terraform-postgres-config-dbs-users-roles/variables.tf at main · masterpointio/terraform-postgres-config-dbs-users-roles · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
variable "databases" {
  type = list(object({
    name             = string
    connection_limit = optional(number)
  }))
  default     = []
  description = "The logical database to create and configure"
}

variable "roles" {
  type = list(object({
    role = object({
      # See defaults: https://registry.terraform.io/providers/cyrilgdn/postgresql/latest/docs/resources/postgresql_role
      name                      = string
      superuser                 = optional(bool)
      create_database           = optional(bool)
      create_role               = optional(bool)
      inherit                   = optional(bool)
      login                     = optional(bool)
      replication               = optional(bool)
      bypass_row_level_security = optional(bool)
      connection_limit          = optional(number)
      encrypted_password        = optional(bool)
      password                  = optional(string)
      roles                     = optional(list(string))
      search_path               = optional(list(string))
      valid_until               = optional(string)
      skip_drop_role            = optional(bool)
      skip_reassign_owned       = optional(bool)
      statement_timeout         = optional(number)
      assume_role               = optional(string)
    })
    default_privileges = optional(list(object({
      role        = string
      database    = string
      schema      = string
      owner       = string
      object_type = string
      privileges  = list(string)
    })))
    database_grants = optional(object({
      role        = string
      database    = string
      object_type = string
      privileges  = list(string)
    }))
    schema_grants = optional(object({
      role        = string
      database    = string
      schema      = string
      object_type = string
      privileges  = list(string)
    }))
    sequence_grants = optional(object({
      role        = string
      database    = string
      schema      = string
      object_type = string
      objects     = list(string)
      privileges  = list(string)
    }))
    table_grants = optional(object({
      role        = string
      database    = string
      schema      = string
      object_type = string
      objects     = list(string)
      privileges  = list(string)
    }))
  }))
  default     = []
  description = "List of static postgres roles to create and related permissions. These are for applications that use static credentials and don't use IAM DB Auth. See defaults: https://registry.terraform.io/providers/cyrilgdn/postgresql/latest/docs/resources/postgresql_role"
}