1. Docs
2. Reference
3. API
4. @pulumi/postgresql

Package @pulumi/postgresql

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-postgresql repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-postgresql repo.

var postgresql = require("@pulumi/postgresql");

import * as postgresql from "@pulumi/postgresql";

Modules

• config
• types

Resources

• Database
• DefaultPrivileg
• DefaultPrivileges
• Extension
• Grant
• Provider
• Role
• Schema

Others

• DatabaseArgs
• DatabaseState
• DefaultPrivilegArgs
• DefaultPrivilegesArgs
• DefaultPrivilegesState
• DefaultPrivilegState
• ExtensionArgs
• ExtensionState
• getEnv
• getEnvBoolean
• getEnvNumber
• getVersion
• GrantArgs
• GrantState
• ProviderArgs
• RoleArgs
• RoleState
• SchemaArgs
• SchemaState

Resources

Resource Database

class Database extends CustomResource

The postgresql..Database resource creates and manages database objects within a PostgreSQL server instance.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const myDb = new postgresql.Database("myDb", {
    allowConnections: true,
    connectionLimit: -1,
    lcCollate: "C",
    owner: "myRole",
    template: "template0",
});

constructor

new Database(name: string, args?: DatabaseArgs, opts?: pulumi.CustomResourceOptions)

Create a Database resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DatabaseState, opts?: pulumi.CustomResourceOptions): Database

Get an existing Database resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Database

Returns true if the given object is an instance of Database. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allowConnections

public allowConnections: pulumi.Output<boolean | undefined>;

If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

property connectionLimit

public connectionLimit: pulumi.Output<number | undefined>;

How many concurrent connections can be established to this database. -1 (the default) means no limit.

property encoding

public encoding: pulumi.Output<string>;

Character set encoding to use in the new database

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property isTemplate

public isTemplate: pulumi.Output<boolean>;

If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

property lcCollate

public lcCollate: pulumi.Output<string>;

Collation order (LC_COLLATE) to use in the new database

property lcCtype

public lcCtype: pulumi.Output<string>;

Character classification (LC_CTYPE) to use in the new database

property name

public name: pulumi.Output<string>;

The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

property owner

public owner: pulumi.Output<string>;

The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

property tablespaceName

public tablespaceName: pulumi.Output<string>;

The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

property template

public template: pulumi.Output<string>;

The name of the template from which to create the new database

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource DefaultPrivileg

class DefaultPrivileg extends CustomResource

constructor

new DefaultPrivileg(name: string, args: DefaultPrivilegArgs, opts?: pulumi.CustomResourceOptions)

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultPrivilegState, opts?: pulumi.CustomResourceOptions): DefaultPrivileg

Get an existing DefaultPrivileg resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is DefaultPrivileg

Returns true if the given object is an instance of DefaultPrivileg. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property database

public database: pulumi.Output<string>;

The database to grant default privileges for this role

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property objectType

public objectType: pulumi.Output<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence)

property owner

public owner: pulumi.Output<string>;

Target role for which to alter default privileges.

property privileges

public privileges: pulumi.Output<string[]>;

The list of privileges to apply as default privileges

property role

public role: pulumi.Output<string>;

The name of the role to which grant default privileges on

property schema

public schema: pulumi.Output<string>;

The database schema to set default privileges for this role

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource DefaultPrivileges

class DefaultPrivileges extends CustomResource

The postgresql..DefaultPrivileges resource creates and manages default privileges given to a user for a database schema.

Note: This resource needs Postgresql version 9 or above.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const readOnlyTables = new postgresql.DefaultPrivileges("readOnlyTables", {
    database: "testDb",
    objectType: "table",
    owner: "dbOwner",
    privileges: ["SELECT"],
    role: "testRole",
    schema: "public",
});

constructor

new DefaultPrivileges(name: string, args: DefaultPrivilegesArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultPrivileges resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultPrivilegesState, opts?: pulumi.CustomResourceOptions): DefaultPrivileges

Get an existing DefaultPrivileges resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is DefaultPrivileges

Returns true if the given object is an instance of DefaultPrivileges. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property database

public database: pulumi.Output<string>;

