With our comprehensive DevOps toolkit - streamline operations, automate workflows, enhance collaboration and, most importantly, deploy with confidence.
We are a group of DevOps engineers & architects, joining hands in this ever evolving digital landscape. With our strong belief in Automation; just like microservices, always on the lookout to split the the infrastructure into smaller connected resources (database, cluster and more) which could be standardized, are manageable, scalable, secure & follow industry best practices.
This module includes Terraform open source, examples, and automation tests (for better understanding), which would help you create and improve your infrastructure with minimalistic coding.
This table contains both Prerequisites and Providers:
| Description | Name | Version |
|---|---|---|
| Prerequisite | Terraform | >= 1.6.6 |
| Provider | azure | >= 3.116.0 |
| Provider | random | >= 3.0.0 |
IMPORTANT: Since the master branch used in source varies based on new modifications, we recommend using the release versions.
π For additional usage examples, check the complete list under examples/ directory.
| Name | Source | Version |
|---|---|---|
| labels | terraform-az-modules/tags/azurerm | 1.0.2 |
| Name | Type |
|---|---|
| azurerm_monitor_diagnostic_setting.postgresql | resource |
| azurerm_postgresql_flexible_server.main | resource |
| azurerm_postgresql_flexible_server_active_directory_administrator.main | resource |
| azurerm_postgresql_flexible_server_configuration.main | resource |
| azurerm_postgresql_flexible_server_database.main | resource |
| azurerm_postgresql_server_key.main | resource |
| azurerm_private_endpoint.pep | resource |
| azurerm_role_assignment.identity_assigned | resource |
| azurerm_role_assignment.rbac_keyvault_crypto_officer | resource |
| azurerm_user_assigned_identity.identity | resource |
| azuread_group.main | data source |
| azurerm_client_config.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| active_directory_auth_enabled | Whether Active Directory authentication is allowed to access the PostgreSQL Flexible Server | bool |
true |
no |
| admin_objects_ids | IDs of the objects that can do all operations on all keys, secrets and certificates. | list(string) |
[] |
no |
| admin_password | The password associated with the admin_username user | string |
null |
no |
| admin_username | The administrator login name for the new SQL Server | string |
null |
no |
| auto_grow_enabled | Is the storage auto grow for PostgreSQL Flexible Server enabled? Defaults to false | bool |
false |
no |
| backup_retention_days | The backup retention days for the PostgreSQL Flexible Server. Possible values are between 1 and 35 days. Defaults to 7 | number |
30 |
no |
| charset | Specifies the Charset for the PostgreSQL Database, which needs to be a valid PostgreSQL Charset. Changing this forces a new resource to be created. | string |
"utf8" |
no |
| cmk_encryption_enabled | Enable customer-managed key (CMK) encryption for the PostgreSQL Flexible Server. | bool |
false |
no |
| collation | Specifies the Collation for the PostgreSQL Database, which needs to be a valid PostgreSQL Collation. Changing this forces a new resource to be created. | string |
"en_US.utf8" |
no |
| create_mode | The creation mode. Can be used to restore or replicate existing servers. Possible values are Default, Replica, GeoRestore, and PointInTimeRestore. Defaults to Default |
string |
"Default" |
no |
| custom_name | Override the default naming convention. | string |
null |
no |
| database_names | List of the names of the PostgreSQL Databases, which needs to be a valid PostgreSQL identifier. Changing this forces a new resource to be created. | list(string) |
[] |
no |
| delegated_subnet_id | The resource ID of the subnet | string |
null |
no |
| deployment_mode | Specifies how the infrastructure/resource is deployed | string |
"terraform" |
no |
| enable_diagnostic | Flag to control creation of diagnostic settings. | bool |
true |
no |
| enable_private_endpoint | Manages a Private Endpoint to Azure database for PostgreSQL | bool |
false |
no |
| enabled | Set to false to prevent the module from creating any resources. | bool |
true |
no |
| environment | Environment (e.g. prod, dev, staging). |
string |
"" |
no |
| eventhub_authorization_rule_id | Eventhub authorization rule id to pass it to destination details of diagnosys setting of NSG. | string |
