Pulumi PostgreSQL

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-postgresql repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-postgresql repo.

class pulumi_postgresql.Database(resource_name, opts=None, allow_connections=None, connection_limit=None, encoding=None, is_template=None, lc_collate=None, lc_ctype=None, name=None, owner=None, tablespace_name=None, template=None, __props__=None, __name__=None, __opts__=None)

The .Database resource creates and manages database objects within a PostgreSQL server instance.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allow_connections (pulumi.Input[bool]) – If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

  • connection_limit (pulumi.Input[float]) – How many concurrent connections can be established to this database. -1 (the default) means no limit.

  • encoding (pulumi.Input[str]) – Character set encoding to use in the new database

  • is_template (pulumi.Input[bool]) – If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

  • lc_collate (pulumi.Input[str]) – Collation order (LC_COLLATE) to use in the new database

  • lc_ctype (pulumi.Input[str]) – Character classification (LC_CTYPE) to use in the new database

  • name (pulumi.Input[str]) – The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

  • owner (pulumi.Input[str]) – The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

  • tablespace_name (pulumi.Input[str]) – The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

  • template (pulumi.Input[str]) – The name of the template from which to create the new database

allow_connections = None

If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

connection_limit = None

How many concurrent connections can be established to this database. -1 (the default) means no limit.

encoding = None

Character set encoding to use in the new database

is_template = None

If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

lc_collate = None

Collation order (LC_COLLATE) to use in the new database

lc_ctype = None

Character classification (LC_CTYPE) to use in the new database

name = None

The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

owner = None

The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

tablespace_name = None

The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

template = None

The name of the template from which to create the new database

static get(resource_name, id, opts=None, allow_connections=None, connection_limit=None, encoding=None, is_template=None, lc_collate=None, lc_ctype=None, name=None, owner=None, tablespace_name=None, template=None)

Get an existing Database resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • allow_connections (pulumi.Input[bool]) – If false then no one can connect to this database. The default is true, allowing connections (except as restricted by other mechanisms, such as GRANT or REVOKE CONNECT).

  • connection_limit (pulumi.Input[float]) – How many concurrent connections can be established to this database. -1 (the default) means no limit.

  • encoding (pulumi.Input[str]) – Character set encoding to use in the new database

  • is_template (pulumi.Input[bool]) – If true, then this database can be cloned by any user with CREATEDB privileges; if false (the default), then only superusers or the owner of the database can clone it.

  • lc_collate (pulumi.Input[str]) – Collation order (LC_COLLATE) to use in the new database

  • lc_ctype (pulumi.Input[str]) – Character classification (LC_CTYPE) to use in the new database

  • name (pulumi.Input[str]) – The name of the database. Must be unique on the PostgreSQL server instance where it is configured.

  • owner (pulumi.Input[str]) – The role name of the user who will own the database, or DEFAULT to use the default (namely, the user executing the command). To create a database owned by another role or to change the owner of an existing database, you must be a direct or indirect member of the specified role, or the username in the provider is a superuser.

  • tablespace_name (pulumi.Input[str]) – The name of the tablespace that will be associated with the database, or DEFAULT to use the template database’s tablespace. This tablespace will be the default tablespace used for objects created in this database.

  • template (pulumi.Input[str]) – The name of the template from which to create the new database

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.DefaultPrivileg(resource_name, opts=None, database=None, object_type=None, owner=None, privileges=None, role=None, schema=None, __props__=None, __name__=None, __opts__=None)

Create a DefaultPrivileg resource with the given unique name, props, and options. :param str resource_name: The name of the resource. :param pulumi.ResourceOptions opts: Options for the resource. :param pulumi.Input[str] database: The database to grant default privileges for this role :param pulumi.Input[str] object_type: The PostgreSQL object type to set the default privileges on (one of: table, sequence) :param pulumi.Input[str] owner: Target role for which to alter default privileges. :param pulumi.Input[list] privileges: The list of privileges to apply as default privileges :param pulumi.Input[str] role: The name of the role to which grant default privileges on :param pulumi.Input[str] schema: The database schema to set default privileges for this role

database = None

The database to grant default privileges for this role

object_type = None

The PostgreSQL object type to set the default privileges on (one of: table, sequence)

owner = None

Target role for which to alter default privileges.

privileges = None

The list of privileges to apply as default privileges

role = None

The name of the role to which grant default privileges on

schema = None

The database schema to set default privileges for this role

static get(resource_name, id, opts=None, database=None, object_type=None, owner=None, privileges=None, role=None, schema=None)

Get an existing DefaultPrivileg resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The database to grant default privileges for this role

  • object_type (pulumi.Input[str]) – The PostgreSQL object type to set the default privileges on (one of: table, sequence)

  • owner (pulumi.Input[str]) – Target role for which to alter default privileges.

  • privileges (pulumi.Input[list]) – The list of privileges to apply as default privileges

  • role (pulumi.Input[str]) – The name of the role to which grant default privileges on

  • schema (pulumi.Input[str]) – The database schema to set default privileges for this role

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.DefaultPrivileges(resource_name, opts=None, database=None, object_type=None, owner=None, privileges=None, role=None, schema=None, __props__=None, __name__=None, __opts__=None)

The .DefaultPrivileges resource creates and manages default privileges given to a user for a database schema.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The database to grant default privileges for this role.

  • object_type (pulumi.Input[str]) – The PostgreSQL object type to set the default privileges on (one of: table, sequence).

  • owner (pulumi.Input[str]) – Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

  • privileges (pulumi.Input[list]) – The list of privileges to apply as default privileges.

  • role (pulumi.Input[str]) – The name of the role to which grant default privileges on.

  • schema (pulumi.Input[str]) – The database schema to set default privileges for this role.

database = None

The database to grant default privileges for this role.

object_type = None

The PostgreSQL object type to set the default privileges on (one of: table, sequence).

owner = None

Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

privileges = None

The list of privileges to apply as default privileges.

role = None

The name of the role to which grant default privileges on.

schema = None

The database schema to set default privileges for this role.

static get(resource_name, id, opts=None, database=None, object_type=None, owner=None, privileges=None, role=None, schema=None)

Get an existing DefaultPrivileges resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The database to grant default privileges for this role.

  • object_type (pulumi.Input[str]) – The PostgreSQL object type to set the default privileges on (one of: table, sequence).

  • owner (pulumi.Input[str]) – Role for which apply default privileges (You can change default privileges only for objects that will be created by yourself or by roles that you are a member of).

  • privileges (pulumi.Input[list]) – The list of privileges to apply as default privileges.

  • role (pulumi.Input[str]) – The name of the role to which grant default privileges on.

  • schema (pulumi.Input[str]) – The database schema to set default privileges for this role.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.Extension(resource_name, opts=None, database=None, name=None, schema=None, version=None, __props__=None, __name__=None, __opts__=None)

The .Extension resource creates and manages an extension on a PostgreSQL server.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – Which database to create the extension on. Defaults to provider database.

  • name (pulumi.Input[str]) – The name of the extension.

  • schema (pulumi.Input[str]) – Sets the schema of an extension.

  • version (pulumi.Input[str]) – Sets the version number of the extension.

database = None

Which database to create the extension on. Defaults to provider database.

name = None

The name of the extension.

schema = None

Sets the schema of an extension.

version = None

Sets the version number of the extension.

static get(resource_name, id, opts=None, database=None, name=None, schema=None, version=None)

Get an existing Extension resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – Which database to create the extension on. Defaults to provider database.

  • name (pulumi.Input[str]) – The name of the extension.

  • schema (pulumi.Input[str]) – Sets the schema of an extension.

  • version (pulumi.Input[str]) – Sets the version number of the extension.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.Grant(resource_name, opts=None, database=None, object_type=None, privileges=None, role=None, schema=None, __props__=None, __name__=None, __opts__=None)

The .Grant resource creates and manages privileges given to a user for a database schema.

Note: This resource needs Postgresql version 9 or above.

This content is derived from https://github.com/terraform-providers/terraform-provider-postgresql/blob/master/website/docs/r/postgresql_grant.html.markdown.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The database to grant privileges on for this role.

  • object_type (pulumi.Input[str]) – The PostgreSQL object type to grant the privileges on (one of: table, sequence).

  • privileges (pulumi.Input[list]) – The list of privileges to grant.

  • role (pulumi.Input[str]) – The name of the role to grant privileges on.

  • schema (pulumi.Input[str]) – The database schema to grant privileges on for this role.

database = None

The database to grant privileges on for this role.

object_type = None

The PostgreSQL object type to grant the privileges on (one of: table, sequence).

privileges = None

The list of privileges to grant.

role = None

The name of the role to grant privileges on.

schema = None

The database schema to grant privileges on for this role.

static get(resource_name, id, opts=None, database=None, object_type=None, privileges=None, role=None, schema=None)

Get an existing Grant resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The database to grant privileges on for this role.

  • object_type (pulumi.Input[str]) – The PostgreSQL object type to grant the privileges on (one of: table, sequence).

  • privileges (pulumi.Input[list]) – The list of privileges to grant.

  • role (pulumi.Input[str]) – The name of the role to grant privileges on.

  • schema (pulumi.Input[str]) – The database schema to grant privileges on for this role.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.Provider(resource_name, opts=None, connect_timeout=None, database=None, database_username=None, expected_version=None, host=None, max_connections=None, password=None, port=None, ssl_mode=None, sslmode=None, superuser=None, username=None, __props__=None, __name__=None, __opts__=None)

The provider type for the postgresql package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • connect_timeout (pulumi.Input[float]) – Maximum wait for connection, in seconds. Zero or not specified means wait indefinitely.

  • database (pulumi.Input[str]) – The name of the database to connect to in order to conenct to (defaults to postgres).

  • database_username (pulumi.Input[str]) – Database username associated to the connected user (for user name maps)

  • expected_version (pulumi.Input[str]) – Specify the expected version of PostgreSQL.

  • host (pulumi.Input[str]) – Name of PostgreSQL server address to connect to

  • max_connections (pulumi.Input[float]) – Maximum number of connections to establish to the database. Zero means unlimited.

  • password (pulumi.Input[str]) – Password to be used if the PostgreSQL server demands password authentication

  • port (pulumi.Input[float]) – The PostgreSQL port number to connect to at the server host, or socket file name extension for Unix-domain connections

  • sslmode (pulumi.Input[str]) – This option determines whether or with what priority a secure SSL TCP/IP connection will be negotiated with the PostgreSQL server

  • superuser (pulumi.Input[bool]) – Specify if the user to connect as is a Postgres superuser or not.If not, some feature might be disabled (e.g.: Refreshing state password from Postgres)

  • username (pulumi.Input[str]) – PostgreSQL user name to connect as

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.Role(resource_name, opts=None, bypass_row_level_security=None, connection_limit=None, create_database=None, create_role=None, encrypted=None, encrypted_password=None, inherit=None, login=None, name=None, password=None, replication=None, roles=None, search_paths=None, skip_drop_role=None, skip_reassign_owned=None, statement_timeout=None, superuser=None, valid_until=None, __props__=None, __name__=None, __opts__=None)

The .Role resource creates and manages a role on a PostgreSQL server.

When a .Role resource is removed, the PostgreSQL ROLE will automatically run a ``REASSIGN OWNED` <https://www.postgresql.org/docs/current/static/sql-reassign-owned.html>`_ and ``DROP OWNED` <https://www.postgresql.org/docs/current/static/sql-drop-owned.html>`_ to the CURRENT_USER (normally the connected user for the provider). If the specified PostgreSQL ROLE owns objects in multiple PostgreSQL databases in the same PostgreSQL Cluster, one PostgreSQL provider per database must be created and all but the final .Role must specify a skip_drop_role.

Note: All arguments including role name and password will be stored in the raw state as plain-text. Read more about sensitive data in state.

This content is derived from https://github.com/terraform-providers/terraform-provider-postgresql/blob/master/website/docs/r/postgresql_role.html.markdown.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • bypass_row_level_security (pulumi.Input[bool]) – Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

  • connection_limit (pulumi.Input[float]) – If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

  • create_database (pulumi.Input[bool]) – Defines a role’s ability to execute CREATE DATABASE. Default value is false.

  • create_role (pulumi.Input[bool]) – Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

  • encrypted_password (pulumi.Input[bool]) – Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s ``password_encryption` setting <https://www.postgresql.org/docs/current/static/runtime-config-connection.html#GUC-PASSWORD-ENCRYPTION>`_.

  • inherit (pulumi.Input[bool]) – Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

  • login (pulumi.Input[bool]) – Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

  • name (pulumi.Input[str]) – The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

  • password (pulumi.Input[str]) – Sets the role’s password. A password is only of use for roles having the login attribute set to true.

  • replication (pulumi.Input[bool]) – Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

  • roles (pulumi.Input[list]) – Defines list of roles which will be granted to this new role.

  • search_paths (pulumi.Input[list]) – Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

  • skip_drop_role (pulumi.Input[bool]) – When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

  • skip_reassign_owned (pulumi.Input[bool]) – When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a ``REASSIGN OWNED` <https://www.postgresql.org/docs/current/static/sql-reassign-owned.html>`_ in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit ``DROP OWNED` <https://www.postgresql.org/docs/current/static/sql-drop-owned.html>`_).

  • statement_timeout (pulumi.Input[float]) – Defines ``statement_timeout` <https://www.postgresql.org/docs/current/runtime-config-client.html#RUNTIME-CONFIG-CLIENT-STATEMENT>`_ setting for this role which allows to abort any statement that takes more than the specified amount of time.

  • superuser (pulumi.Input[bool]) – Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

  • valid_until (pulumi.Input[str]) – Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.

bypass_row_level_security = None

Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

connection_limit = None

If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

create_database = None

Defines a role’s ability to execute CREATE DATABASE. Default value is false.

create_role = None

Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

encrypted_password = None

Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s ``password_encryption` setting <https://www.postgresql.org/docs/current/static/runtime-config-connection.html#GUC-PASSWORD-ENCRYPTION>`_.

inherit = None

Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

login = None

Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

name = None

The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

password = None

Sets the role’s password. A password is only of use for roles having the login attribute set to true.

replication = None

Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

roles = None

Defines list of roles which will be granted to this new role.

search_paths = None

Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

skip_drop_role = None

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

skip_reassign_owned = None

When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a ``REASSIGN OWNED` <https://www.postgresql.org/docs/current/static/sql-reassign-owned.html>`_ in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit ``DROP OWNED` <https://www.postgresql.org/docs/current/static/sql-drop-owned.html>`_).

statement_timeout = None

Defines ``statement_timeout` <https://www.postgresql.org/docs/current/runtime-config-client.html#RUNTIME-CONFIG-CLIENT-STATEMENT>`_ setting for this role which allows to abort any statement that takes more than the specified amount of time.

superuser = None

Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

valid_until = None

Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.

static get(resource_name, id, opts=None, bypass_row_level_security=None, connection_limit=None, create_database=None, create_role=None, encrypted=None, encrypted_password=None, inherit=None, login=None, name=None, password=None, replication=None, roles=None, search_paths=None, skip_drop_role=None, skip_reassign_owned=None, statement_timeout=None, superuser=None, valid_until=None)

Get an existing Role resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • bypass_row_level_security (pulumi.Input[bool]) – Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.

  • connection_limit (pulumi.Input[float]) – If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.

  • create_database (pulumi.Input[bool]) – Defines a role’s ability to execute CREATE DATABASE. Default value is false.

