Add example for PostgreSQL Flexible Server Database

Author: neil-yechenwei

quickstart/201-postgresql-fs-db/main.tf

@@ -0,0 +1,100 @@
+terraform {
+  required_version = ">=1.0"
+
+  required_providers {
+    azurerm = {
+      source  = "hashicorp/azurerm"
+      version = "=2.95.0"
+    }
+  }
+}
+
+provider "azurerm" {
+  features {}
+}
+
+resource "azurerm_resource_group" "default" {
+  name     = "${var.name}-${var.environment}-rg"
+  location = var.location
+}
+
+resource "azurerm_virtual_network" "default" {
+  name                = "${var.name}-${var.environment}-vnet"
+  location            = azurerm_resource_group.default.location
+  resource_group_name = azurerm_resource_group.default.name
+  address_space       = ["10.0.0.0/16"]
+}
+
+resource "azurerm_network_security_group" "default" {
+  name                = "${var.name}-${var.environment}-nsg"
+  location            = azurerm_resource_group.default.location
+  resource_group_name = azurerm_resource_group.default.name
+
+  security_rule {
+    name                       = "test123"
+    priority                   = 100
+    direction                  = "Inbound"
+    access                     = "Allow"
+    protocol                   = "Tcp"
+    source_port_range          = "*"
+    destination_port_range     = "*"
+    source_address_prefix      = "*"
+    destination_address_prefix = "*"
+  }
+}
+
+resource "azurerm_subnet" "default" {
+  name                 = "${var.name}-${var.environment}-subnet"
+  virtual_network_name = azurerm_virtual_network.default.name
+  resource_group_name  = azurerm_resource_group.default.name
+  address_prefixes     = ["10.0.2.0/24"]
+  service_endpoints    = ["Microsoft.Storage"]
+
+  delegation {
+    name = "fs"
+
+    service_delegation {
+      name = "Microsoft.DBforPostgreSQL/flexibleServers"
+
+      actions = [
+        "Microsoft.Network/virtualNetworks/subnets/join/action",
+      ]
+    }
+  }
+}
+
+resource "azurerm_subnet_network_security_group_association" "default" {
+  subnet_id                 = azurerm_subnet.default.id
+  network_security_group_id = azurerm_network_security_group.default.id
+}
+
+resource "azurerm_private_dns_zone" "default" {
+  name                = "${var.name}-${var.environment}-pdz.postgres.database.azure.com"
+  resource_group_name = azurerm_resource_group.default.name
+
+  depends_on = [azurerm_subnet_network_security_group_association.default]
+}
+
+resource "azurerm_private_dns_zone_virtual_network_link" "default" {
+  name                  = "${var.name}-${var.environment}-pdzvnetlink.com"
+  private_dns_zone_name = azurerm_private_dns_zone.default.name
+  virtual_network_id    = azurerm_virtual_network.default.id
+  resource_group_name   = azurerm_resource_group.default.name
+}
+
+resource "azurerm_postgresql_flexible_server" "default" {
+  name                   = "${var.name}-${var.environment}-server"
+  resource_group_name    = azurerm_resource_group.default.name
+  location               = azurerm_resource_group.default.location
+  version                = "13"
+  delegated_subnet_id    = azurerm_subnet.default.id
+  private_dns_zone_id    = azurerm_private_dns_zone.default.id
+  administrator_login    = "adminTerraform"
+  administrator_password = "QAZwsx123"
+  zone                   = "1"
+  storage_mb             = 32768
+  sku_name               = "GP_Standard_D2s_v3"
+  backup_retention_days  = 7
+
+  depends_on = [azurerm_private_dns_zone_virtual_network_link.default]
+}

quickstart/201-postgresql-fs-db/postgresql-fs-db.tf

@@ -0,0 +1,6 @@
+resource "azurerm_postgresql_flexible_server_database" "default" {
+  name      = "${var.name}-${var.environment}-db"
+  server_id = azurerm_postgresql_flexible_server.default.id
+  collation = "en_US.UTF8"
+  charset   = "UTF8"
+}

