Terraform module: grant privileges on database

Module is used for granting privileges on particular specified databases.

Specs

Some variables have default values, thus could be omitted. Look at the description in Inputs section below.

Usage example

module "grant_on_some_db" {
  source = "github.com/antonvigo/pg-iac-grant-database"

  host = {
    host             = "pg.host.com"
    port             = 5432
    username         = "root"
    password         = "Password123"
  }

  database = {
    name  = "some_db"
    owner = "some_db_admin"
  }

  privileges      = ["CONNECT","CREATE"]
  group_role      = "new_group_role"
  make_admin_own  = false
  revoke_grants   = false

  depends_on = [module.last_existing_privileges_module_call]
}

It's strongly recommended to replace input constants with predefined variables containing corresponding values.
Even if empty list of privilegs is provided all possbile privileges will be granted. Same way for some other variables.

Requirements

Name	Version
terraform	>= 1.0.0
local	2.4.0
null	3.2.1

Providers

Name	Version
local	2.4.0
null	3.2.1

Modules

No modules.

Resources

Name	Type
local_file.rendered_script	resource
null_resource.drop_role	resource
null_resource.run_script	resource

Inputs

Name	Description	Type	Default	Required
database	Database to manage permissions at	object({ name = string, owner = string })	n/a	yes
group_role	Group role to be granted with specified privileges	`string`	`""`	no
host	RDS connection data	object({ host = string port = number username = string password = string })	n/a	yes
make_admin_own	Is it necessary to grant admin user to database owner role or not. It is in case of RDS, because standard root account isn't a superuser.	`bool`	`true`	no
privileges	Granted privileges, default value is 'ALL'. The value of 'ALL' can be specified	`list(string)`	[ "ALL" ]	no
revoke_grants	Revoke all grants which were provided by this module just before or not	`bool`	`false`	no

Outputs

Name	Description
grants_to_group	List of granted privileges for specified role
sql_script	Applied SQL script

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
.gitignore		.gitignore
.pre-commit-config.yaml		.pre-commit-config.yaml
README.md		README.md
destroy-script.sql.tpl		destroy-script.sql.tpl
main.tf		main.tf
outputs.tf		outputs.tf
script.sql.tpl		script.sql.tpl
variables.tf		variables.tf
versions.tf		versions.tf

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Terraform module: grant privileges on database

Specs

Usage example

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Releases

Packages

Languages

antonvigo/pg-iac-grant-database

Folders and files

Latest commit

History

Repository files navigation

Terraform module: grant privileges on database

Specs

Usage example

Requirements

Providers

Modules

Resources

Inputs

Outputs

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages