1. Packages
  2. Azure Classic
  3. API Docs
  4. dataprotection
  5. BackupInstancePostgresql

We recommend using Azure Native.

Azure v6.12.0 published on Monday, Dec 2, 2024 by Pulumi

azure.dataprotection.BackupInstancePostgresql

Explore with Pulumi AI

azure logo

We recommend using Azure Native.

Azure v6.12.0 published on Monday, Dec 2, 2024 by Pulumi

    Manages a Backup Instance to back up PostgreSQL.

    Note: Before using this resource, there are some prerequisite permissions for configure backup and restore. See more details from https://docs.microsoft.com/azure/backup/backup-azure-database-postgresql#prerequisite-permissions-for-configure-backup-and-restore.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as azure from "@pulumi/azure";
    
    const current = azure.core.getClientConfig({});
    const example = new azure.core.ResourceGroup("example", {
        name: "example",
        location: "West Europe",
    });
    const exampleServer = new azure.postgresql.Server("example", {
        name: "example",
        location: example.location,
        resourceGroupName: example.name,
        skuName: "B_Gen5_2",
        storageMb: 5120,
        backupRetentionDays: 7,
        geoRedundantBackupEnabled: false,
        autoGrowEnabled: true,
        administratorLogin: "psqladmin",
        administratorLoginPassword: "H@Sh1CoR3!",
        version: "9.5",
        sslEnforcementEnabled: true,
    });
    const exampleFirewallRule = new azure.postgresql.FirewallRule("example", {
        name: "AllowAllWindowsAzureIps",
        resourceGroupName: example.name,
        serverName: exampleServer.name,
        startIpAddress: "0.0.0.0",
        endIpAddress: "0.0.0.0",
    });
    const exampleDatabase = new azure.postgresql.Database("example", {
        name: "example",
        resourceGroupName: example.name,
        serverName: exampleServer.name,
        charset: "UTF8",
        collation: "English_United States.1252",
    });
    const exampleBackupVault = new azure.dataprotection.BackupVault("example", {
        name: "example",
        resourceGroupName: example.name,
        location: example.location,
        datastoreType: "VaultStore",
        redundancy: "LocallyRedundant",
        identity: {
            type: "SystemAssigned",
        },
    });
    const exampleKeyVault = new azure.keyvault.KeyVault("example", {
        name: "example",
        location: example.location,
        resourceGroupName: example.name,
        tenantId: current.then(current => current.tenantId),
        skuName: "premium",
        softDeleteRetentionDays: 7,
        accessPolicies: [
            {
                tenantId: current.then(current => current.tenantId),
                objectId: current.then(current => current.objectId),
                keyPermissions: [
                    "Create",
                    "Get",
                ],
                secretPermissions: [
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                ],
            },
            {
                tenantId: exampleBackupVault.identity.apply(identity => identity?.tenantId),
                objectId: exampleBackupVault.identity.apply(identity => identity?.principalId),
                keyPermissions: [
                    "Create",
                    "Get",
                ],
                secretPermissions: [
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                ],
            },
        ],
    });
    const exampleSecret = new azure.keyvault.Secret("example", {
        name: "example",
        value: pulumi.interpolate`Server=${exampleServer.name}.postgres.database.azure.com;Database=${exampleDatabase.name};Port=5432;User Id=psqladmin@${exampleServer.name};Password=H@Sh1CoR3!;Ssl Mode=Require;`,
        keyVaultId: exampleKeyVault.id,
    });
    const exampleBackupPolicyPostgresql = new azure.dataprotection.BackupPolicyPostgresql("example", {
        name: "example",
        resourceGroupName: example.name,
        vaultName: exampleBackupVault.name,
        backupRepeatingTimeIntervals: ["R/2021-05-23T02:30:00+00:00/P1W"],
        defaultRetentionDuration: "P4M",
    });
    const exampleAssignment = new azure.authorization.Assignment("example", {
        scope: exampleServer.id,
        roleDefinitionName: "Reader",
        principalId: exampleBackupVault.identity.apply(identity => identity?.principalId),
    });
    const exampleBackupInstancePostgresql = new azure.dataprotection.BackupInstancePostgresql("example", {
        name: "example",
        location: example.location,
        vaultId: exampleBackupVault.id,
        databaseId: exampleDatabase.id,
        backupPolicyId: exampleBackupPolicyPostgresql.id,
        databaseCredentialKeyVaultSecretId: exampleSecret.versionlessId,
    });
    
    import pulumi
    import pulumi_azure as azure
    
    current = azure.core.get_client_config()
    example = azure.core.ResourceGroup("example",
        name="example",
        location="West Europe")
    example_server = azure.postgresql.Server("example",
        name="example",
        location=example.location,
        resource_group_name=example.name,
        sku_name="B_Gen5_2",
        storage_mb=5120,
        backup_retention_days=7,
        geo_redundant_backup_enabled=False,
        auto_grow_enabled=True,
        administrator_login="psqladmin",
        administrator_login_password="H@Sh1CoR3!",
        version="9.5",
        ssl_enforcement_enabled=True)
    example_firewall_rule = azure.postgresql.FirewallRule("example",
        name="AllowAllWindowsAzureIps",
        resource_group_name=example.name,
        server_name=example_server.name,
        start_ip_address="0.0.0.0",
        end_ip_address="0.0.0.0")
    example_database = azure.postgresql.Database("example",
        name="example",
        resource_group_name=example.name,
        server_name=example_server.name,
        charset="UTF8",
        collation="English_United States.1252")
    example_backup_vault = azure.dataprotection.BackupVault("example",
        name="example",
        resource_group_name=example.name,
        location=example.location,
        datastore_type="VaultStore",
        redundancy="LocallyRedundant",
        identity={
            "type": "SystemAssigned",
        })
    example_key_vault = azure.keyvault.KeyVault("example",
        name="example",
        location=example.location,
        resource_group_name=example.name,
        tenant_id=current.tenant_id,
        sku_name="premium",
        soft_delete_retention_days=7,
        access_policies=[
            {
                "tenant_id": current.tenant_id,
                "object_id": current.object_id,
                "key_permissions": [
                    "Create",
                    "Get",
                ],
                "secret_permissions": [
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                ],
            },
            {
                "tenant_id": example_backup_vault.identity.tenant_id,
                "object_id": example_backup_vault.identity.principal_id,
                "key_permissions": [
                    "Create",
                    "Get",
                ],
                "secret_permissions": [
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                ],
            },
        ])
    example_secret = azure.keyvault.Secret("example",
        name="example",
        value=pulumi.Output.all(
            exampleServerName=example_server.name,
            exampleDatabaseName=example_database.name,
            exampleServerName1=example_server.name
    ).apply(lambda resolved_outputs: f"Server={resolved_outputs['exampleServerName']}.postgres.database.azure.com;Database={resolved_outputs['exampleDatabaseName']};Port=5432;User Id=psqladmin@{resolved_outputs['exampleServerName1']};Password=H@Sh1CoR3!;Ssl Mode=Require;")
    ,
        key_vault_id=example_key_vault.id)
    example_backup_policy_postgresql = azure.dataprotection.BackupPolicyPostgresql("example",
        name="example",
        resource_group_name=example.name,
        vault_name=example_backup_vault.name,
        backup_repeating_time_intervals=["R/2021-05-23T02:30:00+00:00/P1W"],
        default_retention_duration="P4M")
    example_assignment = azure.authorization.Assignment("example",
        scope=example_server.id,
        role_definition_name="Reader",
        principal_id=example_backup_vault.identity.principal_id)
    example_backup_instance_postgresql = azure.dataprotection.BackupInstancePostgresql("example",
        name="example",
        location=example.location,
        vault_id=example_backup_vault.id,
        database_id=example_database.id,
        backup_policy_id=example_backup_policy_postgresql.id,
        database_credential_key_vault_secret_id=example_secret.versionless_id)
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/authorization"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/core"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/dataprotection"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/keyvault"
    	"github.com/pulumi/pulumi-azure/sdk/v6/go/azure/postgresql"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		current, err := core.GetClientConfig(ctx, map[string]interface{}{}, nil)
    		if err != nil {
    			return err
    		}
    		example, err := core.NewResourceGroup(ctx, "example", &core.ResourceGroupArgs{
    			Name:     pulumi.String("example"),
    			Location: pulumi.String("West Europe"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleServer, err := postgresql.NewServer(ctx, "example", &postgresql.ServerArgs{
    			Name:                       pulumi.String("example"),
    			Location:                   example.Location,
    			ResourceGroupName:          example.Name,
    			SkuName:                    pulumi.String("B_Gen5_2"),
    			StorageMb:                  pulumi.Int(5120),
    			BackupRetentionDays:        pulumi.Int(7),
    			GeoRedundantBackupEnabled:  pulumi.Bool(false),
    			AutoGrowEnabled:            pulumi.Bool(true),
    			AdministratorLogin:         pulumi.String("psqladmin"),
    			AdministratorLoginPassword: pulumi.String("H@Sh1CoR3!"),
