Package @pulumi/postgresql
This page documents the language specification for the postgresql package. If you're looking for help working with the inputs, outputs, or functions of postgresql resources in a Pulumi program, please see the resource documentation for examples and API reference.
This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the
pulumi/pulumi-postgresql
repo; however, if that doesn’t turn up anything, please consult the sourceterraform-providers/terraform-provider-postgresql
repo.
var postgresql = require("@pulumi/postgresql");
import * as postgresql from "@pulumi/postgresql";
Modules
Resources
Others
- DatabaseArgs
- DatabaseState
- DefaultPrivilegArgs
- DefaultPrivilegesArgs
- DefaultPrivilegesState
- DefaultPrivilegState
- ExtensionArgs
- ExtensionState
- getEnv
- getEnvBoolean
- getEnvNumber
- getVersion
- GrantArgs
- GrantState
- ProviderArgs
- RoleArgs
- RoleState
- SchemaArgs
- SchemaState
Resources
Resource Database
class Database extends CustomResource
constructor
new Database(name: string, args?: DatabaseArgs, opts?: pulumi.CustomResourceOptions)
Create a Database resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DatabaseState, opts?: pulumi.CustomResourceOptions): Database
Get an existing Database resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Database
Returns true if the given object is an instance of Database. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property allowConnections
public allowConnections: pulumi.Output<boolean | undefined>;
If false
then no one can connect to this
database. The default is true
, allowing connections (except as restricted by
other mechanisms, such as GRANT
or REVOKE CONNECT
).
property connectionLimit
public connectionLimit: pulumi.Output<number | undefined>;
How many concurrent connections can be
established to this database. -1
(the default) means no limit.
property encoding
public encoding: pulumi.Output<string>;
Character set encoding to use in the new database
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property isTemplate
public isTemplate: pulumi.Output<boolean>;
If true
, then this database can be cloned by any
user with CREATEDB
privileges; if false
(the default), then only
superusers or the owner of the database can clone it.
property lcCollate
public lcCollate: pulumi.Output<string>;
Collation order (LC_COLLATE) to use in the new database
property lcCtype
public lcCtype: pulumi.Output<string>;
Character classification (LC_CTYPE) to use in the new database
property name
public name: pulumi.Output<string>;
The name of the database. Must be unique on the PostgreSQL server instance where it is configured.
property owner
public owner: pulumi.Output<string>;
The role name of the user who will own the database, or
DEFAULT
to use the default (namely, the user executing the command). To
create a database owned by another role or to change the owner of an existing
database, you must be a direct or indirect member of the specified role, or
the username in the provider is a superuser.
property tablespaceName
public tablespaceName: pulumi.Output<string>;
The name of the tablespace that will be
associated with the database, or DEFAULT
to use the template database’s
tablespace. This tablespace will be the default tablespace used for objects
created in this database.
property template
public template: pulumi.Output<string>;
The name of the template from which to create the new database
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Resource DefaultPrivileg
class DefaultPrivileg extends CustomResource
constructor
new DefaultPrivileg(name: string, args: DefaultPrivilegArgs, opts?: pulumi.CustomResourceOptions)
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultPrivilegState, opts?: pulumi.CustomResourceOptions): DefaultPrivileg
Get an existing DefaultPrivileg resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is DefaultPrivileg
Returns true if the given object is an instance of DefaultPrivileg. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property database
public database: pulumi.Output<string>;
The database to grant default privileges for this role
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property objectType
public objectType: pulumi.Output<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type)
property owner
public owner: pulumi.Output<string>;
Target role for which to alter default privileges.
property privileges
public privileges: pulumi.Output<string[]>;
The list of privileges to apply as default privileges
property role
public role: pulumi.Output<string>;
The name of the role to which grant default privileges on
property schema
public schema: pulumi.Output<string>;
The database schema to set default privileges for this role
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Resource DefaultPrivileges
class DefaultPrivileges extends CustomResource
The postgresql.DefaultPrivileges
resource creates and manages default privileges given to a user for a database schema.
Note: This resource needs Postgresql version 9 or above.
