azurermPostgresqlFlexibleServer
Manages a PostgreSQL Flexible Server.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as azurerm from "./.gen/providers/azurerm";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: azurerm.
For a more precise conversion please use the --provider flag in convert.*/
new azurerm.provider.AzurermProvider(this, "azurerm", {
features: [{}],
});
const azurermResourceGroupExample = new azurerm.resourceGroup.ResourceGroup(
this,
"example",
{
location: "West Europe",
name: "example-resources",
}
);
const azurermVirtualNetworkExample = new azurerm.virtualNetwork.VirtualNetwork(
this,
"example_2",
{
address_space: ["10.0.0.0/16"],
location: azurermResourceGroupExample.location,
name: "example-vn",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermVirtualNetworkExample.overrideLogicalId("example");
const azurermPrivateDnsZoneExample = new azurerm.privateDnsZone.PrivateDnsZone(
this,
"example_3",
{
name: "example.postgres.database.azure.com",
resource_group_name: azurermResourceGroupExample.name,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPrivateDnsZoneExample.overrideLogicalId("example");
const azurermPrivateDnsZoneVirtualNetworkLinkExample =
new azurerm.privateDnsZoneVirtualNetworkLink.PrivateDnsZoneVirtualNetworkLink(
this,
"example_4",
{
name: "exampleVnetZone.com",
private_dns_zone_name: azurermPrivateDnsZoneExample.name,
resource_group_name: azurermResourceGroupExample.name,
virtual_network_id: azurermVirtualNetworkExample.id,
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPrivateDnsZoneVirtualNetworkLinkExample.overrideLogicalId("example");
const azurermSubnetExample = new azurerm.subnet.Subnet(this, "example_5", {
address_prefixes: ["10.0.2.0/24"],
delegation: [
{
name: "fs",
service_delegation: [
{
actions: ["Microsoft.Network/virtualNetworks/subnets/join/action"],
name: "Microsoft.DBforPostgreSQL/flexibleServers",
},
],
},
],
name: "example-sn",
resource_group_name: azurermResourceGroupExample.name,
service_endpoints: ["Microsoft.Storage"],
virtual_network_name: azurermVirtualNetworkExample.name,
});
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermSubnetExample.overrideLogicalId("example");
const azurermPostgresqlFlexibleServerExample =
new azurerm.postgresqlFlexibleServer.PostgresqlFlexibleServer(
this,
"example_6",
{
administrator_login: "psqladmin",
administrator_password: "H@Sh1CoR3!",
delegated_subnet_id: azurermSubnetExample.id,
depends_on: [`\${${azurermPrivateDnsZoneVirtualNetworkLinkExample.fqn}}`],
location: azurermResourceGroupExample.location,
name: "example-psqlflexibleserver",
private_dns_zone_id: azurermPrivateDnsZoneExample.id,
resource_group_name: azurermResourceGroupExample.name,
sku_name: "GP_Standard_D4s_v3",
storage_mb: 32768,
version: "12",
zone: "1",
}
);
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
azurermPostgresqlFlexibleServerExample.overrideLogicalId("example");
Arguments Reference
The following arguments are supported:
name
- (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created.
\~> Note This must be unique across the entire Azure service, not just within the resource group.
-
resourceGroupName
- (Required) The name of the Resource Group where the PostgreSQL Flexible Server should exist. Changing this forces a new PostgreSQL Flexible Server to be created. -
location
- (Required) The Azure Region where the PostgreSQL Flexible Server should exist. Changing this forces a new PostgreSQL Flexible Server to be created. -
administratorLogin
- (Optional) The Administrator login for the PostgreSQL Flexible Server. Required whencreateMode
isdefault
andauthenticationPasswordAuthEnabled
istrue
.
-> Note: Once administratorLogin
is specified, changing this forces a new PostgreSQL Flexible Server to be created.