    			Version:                    pulumi.String("9.5"),
    			SslEnforcementEnabled:      pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = postgresql.NewFirewallRule(ctx, "example", &postgresql.FirewallRuleArgs{
    			Name:              pulumi.String("AllowAllWindowsAzureIps"),
    			ResourceGroupName: example.Name,
    			ServerName:        exampleServer.Name,
    			StartIpAddress:    pulumi.String("0.0.0.0"),
    			EndIpAddress:      pulumi.String("0.0.0.0"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleDatabase, err := postgresql.NewDatabase(ctx, "example", &postgresql.DatabaseArgs{
    			Name:              pulumi.String("example"),
    			ResourceGroupName: example.Name,
    			ServerName:        exampleServer.Name,
    			Charset:           pulumi.String("UTF8"),
    			Collation:         pulumi.String("English_United States.1252"),
    		})
    		if err != nil {
    			return err
    		}
    		exampleBackupVault, err := dataprotection.NewBackupVault(ctx, "example", &dataprotection.BackupVaultArgs{
    			Name:              pulumi.String("example"),
    			ResourceGroupName: example.Name,
    			Location:          example.Location,
    			DatastoreType:     pulumi.String("VaultStore"),
    			Redundancy:        pulumi.String("LocallyRedundant"),
    			Identity: &dataprotection.BackupVaultIdentityArgs{
    				Type: pulumi.String("SystemAssigned"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "example", &keyvault.KeyVaultArgs{
    			Name:                    pulumi.String("example"),
    			Location:                example.Location,
    			ResourceGroupName:       example.Name,
    			TenantId:                pulumi.String(current.TenantId),
    			SkuName:                 pulumi.String("premium"),
    			SoftDeleteRetentionDays: pulumi.Int(7),
    			AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
    				&keyvault.KeyVaultAccessPolicyArgs{
    					TenantId: pulumi.String(current.TenantId),
    					ObjectId: pulumi.String(current.ObjectId),
    					KeyPermissions: pulumi.StringArray{
    						pulumi.String("Create"),
    						pulumi.String("Get"),
    					},
    					SecretPermissions: pulumi.StringArray{
    						pulumi.String("Set"),
    						pulumi.String("Get"),
    						pulumi.String("Delete"),
    						pulumi.String("Purge"),
    						pulumi.String("Recover"),
    					},
    				},
    				&keyvault.KeyVaultAccessPolicyArgs{
    					TenantId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
    						return &identity.TenantId, nil
    					}).(pulumi.StringPtrOutput),
    					ObjectId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
    						return &identity.PrincipalId, nil
    					}).(pulumi.StringPtrOutput),
    					KeyPermissions: pulumi.StringArray{
    						pulumi.String("Create"),
    						pulumi.String("Get"),
    					},
    					SecretPermissions: pulumi.StringArray{
    						pulumi.String("Set"),
    						pulumi.String("Get"),
    						pulumi.String("Delete"),
    						pulumi.String("Purge"),
    						pulumi.String("Recover"),
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		exampleSecret, err := keyvault.NewSecret(ctx, "example", &keyvault.SecretArgs{
    			Name: pulumi.String("example"),
    			Value: pulumi.All(exampleServer.Name, exampleDatabase.Name, exampleServer.Name).ApplyT(func(_args []interface{}) (string, error) {
    				exampleServerName := _args[0].(string)
    				exampleDatabaseName := _args[1].(string)
    				exampleServerName1 := _args[2].(string)
    				return fmt.Sprintf("Server=%v.postgres.database.azure.com;Database=%v;Port=5432;User Id=psqladmin@%v;Password=H@Sh1CoR3!;Ssl Mode=Require;", exampleServerName, exampleDatabaseName, exampleServerName1), nil
    			}).(pulumi.StringOutput),
    			KeyVaultId: exampleKeyVault.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		exampleBackupPolicyPostgresql, err := dataprotection.NewBackupPolicyPostgresql(ctx, "example", &dataprotection.BackupPolicyPostgresqlArgs{
    			Name:              pulumi.String("example"),
    			ResourceGroupName: example.Name,
    			VaultName:         exampleBackupVault.Name,
    			BackupRepeatingTimeIntervals: pulumi.StringArray{
    				pulumi.String("R/2021-05-23T02:30:00+00:00/P1W"),
    			},
    			DefaultRetentionDuration: pulumi.String("P4M"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = authorization.NewAssignment(ctx, "example", &authorization.AssignmentArgs{
    			Scope:              exampleServer.ID(),
    			RoleDefinitionName: pulumi.String("Reader"),
    			PrincipalId: pulumi.String(exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
    				return &identity.PrincipalId, nil
    			}).(pulumi.StringPtrOutput)),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = dataprotection.NewBackupInstancePostgresql(ctx, "example", &dataprotection.BackupInstancePostgresqlArgs{
    			Name:                               pulumi.String("example"),
    			Location:                           example.Location,
    			VaultId:                            exampleBackupVault.ID(),
    			DatabaseId:                         exampleDatabase.ID(),
    			BackupPolicyId:                     exampleBackupPolicyPostgresql.ID(),
    			DatabaseCredentialKeyVaultSecretId: exampleSecret.VersionlessId,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Azure = Pulumi.Azure;
    
