azure.dataprotection.BackupInstancePostgresql

Manages a Backup Instance to back up PostgreSQL.

Note: Before using this resource, there are some prerequisite permissions for configure backup and restore. See more details from https://docs.microsoft.com/azure/backup/backup-azure-database-postgresql#prerequisite-permissions-for-configure-backup-and-restore.

Example Usage

using System.Collections.Generic;
using Pulumi;
using Azure = Pulumi.Azure;

return await Deployment.RunAsync(() => 
{
    var current = Azure.Core.GetClientConfig.Invoke();

    var exampleResourceGroup = new Azure.Core.ResourceGroup("exampleResourceGroup", new()
    {
        Location = "West Europe",
    });

    var exampleServer = new Azure.PostgreSql.Server("exampleServer", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
        SkuName = "B_Gen5_2",
        StorageMb = 5120,
        BackupRetentionDays = 7,
        GeoRedundantBackupEnabled = false,
        AutoGrowEnabled = true,
        AdministratorLogin = "psqladmin",
        AdministratorLoginPassword = "H@Sh1CoR3!",
        Version = "9.5",
        SslEnforcementEnabled = true,
    });

    var exampleFirewallRule = new Azure.PostgreSql.FirewallRule("exampleFirewallRule", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        ServerName = exampleServer.Name,
        StartIpAddress = "0.0.0.0",
        EndIpAddress = "0.0.0.0",
    });

    var exampleDatabase = new Azure.PostgreSql.Database("exampleDatabase", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        ServerName = exampleServer.Name,
        Charset = "UTF8",
        Collation = "English_United States.1252",
    });

    var exampleBackupVault = new Azure.DataProtection.BackupVault("exampleBackupVault", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        Location = exampleResourceGroup.Location,
        DatastoreType = "VaultStore",
        Redundancy = "LocallyRedundant",
        Identity = new Azure.DataProtection.Inputs.BackupVaultIdentityArgs
        {
            Type = "SystemAssigned",
        },
    });

    var exampleKeyVault = new Azure.KeyVault.KeyVault("exampleKeyVault", new()
    {
        Location = exampleResourceGroup.Location,
        ResourceGroupName = exampleResourceGroup.Name,
        TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
        SkuName = "premium",
        SoftDeleteRetentionDays = 7,
        AccessPolicies = new[]
        {
            new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
            {
                TenantId = current.Apply(getClientConfigResult => getClientConfigResult.TenantId),
                ObjectId = current.Apply(getClientConfigResult => getClientConfigResult.ObjectId),
                KeyPermissions = new[]
                {
                    "Create",
                    "Get",
                },
                SecretPermissions = new[]
                {
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                },
            },
            new Azure.KeyVault.Inputs.KeyVaultAccessPolicyArgs
            {
                TenantId = exampleBackupVault.Identity.Apply(identity => identity?.TenantId),
                ObjectId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
                KeyPermissions = new[]
                {
                    "Create",
                    "Get",
                },
                SecretPermissions = new[]
                {
                    "Set",
                    "Get",
                    "Delete",
                    "Purge",
                    "Recover",
                },
            },
        },
    });

    var exampleSecret = new Azure.KeyVault.Secret("exampleSecret", new()
    {
        Value = Output.Tuple(exampleServer.Name, exampleDatabase.Name, exampleServer.Name).Apply(values =>
        {
            var exampleServerName = values.Item1;
            var exampleDatabaseName = values.Item2;
            var exampleServerName1 = values.Item3;
            return $"Server={exampleServerName}.postgres.database.azure.com;Database={exampleDatabaseName};Port=5432;User Id=psqladmin@{exampleServerName1};Password=H@Sh1CoR3!;Ssl Mode=Require;";
        }),
        KeyVaultId = exampleKeyVault.Id,
    });

    var exampleBackupPolicyPostgresql = new Azure.DataProtection.BackupPolicyPostgresql("exampleBackupPolicyPostgresql", new()
    {
        ResourceGroupName = exampleResourceGroup.Name,
        VaultName = exampleBackupVault.Name,
        BackupRepeatingTimeIntervals = new[]
        {
            "R/2021-05-23T02:30:00+00:00/P1W",
        },
        DefaultRetentionDuration = "P4M",
    });