Usage
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
const readOnlyTables = new postgresql.DefaultPrivileges("read_only_tables", {
database: "test_db",
objectType: "table",
owner: "db_owner",
privileges: ["SELECT"],
role: "test_role",
schema: "public",
});
constructor
new DefaultPrivileges(name: string, args: DefaultPrivilegesArgs, opts?: pulumi.CustomResourceOptions)
Create a DefaultPrivileges resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultPrivilegesState, opts?: pulumi.CustomResourceOptions): DefaultPrivileges
Get an existing DefaultPrivileges resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is DefaultPrivileges
Returns true if the given object is an instance of DefaultPrivileges. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property database
public database: pulumi.Output<string>;
The database to grant default privileges for this role.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property objectType
public objectType: pulumi.Output<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type).
property owner
public owner: pulumi.Output<string>;
Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
property privileges
public privileges: pulumi.Output<string[]>;
The list of privileges to apply as default privileges.
property role
public role: pulumi.Output<string>;
The name of the role to which grant default privileges on.
property schema
public schema: pulumi.Output<string>;
The database schema to set default privileges for this role.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Resource Extension
class Extension extends CustomResource
The postgresql.Extension
resource creates and manages an extension on a PostgreSQL
server.
Usage
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
const myExtension = new postgresql.Extension("my_extension", {});
constructor
new Extension(name: string, args?: ExtensionArgs, opts?: pulumi.CustomResourceOptions)
Create a Extension resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ExtensionState, opts?: pulumi.CustomResourceOptions): Extension
Get an existing Extension resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Extension
Returns true if the given object is an instance of Extension. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property database
public database: pulumi.Output<string>;
Which database to create the extension on. Defaults to provider database.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property name
public name: pulumi.Output<string>;
The name of the extension.
property schema
public schema: pulumi.Output<string>;
Sets the schema of an extension.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property version
public version: pulumi.Output<string>;
Sets the version number of the extension.
Resource Grant
class Grant extends CustomResource
The postgresql.Grant
resource creates and manages privileges given to a user for a database schema.
Note: This resource needs Postgresql version 9 or above.
Usage
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
const readonlyTables = new postgresql.Grant("readonly_tables", {
database: "test_db",
objectType: "table",
privileges: ["SELECT"],
role: "test_role",
schema: "public",
});
constructor
new Grant(name: string, args: GrantArgs, opts?: pulumi.CustomResourceOptions)
Create a Grant resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: GrantState, opts?: pulumi.CustomResourceOptions): Grant
Get an existing Grant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Grant
Returns true if the given object is an instance of Grant. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property database
public database: pulumi.Output<string>;
The database to grant privileges on for this role.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property objectType
public objectType: pulumi.Output<string>;
The PostgreSQL object type to grant the privileges on (one of: database, table, sequence,function).
property privileges
public privileges: pulumi.Output<string[]>;
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE.
property role
public role: pulumi.Output<string>;
The name of the role to grant privileges on.
property schema
public schema: pulumi.Output<string | undefined>;
The database schema to grant privileges on for this role.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property withGrantOption
public withGrantOption: pulumi.Output<boolean | undefined>;
Permit the grant recipient to grant it to others
Resource Provider
class Provider extends ProviderResource
The provider type for the postgresql package. By default, resources use package-wide configuration
settings, however an explicit Provider
instance may be created and passed during resource
construction to achieve fine-grained programmatic control over provider settings. See the
documentation for more information.
constructor
new Provider(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions)
Create a Provider resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Provider
Returns true if the given object is an instance of Provider. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
method register
static register(provider: ProviderResource | undefined): Promise<string | undefined>
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Resource Role
class Role extends CustomResource
constructor
new Role(name: string, args?: RoleArgs, opts?: pulumi.CustomResourceOptions)
Create a Role resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RoleState, opts?: pulumi.CustomResourceOptions): Role
Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Role
Returns true if the given object is an instance of Role. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property bypassRowLevelSecurity
public bypassRowLevelSecurity: pulumi.Output<boolean | undefined>;
Defines whether a role bypasses every
row-level security (RLS) policy. Default value is false
.
property connectionLimit
public connectionLimit: pulumi.Output<number | undefined>;
If this role can log in, this specifies how
many concurrent connections the role can establish. -1
(the default) means no
limit.
property createDatabase
public createDatabase: pulumi.Output<boolean | undefined>;
Defines a role’s ability to execute CREATE
DATABASE
. Default value is false
.
property createRole
public createRole: pulumi.Output<boolean | undefined>;
Defines a role’s ability to execute CREATE ROLE
.