    return await Deployment.RunAsync(() => 
    {
        var current = Azure.Core.GetClientConfig.Invoke();
    
        var example = new Azure.Core.ResourceGroup("example", new()
        {
            Name = "example",
            Location = "West Europe",
        });
    
        var exampleServer = new Azure.PostgreSql.Server("example", new()
        {
            Name = "example",
            Location = example.Location,
            ResourceGroupName = example.Name,
            SkuName = "B_Gen5_2",
            StorageMb = 5120,
            BackupRetentionDays = 7,
            GeoRedundantBackupEnabled = false,
            AutoGrowEnabled = true,
            AdministratorLogin = "psqladmin",
            AdministratorLoginPassword = "H@Sh1CoR3!",
            Version = "9.5",
            SslEnforcementEnabled = true,
        });
    
        var exampleFirewallRule = new Azure.PostgreSql.FirewallRule("example", new()
        {
            Name = "AllowAllWindowsAzureIps",
            ResourceGroupName = example.Name,
            ServerName = exampleServer.Name,
            StartIpAddress = "0.0.0.0",
            EndIpAddress = "0.0.0.0",
        });
    
        var exampleDatabase = new Azure.PostgreSql.Database("example", new()
        {
            Name = "example",
            ResourceGroupName = example.Name,
            ServerName = exampleServer.Name,
            Charset = "UTF8",
            Collation = "English_United States.1252",
        });
    
        var exampleBackupVault = new Azure.DataProtection.BackupVault("example", new()
        {
            Name = "example",
            ResourceGroupName = example.Name,
            Location = example.Location,
            DatastoreType = "VaultStore",
            Redundancy = "LocallyRedundant",
            Identity = new Azure.DataProtection.Inputs.BackupVaultIdentityArgs
            {
                Type = "SystemAssigned",
            },
        });
    
        var exampleKeyVault = new Azure.KeyVault.KeyVault("example", new()
        {
            Name = "example",
            Location = example.Location,
            ResourceGroupName = example.Name,
            TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
            SkuName = "premium",
            SoftDeleteRetentionDays = 7,
            AccessPolicies = new[]
            {
                new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
                {
                    TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
                    ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
                    KeyPermissions = new[]
                    {
                        "Create",
                        "Get",
                    },
                    SecretPermissions = new[]
                    {
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover",
                    },
                },
                new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
                {
                    TenantId = exampleBackupVault.Identity.Apply(identity => identity?.TenantId),
                    ObjectId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
                    KeyPermissions = new[]
                    {
                        "Create",
                        "Get",
                    },
                    SecretPermissions = new[]
                    {
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover",
                    },
                },
            },
        });
    
        var exampleSecret = new Azure.KeyVault.Secret("example", new()
        {
            Name = "example",
            Value = Output.Tuple(exampleServer.Name, exampleDatabase.Name, exampleServer.Name).Apply(values =>
            {
                var exampleServerName = values.Item1;
                var exampleDatabaseName = values.Item2;
                var exampleServerName1 = values.Item3;
                return $"Server={exampleServerName}.postgres.database.azure.com;Database={exampleDatabaseName};Port=5432;User Id=psqladmin@{exampleServerName1};Password=H@Sh1CoR3!;Ssl Mode=Require;";
            }),
            KeyVaultId = exampleKeyVault.Id,
        });
    