null |
no |
| eventhub_name | Eventhub Name to pass it to destination details of diagnosys setting of NSG. | string |
null |
no |
| extra_tags | Variable to pass extra tags. | map(string) |
null |
no |
| geo_backup_key_vault_key_id | Key-vault key id to encrypt the geo redundant backup | string |
null |
no |
| geo_backup_user_assigned_identity_id | User assigned identity id to encrypt the geo redundant backup | string |
null |
no |
| geo_redundant_backup_enabled | Should geo redundant backup enabled? Defaults to false. Changing this forces a new PostgreSQL Flexible Server to be created. | bool |
false |
no |
| high_availability | Map of high availability configuration: https://docs.microsoft.com/en-us/azure/mysql/flexible-server/concepts-high-availability. null to disable high availability |
object({ |
{ |
no |
| key_vault_id | Specifies the URL to a Key Vault Key (either from a Key Vault Key, or the Key URL for the Key Vault Secret | string |
"" |
no |
| key_vault_key_id | The URL to a Key Vault Key | string |
null |
no |
| label_order | Label order, e.g. sequence of application name and environment name,environment,'attribute' [webserver,qa,devops,public,] . |
list(any) |
[] |
no |
| location | The Azure Region where the PostgreSQL Flexible Server should exist. Changing this forces a new PostgreSQL Flexible Server to be created. | string |
"" |
no |
| log_analytics_destination_type | Possible values are AzureDiagnostics and Dedicated, default to AzureDiagnostics. When set to Dedicated, logs sent to a Log Analytics workspace will go into resource specific tables, instead of the legacy AzureDiagnostics table. | string |
"AzureDiagnostics" |
no |
| log_analytics_workspace_id | Log Analytics workspace id in which logs should be retained. | string |
null |
no |
| log_category | Categories of logs to be recorded in diagnostic setting. Acceptable values are PostgreSQLFlexDatabaseXacts, PostgreSQLFlexQueryStoreRuntime, PostgreSQLFlexQueryStoreWaitStats ,PostgreSQLFlexSessions, PostgreSQLFlexTableStats, PostgreSQLLogs | list(string) |
[] |
no |
| log_category_group | Log category group for diagnostic settings. | list(string) |
[ |
no |
| maintenance_window_day_of_week | The day of the week for the maintenance window, where the week starts on a Sunday, i.e. Sunday = 0, Monday = 1 | number |
2 |
no |
| maintenance_window_enabled | Enable maintenance window configuration on the PostgreSQL Flexible Server. Defaults to false | bool |
false |
no |
| maintenance_window_start_hour | The start hour for the maintenance window, in UTC | number |
6 |
no |
| maintenance_window_start_minute | The start minute for the maintenance window | number |
0 |
no |
| managedby | ManagedBy, eg: Terraform, Ansible, CloudFormation. |
string |
"Terraform" |
no |
| metric_enabled | Whether metric diagnonsis should be enable in diagnostic settings for flexible Mysql. | bool |
true |
no |
| name | Name (e.g. app or cluster). |
string |
"" |
no |
| password_auth_enabled | Whether password authentication is allowed to access the PostgreSQL Flexible Server | bool |
true |
no |
| point_in_time_restore_time_in_utc | The point in time to restore from creation_source_server_id when create_mode is PointInTimeRestore. Changing this forces a new PostgreSQL Flexible Server to be created. | string |
null |
no |
| postgresql_version | The version of the PostgreSQL Flexible Server to use. Changing this forces a new PostgreSQL Flexible Server to be created. | string |
"16" |
no |
| principal_name | The name of Azure Active Directory principal. | string |
null |
no |
| principal_type | Set the principal type, defaults to ServicePrincipal. The type of Azure Active Directory principal. Possible values are Group, ServicePrincipal and User. Changing this forces a new resource to be created. | string |
"Group" |
no |
| private_dns_zone_ids | The ID of the Private DNS Zone to associate with the PostgreSQL Flexible Server. | string |
null |
no |
| private_dns_id | The ID of the Private DNS Zone to associate with the PostgreSQL Flexible Server,when we dont enable private endpoint. | string |
null |
no |
| private_endpoint_subnet_id | The subnet ID where the private endpoint will be deployed | string |
null |
no |
| public_network_access_enabled | Defines whether public access is allowed. | bool |
false |
no |
| repository | Terraform current module repo | string |