A role with this privilege can also alter and drop other roles. Default value
is false
.
property encrypted
public encrypted: pulumi.Output<string | undefined>;
property encryptedPassword
public encryptedPassword: pulumi.Output<boolean | undefined>;
Defines whether the password is stored
encrypted in the system catalogs. Default value is true
. NOTE: this value
is always set (to the conservative and safe value), but may interfere with the
behavior of
PostgreSQL’s passwordEncryption
setting.
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property inherit
public inherit: pulumi.Output<boolean | undefined>;
Defines whether a role “inherits” the privileges of
roles it is a member of. Default value is true
.
property login
public login: pulumi.Output<boolean | undefined>;
Defines whether role is allowed to log in. Roles without
this attribute are useful for managing database privileges, but are not users
in the usual sense of the word. Default value is false
.
property name
public name: pulumi.Output<string>;
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
property password
public password: pulumi.Output<string | undefined>;
Sets the role’s password. A password is only of use
for roles having the login
attribute set to true.
property replication
public replication: pulumi.Output<boolean | undefined>;
Defines whether a role is allowed to initiate
streaming replication or put the system in and out of backup mode. Default
value is false
property roles
public roles: pulumi.Output<string[] | undefined>;
Defines list of roles which will be granted to this new role.
property searchPaths
public searchPaths: pulumi.Output<string[] | undefined>;
Alters the search path of this new role. Note that
due to limitations in the implementation, values cannot contain the substring
", "
.
property skipDropRole
public skipDropRole: pulumi.Output<boolean | undefined>;
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
property skipReassignOwned
public skipReassignOwned: pulumi.Output<boolean | undefined>;
When a PostgreSQL ROLE exists in multiple
databases and the ROLE is dropped, a
REASSIGN OWNED
in
must be executed on each of the respective databases before the DROP ROLE
can be executed to dropped the ROLE from the catalog. This is the first and
second steps taken when removing a ROLE from a database (the second step being
an implicit
DROP OWNED
).
property statementTimeout
public statementTimeout: pulumi.Output<number | undefined>;
Defines statementTimeout
setting for this role which allows to abort any statement that takes more than the specified amount of time.
property superuser
public superuser: pulumi.Output<boolean | undefined>;
Defines whether the role is a “superuser”, and
therefore can override all access restrictions within the database. Default
value is false
.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
property validUntil
public validUntil: pulumi.Output<string | undefined>;
Defines the date and time after which the role’s
password is no longer valid. Established connections past this validTime
will have to be manually terminated. This value corresponds to a PostgreSQL
datetime. If omitted or the magic value NULL
is used, validUntil
will be
set to infinity
. Default is NULL
, therefore infinity
.
Resource Schema
class Schema extends CustomResource
constructor
new Schema(name: string, args?: SchemaArgs, opts?: pulumi.CustomResourceOptions)
Create a Schema resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method get
public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SchemaState, opts?: pulumi.CustomResourceOptions): Schema
Get an existing Schema resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Schema
Returns true if the given object is an instance of Schema. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
property database
public database: pulumi.Output<string>;
The DATABASE in which where this schema will be created. (Default: The database used by your provider
configuration)
property dropCascade
public dropCascade: pulumi.Output<boolean | undefined>;
When true, will also drop all the objects that are contained in the schema. (Default: false)
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property ifNotExists
public ifNotExists: pulumi.Output<boolean | undefined>;
When true, use the existing schema if it exists. (Default: true)
property name
public name: pulumi.Output<string>;
The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.
property owner
public owner: pulumi.Output<string>;
The ROLE who owns the schema.
property policies
public policies: pulumi.Output<SchemaPolicy[]>;
Can be specified multiple times for each policy. Each policy block supports fields documented below.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Others
interface DatabaseArgs
interface DatabaseArgs
The set of arguments for constructing a Database resource.
property allowConnections
allowConnections?: pulumi.Input<boolean>;
If false
then no one can connect to this
database. The default is true
, allowing connections (except as restricted by
other mechanisms, such as GRANT
or REVOKE CONNECT
).
property connectionLimit
connectionLimit?: pulumi.Input<number>;
How many concurrent connections can be
established to this database. -1
(the default) means no limit.
property encoding
encoding?: pulumi.Input<string>;
Character set encoding to use in the new database
property isTemplate
isTemplate?: pulumi.Input<boolean>;
If true
, then this database can be cloned by any
user with CREATEDB
privileges; if false
(the default), then only
superusers or the owner of the database can clone it.
