From 2cade4eba27bc2e4a3873f59d551428afff50c58 Mon Sep 17 00:00:00 2001 From: Michael Messmer Date: Mon, 8 Sep 2025 16:00:13 +0200 Subject: [PATCH] finalize changes --- postgres/outputs.tf | 43 +++-------------------------- postgres/readme.md | 67 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+), 39 deletions(-) create mode 100644 postgres/readme.md diff --git a/postgres/outputs.tf b/postgres/outputs.tf index aa7b509..e846bfb 100644 --- a/postgres/outputs.tf +++ b/postgres/outputs.tf @@ -1,44 +1,9 @@ # Postgres Instance Output -# output "postgres_instance_id" { -# value = stackit_postgresflex_instance.this.instance_id -# } - -# Postgres Database Output -# output "postgres_database_id" { -# value = stackit_postgresflex_database.this.database_id -# } - -# Postgres User Output -# output "postgres_host" { -# value = stackit_postgresflex_user.this.host -# } - -# output "postgres_password" { -# value = stackit_postgresflex_user.this.password -# sensitive = true -# } - -# output "postgres_user" { -# value = stackit_postgresflex_user.this.username -# } - -# output "postgres_port" { -# value = stackit_postgresflex_user.this.port -# } - -# output "postgres_db_name" { -# value = stackit_postgresflex_database.this.name -# } - -# output "postgres_uri" { -# value = stackit_postgresflex_user.this.uri -# sensitive = true -# } - -# output "postgres_user_id" { -# value = stackit_postgresflex_user.this.user_id -# } +output "postgres_instance_id" { + value = stackit_postgresflex_instance.this.instance_id +} +# Postgres Credential Output output "postgres_credentials" { value = { for k, u in stackit_postgresflex_user.this : diff --git a/postgres/readme.md b/postgres/readme.md new file mode 100644 index 0000000..d6635c0 --- /dev/null +++ b/postgres/readme.md @@ -0,0 +1,67 @@ +# Module for creating Postgres Flex Instance with Databases and Users + +## Example + +```main.tf + +# Postgres Flex Instance +module "postgres-flex" { + source = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//postgres?ref=main + stackit_project_id = local.stackit_project_id + postgres_instance_name = "example-db" + postgres_instance_replicas = 1 + postgres_instance_storage = { + class = "premium-perf2-stackit" + size = 5 + } + + postgres_instance_flavor = { + cpu = 2 + ram = 4 + } + + postgres_instance_acl = [ + "193.148.160.0/19", + "45.129.40.0/21" + ] + + postgres_instance_backup_schedule = "00 02 * * *" + postgres_instance_version = "17" + postgres_instance_region = "eu01" + + postgres_databases = [ + { + db_name = "database-a" + user_name = "user-a" + user_roles = ["createdb", "login"] + }, + { + db_name = "database-b" + user_name = "user-b" + user_roles = ["createdb", "login"] + }, + ] +} + +# safe credentials +module "postgres-credentials-sm-a" { + source = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//create-secret?ref=main" + secret_manager_instance_id = local.secret_manager_instance_id + secret_manager_username = var.secret_manager_username + secret_manager_password = var.secret_manager_password + + secrets_path = "service-a/postgres" + secret_data = module.postgres-flex.postgres_credentials["user-a"] +} + +module "postgres-credentials-sm-b" { + source = "git::https://commerce-platform.git.onstackit.cloud/commerce-platform-public/terraform-modules//create-secret?ref=main" + secret_manager_instance_id = local.secret_manager_instance_id + secret_manager_username = var.secret_manager_username + secret_manager_password = var.secret_manager_password + + secrets_path = "service-b/postgres" + secret_data = module.postgres-flex.postgres_credentials["user-b"] +} + +``` \ No newline at end of file