The database to grant default privileges for this role.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property objectType

public objectType: pulumi.Output<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence).

property owner

public owner: pulumi.Output<string>;

Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

property privileges

public privileges: pulumi.Output<string[]>;

The list of privileges to apply as default privileges.

property role

public role: pulumi.Output<string>;

The name of the role to which grant default privileges on.

property schema

public schema: pulumi.Output<string>;

The database schema to set default privileges for this role.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Extension

class Extension extends CustomResource

The postgresql..Extension resource creates and manages an extension on a PostgreSQL server.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const myExtension = new postgresql.Extension("myExtension", {});

constructor

new Extension(name: string, args?: ExtensionArgs, opts?: pulumi.CustomResourceOptions)

Create a Extension resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExtensionState, opts?: pulumi.CustomResourceOptions): Extension

Get an existing Extension resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Extension

Returns true if the given object is an instance of Extension. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property database

public database: pulumi.Output<string>;

Which database to create the extension on. Defaults to provider database.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

The name of the extension.

property schema

public schema: pulumi.Output<string>;

Sets the schema of an extension.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<string>;

Sets the version number of the extension.

Resource Grant

class Grant extends CustomResource

The postgresql..Grant resource creates and manages privileges given to a user for a database schema.

Note: This resource needs Postgresql version 9 or above.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const readonlyTables = new postgresql.Grant("readonlyTables", {
    database: "testDb",
    objectType: "table",
    privileges: ["SELECT"],
    role: "testRole",
    schema: "public",
});

constructor

new Grant(name: string, args: GrantArgs, opts?: pulumi.CustomResourceOptions)

Create a Grant resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GrantState, opts?: pulumi.CustomResourceOptions): Grant

Get an existing Grant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Grant

Returns true if the given object is an instance of Grant. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property database

public database: pulumi.Output<string>;

The database to grant privileges on for this role.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property objectType

public objectType: pulumi.Output<string>;

The PostgreSQL object type to grant the privileges on (one of: table, sequence).

property privileges

public privileges: pulumi.Output<string[]>;

The list of privileges to grant.

property role

public role: pulumi.Output<string>;

The name of the role to grant privileges on.

property schema

public schema: pulumi.Output<string | undefined>;

The database schema to grant privileges on for this role.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property withGrantOption

public withGrantOption: pulumi.Output<boolean | undefined>;

Permit the grant recipient to grant it to others

Resource Provider

class Provider extends ProviderResource

The provider type for the postgresql package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

constructor

new Provider(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions)

Create a Provider resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Provider

Returns true if the given object is an instance of Provider. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

method register

static register(provider: ProviderResource | undefined): Promise<string | undefined>

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Role

class Role extends CustomResource

The postgresql..Role resource creates and manages a role on a PostgreSQL server.

When a postgresql..Role resource is removed, the PostgreSQL ROLE will automatically run a REASSIGN OWNED and DROP OWNED to the CURRENT_USER (normally the connected user for the provider). If the specified PostgreSQL ROLE owns objects in multiple PostgreSQL databases in the same PostgreSQL Cluster, one PostgreSQL provider per database must be created and all but the final postgresql..Role must specify a skipDropRole.

Note: All arguments including role name and password will be stored in the raw state as plain-text. Read more about sensitive data in state.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const myRole = new postgresql.Role("myRole", {
    login: true,
    password: "mypass",
});
const myReplicationRole = new postgresql.Role("myReplicationRole", {
    connectionLimit: 5,
    login: true,
    password: "md5c98cbfeb6a347a47eb8e96cfb4c4b890",
    replication: true,
});

constructor

new Role(name: string, args?: RoleArgs, opts?: pulumi.CustomResourceOptions)

Create a Role resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleState, opts?: pulumi.CustomResourceOptions): Role

Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Role

Returns true if the given object is an instance of Role. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bypassRowLevelSecurity

public bypassRowLevelSecurity: pulumi.Output<boolean | undefined>;

Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

property connectionLimit

public connectionLimit: pulumi.Output<number | undefined>;

If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

property createDatabase

public createDatabase: pulumi.Output<boolean | undefined>;

Defines a role’s ability to execute CREATE DATABASE. Default value is false.