property lcCollate
lcCollate?: pulumi.Input<string>;
Collation order (LC_COLLATE) to use in the new database
property lcCtype
lcCtype?: pulumi.Input<string>;
Character classification (LC_CTYPE) to use in the new database
property name
name?: pulumi.Input<string>;
The name of the database. Must be unique on the PostgreSQL server instance where it is configured.
property owner
owner?: pulumi.Input<string>;
The role name of the user who will own the database, or
DEFAULT
to use the default (namely, the user executing the command). To
create a database owned by another role or to change the owner of an existing
database, you must be a direct or indirect member of the specified role, or
the username in the provider is a superuser.
property tablespaceName
tablespaceName?: pulumi.Input<string>;
The name of the tablespace that will be
associated with the database, or DEFAULT
to use the template database’s
tablespace. This tablespace will be the default tablespace used for objects
created in this database.
property template
template?: pulumi.Input<string>;
The name of the template from which to create the new database
interface DatabaseState
interface DatabaseState
Input properties used for looking up and filtering Database resources.
property allowConnections
allowConnections?: pulumi.Input<boolean>;
If false
then no one can connect to this
database. The default is true
, allowing connections (except as restricted by
other mechanisms, such as GRANT
or REVOKE CONNECT
).
property connectionLimit
connectionLimit?: pulumi.Input<number>;
How many concurrent connections can be
established to this database. -1
(the default) means no limit.
property encoding
encoding?: pulumi.Input<string>;
Character set encoding to use in the new database
property isTemplate
isTemplate?: pulumi.Input<boolean>;
If true
, then this database can be cloned by any
user with CREATEDB
privileges; if false
(the default), then only
superusers or the owner of the database can clone it.
property lcCollate
lcCollate?: pulumi.Input<string>;
Collation order (LC_COLLATE) to use in the new database
property lcCtype
lcCtype?: pulumi.Input<string>;
Character classification (LC_CTYPE) to use in the new database
property name
name?: pulumi.Input<string>;
The name of the database. Must be unique on the PostgreSQL server instance where it is configured.
property owner
owner?: pulumi.Input<string>;
The role name of the user who will own the database, or
DEFAULT
to use the default (namely, the user executing the command). To
create a database owned by another role or to change the owner of an existing
database, you must be a direct or indirect member of the specified role, or
the username in the provider is a superuser.
property tablespaceName
tablespaceName?: pulumi.Input<string>;
The name of the tablespace that will be
associated with the database, or DEFAULT
to use the template database’s
tablespace. This tablespace will be the default tablespace used for objects
created in this database.
property template
template?: pulumi.Input<string>;
The name of the template from which to create the new database
interface DefaultPrivilegArgs
interface DefaultPrivilegArgs
The set of arguments for constructing a DefaultPrivileg resource.
property database
database: pulumi.Input<string>;
The database to grant default privileges for this role
property objectType
objectType: pulumi.Input<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type)
property owner
owner: pulumi.Input<string>;
Target role for which to alter default privileges.
property privileges
privileges: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to apply as default privileges
property role
role: pulumi.Input<string>;
The name of the role to which grant default privileges on
property schema
schema: pulumi.Input<string>;
The database schema to set default privileges for this role
interface DefaultPrivilegesArgs
interface DefaultPrivilegesArgs
The set of arguments for constructing a DefaultPrivileges resource.
property database
database: pulumi.Input<string>;
The database to grant default privileges for this role.
property objectType
objectType: pulumi.Input<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type).
property owner
owner: pulumi.Input<string>;
Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
property privileges
privileges: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to apply as default privileges.
property role
role: pulumi.Input<string>;
The name of the role to which grant default privileges on.
property schema
schema: pulumi.Input<string>;
The database schema to set default privileges for this role.
interface DefaultPrivilegesState
interface DefaultPrivilegesState
Input properties used for looking up and filtering DefaultPrivileges resources.
property database
database?: pulumi.Input<string>;
The database to grant default privileges for this role.
property objectType
objectType?: pulumi.Input<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type).
property owner
owner?: pulumi.Input<string>;
Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).
property privileges
privileges?: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to apply as default privileges.
property role
role?: pulumi.Input<string>;
The name of the role to which grant default privileges on.