    var exampleAssignment = new Azure.Authorization.Assignment("exampleAssignment", new()
    {
        Scope = exampleServer.Id,
        RoleDefinitionName = "Reader",
        PrincipalId = exampleBackupVault.Identity.Apply(identity => identity?.PrincipalId),
    });

    var exampleBackupInstancePostgresql = new Azure.DataProtection.BackupInstancePostgresql("exampleBackupInstancePostgresql", new()
    {
        Location = exampleResourceGroup.Location,
        VaultId = exampleBackupVault.Id,
        DatabaseId = exampleDatabase.Id,
        BackupPolicyId = exampleBackupPolicyPostgresql.Id,
        DatabaseCredentialKeyVaultSecretId = exampleSecret.VersionlessId,
    });

});
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/authorization"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/core"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/dataprotection"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/keyvault"
	"github.com/pulumi/pulumi-azure/sdk/v5/go/azure/postgresql"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := core.GetClientConfig(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleResourceGroup, err := core.NewResourceGroup(ctx, "exampleResourceGroup", &core.ResourceGroupArgs{
			Location: pulumi.String("West Europe"),
		})
		if err != nil {
			return err
		}
		exampleServer, err := postgresql.NewServer(ctx, "exampleServer", &postgresql.ServerArgs{
			Location:                   exampleResourceGroup.Location,
			ResourceGroupName:          exampleResourceGroup.Name,
			SkuName:                    pulumi.String("B_Gen5_2"),
			StorageMb:                  pulumi.Int(5120),
			BackupRetentionDays:        pulumi.Int(7),
			GeoRedundantBackupEnabled:  pulumi.Bool(false),
			AutoGrowEnabled:            pulumi.Bool(true),
			AdministratorLogin:         pulumi.String("psqladmin"),
			AdministratorLoginPassword: pulumi.String("H@Sh1CoR3!"),
			Version:                    pulumi.String("9.5"),
			SslEnforcementEnabled:      pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = postgresql.NewFirewallRule(ctx, "exampleFirewallRule", &postgresql.FirewallRuleArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			ServerName:        exampleServer.Name,
			StartIpAddress:    pulumi.String("0.0.0.0"),
			EndIpAddress:      pulumi.String("0.0.0.0"),
		})
		if err != nil {
			return err
		}
		exampleDatabase, err := postgresql.NewDatabase(ctx, "exampleDatabase", &postgresql.DatabaseArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			ServerName:        exampleServer.Name,
			Charset:           pulumi.String("UTF8"),
			Collation:         pulumi.String("English_United States.1252"),
		})
		if err != nil {
			return err
		}
		exampleBackupVault, err := dataprotection.NewBackupVault(ctx, "exampleBackupVault", &dataprotection.BackupVaultArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			Location:          exampleResourceGroup.Location,
			DatastoreType:     pulumi.String("VaultStore"),
			Redundancy:        pulumi.String("LocallyRedundant"),
			Identity: &dataprotection.BackupVaultIdentityArgs{
				Type: pulumi.String("SystemAssigned"),
			},
		})
		if err != nil {
			return err
		}
		exampleKeyVault, err := keyvault.NewKeyVault(ctx, "exampleKeyVault", &keyvault.KeyVaultArgs{
			Location:                exampleResourceGroup.Location,
			ResourceGroupName:       exampleResourceGroup.Name,
			TenantId:                *pulumi.String(current.TenantId),
			SkuName:                 pulumi.String("premium"),
			SoftDeleteRetentionDays: pulumi.Int(7),
			AccessPolicies: keyvault.KeyVaultAccessPolicyArray{
				&keyvault.KeyVaultAccessPolicyArgs{
					TenantId: *pulumi.String(current.TenantId),
					ObjectId: *pulumi.String(current.ObjectId),
					KeyPermissions: pulumi.StringArray{
						pulumi.String("Create"),
						pulumi.String("Get"),
					},
					SecretPermissions: pulumi.StringArray{
						pulumi.String("Set"),
						pulumi.String("Get"),
						pulumi.String("Delete"),
						pulumi.String("Purge"),
						pulumi.String("Recover"),
					},
				},
