Skip to content
This repository has been archived by the owner on Mar 6, 2023. It is now read-only.

Latest commit

 

History

History
239 lines (190 loc) · 12.3 KB

README.md

File metadata and controls

239 lines (190 loc) · 12.3 KB
Raw

DEPRECATED - Azure Managed PostgreSQL Service

Changelog Notice Apache V2 License TF Registry

⚠ This module is deprecated, please use db-postgresql-flexible module

This module creates an Azure PostgreSQL server with databases along with logging activated, firewall rules and virtual network rules.

A user is created for each database created with this module. This module does not allow users to create new objects in the public schema regarding the CVE-2018-1058.

Global versioning rule for Claranet Azure modules

Module version Terraform version AzureRM version
>= 7.x.x 1.3.x >= 3.0
>= 6.x.x 1.x >= 3.0
>= 5.x.x 0.15.x >= 2.0
>= 4.x.x 0.13.x / 0.14.x >= 2.0
>= 3.x.x 0.12.x >= 2.0
>= 2.x.x 0.12.x < 2.0
< 2.x.x 0.11.x < 2.0

Contributing

If you want to contribute to this repository, feel free to use our pre-commit git hook configuration which will help you automatically update and format some files for you by enforcing our Terraform code module best-practices.

More details are available in the CONTRIBUTING.md file.

Usage

This module is optimized to work with the Claranet terraform-wrapper tool which set some terraform variables in the environment needed by this module. More details about variables set by the terraform-wrapper available in the documentation.

module "azure_region" {
  source  = "claranet/regions/azurerm"
  version = "x.x.x"

  azure_region = var.azure_region
}

module "rg" {
  source  = "claranet/rg/azurerm"
  version = "x.x.x"

  location    = module.azure_region.location
  client_name = var.client_name
  environment = var.environment
  stack       = var.stack
}

module "logs" {
  source  = "claranet/run-common/azurerm//modules/logs"
  version = "x.x.x"

  client_name         = var.client_name
  environment         = var.environment
  stack               = var.stack
  location            = module.azure_region.location
  location_short      = module.azure_region.location_short
  resource_group_name = module.rg.resource_group_name
}

resource "random_password" "admin_password" {
  special = "false"
  length  = 32
}

module "postgresql" {
  source  = "claranet/db-postgresql/azurerm"
  version = "x.x.x"

  client_name    = var.client_name
  location       = module.azure_region.location
  location_short = module.azure_region.location_short
  environment    = var.environment
  stack          = var.stack

  resource_group_name = module.rg.resource_group_name

  tier     = "GeneralPurpose"
  capacity = 4

  allowed_cidrs = {
    "1" = "10.0.0.0/24"
    "2" = "12.34.56.78/32"
  }

  storage_mb                   = 5120
  backup_retention_days        = 10
  geo_redundant_backup_enabled = true
  auto_grow_enabled            = false

  administrator_login    = "azureadmin"
  administrator_password = random_password.admin_password.result

  force_ssl = true

  databases_names     = ["mydatabase"]
  databases_collation = { mydatabase = "en-US" }
  databases_charset   = { mydatabase = "UTF8" }

  logs_destinations_ids = [
    module.logs.logs_storage_account_id,
    module.logs.log_analytics_workspace_id
  ]

  extra_tags = {
    foo = "bar"
  }
}

provider "postgresql" {
  host      = module.postgresql.postgresql_fqdn
  port      = 5432
  username  = module.postgresql.postgresql_administrator_login
  password  = module.postgresql.postgresql_administrator_password
  sslmode   = "require"
  superuser = false
}

module "postgresql_users" {
  source  = "claranet/users/postgresql"
  version = "x.x.x"

  for_each = toset(module.postgresql.postgresql_databases_names)

  administrator_login = module.postgresql.postgresql_administrator_login

  database = each.key
}

module "postgresql_configuration" {
  source  = "claranet/database-configuration/postgresql"
  version = "x.x.x"

  for_each = toset(module.postgresql.postgresql_databases_names)

  administrator_login = module.postgresql.postgresql_administrator_login

  database_admin_user = module.postgresql_users[each.key].user
  database            = each.key
  schema_name         = each.key
}

Providers

Name Version
azurecaf ~> 1.2, >= 1.2.22
azurerm >= 3.22

Modules

Name Source Version
diagnostics claranet/diagnostic-settings/azurerm 6.2.0

Resources

Name Type
azurerm_postgresql_configuration.postgresql_config resource
azurerm_postgresql_database.postgresql_db resource
azurerm_postgresql_firewall_rule.firewall_rules resource
azurerm_postgresql_server.postgresql_server resource
azurerm_postgresql_virtual_network_rule.vnet_rules resource
azurecaf_name.postgresql data source
azurecaf_name.postgresql_dbs data source