property schema
schema?: pulumi.Input<string>;
The database schema to set default privileges for this role.
interface DefaultPrivilegState
interface DefaultPrivilegState
Input properties used for looking up and filtering DefaultPrivileg resources.
property database
database?: pulumi.Input<string>;
The database to grant default privileges for this role
property objectType
objectType?: pulumi.Input<string>;
The PostgreSQL object type to set the default privileges on (one of: table, sequence, function, type)
property owner
owner?: pulumi.Input<string>;
Target role for which to alter default privileges.
property privileges
privileges?: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to apply as default privileges
property role
role?: pulumi.Input<string>;
The name of the role to which grant default privileges on
property schema
schema?: pulumi.Input<string>;
The database schema to set default privileges for this role
interface ExtensionArgs
interface ExtensionArgs
The set of arguments for constructing a Extension resource.
property database
database?: pulumi.Input<string>;
Which database to create the extension on. Defaults to provider database.
property name
name?: pulumi.Input<string>;
The name of the extension.
property schema
schema?: pulumi.Input<string>;
Sets the schema of an extension.
property version
version?: pulumi.Input<string>;
Sets the version number of the extension.
interface ExtensionState
interface ExtensionState
Input properties used for looking up and filtering Extension resources.
property database
database?: pulumi.Input<string>;
Which database to create the extension on. Defaults to provider database.
property name
name?: pulumi.Input<string>;
The name of the extension.
property schema
schema?: pulumi.Input<string>;
Sets the schema of an extension.
property version
version?: pulumi.Input<string>;
Sets the version number of the extension.
function getEnv
getEnv(vars: string[]): string | undefined
function getEnvBoolean
getEnvBoolean(vars: string[]): boolean | undefined
function getEnvNumber
getEnvNumber(vars: string[]): number | undefined
function getVersion
getVersion(): string
interface GrantArgs
interface GrantArgs
The set of arguments for constructing a Grant resource.
property database
database: pulumi.Input<string>;
The database to grant privileges on for this role.
property objectType
objectType: pulumi.Input<string>;
The PostgreSQL object type to grant the privileges on (one of: database, table, sequence,function).
property privileges
privileges: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE.
property role
role: pulumi.Input<string>;
The name of the role to grant privileges on.
property schema
schema?: pulumi.Input<string>;
The database schema to grant privileges on for this role.
property withGrantOption
withGrantOption?: pulumi.Input<boolean>;
Permit the grant recipient to grant it to others
interface GrantState
interface GrantState
Input properties used for looking up and filtering Grant resources.
property database
database?: pulumi.Input<string>;
The database to grant privileges on for this role.
property objectType
objectType?: pulumi.Input<string>;
The PostgreSQL object type to grant the privileges on (one of: database, table, sequence,function).
property privileges
privileges?: pulumi.Input<pulumi.Input<string>[]>;
The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE.
property role
role?: pulumi.Input<string>;
The name of the role to grant privileges on.
property schema
schema?: pulumi.Input<string>;
The database schema to grant privileges on for this role.
property withGrantOption
withGrantOption?: pulumi.Input<boolean>;
Permit the grant recipient to grant it to others
interface ProviderArgs
interface ProviderArgs
The set of arguments for constructing a Provider resource.
property clientcert
clientcert?: pulumi.Input<ProviderClientcert>;
SSL client certificate if required by the database.
property connectTimeout
connectTimeout?: pulumi.Input<number>;
Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.
property database
database?: pulumi.Input<string>;
The name of the database to connect to in order to conenct to (defaults to postgres
).
property databaseUsername
databaseUsername?: pulumi.Input<string>;
Database username associated to the connected user (for user name maps)
property expectedVersion
expectedVersion?: pulumi.Input<string>;
Specify the expected version of PostgreSQL.
property host
host?: pulumi.Input<string>;
Name of PostgreSQL server address to connect to
property maxConnections
maxConnections?: pulumi.Input<number>;
Maximum number of connections to establish to the database. Zero means unlimited.
property password
password?: pulumi.Input<string>;
Password to be used if the PostgreSQL server demands password authentication
property port
port?: pulumi.Input<number>;
The PostgreSQL port number to connect to at the server host, or socket file name extension for Unix-domain connections
property sslMode
ssl_mode
attribute to sslmode
sslMode?: pulumi.Input<string>;
property sslmode
sslmode?: pulumi.Input<string>;
This option determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the PostgreSQL server
property sslrootcert
sslrootcert?: pulumi.Input<string>;
The SSL server root certificate file path. The file must contain PEM encoded data.
