This module creates an Azure PostgreSQL server with databases along with logging activated and firewall rules and virtual network rules. A user is created for each databases created with this module. This module does not allow users to create new objects in the public schema regarding the CVE-2018-1058.
- Ansible >= 2.4
- Library libpq-dev and PostgreSQL adapter python-psycopg2
| Module version | Terraform version | AzureRM version |
|---|---|---|
| >= 4.x.x | 0.13.x | >= 2.0 |
| >= 3.x.x | 0.12.x | >= 2.0 |
| >= 2.x.x | 0.12.x | < 2.0 |
| < 2.x.x | 0.11.x | < 2.0 |
This module is optimized to work with the Claranet terraform-wrapper tool
which set some terraform variables in the environment needed by this module.
More details about variables set by the terraform-wrapper available in the documentation.
module "azure-region" {
source = "claranet/regions/azurerm"
version = "x.x.x"
azure_region = var.azure_region
}
module "rg" {
source = "claranet/rg/azurerm"
version = "x.x.x"
location = module.azure-region.location
client_name = var.client_name
environment = var.environment
stack = var.stack
}
module "postgresql" {
source = "claranet/db-postgresql/azurerm"
version = "x.x.x"
client_name = var.client_name
resource_group_name = module.rg.resource_group_name
location = module.azure-region.location
location_short = module.azure-region.location_short
environment = var.environment
stack = var.stack
tier = "GeneralPurpose"
capacity = 4
allowed_cidrs = {
"1" = "10.0.0.0/24"
"2" = "12.34.56.78/32"
}
storage_mb = 5120
backup_retention_days = 10
geo_redundant_backup_enabled = true
auto_grow_enabled = false
administrator_login = var.administrator_login
administrator_password = var.administrator_password
force_ssl = true
databases_names = ["mydatabase"]
databases_collation = { mydatabase = "en-US" }
databases_charset = { mydatabase = "UTF8" }
extra_tags = var.extra_tags
}| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| administrator_login | PostgreSQL administrator login | string |
n/a | yes |
| administrator_password | PostgreSQL administrator password. Strong Password : https://docs.microsoft.com/en-us/sql/relational-databases/security/strong-passwords?view=sql-server-2017 | string |
n/a | yes |
| allowed_cidrs | Map of authorized cidrs, must be provided using remote states cloudpublic/cloudpublic/global/vars/terraform.state | map(string) |
n/a | yes |
| auto_grow_enabled | Enable/Disable auto-growing of the storage. | bool |
false |
no |
| backup_retention_days | Backup retention days for the server, supported values are between 7 and 35 days. | number |
10 |
no |
| capacity | Capacity for MySQL server sku : https://www.terraform.io/docs/providers/azurerm/r/mysql_server.html#capacity | number |
4 |
no |
| client_name | Name of client | string |
n/a | yes |
| create_databases_users | True to create a user named _user per database with generated password and role db_owner. | bool |
true |
no |
| custom_server_name | Custom Server Name identifier | string |
"" |
no |
| databases_charset | Valid PostgreSQL charset : https://www.postgresql.org/docs/current/multibyte.html#CHARSET-TABLE | map(string) |
{} |
no |
| databases_collation | Valid PostgreSQL collation : http://www.postgresql.cn/docs/9.4/collation.html - be careful about https://docs.microsoft.com/en-us/windows/win32/intl/locale-names?redirectedfrom=MSDN | map(string) |
{} |
no |
| databases_names | List of databases names | list(string) |
n/a | yes |
| enable_logs_to_log_analytics | Boolean flag to specify whether the logs should be sent to Log Analytics | bool |
false |
no |
| enable_logs_to_storage | Boolean flag to specify whether the logs should be sent to the Storage Account | bool |
false |
no |
| environment | Name of application's environnement | string |
n/a | yes |
| extra_tags | Map of custom tags | map(string) |
{} |
no |
| force_ssl | Force usage of SSL | bool |
true |
no |
| geo_redundant_backup_enabled | Turn Geo-redundant server backups on/off. Not available for the Basic tier. | bool |
true |
no |
| location | Azure location for Key Vault. | string |
n/a | yes |
| location_short | Short string for Azure location. | string |
n/a | yes |
| logs_log_analytics_workspace_id | Log Analytics Workspace id for logs | string |
"" |
no |
| logs_storage_account_id | Storage Account id for logs | string |
"" |
no |
| logs_storage_retention | Retention in days for logs on Storage Account | number |
30 |
no |
| name_prefix | Optional prefix for PostgreSQL server name | string |
"" |
no |
| postgresql_configurations | PostgreSQL configurations to enable | map(string) |
{} |
no |
| postgresql_version | Valid values are 9.5, 9.6, 10, 10.0, and 11 | string |
"11" |
no |
| resource_group_name | Name of the application ressource group, herited from infra module | string |
n/a | yes |
| stack | Name of application stack | string |
n/a | yes |
| storage_mb | Max storage allowed for a server. Possible values are between 5120 MB(5GB) and 1048576 MB(1TB) for the Basic SKU and between 5120 MB(5GB) and 4194304 MB(4TB) for General Purpose/Memory Optimized SKUs. | number |
5120 |
no |
| tier | Tier for MySQL server sku : https://www.terraform.io/docs/providers/azurerm/r/mysql_server.html#tier Possible values are: GeneralPurpose, Basic, MemoryOptimized | string |
"GeneralPurpose" |
no |
| vnet_rules | Map of vnet rules to create | map(string) |
{} |
no |
| Name | Description |
|---|---|
| postgresql_administrator_login | Administrator login for PostgreSQL server |
| postgresql_configurations | The map of all postgresql configurations set |
| postgresql_database_ids | The map of all database resource ids |
| postgresql_databases_names | Map of databases names |
| postgresql_firewall_rules | Map of PostgreSQL created rules |
| postgresql_fqdn | FQDN of the PostgreSQL server |
| postgresql_server_id | PostgreSQL server ID |
| postgresql_users_passwords | Map of passwords for databases users |
| postgresql_vnet_rules | The map of all vnet rules |
Terraform Azure PostgreSQL Server documentation: www.terraform.io/docs/providers/azurerm/r/postgresql_server.html
Terraform Azure PostgreSQL Database documentation: www.terraform.io/docs/providers/azurerm/r/postgresql_database.html
Terraform Azure PostgreSQL Virtual Network Rule documentation: www.terraform.io/docs/providers/azurerm/r/postgresql_virtual_network_rule.html
Terraform Azure PostgreSQL Firewall documentation: www.terraform.io/docs/providers/azurerm/r/postgresql_firewall_rule.html
Terraform Azure PostgreSQL Configuration documentation: www.terraform.io/docs/providers/azurerm/r/postgresql_configuration.htmlhttps://www.terraform.io/docs/providers/azurerm/r/postgresql_configuration.html
Microsoft Azure documentation: docs.microsoft.com/fr-fr/azure/postgresql/overview