databases/postgresql_flexible_server¶
Overview¶
This page documents the Terraform module implementation, key configuration surfaces, and how it integrates with CAF.
Dependency diagram (Mermaid)¶
graph TD
azurecaf_name.postgresql_flexible_server["azurecaf_name.postgresql_flexible_server"]
azurecaf_name.postgresql_flexible_server_database["azurecaf_name.postgresql_flexible_server_database"]
azurecaf_name.postgresql_flexible_server_firewall_rule["azurecaf_name.postgresql_flexible_server_firewall_rule"]
azurerm_key_vault_secret.pg_user_password["azurerm_key_vault_secret.pg_user_password"]
azurerm_key_vault_secret.postgresql_administrator_password["azurerm_key_vault_secret.postgresql_administrator_password"]
azurerm_key_vault_secret.postgresql_administrator_username["azurerm_key_vault_secret.postgresql_administrator_username"]
azurerm_key_vault_secret.postgresql_database_name["azurerm_key_vault_secret.postgresql_database_name"]
azurerm_key_vault_secret.postgresql_fqdn["azurerm_key_vault_secret.postgresql_fqdn"]
azurerm_postgresql_flexible_server.postgresql["azurerm_postgresql_flexible_server.postgresql"]
azurerm_postgresql_flexible_server_active_directory_administrator.administrator["azurerm_postgresql_flexible_server_active_directory_administrator.administrator"]
azurerm_postgresql_flexible_server_configuration.postgresql["azurerm_postgresql_flexible_server_configuration.postgresql"]
azurerm_postgresql_flexible_server_database.postgresql["azurerm_postgresql_flexible_server_database.postgresql"]
azurerm_postgresql_flexible_server_firewall_rule.postgresql["azurerm_postgresql_flexible_server_firewall_rule.postgresql"]
data.azurerm_key_vault_secret.postgresql_admin_password["data.azurerm_key_vault_secret.postgresql_admin_password"]
module.diagnostics["module.diagnostics"]
module.private_endpoint["module.private_endpoint"]
null_resource.create_pg_user["null_resource.create_pg_user"]
null_resource.delete_pg_user["null_resource.delete_pg_user"]
null_resource.revoke_db_permissions["null_resource.revoke_db_permissions"]
null_resource.set_db_permissions["null_resource.set_db_permissions"]
random_password.pg_user["random_password.pg_user"]
random_password.postgresql_administrator_password["random_password.postgresql_administrator_password"]
remote:azuread_groups["remote:azuread_groups"]
remote:azuread_users["remote:azuread_users"]
remote:diagnostics["remote:diagnostics"]
remote:keyvault_id["remote:keyvault_id"]
remote:managed_identities["remote:managed_identities"]
remote:private_dns_zone_id["remote:private_dns_zone_id"]
remote:service_principals["remote:service_principals"]
remote:subnet_id["remote:subnet_id"]
time_sleep.server_configuration["time_sleep.server_configuration"]
azurerm_key_vault_secret.pg_user_password --> azurecaf_name.postgresql_flexible_server
azurerm_key_vault_secret.pg_user_password --> random_password.pg_user
azurerm_key_vault_secret.pg_user_password --> remote:keyvault_id
azurerm_key_vault_secret.postgresql_administrator_password --> azurecaf_name.postgresql_flexible_server
azurerm_key_vault_secret.postgresql_administrator_password --> random_password.postgresql_administrator_password
azurerm_key_vault_secret.postgresql_administrator_password --> remote:keyvault_id
azurerm_key_vault_secret.postgresql_administrator_username --> azurecaf_name.postgresql_flexible_server
azurerm_key_vault_secret.postgresql_administrator_username --> remote:keyvault_id
azurerm_key_vault_secret.postgresql_database_name --> azurecaf_name.postgresql_flexible_server
azurerm_key_vault_secret.postgresql_database_name --> remote:keyvault_id