        var exampleBackupPolicyPostgresql = new Azure.DataProtection.BackupPolicyPostgresql("example", new()
        {
            Name = "example",
            ResourceGroupName = example.Name,
            VaultName = exampleBackupVault.Name,
            BackupRepeatingTimeIntervals = new[]
            {
                "R/2021-05-23T02:30:00+00:00/P1W",
            },
            DefaultRetentionDuration = "P4M",
        });
    
        var exampleAssignment = new Azure.Authorization.Assignment("example", new()
        {
            Scope = exampleServer.Id,
            RoleDefinitionName = "Reader",
            PrincipalId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
        });
    
        var exampleBackupInstancePostgresql = new Azure.DataProtection.BackupInstancePostgresql("example", new()
        {
            Name = "example",
            Location = example.Location,
            VaultId = exampleBackupVault.Id,
            DatabaseId = exampleDatabase.Id,
            BackupPolicyId = exampleBackupPolicyPostgresql.Id,
            DatabaseCredentialKeyVaultSecretId = exampleSecret.VersionlessId,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.azure.core.CoreFunctions;
    import com.pulumi.azure.core.ResourceGroup;
    import com.pulumi.azure.core.ResourceGroupArgs;
    import com.pulumi.azure.postgresql.Server;
    import com.pulumi.azure.postgresql.ServerArgs;
    import com.pulumi.azure.postgresql.FirewallRule;
    import com.pulumi.azure.postgresql.FirewallRuleArgs;
    import com.pulumi.azure.postgresql.Database;
    import com.pulumi.azure.postgresql.DatabaseArgs;
    import com.pulumi.azure.dataprotection.BackupVault;
    import com.pulumi.azure.dataprotection.BackupVaultArgs;
    import com.pulumi.azure.dataprotection.inputs.BackupVaultIdentityArgs;
    import com.pulumi.azure.keyvault.KeyVault;
    import com.pulumi.azure.keyvault.KeyVaultArgs;
    import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
    import com.pulumi.azure.keyvault.Secret;
    import com.pulumi.azure.keyvault.SecretArgs;
    import com.pulumi.azure.dataprotection.BackupPolicyPostgresql;
    import com.pulumi.azure.dataprotection.BackupPolicyPostgresqlArgs;
    import com.pulumi.azure.authorization.Assignment;
    import com.pulumi.azure.authorization.AssignmentArgs;
    import com.pulumi.azure.dataprotection.BackupInstancePostgresql;
    import com.pulumi.azure.dataprotection.BackupInstancePostgresqlArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var current = CoreFunctions.getClientConfig();
    
            var example = new ResourceGroup("example", ResourceGroupArgs.builder()
                .name("example")
                .location("West Europe")
                .build());
    
            var exampleServer = new Server("exampleServer", ServerArgs.builder()
                .name("example")
                .location(example.location())
                .resourceGroupName(example.name())
                .skuName("B_Gen5_2")
                .storageMb(5120)
                .backupRetentionDays(7)
                .geoRedundantBackupEnabled(false)
                .autoGrowEnabled(true)
                .administratorLogin("psqladmin")
                .administratorLoginPassword("H@Sh1CoR3!")
                .version("9.5")
                .sslEnforcementEnabled(true)
                .build());
    
            var exampleFirewallRule = new FirewallRule("exampleFirewallRule", FirewallRuleArgs.builder()
                .name("AllowAllWindowsAzureIps")
                .resourceGroupName(example.name())
                .serverName(exampleServer.name())
                .startIpAddress("0.0.0.0")
                .endIpAddress("0.0.0.0")
                .build());
    
            var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()
                .name("example")
                .resourceGroupName(example.name())
                .serverName(exampleServer.name())
                .charset("UTF8")
                .collation("English_United States.1252")
                .build());
    
            var exampleBackupVault = new BackupVault("exampleBackupVault", BackupVaultArgs.builder()
                .name("example")
                .resourceGroupName(example.name())
                .location(example.location())
                .datastoreType("VaultStore")
                .redundancy("LocallyRedundant")
                .identity(BackupVaultIdentityArgs.builder()
                    .type("SystemAssigned")
                    .build())
                .build());
    
