Skip to content

Module Banner

terraform-aws-arc-postgresql-mgmt

Module: sourcefuse/arc-postgresql-mgmt/aws

Registry: https://registry.terraform.io/modules/sourcefuse/arc-postgresql-mgmt/aws

Category: Database / Management

Source: https://github.com/sourcefuse/terraform-aws-arc-postgresql-mgmt

Latest Release Last Updated Terraform GitHub Actions

Quality gate

Overview

Manages PostgreSQL databases, roles, schemas, and grants on an existing RDS or Aurora PostgreSQL instance using the PostgreSQL Terraform provider.

What It Does

  • Database creation on existing PostgreSQL server
  • Role and user management with password rotation
  • Schema creation and ownership
  • Fine-grained privilege grants
  • Secrets Manager integration for credentials

Usage

required_providers { postgresql = { version = "~> 1.21" source = "cyrilgdn/postgresql" } aws = { version = "~> 5.0" source = "hashicorp/aws" } }

Quickstart

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
module "pg_mgmt" {
  source  = "sourcefuse/arc-postgresql-mgmt/aws"
  version = "1.0.0"

  db_host     = module.db.cluster_endpoint
  db_port     = 5432
  db_name     = "postgres"
  db_username = "admin"
  db_password = data.aws_secretsmanager_secret_version.db.secret_string

  databases = [{ name = "myapp_db" }]
  roles     = [{ name = "myapp_user", login = true }]
}

Required Inputs

Name Type Description
db_host string PostgreSQL host endpoint
db_port number PostgreSQL port
db_username string Admin username
db_password string Admin password
## Key Outputs
Name Description
database_names List of created database names
role_names List of created role names
## Full Variable & Output Reference

The complete inputs/outputs reference is auto-generated below.

Requirements

Name Version
terraform ~> 1.3, < 2.0.0
aws ~> 5.0, < 6.0
postgresql ~> 1.21

Providers

Name Version
aws 5.28.0
postgresql 1.21.0

Modules

No modules.

Resources

Name Type
aws_ssm_parameter.this resource
postgresql_database.pg_db resource
postgresql_default_privileges.pg_default_privileges resource
postgresql_role.pg_role resource
postgresql_schema.pg_schema resource

Inputs

Name Description Type Default Required
pg_roles A map of objects where each key-value pair represents a PostgreSQL role 
map(object({
    postgres_role_name = string
    login              = string
    password           = string
  }))
 n/a yes
pg_ssm_parameters postgresql SSM parameters 
map(object({
    name     = string
    type     = string
    password = string
  }))
 n/a yes
postgresql_database A map where each key-value pair represents a PostgreSQL database configuration 
map(object({
    db_name           = string
    db_owner          = string
    template          = optional(string, null)
    lc_collate        = optional(string, null)
    connection_limit  = optional(string, null)
    allow_connections = optional(string, null)
  }))
 n/a yes
postgresql_default_privileges configuration block for postgresql default privileges 
map(object({
    role        = string
    database    = string
    schema      = string
    owner       = string
    object_type = string
    privileges  = list(string)
  }))
 n/a yes
postgresql_schema configuration block for postgresql schema 
map(object({
    schema_name   = string
    schema_owner  = optional(string, null)
    database      = optional(string, null)
    if_not_exists = optional(string, null)
    drop_cascade  = optional(string, null)

    policy = optional(list(object({
      usage = optional(string, null)
      role  = optional(string, null)
    })), [])
  }))
 n/a yes

Outputs

Name Description
arn ARN of the parameter

Development

Prerequisites

Configurations

  • Configure pre-commit hooks
1
pre-commit install

Git commits

while Contributing or doing git commit please specify the breaking change in your commit message whether its major,minor or patch

For Example

1
git commit -m "your commit message #major"
By specifying this , it will bump the version and if you dont specify this in your commit message then by default it will consider patch and will bump that accordingly

Tests

  • Tests are available in test directory
  • Configure the dependencies
1
2
3
cd test
go mod init github.com/sourcefuse/terraform-aws-ref-arch-db
go get github.com/gruntwork-io/terratest/modules/terraform
  • Now execute the test
1
2
cd test/
go test

Contributing

See CONTRIBUTING.md for commit conventions and development setup.

Authors

This project is authored by:

  • SourceFuse ARC Team