quickstart/201-postgresql-fs-db/readme.md

@@ -0,0 +1,190 @@
+# Azure PostgreSQL Flexible Server Database
+
+This template deploys an [Azure PostgreSQL Flexible Server Database](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_database).
+
+## Resources
+
+| Terraform Resource Type | Description |
+| - | - |
+| `azurerm_resource_group` | The resource group all resources are deployed into |
+| `azurerm_virtual_network` | Manages the Azure Virtual Network including any configured subnets |
+| `azurerm_network_security_group` | Manages the Azure Network Security Group that contains a list of network security rules |
+| `azurerm_subnet` | Manages the Azure Subnet |
+| `azurerm_subnet_network_security_group_association` | Associates an Azure Network Security Group with an Azure Subnet within an Azure Virtual Network |
+| `azurerm_private_dns_zone` | Manages Azure Private DNS zones within Azure DNS  |
+| `azurerm_private_dns_zone_virtual_network_link` | Manages Private DNS zone Virtual Network Links |
+| `azurerm_postgresql_flexible_server` | The Azure PostgreSQL Flexible Server that the Azure PostgreSQL Flexible Server Database will run on |
+| `azurerm_postgresql_flexible_server_database` | The Azure PostgreSQL Flexible Server Database |
+
+## Variables
+
+| Name | Description |
+|-|-|
+| `name` | Name of the deployment |
+| `environment` | The depolyment environment name (used for postfixing resource names) |
+| `location` | The Azure Region to deploy these resources in |
+
+
+## Example
+
+```bash
+>terraform plan
+
+Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+  + create
+
+Terraform will perform the following actions:
+
+  # azurerm_network_security_group.default will be created
+  + resource "azurerm_network_security_group" "default" {
+      + id                  = (known after apply)
+      + location            = "westeurope"
+      + name                = "demo-postgresql-fs-dev-nsg"
+      + resource_group_name = "demo-postgresql-fs-dev-rg"
+      + security_rule       = [
+          + {
+              + access                                     = "Allow"
+              + description                                = ""
+              + destination_address_prefix                 = "*"
+              + destination_address_prefixes               = []
+              + destination_application_security_group_ids = []
+              + destination_port_range                     = "*"
+              + destination_port_ranges                    = []
+              + direction                                  = "Inbound"
+              + name                                       = "test123"
+              + priority                                   = 100
+              + protocol                                   = "Tcp"
+              + source_address_prefix                      = "*"
+              + source_address_prefixes                    = []
+              + source_application_security_group_ids      = []
+              + source_port_range                          = "*"
+              + source_port_ranges                         = []
+            },
+        ]
+    }
+
+  # azurerm_postgresql_flexible_server.default will be created
+  + resource "azurerm_postgresql_flexible_server" "default" {
+      + administrator_login           = "adminTerraform"
+      + administrator_password        = (sensitive value)
+      + backup_retention_days         = 7
+      + cmk_enabled                   = (known after apply)
+      + delegated_subnet_id           = (known after apply)
+      + fqdn                          = (known after apply)
+      + geo_redundant_backup_enabled  = false
+      + id                            = (known after apply)
+      + location                      = "westeurope"
+      + name                          = "demo-postgresql-fs-dev-server"
+      + private_dns_zone_id           = (known after apply)
+      + public_network_access_enabled = (known after apply)
+      + resource_group_name           = "demo-postgresql-fs-dev-rg"
+      + sku_name                      = "GP_Standard_D2s_v3"
+      + storage_mb                    = 32768
+      + version                       = "13"
+      + zone                          = "1"
+    }
+
+  # azurerm_postgresql_flexible_server_database.default will be created
+  + resource "azurerm_postgresql_flexible_server_database" "default" {
+      + charset   = "UTF8"
+      + collation = "en_US.UTF8"
+      + id        = (known after apply)
+      + name      = "demo-postgresql-fs-dev-db"
+      + server_id = (known after apply)
+    }
+
+  # azurerm_private_dns_zone.default will be created
+  + resource "azurerm_private_dns_zone" "default" {
+      + id                                                    = (known after apply)