property createRole

public createRole: pulumi.Output<boolean | undefined>;

Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

property encrypted

public encrypted: pulumi.Output<string | undefined>;

property encryptedPassword

public encryptedPassword: pulumi.Output<boolean | undefined>;

Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s passwordEncryption setting.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property inherit

public inherit: pulumi.Output<boolean | undefined>;

Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

property login

public login: pulumi.Output<boolean | undefined>;

Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

property name

public name: pulumi.Output<string>;

The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

property password

public password: pulumi.Output<string | undefined>;

Sets the role’s password. A password is only of use for roles having the login attribute set to true.

property replication

public replication: pulumi.Output<boolean | undefined>;

Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

property roles

public roles: pulumi.Output<string[] | undefined>;

Defines list of roles which will be granted to this new role.

property searchPaths

public searchPaths: pulumi.Output<string[] | undefined>;

Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

property skipDropRole

public skipDropRole: pulumi.Output<boolean | undefined>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

property skipReassignOwned

public skipReassignOwned: pulumi.Output<boolean | undefined>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).

property statementTimeout

public statementTimeout: pulumi.Output<number | undefined>;

Defines statementTimeout setting for this role which allows to abort any statement that takes more than the specified amount of time.

property superuser

public superuser: pulumi.Output<boolean | undefined>;

Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property validUntil

public validUntil: pulumi.Output<string | undefined>;

Defines the date and time after which the role’s password is no longer valid. Established connections past this validTime will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, validUntil will be set to infinity. Default is NULL, therefore infinity.

Resource Schema

class Schema extends CustomResource

The postgresql..Schema resource creates and manages schema objects within a PostgreSQL database.

Usage

import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";

const appWww = new postgresql.Role("appWww", {});
const appDba = new postgresql.Role("appDba", {});
const appReleng = new postgresql.Role("appReleng", {});
const mySchema = new postgresql.Schema("mySchema", {
    owner: "postgres",
    policies: [
        {
            role: appWww.name,
            usage: true,
        },
        // appReleng can create new objects in the schema.  This is the role that
        // migrations are executed as.
        {
            create: true,
            role: appReleng.name,
            usage: true,
        },
        {
            createWithGrant: true,
            role: appDba.name,
            usageWithGrant: true,
        },
    ],
});

constructor

new Schema(name: string, args?: SchemaArgs, opts?: pulumi.CustomResourceOptions)

Create a Schema resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SchemaState, opts?: pulumi.CustomResourceOptions): Schema

Get an existing Schema resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Schema

Returns true if the given object is an instance of Schema. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property database

public database: pulumi.Output<string>;

The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

property dropCascade

public dropCascade: pulumi.Output<boolean | undefined>;

When true, will also drop all the objects that are contained in the schema. (Default: false)

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ifNotExists

public ifNotExists: pulumi.Output<boolean | undefined>;

When true, use the existing schema if it exists. (Default: true)

property name

public name: pulumi.Output<string>;

The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

property owner

public owner: pulumi.Output<string>;

The ROLE who owns the schema.

property policies

public policies: pulumi.Output<SchemaPolicy[]>;

Can be specified multiple times for each policy. Each policy block supports fields documented below.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Others

interface DatabaseArgs

interface DatabaseArgs

The set of arguments for constructing a Database resource.

property allowConnections

allowConnections?: pulumi.Input<boolean>;

If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

property connectionLimit

connectionLimit?: pulumi.Input<number>;

How many concurrent connections can be established to this database. -1 (the default) means no limit.

property encoding

encoding?: pulumi.Input<string>;

Character set encoding to use in the new database

property isTemplate

isTemplate?: pulumi.Input<boolean>;

If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

property lcCollate

lcCollate?: pulumi.Input<string>;

Collation order (LC_COLLATE) to use in the new database

property lcCtype

lcCtype?: pulumi.Input<string>;

Character classification (LC_CTYPE) to use in the new database

property name

name?: pulumi.Input<string>;

The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

property owner

owner?: pulumi.Input<string>;

The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

property tablespaceName

tablespaceName?: pulumi.Input<string>;

The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

property template

template?: pulumi.Input<string>;

