A Terraform module for deploying a PostgreSQL Flexible Server instance with private VNet integration.
Before deploying this module you will need to have:
- A VNet deployed with a subnet that is delegated to
Microsoft.DBforPostgreSQL/flexibleServers - The VNet ID for private DNS zone linking
This module creates a PostgreSQL Flexible Server with private-only access (no public endpoint). The database is accessible only from within the configured VNet.
For a working example you can take a look at our default vNet module we have for deploying a Snowplow Pipeline stack.
module "snowplow_db" {
source = "snowplow-devops/postgresql-server/azurerm"
name = "snowplow-db"
resource_group_name = var.resource_group_name
subnet_id = var.subnet_id_for_servers
vnet_id = var.vnet_id
db_name = var.db_name
db_username = var.db_username
db_password = var.db_password
}This module has been migrated from the deprecated azurerm_postgresql_server to azurerm_postgresql_flexible_server. Key changes:
- PostgreSQL version upgraded from 11 to 16 (default)
- SKU changed to B_Standard_B1ms (burstable, cost-optimized)
- Storage minimum increased to 32GB (from 10GB)
- Private VNet integration required (no public access mode)
- New required variable:
vnet_id - Subnet must be delegated to
Microsoft.DBforPostgreSQL/flexibleServers(not service endpoint) - Username format changed: no longer includes
@servernamesuffix
| Name | Version |
|---|---|
| terraform | >= 1.0.0 |
| azurerm | >= 3.58.0 |
| Name | Version |
|---|---|
| azurerm | >= 3.58.0 |
No modules.
| Name | Type |
|---|---|
| azurerm_postgresql_flexible_server.db | resource |
| azurerm_postgresql_flexible_server_database.db | resource |
| azurerm_private_dns_zone.postgres | resource |
| azurerm_private_dns_zone_virtual_network_link.postgres | resource |
| azurerm_resource_group.rg | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| db_name | The name of the database to create | string |
n/a | yes |
| db_password | The password of the administration user to create | string |
n/a | yes |
| db_username | The name of the administration user to create | string |
n/a | yes |
| name | A name which will be pre-pended to the resources created | string |
n/a | yes |
| resource_group_name | The name of the resource group to deploy the service into | string |
n/a | yes |
| subnet_id | The ID of a subnet to bind the database service into (must be delegated to 'Microsoft.DBforPostgreSQL/flexibleServers') | string |
n/a | yes |
| vnet_id | The ID of the VNet for private DNS zone linking | string |
n/a | yes |
| backup_retention_days | The number of days to retain backups | number |
7 |
no |
| max_allocated_storage_mb | The maximum size of the attached disk in MB (minimum 32768 for flexible server) | number |
32768 |
no |
| postgresql_version | The version of PostgreSQL to deploy | string |
"16" |
no |
| sku | The SKU of the server instance to deploy | string |
"B_Standard_B1ms" |
no |
| tags | The tags to append to this resource | map(string) |
{} |
no |
| Name | Description |
|---|---|
| db_host | The FQDN of the deployed database |
| db_name | The name of the default database created |
| db_password | The password to use when connecting to the database as the admin |
| db_port | The port to use when connecting to the database |
| db_username | The username to use when connecting to the database as the admin |
The Terraform Azurerm PostgreSQL server project is Copyright 2023-present Snowplow Analytics Ltd.
Licensed under the Snowplow Community License. (If you are uncertain how it applies to your use case, check our answers to frequently asked questions.)
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.