property superuser
superuser?: pulumi.Input<boolean>;
Specify if the user to connect as is a Postgres superuser or not.If not, some feature might be disabled (e.g.: Refreshing state password from Postgres)
property username
username?: pulumi.Input<string>;
PostgreSQL user name to connect as
interface RoleArgs
interface RoleArgs
The set of arguments for constructing a Role resource.
property bypassRowLevelSecurity
bypassRowLevelSecurity?: pulumi.Input<boolean>;
Defines whether a role bypasses every
row-level security (RLS) policy. Default value is false
.
property connectionLimit
connectionLimit?: pulumi.Input<number>;
If this role can log in, this specifies how
many concurrent connections the role can establish. -1
(the default) means no
limit.
property createDatabase
createDatabase?: pulumi.Input<boolean>;
Defines a role’s ability to execute CREATE
DATABASE
. Default value is false
.
property createRole
createRole?: pulumi.Input<boolean>;
Defines a role’s ability to execute CREATE ROLE
.
A role with this privilege can also alter and drop other roles. Default value
is false
.
property encrypted
encrypted?: pulumi.Input<string>;
property encryptedPassword
encryptedPassword?: pulumi.Input<boolean>;
Defines whether the password is stored
encrypted in the system catalogs. Default value is true
. NOTE: this value
is always set (to the conservative and safe value), but may interfere with the
behavior of
PostgreSQL’s passwordEncryption
setting.
property inherit
inherit?: pulumi.Input<boolean>;
Defines whether a role “inherits” the privileges of
roles it is a member of. Default value is true
.
property login
login?: pulumi.Input<boolean>;
Defines whether role is allowed to log in. Roles without
this attribute are useful for managing database privileges, but are not users
in the usual sense of the word. Default value is false
.
property name
name?: pulumi.Input<string>;
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
property password
password?: pulumi.Input<string>;
Sets the role’s password. A password is only of use
for roles having the login
attribute set to true.
property replication
replication?: pulumi.Input<boolean>;
Defines whether a role is allowed to initiate
streaming replication or put the system in and out of backup mode. Default
value is false
property roles
roles?: pulumi.Input<pulumi.Input<string>[]>;
Defines list of roles which will be granted to this new role.
property searchPaths
searchPaths?: pulumi.Input<pulumi.Input<string>[]>;
Alters the search path of this new role. Note that
due to limitations in the implementation, values cannot contain the substring
", "
.
property skipDropRole
skipDropRole?: pulumi.Input<boolean>;
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
property skipReassignOwned
skipReassignOwned?: pulumi.Input<boolean>;
When a PostgreSQL ROLE exists in multiple
databases and the ROLE is dropped, a
REASSIGN OWNED
in
must be executed on each of the respective databases before the DROP ROLE
can be executed to dropped the ROLE from the catalog. This is the first and
second steps taken when removing a ROLE from a database (the second step being
an implicit
DROP OWNED
).
property statementTimeout
statementTimeout?: pulumi.Input<number>;
Defines statementTimeout
setting for this role which allows to abort any statement that takes more than the specified amount of time.
property superuser
superuser?: pulumi.Input<boolean>;
Defines whether the role is a “superuser”, and
therefore can override all access restrictions within the database. Default
value is false
.
property validUntil
validUntil?: pulumi.Input<string>;
Defines the date and time after which the role’s
password is no longer valid. Established connections past this validTime
will have to be manually terminated. This value corresponds to a PostgreSQL
datetime. If omitted or the magic value NULL
is used, validUntil
will be
set to infinity
. Default is NULL
, therefore infinity
.
interface RoleState
interface RoleState
Input properties used for looking up and filtering Role resources.
property bypassRowLevelSecurity
bypassRowLevelSecurity?: pulumi.Input<boolean>;
Defines whether a role bypasses every
row-level security (RLS) policy. Default value is false
.
property connectionLimit
connectionLimit?: pulumi.Input<number>;
If this role can log in, this specifies how
many concurrent connections the role can establish. -1
(the default) means no
limit.
property createDatabase
createDatabase?: pulumi.Input<boolean>;
Defines a role’s ability to execute CREATE
DATABASE
. Default value is false
.
property createRole
createRole?: pulumi.Input<boolean>;
Defines a role’s ability to execute CREATE ROLE
.