azurerm_key_vault_secret.postgresql_fqdn --> azurecaf_name.postgresql_flexible_server
azurerm_key_vault_secret.postgresql_fqdn --> azurerm_postgresql_flexible_server.postgresql
azurerm_key_vault_secret.postgresql_fqdn --> remote:keyvault_id
azurerm_postgresql_flexible_server.postgresql --> azurecaf_name.postgresql_flexible_server
azurerm_postgresql_flexible_server.postgresql --> azurerm_key_vault_secret.postgresql_administrator_password
azurerm_postgresql_flexible_server.postgresql --> remote:private_dns_zone_id
azurerm_postgresql_flexible_server.postgresql --> remote:subnet_id
azurerm_postgresql_flexible_server_active_directory_administrator.administrator --> azurerm_postgresql_flexible_server.postgresql
azurerm_postgresql_flexible_server_active_directory_administrator.administrator --> remote:azuread_groups
azurerm_postgresql_flexible_server_active_directory_administrator.administrator --> remote:azuread_users
azurerm_postgresql_flexible_server_active_directory_administrator.administrator --> remote:managed_identities
azurerm_postgresql_flexible_server_active_directory_administrator.administrator --> remote:service_principals
azurerm_postgresql_flexible_server_configuration.postgresql --> azurerm_postgresql_flexible_server.postgresql
azurerm_postgresql_flexible_server_configuration.postgresql --> time_sleep.server_configuration
azurerm_postgresql_flexible_server_database.postgresql --> azurecaf_name.postgresql_flexible_server_database
azurerm_postgresql_flexible_server_database.postgresql --> azurerm_postgresql_flexible_server.postgresql
azurerm_postgresql_flexible_server_firewall_rule.postgresql --> azurecaf_name.postgresql_flexible_server_firewall_rule
azurerm_postgresql_flexible_server_firewall_rule.postgresql --> azurerm_postgresql_flexible_server.postgresql
data.azurerm_key_vault_secret.postgresql_admin_password --> azurecaf_name.postgresql_flexible_server
data.azurerm_key_vault_secret.postgresql_admin_password --> remote:keyvault_id
module.diagnostics --> azurerm_postgresql_flexible_server.postgresql
module.diagnostics --> remote:diagnostics
module.private_endpoint --> azurerm_postgresql_flexible_server.postgresql
null_resource.create_pg_user --> azurerm_key_vault_secret.pg_user_password
null_resource.create_pg_user --> azurerm_postgresql_flexible_server.postgresql
null_resource.create_pg_user --> data.azurerm_key_vault_secret.postgresql_admin_password
null_resource.delete_pg_user --> azurerm_postgresql_flexible_server.postgresql
null_resource.delete_pg_user --> data.azurerm_key_vault_secret.postgresql_admin_password
null_resource.revoke_db_permissions --> azurerm_postgresql_flexible_server.postgresql
null_resource.revoke_db_permissions --> data.azurerm_key_vault_secret.postgresql_admin_password
null_resource.revoke_db_permissions --> null_resource.set_db_permissions
null_resource.set_db_permissions --> azurerm_postgresql_flexible_server.postgresql
null_resource.set_db_permissions --> data.azurerm_key_vault_secret.postgresql_admin_password
time_sleep.server_configuration --> azurerm_postgresql_flexible_server.postgresql
Module Reference¶
Category: databases
Path: modules/databases/postgresql_flexible_server
Azure Resources: azurecaf_name, azurerm_key_vault_secret, azurerm_postgresql_flexible_server, azurerm_postgresql_flexible_server_active_directory_administrator, azurerm_postgresql_flexible_server_configuration, azurerm_postgresql_flexible_server_database, azurerm_postgresql_flexible_server_firewall_rule, null_resource, random_password, time_sleep
Inputs¶
| Name | Description | Type | Required | Default | Validation |
|---|---|---|---|---|---|
"client_config" |