            var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()
                .name("example")
                .location(example.location())
                .resourceGroupName(example.name())
                .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                .skuName("premium")
                .softDeleteRetentionDays(7)
                .accessPolicies(            
                    KeyVaultAccessPolicyArgs.builder()
                        .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                        .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
                        .keyPermissions(                    
                            "Create",
                            "Get")
                        .secretPermissions(                    
                            "Set",
                            "Get",
                            "Delete",
                            "Purge",
                            "Recover")
                        .build(),
                    KeyVaultAccessPolicyArgs.builder()
                        .tenantId(exampleBackupVault.identity().applyValue(identity -> identity.tenantId()))
                        .objectId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
                        .keyPermissions(                    
                            "Create",
                            "Get")
                        .secretPermissions(                    
                            "Set",
                            "Get",
                            "Delete",
                            "Purge",
                            "Recover")
                        .build())
                .build());
    
            var exampleSecret = new Secret("exampleSecret", SecretArgs.builder()
                .name("example")
                .value(Output.tuple(exampleServer.name(), exampleDatabase.name(), exampleServer.name()).applyValue(values -> {
                    var exampleServerName = values.t1;
                    var exampleDatabaseName = values.t2;
                    var exampleServerName1 = values.t3;
                    return String.format("Server=%s.postgres.database.azure.com;Database=%s;Port=5432;User Id=psqladmin@%s;Password=H@Sh1CoR3!;Ssl Mode=Require;", exampleServerName,exampleDatabaseName,exampleServerName1);
                }))
                .keyVaultId(exampleKeyVault.id())
                .build());
    
            var exampleBackupPolicyPostgresql = new BackupPolicyPostgresql("exampleBackupPolicyPostgresql", BackupPolicyPostgresqlArgs.builder()
                .name("example")
                .resourceGroupName(example.name())
                .vaultName(exampleBackupVault.name())
                .backupRepeatingTimeIntervals("R/2021-05-23T02:30:00+00:00/P1W")
                .defaultRetentionDuration("P4M")
                .build());
    
            var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()
                .scope(exampleServer.id())
                .roleDefinitionName("Reader")
                .principalId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
                .build());
    
            var exampleBackupInstancePostgresql = new BackupInstancePostgresql("exampleBackupInstancePostgresql", BackupInstancePostgresqlArgs.builder()
                .name("example")
                .location(example.location())
                .vaultId(exampleBackupVault.id())
                .databaseId(exampleDatabase.id())
                .backupPolicyId(exampleBackupPolicyPostgresql.id())
                .databaseCredentialKeyVaultSecretId(exampleSecret.versionlessId())
                .build());
    