The name of the template from which to create the new database

interface DatabaseState

interface DatabaseState

Input properties used for looking up and filtering Database resources.

property allowConnections

allowConnections?: pulumi.Input<boolean>;

If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

property connectionLimit

connectionLimit?: pulumi.Input<number>;

How many concurrent connections can be established to this database. -1 (the default) means no limit.

property encoding

encoding?: pulumi.Input<string>;

Character set encoding to use in the new database

property isTemplate

isTemplate?: pulumi.Input<boolean>;

If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

property lcCollate

lcCollate?: pulumi.Input<string>;

Collation order (LC_COLLATE) to use in the new database

property lcCtype

lcCtype?: pulumi.Input<string>;

Character classification (LC_CTYPE) to use in the new database

property name

name?: pulumi.Input<string>;

The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

property owner

owner?: pulumi.Input<string>;

The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

property tablespaceName

tablespaceName?: pulumi.Input<string>;

The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

property template

template?: pulumi.Input<string>;

The name of the template from which to create the new database

interface DefaultPrivilegArgs

interface DefaultPrivilegArgs

The set of arguments for constructing a DefaultPrivileg resource.

property database

database: pulumi.Input<string>;

The database to grant default privileges for this role

property objectType

objectType: pulumi.Input<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence)

property owner

owner: pulumi.Input<string>;

Target role for which to alter default privileges.

property privileges

privileges: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to apply as default privileges

property role

role: pulumi.Input<string>;

The name of the role to which grant default privileges on

property schema

schema: pulumi.Input<string>;

The database schema to set default privileges for this role

interface DefaultPrivilegesArgs

interface DefaultPrivilegesArgs

The set of arguments for constructing a DefaultPrivileges resource.

property database

database: pulumi.Input<string>;

The database to grant default privileges for this role.

property objectType

objectType: pulumi.Input<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence).

property owner

owner: pulumi.Input<string>;

Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

property privileges

privileges: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to apply as default privileges.

property role

role: pulumi.Input<string>;

The name of the role to which grant default privileges on.

property schema

schema: pulumi.Input<string>;

The database schema to set default privileges for this role.

interface DefaultPrivilegesState

interface DefaultPrivilegesState

Input properties used for looking up and filtering DefaultPrivileges resources.

property database

database?: pulumi.Input<string>;

The database to grant default privileges for this role.

property objectType

objectType?: pulumi.Input<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence).

property owner

owner?: pulumi.Input<string>;

Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

property privileges

privileges?: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to apply as default privileges.

property role

role?: pulumi.Input<string>;

The name of the role to which grant default privileges on.

property schema

schema?: pulumi.Input<string>;

The database schema to set default privileges for this role.

interface DefaultPrivilegState

interface DefaultPrivilegState

Input properties used for looking up and filtering DefaultPrivileg resources.

property database

database?: pulumi.Input<string>;

The database to grant default privileges for this role

property objectType

objectType?: pulumi.Input<string>;

The PostgreSQL object type to set the default privileges on (one of: table, sequence)

property owner

owner?: pulumi.Input<string>;

Target role for which to alter default privileges.

property privileges

privileges?: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to apply as default privileges

property role

role?: pulumi.Input<string>;

The name of the role to which grant default privileges on

property schema

schema?: pulumi.Input<string>;

The database schema to set default privileges for this role

interface ExtensionArgs

interface ExtensionArgs

The set of arguments for constructing a Extension resource.

property database

database?: pulumi.Input<string>;

Which database to create the extension on. Defaults to provider database.

property name

name?: pulumi.Input<string>;

The name of the extension.

property schema

schema?: pulumi.Input<string>;

Sets the schema of an extension.

property version

version?: pulumi.Input<string>;

Sets the version number of the extension.

interface ExtensionState

interface ExtensionState

Input properties used for looking up and filtering Extension resources.

property database

database?: pulumi.Input<string>;

Which database to create the extension on. Defaults to provider database.

property name

name?: pulumi.Input<string>;

The name of the extension.

property schema

schema?: pulumi.Input<string>;

Sets the schema of an extension.

property version

version?: pulumi.Input<string>;

Sets the version number of the extension.

