_flexible_db](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database) | resource |
| [azurerm_postgresql_flexible_server_firewall_rule.firewall_rules](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_firewall_rule) | resource |
| [random_password.administrator_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
| [azurecaf_name.postgresql_flexible_dbs](https://registry.terraform.io/providers/claranet/azurecaf/latest/docs/data-sources/name) | data source |
| [azurecaf_name.postgresql_flexible_server](https://registry.terraform.io/providers/claranet/azurecaf/latest/docs/data-sources/name) | data source |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| administrator\_login | PostgreSQL administrator login. | `string` | n/a | yes |
| administrator\_password | PostgreSQL administrator password. Strong Password : https://docs.microsoft.com/en-us/sql/relational-databases/security/strong-passwords?view=sql-server-2017. | `string` | `null` | no |
| allowed\_cidrs | Map of authorized cidrs. | `map(string)` | n/a | yes |
| authentication | Authentication configurations for the PostgreSQL Flexible Server |
object({
active_directory_auth_enabled = optional(bool)
password_auth_enabled = optional(bool)
tenant_id = optional(string)
}) | `{}` | no |
| auto\_grow\_enabled | Enable auto grow for the PostgreSQL Flexible Server. | `bool` | `false` | no |
| backup\_retention\_days | Backup retention days for the PostgreSQL Flexible Server (Between 7 and 35 days). | `number` | `7` | no |
| client\_name | Name of client. | `string` | n/a | yes |
| custom\_diagnostic\_settings\_name | Custom name of the diagnostics settings, name will be 'default' if not set. | `string` | `"default"` | no |
| custom\_server\_name | Custom Server Name identifier. | `string` | `""` | no |
| databases | Map of databases configurations with database name as key and following available configuration option:
* (optional) charset: Valid PostgreSQL charset : https://www.postgresql.org/docs/current/multibyte.html#CHARSET-TABLE
* (optional) collation: Valid PostgreSQL collation : http://www.postgresql.cn/docs/13/collation.html - be careful about https://docs.microsoft.com/en-us/windows/win32/intl/locale-names?redirectedfrom=MSDN | map(object({
charset = optional(string, "UTF8")
collation = optional(string, "en_US.utf8")
})) | `{}` | no |
| delegated\_subnet\_id | Id of the subnet to create the PostgreSQL Flexible Server. (Should not have any resource deployed in) | `string` | `null` | no |
| environment | Name of application's environnement. | `string` | n/a | yes |
| extra\_tags | Map of custom tags. | `map(string)` | `{}` | no |
| geo\_redundant\_backup\_enabled | Enable Geo Redundant Backup for the PostgreSQL Flexible Server. | `bool` | `false` | no |
| location | Azure location. | `string` | n/a | yes |
| location\_short | Short string for Azure location. | `string` | n/a | yes |
| logs\_categories | Log categories to send to destinations. | `list(string)` | `null` | no |
| logs\_destinations\_ids | List of destination resources IDs for logs diagnostic destination.
Can be `Storage Account`, `Log Analytics Workspace` and `Event Hub`. No more than one of each can be set.
If you want to specify an Azure EventHub to send logs and metrics to, you need to provide a formated string with both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the `|` character. | `list(string)` | n/a | yes |
| logs\_metrics\_categories | Metrics categories to send to destinations. | `list(string)` | `null` | no |
| maintenance\_window | Map of maintenance window configuration. | `map(number)` | `null` | no |
| name\_prefix | Optional prefix for the generated name. | `string` | `""` | no |
| name\_suffix | Optional suffix for the generated name. | `string` | `""` | no |
| postgresql\_configurations | PostgreSQL configurations to enable. | `map(string)` | `{}` | no |
| postgresql\_version | Version of PostgreSQL Flexible Server. Possible values are : https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server#version. | `number` | `13` | no |
| private\_dns\_zone\_id | ID of the private DNS zone to create the PostgreSQL Flexible Server. | `string` | `null` | no |
| public\_network\_access\_enabled | Enable public network access for the PostgreSQL Flexible Server. | `bool` | `false` | no |
| resource\_group\_name | Name of the application ressource group, herited from infra module. | `string` | n/a | yes |
| size | Size for PostgreSQL Flexible server sku : https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compute-storage. | `string` | `"D2ds_v4"` | no |
| stack | Name of application stack. | `string` | n/a | yes |
| standby\_zone | Specify availability-zone to enable high\_availability and create standby PostgreSQL Flexible Server. (Null to disable high-availability) | `number` | `2` | no |
| storage\_mb | Storage allowed for PostgresSQL Flexible server. Possible values : https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server#storage_mb. | `number` | `32768` | no |
| tier | Tier for PostgreSQL Flexible server sku : https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compute-storage. Possible values are: GeneralPurpose, Burstable, MemoryOptimized. | `string` | `"GeneralPurpose"` | no |
| use\_caf\_naming | Use the Azure CAF naming provider to generate default resource name. `custom_server_name` override this if set. Legacy default name is used if this is set to `false`. | `bool` | `true` | no |
| use\_caf\_naming\_for\_databases | Use the Azure CAF naming provider to generate databases name. | `bool` | `false` | no |
| zone | Specify availability-zone for PostgreSQL Flexible main Server. | `number` | `1` | no |
## Outputs
| Name | Description |
|------|-------------|
| postgresql\_flexible\_administrator\_login | Administrator login for PostgreSQL Flexible server. |
| postgresql\_flexible\_administrator\_password | Administrator password for PostgreSQL Flexible server. |
| postgresql\_flexible\_configurations | The map of all postgresql configurations set. |
| postgresql\_flexible\_database\_ids | The map of all database resource ids. |
| postgresql\_flexible\_databases\_names | Map of databases names. |
| postgresql\_flexible\_firewall\_rules | Map of PostgreSQL created rules. |
| postgresql\_flexible\_fqdn | FQDN of the PostgreSQL server. |
| postgresql\_flexible\_server\_id | PostgreSQL server ID. |
| terraform\_module | Information about this Terraform module |
## Related documentation
Microsoft Azure documentation: [docs.microsoft.com/fr-fr/azure/postgresql/flexible-server/](https://docs.microsoft.com/fr-fr/azure/postgresql/flexible-server/)