				&keyvault.KeyVaultAccessPolicyArgs{
					TenantId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
						return &identity.TenantId, nil
					}).(pulumi.StringPtrOutput),
					ObjectId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
						return &identity.PrincipalId, nil
					}).(pulumi.StringPtrOutput),
					KeyPermissions: pulumi.StringArray{
						pulumi.String("Create"),
						pulumi.String("Get"),
					},
					SecretPermissions: pulumi.StringArray{
						pulumi.String("Set"),
						pulumi.String("Get"),
						pulumi.String("Delete"),
						pulumi.String("Purge"),
						pulumi.String("Recover"),
					},
				},
			},
		})
		if err != nil {
			return err
		}
		exampleSecret, err := keyvault.NewSecret(ctx, "exampleSecret", &keyvault.SecretArgs{
			Value: pulumi.All(exampleServer.Name, exampleDatabase.Name, exampleServer.Name).ApplyT(func(_args []interface{}) (string, error) {
				exampleServerName := _args[0].(string)
				exampleDatabaseName := _args[1].(string)
				exampleServerName1 := _args[2].(string)
				return fmt.Sprintf("Server=%v.postgres.database.azure.com;Database=%v;Port=5432;User Id=psqladmin@%v;Password=H@Sh1CoR3!;Ssl Mode=Require;", exampleServerName, exampleDatabaseName, exampleServerName1), nil
			}).(pulumi.StringOutput),
			KeyVaultId: exampleKeyVault.ID(),
		})
		if err != nil {
			return err
		}
		exampleBackupPolicyPostgresql, err := dataprotection.NewBackupPolicyPostgresql(ctx, "exampleBackupPolicyPostgresql", &dataprotection.BackupPolicyPostgresqlArgs{
			ResourceGroupName: exampleResourceGroup.Name,
			VaultName:         exampleBackupVault.Name,
			BackupRepeatingTimeIntervals: pulumi.StringArray{
				pulumi.String("R/2021-05-23T02:30:00+00:00/P1W"),
			},
			DefaultRetentionDuration: pulumi.String("P4M"),
		})
		if err != nil {
			return err
		}
		_, err = authorization.NewAssignment(ctx, "exampleAssignment", &authorization.AssignmentArgs{
			Scope:              exampleServer.ID(),
			RoleDefinitionName: pulumi.String("Reader"),
			PrincipalId: exampleBackupVault.Identity.ApplyT(func(identity dataprotection.BackupVaultIdentity) (*string, error) {
				return &identity.PrincipalId, nil
			}).(pulumi.StringPtrOutput),
		})
		if err != nil {
			return err
		}
		_, err = dataprotection.NewBackupInstancePostgresql(ctx, "exampleBackupInstancePostgresql", &dataprotection.BackupInstancePostgresqlArgs{
			Location:                           exampleResourceGroup.Location,
			VaultId:                            exampleBackupVault.ID(),
			DatabaseId:                         exampleDatabase.ID(),
			BackupPolicyId:                     exampleBackupPolicyPostgresql.ID(),
			DatabaseCredentialKeyVaultSecretId: exampleSecret.VersionlessId,
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.azure.core.CoreFunctions;
import com.pulumi.azure.core.ResourceGroup;
import com.pulumi.azure.core.ResourceGroupArgs;
import com.pulumi.azure.postgresql.Server;
import com.pulumi.azure.postgresql.ServerArgs;
import com.pulumi.azure.postgresql.FirewallRule;
import com.pulumi.azure.postgresql.FirewallRuleArgs;
import com.pulumi.azure.postgresql.Database;
import com.pulumi.azure.postgresql.DatabaseArgs;
import com.pulumi.azure.dataprotection.BackupVault;
import com.pulumi.azure.dataprotection.BackupVaultArgs;
import com.pulumi.azure.dataprotection.inputs.BackupVaultIdentityArgs;
import com.pulumi.azure.keyvault.KeyVault;
import com.pulumi.azure.keyvault.KeyVaultArgs;
import com.pulumi.azure.keyvault.inputs.KeyVaultAccessPolicyArgs;
import com.pulumi.azure.keyvault.Secret;
import com.pulumi.azure.keyvault.SecretArgs;
import com.pulumi.azure.dataprotection.BackupPolicyPostgresql;
import com.pulumi.azure.dataprotection.BackupPolicyPostgresqlArgs;
import com.pulumi.azure.authorization.Assignment;
import com.pulumi.azure.authorization.AssignmentArgs;
import com.pulumi.azure.dataprotection.BackupInstancePostgresql;
import com.pulumi.azure.dataprotection.BackupInstancePostgresqlArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var current = CoreFunctions.getClientConfig();