function getEnv

getEnv(vars: string[]): string | undefined

function getEnvBoolean

getEnvBoolean(vars: string[]): boolean | undefined

function getEnvNumber

getEnvNumber(vars: string[]): number | undefined

function getVersion

getVersion(): string

interface GrantArgs

interface GrantArgs

The set of arguments for constructing a Grant resource.

property database

database: pulumi.Input<string>;

The database to grant privileges on for this role.

property objectType

objectType: pulumi.Input<string>;

The PostgreSQL object type to grant the privileges on (one of: table, sequence).

property privileges

privileges: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to grant.

property role

role: pulumi.Input<string>;

The name of the role to grant privileges on.

property schema

schema?: pulumi.Input<string>;

The database schema to grant privileges on for this role.

property withGrantOption

withGrantOption?: pulumi.Input<boolean>;

Permit the grant recipient to grant it to others

interface GrantState

interface GrantState

Input properties used for looking up and filtering Grant resources.

property database

database?: pulumi.Input<string>;

The database to grant privileges on for this role.

property objectType

objectType?: pulumi.Input<string>;

The PostgreSQL object type to grant the privileges on (one of: table, sequence).

property privileges

privileges?: pulumi.Input<pulumi.Input<string>[]>;

The list of privileges to grant.

property role

role?: pulumi.Input<string>;

The name of the role to grant privileges on.

property schema

schema?: pulumi.Input<string>;

The database schema to grant privileges on for this role.

property withGrantOption

withGrantOption?: pulumi.Input<boolean>;

Permit the grant recipient to grant it to others

interface ProviderArgs

interface ProviderArgs

The set of arguments for constructing a Provider resource.

property clientcert

clientcert?: pulumi.Input<ProviderClientcert>;

SSL client certificate if required by the database.

property connectTimeout

connectTimeout?: pulumi.Input<number>;

Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.

property database

database?: pulumi.Input<string>;

The name of the database to connect to in order to conenct to (defaults to postgres).

property databaseUsername

databaseUsername?: pulumi.Input<string>;

Database username associated to the connected user (for user name maps)

property expectedVersion

expectedVersion?: pulumi.Input<string>;

Specify the expected version of PostgreSQL.

property host

host?: pulumi.Input<string>;

Name of PostgreSQL server address to connect to

property maxConnections

maxConnections?: pulumi.Input<number>;

Maximum number of connections to establish to the database. Zero means unlimited.

property password

password?: pulumi.Input<string>;

Password to be used if the PostgreSQL server demands password authentication

property port

port?: pulumi.Input<number>;

The PostgreSQL port number to connect to at the server host, or socket file name extension for Unix-domain connections

property sslMode

sslMode?: pulumi.Input<string>;

property sslmode

sslmode?: pulumi.Input<string>;

This option determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the PostgreSQL server

property sslrootcert

sslrootcert?: pulumi.Input<string>;

The SSL server root certificate file path. The file must contain PEM encoded data.

property superuser

superuser?: pulumi.Input<boolean>;

Specify if the user to connect as is a Postgres superuser or not.If not, some feature might be disabled (e.g.: Refreshing state password from Postgres)

property username

username?: pulumi.Input<string>;

PostgreSQL user name to connect as

interface RoleArgs

interface RoleArgs

The set of arguments for constructing a Role resource.

property bypassRowLevelSecurity

bypassRowLevelSecurity?: pulumi.Input<boolean>;

Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

property connectionLimit

connectionLimit?: pulumi.Input<number>;

If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

property createDatabase

createDatabase?: pulumi.Input<boolean>;

Defines a role’s ability to execute CREATE DATABASE. Default value is false.

property createRole

createRole?: pulumi.Input<boolean>;

Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

property encrypted

encrypted?: pulumi.Input<string>;

property encryptedPassword

encryptedPassword?: pulumi.Input<boolean>;

Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s passwordEncryption setting.

property inherit

inherit?: pulumi.Input<boolean>;

Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

property login

login?: pulumi.Input<boolean>;

Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

property name

name?: pulumi.Input<string>;

The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

property password

password?: pulumi.Input<string>;

Sets the role’s password. A password is only of use for roles having the login attribute set to true.