"" |
no |
| resource_group_name | A container that holds related resources for an Azure solution | string |
"pgsql-rg" |
no |
| resource_position_prefix | Controls placement of the resource type keyword (e.g., "vnet", "ddospp") in resource names. - If true, the keyword is prepended: "vnet-core-dev". - If false, the keyword is appended: "core-dev-vnet". Maintains naming consistency based on organizational preferences. |
bool |
true |
no |
| server_configuration_name | Specifies the name of the PostgreSQL Flexible Server Configuration, which needs to be a valid PostgreSQL configuration name. Changing this forces a new resource to be created. | list(string) |
[ |
no |
| sku_name | The SKU Name for the PostgreSQL Flexible Server. | string |
"GP_Standard_D8ds_v4" |
no |
| source_server_id | The resource ID of the source PostgreSQL Flexible Server to be restored. Required when create_mode is PointInTimeRestore, GeoRestore, and Replica. Changing this forces a new PostgreSQL Flexible Server to be created. | string |
null |
no |
| storage_account_id | Storage account id to pass it to destination details of diagnosys setting of NSG. | string |
null |
no |
| storage_mb | The max storage allowed for the PostgreSQL Flexible Server. Possible values are 32768, 65536, 131072, 262144, 524288, 1048576, 2097152, 4194304, 8388608, and 16777216. | string |
"32768" |
no |
| values | Specifies the value of the PostgreSQL Flexible Server Configuration. See the PostgreSQL documentation for valid values. Changing this forces a new resource to be created. | list(string) |
[ |
no |
| zone | Specifies the Availability Zone in which this PostgreSQL Flexible Server should be located. Possible values are 1, 2 and 3. | number |
1 |
no |
| Name | Description |
|---|---|
| postgresql_flexible_server_id | The ID of the PostgreSQL Flexible Server. |
| postgresql_flexible_server_name | The FQDN of the PostgreSQL Flexible Server. |
| Skipped Check | Reason for Skipping |
|---|---|
| CKV_TF_1 | Required by module design |
| CKV_AZURE_136 | Managed service, check not applicable |
| CKV2_AZURE_57 | Compliance handled outside Terraform |
This module has dependencies on:
- Labels Module: Provides resource tagging.
Refer here.
Big thanks to our contributors for elevating our project with their dedication and expertise! But, we do not wish to stop there, would like to invite contributions from the community in improving these projects and making them more versatile for better reach. Remember, every bit of contribution is immensely valuable, as, together, we are moving in only 1 direction, i.e. forward.
If you're considering contributing to our project, here are a few quick guidelines that we have been following (Got a suggestion? We are all ears!):
- Fork the Repository: Create a new branch for your feature or bug fix.
- Coding Standards: You know the drill.
- Clear Commit Messages: Write clear and concise commit messages to facilitate understanding.
- Thorough Testing: Test your changes thoroughly before submitting a pull request.
- Documentation Updates: Include relevant documentation updates if your changes impact it.
Spot a bug or have thoughts to share with us? Let's squash it together! Log it in our issue tracker, feel free to drop us an email at hello@clouddrove.com).
Show some love with a β on our GitHub! if our work has brightened your day! β your feedback fuels our journey!
We have 50+ Azure Terraform modules π. You could consider them finished, but, with enthusiasts like yourself, we are able to ever improve them, so we call our status - improvement in progress.
- Terraform Module Registry: Discover our Terraform modules here.
We provide a platform for organizations to engage with experienced, top-tier DevOps and Cloud professionals. Tap into our pool of certified engineers and architects to elevate your DevOps and Cloud solutions.
At Azure Terraform Modules Organisation, we have extensive experience in designing, building, and migrating environments; securing infrastructure; consulting; monitoring; optimizing; automating; and maintaining complex, large-scale modern systems. With a strong client presence across American and European regions, our certified experts deliver robust and scalable cloud solutions.
Write to us at hello@clouddrove.com.
We are The Cloud Experts!
We β€οΈ Open Source and you can check out our other modules to get help with your new Cloud ideas.