        var exampleResourceGroup = new ResourceGroup("exampleResourceGroup", ResourceGroupArgs.builder()        
            .location("West Europe")
            .build());

        var exampleServer = new Server("exampleServer", ServerArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .skuName("B_Gen5_2")
            .storageMb(5120)
            .backupRetentionDays(7)
            .geoRedundantBackupEnabled(false)
            .autoGrowEnabled(true)
            .administratorLogin("psqladmin")
            .administratorLoginPassword("H@Sh1CoR3!")
            .version("9.5")
            .sslEnforcementEnabled(true)
            .build());

        var exampleFirewallRule = new FirewallRule("exampleFirewallRule", FirewallRuleArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .serverName(exampleServer.name())
            .startIpAddress("0.0.0.0")
            .endIpAddress("0.0.0.0")
            .build());

        var exampleDatabase = new Database("exampleDatabase", DatabaseArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .serverName(exampleServer.name())
            .charset("UTF8")
            .collation("English_United States.1252")
            .build());

        var exampleBackupVault = new BackupVault("exampleBackupVault", BackupVaultArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .location(exampleResourceGroup.location())
            .datastoreType("VaultStore")
            .redundancy("LocallyRedundant")
            .identity(BackupVaultIdentityArgs.builder()
                .type("SystemAssigned")
                .build())
            .build());

        var exampleKeyVault = new KeyVault("exampleKeyVault", KeyVaultArgs.builder()        
            .location(exampleResourceGroup.location())
            .resourceGroupName(exampleResourceGroup.name())
            .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
            .skuName("premium")
            .softDeleteRetentionDays(7)
            .accessPolicies(            
                KeyVaultAccessPolicyArgs.builder()
                    .tenantId(current.applyValue(getClientConfigResult -> getClientConfigResult.tenantId()))
                    .objectId(current.applyValue(getClientConfigResult -> getClientConfigResult.objectId()))
                    .keyPermissions(                    
                        "Create",
                        "Get")
                    .secretPermissions(                    
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover")
                    .build(),
                KeyVaultAccessPolicyArgs.builder()
                    .tenantId(exampleBackupVault.identity().applyValue(identity -> identity.tenantId()))
                    .objectId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
                    .keyPermissions(                    
                        "Create",
                        "Get")
                    .secretPermissions(                    
                        "Set",
                        "Get",
                        "Delete",
                        "Purge",
                        "Recover")
                    .build())
            .build());

        var exampleSecret = new Secret("exampleSecret", SecretArgs.builder()        
            .value(Output.tuple(exampleServer.name(), exampleDatabase.name(), exampleServer.name()).applyValue(values -> {
                var exampleServerName = values.t1;
                var exampleDatabaseName = values.t2;
                var exampleServerName1 = values.t3;
                return String.format("Server=%s.postgres.database.azure.com;Database=%s;Port=5432;User Id=psqladmin@%s;Password=H@Sh1CoR3!;Ssl Mode=Require;", exampleServerName,exampleDatabaseName,exampleServerName1);
            }))
            .keyVaultId(exampleKeyVault.id())
            .build());

        var exampleBackupPolicyPostgresql = new BackupPolicyPostgresql("exampleBackupPolicyPostgresql", BackupPolicyPostgresqlArgs.builder()        
            .resourceGroupName(exampleResourceGroup.name())
            .vaultName(exampleBackupVault.name())
            .backupRepeatingTimeIntervals("R/2021-05-23T02:30:00+00:00/P1W")
            .defaultRetentionDuration("P4M")
            .build());

        var exampleAssignment = new Assignment("exampleAssignment", AssignmentArgs.builder()        
            .scope(exampleServer.id())
            .roleDefinitionName("Reader")
            .principalId(exampleBackupVault.identity().applyValue(identity -> identity.principalId()))
            .build());

        var exampleBackupInstancePostgresql = new BackupInstancePostgresql("exampleBackupInstancePostgresql", BackupInstancePostgresqlArgs.builder()        
            .location(exampleResourceGroup.location())
            .vaultId(exampleBackupVault.id())
            .databaseId(exampleDatabase.id())
            .backupPolicyId(exampleBackupPolicyPostgresql.id())
            .databaseCredentialKeyVaultSecretId(exampleSecret.versionlessId())
            .build());