property replication

replication?: pulumi.Input<boolean>;

Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

property roles

roles?: pulumi.Input<pulumi.Input<string>[]>;

Defines list of roles which will be granted to this new role.

property searchPaths

searchPaths?: pulumi.Input<pulumi.Input<string>[]>;

Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

property skipDropRole

skipDropRole?: pulumi.Input<boolean>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

property skipReassignOwned

skipReassignOwned?: pulumi.Input<boolean>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).

property statementTimeout

statementTimeout?: pulumi.Input<number>;

Defines statementTimeout setting for this role which allows to abort any statement that takes more than the specified amount of time.

property superuser

superuser?: pulumi.Input<boolean>;

Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

property validUntil

validUntil?: pulumi.Input<string>;

Defines the date and time after which the role’s password is no longer valid. Established connections past this validTime will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, validUntil will be set to infinity. Default is NULL, therefore infinity.

interface RoleState

interface RoleState

Input properties used for looking up and filtering Role resources.

property bypassRowLevelSecurity

bypassRowLevelSecurity?: pulumi.Input<boolean>;

Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

property connectionLimit

connectionLimit?: pulumi.Input<number>;

If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

property createDatabase

createDatabase?: pulumi.Input<boolean>;

Defines a role’s ability to execute CREATE DATABASE. Default value is false.

property createRole

createRole?: pulumi.Input<boolean>;

Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

property encrypted

encrypted?: pulumi.Input<string>;

property encryptedPassword

encryptedPassword?: pulumi.Input<boolean>;

Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s passwordEncryption setting.

property inherit

inherit?: pulumi.Input<boolean>;

Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

property login

login?: pulumi.Input<boolean>;

Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

property name

name?: pulumi.Input<string>;

The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

property password

password?: pulumi.Input<string>;

Sets the role’s password. A password is only of use for roles having the login attribute set to true.

property replication

replication?: pulumi.Input<boolean>;

Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

property roles

roles?: pulumi.Input<pulumi.Input<string>[]>;

Defines list of roles which will be granted to this new role.

property searchPaths

searchPaths?: pulumi.Input<pulumi.Input<string>[]>;

Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

property skipDropRole

skipDropRole?: pulumi.Input<boolean>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

property skipReassignOwned

skipReassignOwned?: pulumi.Input<boolean>;

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).

property statementTimeout

statementTimeout?: pulumi.Input<number>;

Defines statementTimeout setting for this role which allows to abort any statement that takes more than the specified amount of time.

property superuser

superuser?: pulumi.Input<boolean>;

Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

property validUntil

validUntil?: pulumi.Input<string>;

Defines the date and time after which the role’s password is no longer valid. Established connections past this validTime will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, validUntil will be set to infinity. Default is NULL, therefore infinity.

interface SchemaArgs

interface SchemaArgs

The set of arguments for constructing a Schema resource.

property database

database?: pulumi.Input<string>;

The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

property dropCascade

dropCascade?: pulumi.Input<boolean>;

When true, will also drop all the objects that are contained in the schema. (Default: false)

property ifNotExists

ifNotExists?: pulumi.Input<boolean>;

When true, use the existing schema if it exists. (Default: true)

property name

name?: pulumi.Input<string>;

The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

property owner

owner?: pulumi.Input<string>;

The ROLE who owns the schema.

property policies

policies?: pulumi.Input<pulumi.Input<SchemaPolicy>[]>;

Can be specified multiple times for each policy. Each policy block supports fields documented below.

interface SchemaState

interface SchemaState

Input properties used for looking up and filtering Schema resources.

property database

database?: pulumi.Input<string>;

The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

property dropCascade

dropCascade?: pulumi.Input<boolean>;

When true, will also drop all the objects that are contained in the schema. (Default: false)

property ifNotExists

ifNotExists?: pulumi.Input<boolean>;

When true, use the existing schema if it exists. (Default: true)

property name

name?: pulumi.Input<string>;

The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

property owner

owner?: pulumi.Input<string>;

The ROLE who owns the schema.

property policies

policies?: pulumi.Input<pulumi.Input<SchemaPolicy>[]>;

Can be specified multiple times for each policy. Each policy block supports fields documented below.