  • create_role (pulumi.Input[bool]) – Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.

  • encrypted_password (pulumi.Input[bool]) – Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s ``password_encryption` setting <https://www.postgresql.org/docs/current/static/runtime-config-connection.html#GUC-PASSWORD-ENCRYPTION>`_.

  • inherit (pulumi.Input[bool]) – Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.

  • login (pulumi.Input[bool]) – Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.

  • name (pulumi.Input[str]) – The name of the role. Must be unique on the PostgreSQL server instance where it is configured.

  • password (pulumi.Input[str]) – Sets the role’s password. A password is only of use for roles having the login attribute set to true.

  • replication (pulumi.Input[bool]) – Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false

  • roles (pulumi.Input[list]) – Defines list of roles which will be granted to this new role.

  • search_paths (pulumi.Input[list]) – Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".

  • skip_drop_role (pulumi.Input[bool]) –

    When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.

  • skip_reassign_owned (pulumi.Input[bool]) – When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a ``REASSIGN OWNED` <https://www.postgresql.org/docs/current/static/sql-reassign-owned.html>`_ in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit ``DROP OWNED` <https://www.postgresql.org/docs/current/static/sql-drop-owned.html>`_).

  • statement_timeout (pulumi.Input[float]) – Defines ``statement_timeout` <https://www.postgresql.org/docs/current/runtime-config-client.html#RUNTIME-CONFIG-CLIENT-STATEMENT>`_ setting for this role which allows to abort any statement that takes more than the specified amount of time.

  • superuser (pulumi.Input[bool]) – Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.

  • valid_until (pulumi.Input[str]) – Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_postgresql.Schema(resource_name, opts=None, database=None, drop_cascade=None, if_not_exists=None, name=None, owner=None, policies=None, __props__=None, __name__=None, __opts__=None)

The .Schema resource creates and manages schema objects within a PostgreSQL database.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

  • drop_cascade (pulumi.Input[bool]) – When true, will also drop all the objects that are contained in the schema. (Default: false)

  • if_not_exists (pulumi.Input[bool]) – When true, use the existing schema if it exists. (Default: true)

  • name (pulumi.Input[str]) – The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

  • owner (pulumi.Input[str]) – The ROLE who owns the schema.

  • policies (pulumi.Input[list]) – Can be specified multiple times for each policy. Each policy block supports fields documented below.

The policies object supports the following:

  • create (pulumi.Input[bool])

  • createWithGrant (pulumi.Input[bool])

  • role (pulumi.Input[str])

  • usage (pulumi.Input[bool])

  • usageWithGrant (pulumi.Input[bool])

database = None

The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

drop_cascade = None

When true, will also drop all the objects that are contained in the schema. (Default: false)

if_not_exists = None

When true, use the existing schema if it exists. (Default: true)

name = None

The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

owner = None

The ROLE who owns the schema.

policies = None

Can be specified multiple times for each policy. Each policy block supports fields documented below.

  • create (bool)

  • createWithGrant (bool)

  • role (str)

  • usage (bool)

  • usageWithGrant (bool)

static get(resource_name, id, opts=None, database=None, drop_cascade=None, if_not_exists=None, name=None, owner=None, policies=None)

Get an existing Schema resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database (pulumi.Input[str]) – The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)

  • drop_cascade (pulumi.Input[bool]) – When true, will also drop all the objects that are contained in the schema. (Default: false)

  • if_not_exists (pulumi.Input[bool]) – When true, use the existing schema if it exists. (Default: true)

  • name (pulumi.Input[str]) – The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.

  • owner (pulumi.Input[str]) – The ROLE who owns the schema.

  • policies (pulumi.Input[list]) – Can be specified multiple times for each policy. Each policy block supports fields documented below.

The policies object supports the following:

  • create (pulumi.Input[bool])

  • createWithGrant (pulumi.Input[bool])

  • role (pulumi.Input[str])

  • usage (pulumi.Input[bool])

  • usageWithGrant (pulumi.Input[bool])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str