Inputs

Name Description Type Default Required
administrator_login PostgreSQL administrator login string n/a yes
administrator_password PostgreSQL administrator password. Strong Password : https://docs.microsoft.com/en-us/sql/relational-databases/security/strong-passwords?view=sql-server-2017 string n/a yes
allowed_cidrs Map of authorized cidrs, must be provided using remote states cloudpublic/cloudpublic/global/vars/terraform.state map(string) n/a yes
auto_grow_enabled Enable/Disable auto-growing of the storage. bool false no
backup_retention_days Backup retention days for the server, supported values are between 7 and 35 days. number 10 no
capacity Capacity for PostgreSQL server sku - number of vCores : https://docs.microsoft.com/en-us/azure/postgresql/concepts-pricing-tiers number 4 no
client_name Name of client string n/a yes
custom_diagnostic_settings_name Custom name of the diagnostics settings, name will be 'default' if not set. string "default" no
custom_server_name Custom Server Name identifier string "" no
databases_charset Valid PostgreSQL charset : https://www.postgresql.org/docs/current/multibyte.html#CHARSET-TABLE map(string) {} no
databases_collation Valid PostgreSQL collation : http://www.postgresql.cn/docs/9.4/collation.html - be careful about https://docs.microsoft.com/en-us/windows/win32/intl/locale-names?redirectedfrom=MSDN map(string) {} no
databases_names List of databases names list(string) n/a yes
default_tags_enabled Option to enable or disable default tags bool true no
environment Name of application's environnement string n/a yes
extra_tags Extra tags to add map(string) {} no
force_ssl Force usage of SSL bool true no
geo_redundant_backup_enabled Turn Geo-redundant server backups on/off. Not available for the Basic tier. bool true no
location Azure location for Key Vault. string n/a yes
location_short Short string for Azure location. string n/a yes
logs_categories Log categories to send to destinations. list(string) null no
logs_destinations_ids List of destination resources IDs for logs diagnostic destination.
Can be Storage Account, Log Analytics Workspace and Event Hub. No more than one of each can be set.
If you want to specify an Azure EventHub to send logs and metrics to, you need to provide a formated string with both the EventHub Namespace authorization send ID and the EventHub name (name of the queue to use in the Namespace) separated by the `		 ` character. list(string) n/a
logs_metrics_categories Metrics categories to send to destinations. list(string) null no
logs_retention_days Number of days to keep logs on storage account. number 30 no
name_prefix Optional prefix for the generated name string "" no
name_suffix Optional suffix for the generated name string "" no
postgresql_configurations PostgreSQL configurations to enable map(string) {} no
postgresql_version Valid values are 9.5, 9.6, 10, 10.0, and 11 string "11" no
public_network_access_enabled Whether or not public network access is allowed for this server. bool false no
resource_group_name Name of the application ressource group, herited from infra module string n/a yes
ssl_minimal_tls_version_enforced The mimimun TLS version to support on the sever string null no
stack Name of application stack string n/a yes
storage_mb Max storage allowed for a server. Possible values are between 5120 MB(5GB) and 1048576 MB(1TB) for the Basic SKU and between 5120 MB(5GB) and 4194304 MB(4TB) for General Purpose/Memory Optimized SKUs. number 5120 no
tier Tier for PostgreSQL server sku : https://docs.microsoft.com/en-us/azure/postgresql/concepts-pricing-tiers Possible values are: GeneralPurpose, Basic, MemoryOptimized string "GeneralPurpose" no
use_caf_naming Use the Azure CAF naming provider to generate default resource name. custom_server_name override this if set. Legacy default name is used if this is set to false. bool true no
use_caf_naming_for_databases Use the Azure CAF naming provider to generate databases name. bool false no
vnet_rules Map of vnet rules to create map(string) {} no

Outputs

Name Description
postgresql_administrator_login Administrator login for PostgreSQL server
postgresql_administrator_password Administrator password for PostgreSQL server
postgresql_configurations The map of all postgresql configurations set
postgresql_database_ids The map of all database resource ids
postgresql_databases_names Map of databases names
postgresql_firewall_rules Map of PostgreSQL created rules
postgresql_fqdn FQDN of the PostgreSQL server
postgresql_server_id PostgreSQL server ID
postgresql_server_name PostgreSQL server name
postgresql_vnet_rules The map of all vnet rules
terraform_module Information about this Terraform module

Related documentation

Microsoft Azure documentation: docs.microsoft.com/en-us/azure/postgresql/overview