// random password for the PostgreSql admin resource "random_password" "postgresql_admin_password" { length = 14 special = true override_special = "!#$%&*()-_=+[]{}<>:?" } // Flexible PostgreSql Server module "postgresql_flexible_server" { source = "../modules/postgresql_flexible_server" name = var.postgresql_flexible_server_name resource_group_name = var.resource_group_name location = var.location tags = var.tags postgresql_flexible_server_version = 16 administrator_login = "psqladmin" administrator_password = random_password.postgresql_admin_password.result sku_name = "GP_Standard_D2s_v3" backup_retention_days = 8 geo_redundant_backup_enabled = true zone = 3 high_availability_mode = "SameZone" # "ZoneRedundant" - Zoneredundant deploys are temporarily disabled in region West Europe, see readme.md in module standby_availability_zone = 3 storage_mb = 32768 storage_tier = "P6" public_network_access_enabled = false law_id = module.law.id } // Private DNS Zone Virtual Network Link module "psql_private_dns_zone_vnet_link" { source = "../../modules/private_dns_zone_virtual_network_link" name = "dpl-${lower(var.vnet_name)}" private_dns_zone_name = "privatelink.postgres.database.azure.com" virtual_network_id = data.azurerm_virtual_network.virtual_network.id resource_group_name = var.private_dns_zone_resource_group_name providers = { azurerm = azurerm.hub } } // Flexible PostgreSQL Server Private Endpoint module "postgresql_flexible_server_private_endpoint" { source = "../modules/private_endpoint_with_named_nic" name = "pep-${module.postgresql_flexible_server[0].name}" location = var.location resource_group_name = var.private_endpoint_resource_group_name subnet_id = data.azurerm_subnet.private_endpoint_subnet.id tags = var.tags private_connection_resource_id = module.postgresql_flexible_server[0].id is_manual_connection = false subresource_name = "postgresqlServer" private_dns_zone_group_name = "PostgresqlPrivateDnsZoneGroup" private_dns_zone_group_ids = [module.psql_private_dns_zone_vnet_link.private_dns_zone_id] ip_configurations = var.postgresql_flexible_server_private_endpoint_ip_configurations }