        }
    }
    
    resources:
      example:
        type: azure:core:ResourceGroup
        properties:
          name: example
          location: West Europe
      exampleServer:
        type: azure:postgresql:Server
        name: example
        properties:
          name: example
          location: ${example.location}
          resourceGroupName: ${example.name}
          skuName: B_Gen5_2
          storageMb: 5120
          backupRetentionDays: 7
          geoRedundantBackupEnabled: false
          autoGrowEnabled: true
          administratorLogin: psqladmin
          administratorLoginPassword: H@Sh1CoR3!
          version: '9.5'
          sslEnforcementEnabled: true
      exampleFirewallRule:
        type: azure:postgresql:FirewallRule
        name: example
        properties:
          name: AllowAllWindowsAzureIps
          resourceGroupName: ${example.name}
          serverName: ${exampleServer.name}
          startIpAddress: 0.0.0.0
          endIpAddress: 0.0.0.0
      exampleDatabase:
        type: azure:postgresql:Database
        name: example
        properties:
          name: example
          resourceGroupName: ${example.name}
          serverName: ${exampleServer.name}
          charset: UTF8
          collation: English_United States.1252
      exampleBackupVault:
        type: azure:dataprotection:BackupVault
        name: example
        properties:
          name: example
          resourceGroupName: ${example.name}
          location: ${example.location}
          datastoreType: VaultStore
          redundancy: LocallyRedundant
          identity:
            type: SystemAssigned
      exampleKeyVault:
        type: azure:keyvault:KeyVault
        name: example
        properties:
          name: example
          location: ${example.location}
          resourceGroupName: ${example.name}
          tenantId: ${current.tenantId}
          skuName: premium
          softDeleteRetentionDays: 7
          accessPolicies:
            - tenantId: ${current.tenantId}
              objectId: ${current.objectId}
              keyPermissions:
                - Create
                - Get
              secretPermissions:
                - Set
                - Get
                - Delete
                - Purge
                - Recover
            - tenantId: ${exampleBackupVault.identity.tenantId}
              objectId: ${exampleBackupVault.identity.principalId}
              keyPermissions:
                - Create
                - Get
              secretPermissions:
                - Set
                - Get
                - Delete
                - Purge
                - Recover
      exampleSecret:
        type: azure:keyvault:Secret
        name: example
        properties:
          name: example
          value: Server=${exampleServer.name}.postgres.database.azure.com;Database=${exampleDatabase.name};Port=5432;User Id=psqladmin@${exampleServer.name};Password=H@Sh1CoR3!;Ssl Mode=Require;
          keyVaultId: ${exampleKeyVault.id}
      exampleBackupPolicyPostgresql:
        type: azure:dataprotection:BackupPolicyPostgresql
        name: example
        properties:
          name: example
          resourceGroupName: ${example.name}
          vaultName: ${exampleBackupVault.name}
          backupRepeatingTimeIntervals:
            - R/2021-05-23T02:30:00+00:00/P1W
          defaultRetentionDuration: P4M
      exampleAssignment:
        type: azure:authorization:Assignment
        name: example
        properties:
          scope: ${exampleServer.id}
          roleDefinitionName: Reader
          principalId: ${exampleBackupVault.identity.principalId}
      exampleBackupInstancePostgresql:
        type: azure:dataprotection:BackupInstancePostgresql
        name: example
        properties:
          name: example
          location: ${example.location}
          vaultId: ${exampleBackupVault.id}
          databaseId: ${exampleDatabase.id}
          backupPolicyId: ${exampleBackupPolicyPostgresql.id}
          databaseCredentialKeyVaultSecretId: ${exampleSecret.versionlessId}
    variables:
      current:
        fn::invoke:
          Function: azure:core:getClientConfig
          Arguments: {}
    

    Create BackupInstancePostgresql Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new BackupInstancePostgresql(name: string, args: BackupInstancePostgresqlArgs, opts?: CustomResourceOptions);
    @overload
    def BackupInstancePostgresql(resource_name: str,
                                 args: BackupInstancePostgresqlArgs,
                                 opts: Optional[ResourceOptions] = None)
    
    @overload
    def BackupInstancePostgresql(resource_name: str,
                                 opts: Optional[ResourceOptions] = None,
                                 backup_policy_id: Optional[str] = None,
                                 database_id: Optional[str] = None,
                                 vault_id: Optional[str] = None,
                                 database_credential_key_vault_secret_id: Optional[str] = None,
                                 location: Optional[str] = None,
                                 name: Optional[str] = None)
    func NewBackupInstancePostgresql(ctx *Context, name string, args BackupInstancePostgresqlArgs, opts ...ResourceOption) (*BackupInstancePostgresql, error)
    public BackupInstancePostgresql(string name, BackupInstancePostgresqlArgs args, CustomResourceOptions? opts = null)
    public BackupInstancePostgresql(String name, BackupInstancePostgresqlArgs args)
    public BackupInstancePostgresql(String name, BackupInstancePostgresqlArgs args, CustomResourceOptions options)
    
    type: azure:dataprotection:BackupInstancePostgresql
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args BackupInstancePostgresqlArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args BackupInstancePostgresqlArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args BackupInstancePostgresqlArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args BackupInstancePostgresqlArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args BackupInstancePostgresqlArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var backupInstancePostgresqlResource = new Azure.DataProtection.BackupInstancePostgresql("backupInstancePostgresqlResource", new()
    {
        BackupPolicyId = "string",
        DatabaseId = "string",
        VaultId = "string",
        DatabaseCredentialKeyVaultSecretId = "string",
        Location = "string",
        Name = "string",
    });
    
    example, err := dataprotection.NewBackupInstancePostgresql(ctx, "backupInstancePostgresqlResource", &dataprotection.BackupInstancePostgresqlArgs{
    	BackupPolicyId:                     pulumi.String("string"),
    	DatabaseId:                         pulumi.String("string"),
    	VaultId:                            pulumi.String("string"),
    	DatabaseCredentialKeyVaultSecretId: pulumi.String("string"),
    	Location:                           pulumi.String("string"),
    	Name:                               pulumi.String("string"),
    })
    