A role with this privilege can also alter and drop other roles. Default value
is false
.
property encrypted
encrypted?: pulumi.Input<string>;
property encryptedPassword
encryptedPassword?: pulumi.Input<boolean>;
Defines whether the password is stored
encrypted in the system catalogs. Default value is true
. NOTE: this value
is always set (to the conservative and safe value), but may interfere with the
behavior of
PostgreSQL’s passwordEncryption
setting.
property inherit
inherit?: pulumi.Input<boolean>;
Defines whether a role “inherits” the privileges of
roles it is a member of. Default value is true
.
property login
login?: pulumi.Input<boolean>;
Defines whether role is allowed to log in. Roles without
this attribute are useful for managing database privileges, but are not users
in the usual sense of the word. Default value is false
.
property name
name?: pulumi.Input<string>;
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
property password
password?: pulumi.Input<string>;
Sets the role’s password. A password is only of use
for roles having the login
attribute set to true.
property replication
replication?: pulumi.Input<boolean>;
Defines whether a role is allowed to initiate
streaming replication or put the system in and out of backup mode. Default
value is false
property roles
roles?: pulumi.Input<pulumi.Input<string>[]>;
Defines list of roles which will be granted to this new role.
property searchPaths
searchPaths?: pulumi.Input<pulumi.Input<string>[]>;
Alters the search path of this new role. Note that
due to limitations in the implementation, values cannot contain the substring
", "
.
property skipDropRole
skipDropRole?: pulumi.Input<boolean>;
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
property skipReassignOwned
skipReassignOwned?: pulumi.Input<boolean>;
When a PostgreSQL ROLE exists in multiple
databases and the ROLE is dropped, a
REASSIGN OWNED
in
must be executed on each of the respective databases before the DROP ROLE
can be executed to dropped the ROLE from the catalog. This is the first and
second steps taken when removing a ROLE from a database (the second step being
an implicit
DROP OWNED
).
property statementTimeout
statementTimeout?: pulumi.Input<number>;
Defines statementTimeout
setting for this role which allows to abort any statement that takes more than the specified amount of time.
property superuser
superuser?: pulumi.Input<boolean>;
Defines whether the role is a “superuser”, and
therefore can override all access restrictions within the database. Default
value is false
.
property validUntil
validUntil?: pulumi.Input<string>;
Defines the date and time after which the role’s
password is no longer valid. Established connections past this validTime
will have to be manually terminated. This value corresponds to a PostgreSQL
datetime. If omitted or the magic value NULL
is used, validUntil
will be
set to infinity
. Default is NULL
, therefore infinity
.
interface SchemaArgs
interface SchemaArgs
The set of arguments for constructing a Schema resource.
property database
database?: pulumi.Input<string>;
The DATABASE in which where this schema will be created. (Default: The database used by your provider
configuration)
property dropCascade
dropCascade?: pulumi.Input<boolean>;
When true, will also drop all the objects that are contained in the schema. (Default: false)
property ifNotExists
ifNotExists?: pulumi.Input<boolean>;
When true, use the existing schema if it exists. (Default: true)
property name
name?: pulumi.Input<string>;
The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.
property owner
owner?: pulumi.Input<string>;
The ROLE who owns the schema.
property policies
policies?: pulumi.Input<pulumi.Input<SchemaPolicy>[]>;
Can be specified multiple times for each policy. Each policy block supports fields documented below.
interface SchemaState
interface SchemaState
Input properties used for looking up and filtering Schema resources.
property database
database?: pulumi.Input<string>;
The DATABASE in which where this schema will be created. (Default: The database used by your provider
configuration)
property dropCascade
dropCascade?: pulumi.Input<boolean>;
When true, will also drop all the objects that are contained in the schema. (Default: false)
property ifNotExists
ifNotExists?: pulumi.Input<boolean>;
When true, use the existing schema if it exists. (Default: true)
property name
name?: pulumi.Input<string>;
The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.
property owner
owner?: pulumi.Input<string>;
The ROLE who owns the schema.
property policies
policies?: pulumi.Input<pulumi.Input<SchemaPolicy>[]>;
Can be specified multiple times for each policy. Each policy block supports fields documented below.