postgres-provisionning/generic-database/database.tf

38 lines
986 B
HCL

resource "random_password" "password" {
length = 16
special = true
override_special = "$*()=+[]{}<>?"
}
resource "postgresql_role" "user" {
name = var.username
password = random_password.password.result
login = true
}
resource "postgresql_database" "database" {
name = var.database_name
template = "template0"
encoding = "UTF8"
lc_collate = var.collate
lc_ctype = var.ctype
connection_limit = -1
allow_connections = true
}
resource "postgresql_grant" "readonly_tables" {
database = postgresql_database.database.name
role = postgresql_role.user.name
schema = var.schema
object_type = "database"
privileges = var.privileges
}
resource "postgresql_grant" "grant_all_public_schema" {
database = postgresql_database.database.name
role = postgresql_role.user.name
object_type = "schema"
schema = var.schema
privileges = ["CREATE", "USAGE"]
}