+      + max_number_of_record_sets                             = (known after apply)
+      + max_number_of_virtual_network_links                   = (known after apply)
+      + max_number_of_virtual_network_links_with_registration = (known after apply)
+      + name                                                  = "demo-postgresql-fs-dev-pdz.postgres.database.azure.com"
+      + number_of_record_sets                                 = (known after apply)
+      + resource_group_name                                   = "demo-postgresql-fs-dev-rg"
+
+      + soa_record {
+          + email         = (known after apply)
+          + expire_time   = (known after apply)
+          + fqdn          = (known after apply)
+          + host_name     = (known after apply)
+          + minimum_ttl   = (known after apply)
+          + refresh_time  = (known after apply)
+          + retry_time    = (known after apply)
+          + serial_number = (known after apply)
+          + tags          = (known after apply)
+          + ttl           = (known after apply)
+        }
+    }
+
+  # azurerm_private_dns_zone_virtual_network_link.default will be created
+  + resource "azurerm_private_dns_zone_virtual_network_link" "default" {
+      + id                    = (known after apply)
+      + name                  = "demo-postgresql-fs-dev-pdzvnetlink.com"
+      + private_dns_zone_name = "demo-postgresql-fs-dev-pdz.postgres.database.azure.com"
+      + registration_enabled  = false
+      + resource_group_name   = "demo-postgresql-fs-dev-rg"
+      + virtual_network_id    = (known after apply)
+    }
+
+  # azurerm_resource_group.default will be created
+  + resource "azurerm_resource_group" "default" {
+      + id       = (known after apply)
+      + location = "westeurope"
+      + name     = "demo-postgresql-fs-dev-rg"
+    }
+
+  # azurerm_subnet.default will be created
+  + resource "azurerm_subnet" "default" {
+      + address_prefix                                 = (known after apply)
+      + address_prefixes                               = [
+          + "10.0.2.0/24",
+        ]
+      + enforce_private_link_endpoint_network_policies = false
+      + enforce_private_link_service_network_policies  = false
+      + id                                             = (known after apply)
+      + name                                           = "demo-postgresql-fs-dev-subnet"
+      + resource_group_name                            = "demo-postgresql-fs-dev-rg"
+      + service_endpoints                              = [
+          + "Microsoft.Storage",
+        ]
+      + virtual_network_name                           = "demo-postgresql-fs-dev-vnet"
+
+      + delegation {
+          + name = "fs"
+
+          + service_delegation {
+              + actions = [
+                  + "Microsoft.Network/virtualNetworks/subnets/join/action",
+                ]
+              + name    = "Microsoft.DBforPostgreSQL/flexibleServers"
+            }
+        }
+    }
+
+  # azurerm_subnet_network_security_group_association.default will be created
+  + resource "azurerm_subnet_network_security_group_association" "default" {
+      + id                        = (known after apply)
+      + network_security_group_id = (known after apply)
+      + subnet_id                 = (known after apply)
+    }
+
+  # azurerm_virtual_network.default will be created
+  + resource "azurerm_virtual_network" "default" {
+      + address_space         = [
+          + "10.0.0.0/16",
+        ]
+      + dns_servers           = (known after apply)
+      + guid                  = (known after apply)
+      + id                    = (known after apply)
+      + location              = "westeurope"
+      + name                  = "demo-postgresql-fs-dev-vnet"
+      + resource_group_name   = "demo-postgresql-fs-dev-rg"
+      + subnet                = (known after apply)
+      + vm_protection_enabled = false
+    }
+
+Plan: 9 to add, 0 to change, 0 to destroy.
+
+Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.
+```

quickstart/201-postgresql-fs-db/variables.tf

@@ -0,0 +1,11 @@
+variable "environment" {
+  default = "dev"
+}
+
+variable "name" {
+  default = "demo-postgresql-fs"
+}
+
+variable "location" {
+  default = "West Europe"
+}

quickstart/README.md

@@ -31,6 +31,7 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 - [Azure Kubernetes Service with ACR](./201-aks-acr-identity/)
 - [Azure virtual machine scale set with jumpbox](./201-vmss-jumpbox)
 - [Azure virtual machine scale set with jumpbox from Packer custom image](./201-vmss-packer-jumpbox)
+- [Azure PostgreSQL Flexible Server Database](./201-postgresql-fs-db)
 
 #### Advanced
 - [Azure Service Fabric](./301-service-fabric/)