-
administratorPassword
- (Optional) The Password associated with theadministratorLogin
for the PostgreSQL Flexible Server. Required whencreateMode
isdefault
andauthenticationPasswordAuthEnabled
istrue
. -
authentication
- (Optional) Anauthentication
block as defined below. -
backupRetentionDays
- (Optional) The backup retention days for the PostgreSQL Flexible Server. Possible values are between7
and35
days. -
customerManagedKey
- (Optional) AcustomerManagedKey
block as defined below. Changing this forces a new resource to be created. -
geoRedundantBackupEnabled
- (Optional) Is Geo-Redundant backup enabled on the PostgreSQL Flexible Server. Defaults tofalse
. Changing this forces a new PostgreSQL Flexible Server to be created. -
createMode
- (Optional) The creation mode which can be used to restore or replicate existing servers. Possible values aredefault
,pointInTimeRestore
,replica
andupdate
. Changing this forces a new PostgreSQL Flexible Server to be created.
-> Note: While creating the resource, createMode
cannot be set to update
.
-
delegatedSubnetId
- (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. Changing this forces a new PostgreSQL Flexible Server to be created. -
privateDnsZoneId
- (Optional) The ID of the private DNS zone to create the PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created.
\~> NOTE: There will be a breaking change from upstream service at 15th July 2021, the privateDnsZoneId
will be required when setting a delegatedSubnetId
. For existing flexible servers who don't want to be recreated, you need to provide the privateDnsZoneId
to the service team to manually migrate to the specified private DNS zone. The azurermPrivateDnsZone
should end with suffix postgresDatabaseAzureCom
.
-
highAvailability
- (Optional) AhighAvailability
block as defined below. -
identity
- (Optional) Anidentity
block as defined below. -
maintenanceWindow
- (Optional) AmaintenanceWindow
block as defined below. -
pointInTimeRestoreTimeInUtc
- (Optional) The point in time to restore fromsourceServerId
whencreateMode
ispointInTimeRestore
. Changing this forces a new PostgreSQL Flexible Server to be created. -
replicationRole
- (Optional) The replication role for the PostgreSQL Flexible Server. Possible value isnone
.
\~> NOTE: The replicationRole
cannot be set while creating and only can be updated to none
for replica server.
-
skuName
- (Optional) The SKU Name for the PostgreSQL Flexible Server. The name of the SKU, follows thetier
+name
pattern (e.g.bStandardB1Ms
,gpStandardD2SV3
,moStandardE4SV3
). -
sourceServerId
- (Optional) The resource ID of the source PostgreSQL Flexible Server to be restored. Required whencreateMode
ispointInTimeRestore
orreplica
. Changing this forces a new PostgreSQL Flexible Server to be created. -
storageMb
- (Optional) The max storage allowed for the PostgreSQL Flexible Server. Possible values are32768
,65536
,131072
,262144
,524288
,1048576
,2097152
,4194304
,8388608
, and16777216
. -
tags
- (Optional) A mapping of tags which should be assigned to the PostgreSQL Flexible Server. -
version
- (Optional) The version of PostgreSQL Flexible Server to use. Possible values are11
,12
,13
and14
. Required whencreateMode
isdefault
. Changing this forces a new PostgreSQL Flexible Server to be created.
-> Note: When createMode
is update
, upgrading version wouldn't force a new resource to be created.
zone
- (Optional) Specifies the Availability Zone in which the PostgreSQL Flexible Server should be located.
-> Note: Azure will automatically assign an Availability Zone if one is not specified. If the PostgreSQL Flexible Server fails-over to the Standby Availability Zone, the zone
will be updated to reflect the current Primary Availability Zone. You can use Terraform's ignoreChanges
functionality to ignore changes to the zone
and highAvailability0StandbyAvailabilityZone
fields should you wish for Terraform to not migrate the PostgreSQL Flexible Server back to it's primary Availability Zone after a fail-over.
-> Note: The Availability Zones available depend on the Azure Region that the PostgreSQL Flexible Server is being deployed into - see the Azure Availability Zones documentation for more information on which Availability Zones are available in each Azure Region.