    }
}
import pulumi
import pulumi_azure as azure

current = azure.core.get_client_config()
example_resource_group = azure.core.ResourceGroup("exampleResourceGroup", location="West Europe")
example_server = azure.postgresql.Server("exampleServer",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    sku_name="B_Gen5_2",
    storage_mb=5120,
    backup_retention_days=7,
    geo_redundant_backup_enabled=False,
    auto_grow_enabled=True,
    administrator_login="psqladmin",
    administrator_login_password="H@Sh1CoR3!",
    version="9.5",
    ssl_enforcement_enabled=True)
example_firewall_rule = azure.postgresql.FirewallRule("exampleFirewallRule",
    resource_group_name=example_resource_group.name,
    server_name=example_server.name,
    start_ip_address="0.0.0.0",
    end_ip_address="0.0.0.0")
example_database = azure.postgresql.Database("exampleDatabase",
    resource_group_name=example_resource_group.name,
    server_name=example_server.name,
    charset="UTF8",
    collation="English_United States.1252")
example_backup_vault = azure.dataprotection.BackupVault("exampleBackupVault",
    resource_group_name=example_resource_group.name,
    location=example_resource_group.location,
    datastore_type="VaultStore",
    redundancy="LocallyRedundant",
    identity=azure.dataprotection.BackupVaultIdentityArgs(
        type="SystemAssigned",
    ))
example_key_vault = azure.keyvault.KeyVault("exampleKeyVault",
    location=example_resource_group.location,
    resource_group_name=example_resource_group.name,
    tenant_id=current.tenant_id,
    sku_name="premium",
    soft_delete_retention_days=7,
    access_policies=[
        azure.keyvault.KeyVaultAccessPolicyArgs(
            tenant_id=current.tenant_id,
            object_id=current.object_id,
            key_permissions=[
                "Create",
                "Get",
            ],
            secret_permissions=[
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        ),
        azure.keyvault.KeyVaultAccessPolicyArgs(
            tenant_id=example_backup_vault.identity.tenant_id,
            object_id=example_backup_vault.identity.principal_id,
            key_permissions=[
                "Create",
                "Get",
            ],
            secret_permissions=[
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        ),
    ])
example_secret = azure.keyvault.Secret("exampleSecret",
    value=pulumi.Output.all(example_server.name, example_database.name, example_server.name).apply(lambda exampleServerName, exampleDatabaseName, exampleServerName1: f"Server={example_server_name}.postgres.database.azure.com;Database={example_database_name};Port=5432;User Id=psqladmin@{example_server_name1};Password=H@Sh1CoR3!;Ssl Mode=Require;"),
    key_vault_id=example_key_vault.id)
example_backup_policy_postgresql = azure.dataprotection.BackupPolicyPostgresql("exampleBackupPolicyPostgresql",
    resource_group_name=example_resource_group.name,
    vault_name=example_backup_vault.name,
    backup_repeating_time_intervals=["R/2021-05-23T02:30:00+00:00/P1W"],
    default_retention_duration="P4M")
example_assignment = azure.authorization.Assignment("exampleAssignment",
    scope=example_server.id,
    role_definition_name="Reader",
    principal_id=example_backup_vault.identity.principal_id)
example_backup_instance_postgresql = azure.dataprotection.BackupInstancePostgresql("exampleBackupInstancePostgresql",
    location=example_resource_group.location,
    vault_id=example_backup_vault.id,
    database_id=example_database.id,
    backup_policy_id=example_backup_policy_postgresql.id,
    database_credential_key_vault_secret_id=example_secret.versionless_id)
import * as pulumi from "@pulumi/pulumi";
import * as azure from "@pulumi/azure";

