2023-12-02 20:59:05 +00:00
|
|
|
resource "random_password" "password" {
|
|
|
|
|
length = 16
|
|
|
|
|
special = true
|
|
|
|
|
override_special = "$*()=+[]{}<>?"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "postgresql_role" "user" {
|
|
|
|
|
name = var.username
|
|
|
|
|
password = random_password.password.result
|
|
|
|
|
login = true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "postgresql_database" "database" {
|
|
|
|
|
name = var.database_name
|
|
|
|
|
template = "template0"
|
|
|
|
|
encoding = "UTF8"
|
|
|
|
|
lc_collate = var.collate
|
|
|
|
|
lc_ctype = var.ctype
|
|
|
|
|
connection_limit = -1
|
|
|
|
|
|
|
|
|
|
allow_connections = true
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
resource "postgresql_grant" "readonly_tables" {
|
|
|
|
|
database = postgresql_database.database.name
|
|
|
|
|
role = postgresql_role.user.name
|
|
|
|
|
schema = var.schema
|
|
|
|
|
object_type = "database"
|
|
|
|
|
privileges = var.privileges
|
|
|
|
|
}
|
2023-12-02 21:50:09 +00:00
|
|
|
|
|
|
|
|
resource "postgresql_grant" "grant_all_public_schema" {
|
|
|
|
|
database = postgresql_database.database.name
|
|
|
|
|
role = postgresql_role.user.name
|
|
|
|
|
object_type = "schema"
|
|
|
|
|
schema = var.schema
|
2023-12-03 12:03:59 +00:00
|
|
|
privileges = ["CREATE", "USAGE"]
|
2023-12-02 21:50:09 +00:00
|
|
|
}
|