An authentication
block supports the following:
-
activeDirectoryAuthEnabled
- (Optional) Whether or not Active Directory authentication is allowed to access the PostgreSQL Flexible Server. Defaults tofalse
. -
passwordAuthEnabled
- (Optional) Whether or not password authentication is allowed to access the PostgreSQL Flexible Server. Defaults totrue
.
-> NOTE: When passwordAuthEnabled
is set to false
, administratorLogin
and administratorPassword
must not be specified.
tenantId
- (Optional) The Tenant ID of the Azure Active Directory which is used by the Active Directory authentication.activeDirectoryAuthEnabled
must be set totrue
.
-> Note: Setting activeDirectoryAuthEnabled
to true
requires a Service Principal for the Postgres Flexible Server. For more details see this document.
-> Note: tenantId
is required when activeDirectoryAuthEnabled
is set to true
. And it should not be specified when activeDirectoryAuthEnabled
is set to false
A customerManagedKey
block supports the following:
-
keyVaultKeyId
- (Optional) The ID of the Key Vault Key. -
primaryUserAssignedIdentityId
- (Optional) Specifies the primary user managed identity id for a Customer Managed Key. Should be added withidentityIds
.
\~> NOTE: This is required when type
is set to userAssigned
or systemAssigned,UserAssigned
.
An identity
block supports the following:
-
type
- (Required) Specifies the type of Managed Service Identity that should be configured on this PostgreSQL Flexible Server. Should be set touserAssigned
,systemAssigned,UserAssigned
(to enable both). -
identityIds
- (Optional) A list of User Assigned Managed Identity IDs to be assigned to this PostgreSQL Flexible Server. Required if used together withcustomerManagedKey
block.
\~> NOTE: This is required when type
is set to userAssigned
or systemAssigned,UserAssigned
.
A maintenanceWindow
block supports the following:
-
dayOfWeek
- (Optional) The day of week for maintenance window, where the week starts on a Sunday, i.e. Sunday =0
, Monday =1
. Defaults to0
. -
startHour
- (Optional) The start hour for maintenance window. Defaults to0
. -
startMinute
- (Optional) The start minute for maintenance window. Defaults to0
.
A highAvailability
block supports the following:
-
mode
- (Required) The high availability mode for the PostgreSQL Flexible Server. Possible value aresameZone
orzoneRedundant
. -
standbyAvailabilityZone
- (Optional) Specifies the Availability Zone in which the standby Flexible Server should be located.
-> Note: Azure will automatically assign an Availability Zone if one is not specified. If the PostgreSQL Flexible Server fails-over to the Standby Availability Zone, the zone
will be updated to reflect the current Primary Availability Zone. You can use Terraform's ignoreChanges
functionality to ignore changes to the zone
and highAvailability0StandbyAvailabilityZone
fields should you wish for Terraform to not migrate the PostgreSQL Flexible Server back to it's primary Availability Zone after a fail-over.
-> Note: The Availability Zones available depend on the Azure Region that the PostgreSQL Flexible Server is being deployed into - see the Azure Availability Zones documentation for more information on which Availability Zones are available in each Azure Region.
Attributes Reference
In addition to the Arguments listed above - the following Attributes are exported:
-
id
- The ID of the PostgreSQL Flexible Server. -
fqdn
- The FQDN of the PostgreSQL Flexible Server. -
publicNetworkAccessEnabled
- Is public network access enabled?
Timeouts
The timeouts
block allows you to specify timeouts for certain actions:
create
- (Defaults to 1 hour) Used when creating the PostgreSQL Flexible Server.read
- (Defaults to 5 minutes) Used when retrieving the PostgreSQL Flexible Server.update
- (Defaults to 1 hour) Used when updating the PostgreSQL Flexible Server.delete
- (Defaults to 1 hour) Used when deleting the PostgreSQL Flexible Server.
Import
PostgreSQL Flexible Servers can be imported using the resourceId
, e.g.