-
Notifications
You must be signed in to change notification settings - Fork 1
/
deploy-psql.sh
51 lines (45 loc) · 1.74 KB
/
deploy-psql.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
RESOURCE_GROUP=rg-dotnet-passwordless
POSTGRESQL_HOST=postgres-passwordless
DATABASE_NAME=checklist
POSTGRESQL_FQDN=${POSTGRESQL_HOST}.postgres.database.azure.com
LOCATION=eastus
POSTGRESQL_ADMIN_USER=azureuser
# Generating a random password for Posgresql admin user as it is mandatory
# postgresql admin won't be used as Azure AD authentication is leveraged also for administering the database
POSTGRESQL_ADMIN_PASSWORD=$(pwgen -s 15 1)
# Get current user logged in azure cli to make it postgresql AAD admin
CURRENT_USER=$(az account show --query user.name -o tsv)
CURRENT_USER_OBJECTID=$(az ad user show --id $CURRENT_USER --query id -o tsv)
az group create \
--name $RESOURCE_GROUP \
--location $LOCATION
# create postgresql server
az postgres server create \
--name $POSTGRESQL_HOST \
--resource-group $RESOURCE_GROUP \
--location $LOCATION \
--admin-user $POSTGRESQL_ADMIN_USER \
--admin-password "$POSTGRESQL_ADMIN_PASSWORD" \
--public 0.0.0.0 \
--sku-name GP_Gen5_2 \
--version 11 \
--storage-size 5120
# create postgres database
az postgres db create \
-g $RESOURCE_GROUP \
-s $POSTGRESQL_HOST \
-n $DATABASE_NAME
# create postgresql server AAD admin user
az postgres server ad-admin create \
--server-name $POSTGRESQL_HOST \
--resource-group $RESOURCE_GROUP \
--object-id $CURRENT_USER_OBJECTID \
--display-name $CURRENT_USER
# Create a temporary firewall rule to allow connections from current machine to the postgresql server
MY_IP=$(curl http://whatismyip.akamai.com)
az postgres server firewall-rule create \
--resource-group $RESOURCE_GROUP \
--server-name $POSTGRESQL_HOST \
--name AllowCurrentMachineToConnect \
--start-ip-address ${MY_IP} \
--end-ip-address ${MY_IP}