    var backupInstancePostgresqlResource = new BackupInstancePostgresql("backupInstancePostgresqlResource", BackupInstancePostgresqlArgs.builder()
        .backupPolicyId("string")
        .databaseId("string")
        .vaultId("string")
        .databaseCredentialKeyVaultSecretId("string")
        .location("string")
        .name("string")
        .build());
    
    backup_instance_postgresql_resource = azure.dataprotection.BackupInstancePostgresql("backupInstancePostgresqlResource",
        backup_policy_id="string",
        database_id="string",
        vault_id="string",
        database_credential_key_vault_secret_id="string",
        location="string",
        name="string")
    
    const backupInstancePostgresqlResource = new azure.dataprotection.BackupInstancePostgresql("backupInstancePostgresqlResource", {
        backupPolicyId: "string",
        databaseId: "string",
        vaultId: "string",
        databaseCredentialKeyVaultSecretId: "string",
        location: "string",
        name: "string",
    });
    
    type: azure:dataprotection:BackupInstancePostgresql
    properties:
        backupPolicyId: string
        databaseCredentialKeyVaultSecretId: string
        databaseId: string
        location: string
        name: string
        vaultId: string
    

    BackupInstancePostgresql Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The BackupInstancePostgresql resource accepts the following input properties:

    BackupPolicyId string
    The ID of the Backup Policy.
    DatabaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    VaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    DatabaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    Location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    BackupPolicyId string
    The ID of the Backup Policy.
    DatabaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    VaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    DatabaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    Location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId String
    The ID of the Backup Policy.
    databaseId String
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId String
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    databaseCredentialKeyVaultSecretId String
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    location String
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name String
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId string
    The ID of the Backup Policy.
    databaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    databaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    backup_policy_id str
    The ID of the Backup Policy.
    database_id str
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    vault_id str
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    database_credential_key_vault_secret_id str
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    location str
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name str
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId String
    The ID of the Backup Policy.
    databaseId String
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId String
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    databaseCredentialKeyVaultSecretId String
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    location String
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name String
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the BackupInstancePostgresql resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing BackupInstancePostgresql Resource

    Get an existing BackupInstancePostgresql resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: BackupInstancePostgresqlState, opts?: CustomResourceOptions): BackupInstancePostgresql
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            backup_policy_id: Optional[str] = None,
            database_credential_key_vault_secret_id: Optional[str] = None,
            database_id: Optional[str] = None,
            location: Optional[str] = None,
            name: Optional[str] = None,
            vault_id: Optional[str] = None) -> BackupInstancePostgresql
    func GetBackupInstancePostgresql(ctx *Context, name string, id IDInput, state *BackupInstancePostgresqlState, opts ...ResourceOption) (*BackupInstancePostgresql, error)
    public static BackupInstancePostgresql Get(string name, Input<string> id, BackupInstancePostgresqlState? state, CustomResourceOptions? opts = null)
    public static BackupInstancePostgresql get(String name, Output<String> id, BackupInstancePostgresqlState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    BackupPolicyId string
    The ID of the Backup Policy.
    DatabaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    DatabaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    VaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    BackupPolicyId string
    The ID of the Backup Policy.
    DatabaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    DatabaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    Name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    VaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId String
    The ID of the Backup Policy.
    databaseCredentialKeyVaultSecretId String
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    databaseId String
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    location String
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name String
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId String
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId string
    The ID of the Backup Policy.
    databaseCredentialKeyVaultSecretId string
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    databaseId string
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    location string
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name string
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId string
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    backup_policy_id str
    The ID of the Backup Policy.
    database_credential_key_vault_secret_id str
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    database_id str
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    location str
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name str
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    vault_id str
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.
    backupPolicyId String
    The ID of the Backup Policy.
    databaseCredentialKeyVaultSecretId String
    The ID or versionless ID of the key vault secret which stores the connection string of the database.
    databaseId String
    The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    location String
    The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.
    name String
    The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.
    vaultId String
    The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

    Import

    Backup Instance PostgreSQL can be imported using the resource id, e.g.

    $ pulumi import azure:dataprotection/backupInstancePostgresql:BackupInstancePostgresql example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DataProtection/backupVaults/vault1/backupInstances/backupInstance1
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Azure Classic pulumi/pulumi-azure
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the azurerm Terraform Provider.
    azure logo

    We recommend using Azure Native.

    Azure v6.12.0 published on Monday, Dec 2, 2024 by Pulumi