"Client configuration object (see module README.md)." | any |
no | {} |
- |
"global_settings" |
"Global settings object (see module README.md)" | any |
no | {} |
- |
"remote_objects" |
"Remote objects configuration." | any |
no | {} |
- |
"settings" |
"(Required) Used to handle passthrough parameters." | any |
no | {} |
- |
"resource_group" |
"Resource group object" | any |
yes | - |
- |
"base_tags" |
"Base tags for the resource to be inherited from the resource group." | bool |
yes | - |
- |
"vnets" |
any |
yes | - |
- | |
"private_endpoints" |
any |
yes | - |
- | |
"private_dns" |
any |
no | {} |
- |
Outputs¶
| Name | Description | Sensitive | Value |
|---|---|---|---|
"id" |
"ID of the PostgreSQL flexible server" | - | azurerm_postgresql_flexible_server.postgresql.id |
"location" |
"Azure Region where the resource exists" | - | local.location |
"postgresql_flexible_server_administrator_username" |
"Administrator username of PostgreSQL flexible server" | true | azurerm_postgresql_flexible_server.postgresql.administrator_login |
"postgresql_flexible_server_administrator_password" |
"Administrator password of PostgreSQL flexible server" | true | azurerm_postgresql_flexible_server.postgresql.administrator_password |
"postgresql_flexible_server_id" |
"ID of the PostgreSQL flexible server" | - | azurerm_postgresql_flexible_server.postgresql.id |
"postgresql_flexible_server_fqdn" |
"FQDN of the PostgreSQL flexible server" | - | azurerm_postgresql_flexible_server.postgresql.fqdn |
"postgresql_flexible_server_name" |
"Name of the PostgreSQL flexible server" | - | azurerm_postgresql_flexible_server.postgresql.name |
"postgresql_flexible_server_public_network_access_enabled" |
"Is public network access enabled?" | - | azurerm_postgresql_flexible_server.postgresql.public_network_access_enabled |
"postgresql_flexible_server_configuration_id" |
"ID of the PostgreSQL flexible server configuration" | - | {for k, v in azurerm_postgresql_flexible_server_configuration.postgresql : k => v.id} |
"postgresql_flexible_server_database_id" |
"ID of the PostgreSQL flexible server database" | - | {for k, v in azurerm_postgresql_flexible_server_database.postgresql : k => v.id} |
"postgresql_flexible_server_firewall_rule_id" |
"ID of the PostgreSQL flexible server firewall rule" | - | {for k, v in azurerm_postgresql_flexible_server_firewall_rule.postgresql : k => v.id} |
"postgresql_flexible_server_users" |
"IDs of the PostgreSQL flexible server users" | - | {for k, v in try(null_resource.create_pg_user, {}) : k => v.id} |
"postgresql_flexible_server_user_secret_ids" |
"IDs of the PostgreSQL user password secrets in Key Vault" | - | {for k, v in azurerm_key_vault_secret.pg_user_password : k => v.id} |
"resource_group_name" |
"Name of the Resource Group where the resource exists." | - | local.resource_group_name |
Sources¶
modules/databases/postgresql_flexible_server/configuration.tfmodules/databases/postgresql_flexible_server/database.tfmodules/databases/postgresql_flexible_server/db_permissions.tfmodules/databases/postgresql_flexible_server/db_users.tfmodules/databases/postgresql_flexible_server/diagnostics.tfmodules/databases/postgresql_flexible_server/firewall_rule.tfmodules/databases/postgresql_flexible_server/locals.tfmodules/databases/postgresql_flexible_server/locals_postgresql_users.tfmodules/databases/postgresql_flexible_server/main.tfmodules/databases/postgresql_flexible_server/outputs.tfmodules/databases/postgresql_flexible_server/private_endpoint.tfmodules/databases/postgresql_flexible_server/server.tfmodules/databases/postgresql_flexible_server/variables.tf