From 010ac595c1bf217d84e1668de0a27dc3b6fd1a79 Mon Sep 17 00:00:00 2001 From: Florian Heuer Date: Tue, 16 Dec 2025 13:51:14 +0100 Subject: [PATCH 1/2] build and use local map of username to dbname --- postgres/outputs.tf | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/postgres/outputs.tf b/postgres/outputs.tf index e846bfb..bf89a2a 100644 --- a/postgres/outputs.tf +++ b/postgres/outputs.tf @@ -3,6 +3,14 @@ output "postgres_instance_id" { value = stackit_postgresflex_instance.this.instance_id } +locals { + # Build a map: username => db_name + user_to_db = { + for db in var.postgres_databases : + db.user_name => db.db_name + } +} + # Postgres Credential Output output "postgres_credentials" { value = { @@ -12,9 +20,9 @@ output "postgres_credentials" { username = u.username password = u.password port = u.port - db_name = stackit_postgresflex_database.this[u.username].name + db_name = stackit_postgresflex_database.this[local.user_to_db[u.username]].name uri = u.uri } } sensitive = true -} \ No newline at end of file +} From 4c5496879358ef8c8a961d92ec5658055bc46894 Mon Sep 17 00:00:00 2001 From: Florian Heuer Date: Tue, 16 Dec 2025 13:52:39 +0100 Subject: [PATCH 2/2] add validation for uniqueness of username and dbname --- postgres/variables.tf | 28 ++++++++++++++++++++++------ 1 file changed, 22 insertions(+), 6 deletions(-) diff --git a/postgres/variables.tf b/postgres/variables.tf index 886fd59..f1906fa 100644 --- a/postgres/variables.tf +++ b/postgres/variables.tf @@ -55,10 +55,26 @@ variable "postgres_instance_region" { # Postgres User and DB Configs variable "postgres_databases" { - description = "list of users and databases" - type = list(object({ - db_name = string # db name inside the instance - user_name = string # username and owner for postgres db - user_roles = list(string) # List of database access levels for the user. Supported values are: login, createdb. + description = "list of users and databases" + type = list(object({ + db_name = string # db name inside the instance + user_name = string # username and owner for postgres db + user_roles = list(string) # List of database access levels for the user. Supported values are: login, createdb. })) -} \ No newline at end of file + + # ----------------------------------------------------------------- + # Validation: each db_name must be unique + # ----------------------------------------------------------------- + validation { + condition = length(distinct([for db in var.postgres_databases : db.db_name])) == length(var.postgres_databases) + error_message = "Each db_name must be unique." + } + + # ----------------------------------------------------------------- + # Validation: each user_name must be unique + # ----------------------------------------------------------------- + validation { + condition = length(distinct([for db in var.postgres_databases : db.user_name])) == length(var.postgres_databases) + error_message = "Each user_name must be unique." + } +}