Important
This project is archived, which means that it's in read-only state; you can download and use this code, but please be aware that it may be buggy and may also contain security vulnerabilities. Some related work is being continued in the Common Cloud Controls Standard Project.
This terraform script provisions:
- azure postresql Single Server with a database
- private endpoint for postgresql server
Prerequisites:
- VNet and Subnet already provisioned in Resource Group.
All variable are set in terraform.tfvars these should be changed for each application team.
Variables that would need to change are marked as <change-me>.
More detail on each variable can be found in the Inputs section below
As we are using a private endpoint with the postgres server to securely connect from on-prem, the fully qualified domain name will not be reachable until a dns record is set for it. (This is the same process as for the storage account).
Meanwhile the private ip can be used to connect. The private ip is an output from the terraform module, but it can also be looked up in th portal under the private endpoint resource.
To connect you can use your favorite IDE, SQL tool or command line.
Username: <username>@<postgres-server-name>
Password: <password>
Hostname: <postgres-private-ip>:5432/<database-name>?sslmode=require&ssl=true
Port: THIS IS EMPTY
| Name | Version | 
|---|---|
| azurerm | 2.7.0 | 
This terraform module produces blah
module "iam" {
  source  = "terraform-aws-modules/iam/aws"
  version = "5.3.0"
}No providers.
| Name | Version | 
|---|---|
| azurerm | =2.7.0 | 
| Name | Description | Type | Default | Required | 
|---|---|---|---|---|
| auto_grow_enabled | Enable auto grow for Azure postgres | bool | n/a | yes | 
| backup_retention_days | Number of days to retain backups | number | n/a | yes | 
| database_login | Login for the database | string | n/a | yes | 
| database_name | Name for database in postgres | string | n/a | yes | 
| database_password | Password for the database | string | n/a | yes | 
| geo_redundent_enabled | Enable geo redundency for Azure postgres | bool | n/a | yes | 
| postgres_location | Location of postgres server | string | n/a | yes | 
| postgres_name | Name for postgres server | string | n/a | yes | 
| postgres_resource_group_location | Resource group location for potgresql server | string | n/a | yes | 
| postgres_resource_group_name | Resource group name for potgresql server | string | n/a | yes | 
| postgres_resource_group_tags | Resource group tags for potgresql server | map(any) | n/a | yes | 
| postgres_tags | n/a | map(any) | n/a | yes | 
| postgres_version | Version for postgres server | string | n/a | yes | 
| private_endpoint_location | Location for privete endpoint | string | n/a | yes | 
| private_endpoint_name | Private endpoint name | string | n/a | yes | 
| private_service_connection_name | Private service connection name | string | n/a | yes | 
| sku_name | Postres sku name (GP_Gen5_2) | string | n/a | yes | 
| storagemb | Database storage in megabytes | string | n/a | yes | 
| subnet_name | n/a | string | n/a | yes | 
| vnet_name | Target vnet name | string | n/a | yes | 
| vnet_resource_group_name | Target resource group for vnet | string | n/a | yes | 
| Name | Description | 
|---|---|
| dbname | n/a | 
| postgres_private_ip | n/a | 
| server_fqdn | n/a | 
| server_name | n/a | 
| username | n/a | 
No resources.
OS X & Linux:
npm install my-crazy-module --saveWindows:
edit autoexec.batDescribe how to install all development dependencies and how to run an automated test-suite of some kind. Potentially do this for multiple platforms.
make install
npm testList the roadmap steps; alternatively link the Confluence Wiki page where the project roadmap is published.
- Item 1
- Item 2
- ....
- Fork it (https://github.com/finos/cfi-terraform-template-child-module/fork)
- Create your feature branch (git checkout -b feature/fooBar)
- Read our contribution guidelines and Community Code of Conduct
- Commit your changes (git commit -am 'Add some fooBar')
- Push to the branch (git push origin feature/fooBar)
- Create a new Pull Request
_NOTE:_ Commits and pull requests to FINOS repositories will only be accepted from those contributors with an active, executed Individual Contributor License Agreement (ICLA) with FINOS OR who are covered under an existing and active Corporate Contribution License Agreement (CCLA) executed with FINOS. Commits from individuals not covered under an ICLA or CCLA will be flagged and blocked by the FINOS Clabot tool (or EasyCLA). Please note that some CCLAs require individuals/employees to be explicitly named on the CCLA.
Need an ICLA? Unsure if you are covered under an existing CCLA? Email [email protected]
Copyright 2022 FINOS
Distributed under the Apache License, Version 2.0.
SPDX-License-Identifier: Apache-2.0