const current = azure.core.getClientConfig({});
const exampleResourceGroup = new azure.core.ResourceGroup("exampleResourceGroup", {location: "West Europe"});
const exampleServer = new azure.postgresql.Server("exampleServer", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
    skuName: "B_Gen5_2",
    storageMb: 5120,
    backupRetentionDays: 7,
    geoRedundantBackupEnabled: false,
    autoGrowEnabled: true,
    administratorLogin: "psqladmin",
    administratorLoginPassword: "H@Sh1CoR3!",
    version: "9.5",
    sslEnforcementEnabled: true,
});
const exampleFirewallRule = new azure.postgresql.FirewallRule("exampleFirewallRule", {
    resourceGroupName: exampleResourceGroup.name,
    serverName: exampleServer.name,
    startIpAddress: "0.0.0.0",
    endIpAddress: "0.0.0.0",
});
const exampleDatabase = new azure.postgresql.Database("exampleDatabase", {
    resourceGroupName: exampleResourceGroup.name,
    serverName: exampleServer.name,
    charset: "UTF8",
    collation: "English_United States.1252",
});
const exampleBackupVault = new azure.dataprotection.BackupVault("exampleBackupVault", {
    resourceGroupName: exampleResourceGroup.name,
    location: exampleResourceGroup.location,
    datastoreType: "VaultStore",
    redundancy: "LocallyRedundant",
    identity: {
        type: "SystemAssigned",
    },
});
const exampleKeyVault = new azure.keyvault.KeyVault("exampleKeyVault", {
    location: exampleResourceGroup.location,
    resourceGroupName: exampleResourceGroup.name,
    tenantId: current.then(current => current.tenantId),
    skuName: "premium",
    softDeleteRetentionDays: 7,
    accessPolicies: [
        {
            tenantId: current.then(current => current.tenantId),
            objectId: current.then(current => current.objectId),
            keyPermissions: [
                "Create",
                "Get",
            ],
            secretPermissions: [
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        },
        {
            tenantId: exampleBackupVault.identity.apply(identity => identity?.tenantId),
            objectId: exampleBackupVault.identity.apply(identity => identity?.principalId),
            keyPermissions: [
                "Create",
                "Get",
            ],
            secretPermissions: [
                "Set",
                "Get",
                "Delete",
                "Purge",
                "Recover",
            ],
        },
    ],
});
const exampleSecret = new azure.keyvault.Secret("exampleSecret", {
    value: pulumi.interpolate`Server=${exampleServer.name}.postgres.database.azure.com;Database=${exampleDatabase.name};Port=5432;User Id=psqladmin@${exampleServer.name};Password=H@Sh1CoR3!;Ssl Mode=Require;`,
    keyVaultId: exampleKeyVault.id,
});
const exampleBackupPolicyPostgresql = new azure.dataprotection.BackupPolicyPostgresql("exampleBackupPolicyPostgresql", {
    resourceGroupName: exampleResourceGroup.name,
    vaultName: exampleBackupVault.name,
    backupRepeatingTimeIntervals: ["R/2021-05-23T02:30:00+00:00/P1W"],
    defaultRetentionDuration: "P4M",
});
const exampleAssignment = new azure.authorization.Assignment("exampleAssignment", {
    scope: exampleServer.id,
    roleDefinitionName: "Reader",
    principalId: exampleBackupVault.identity.apply(identity => identity?.principalId),
});
const exampleBackupInstancePostgresql = new azure.dataprotection.BackupInstancePostgresql("exampleBackupInstancePostgresql", {
    location: exampleResourceGroup.location,
    vaultId: exampleBackupVault.id,
    databaseId: exampleDatabase.id,
    backupPolicyId: exampleBackupPolicyPostgresql.id,
    databaseCredentialKeyVaultSecretId: exampleSecret.versionlessId,
});
resources:
  exampleResourceGroup:
    type: azure:core:ResourceGroup
    properties:
      location: West Europe
  exampleServer:
    type: azure:postgresql:Server
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
      skuName: B_Gen5_2
      storageMb: 5120
      backupRetentionDays: 7
      geoRedundantBackupEnabled: false
      autoGrowEnabled: true
      administratorLogin: psqladmin
      administratorLoginPassword: H@Sh1CoR3!
      version: '9.5'
      sslEnforcementEnabled: true
  exampleFirewallRule:
    type: azure:postgresql:FirewallRule
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      serverName: ${exampleServer.name}
      startIpAddress: 0.0.0.0
      endIpAddress: 0.0.0.0
  exampleDatabase:
    type: azure:postgresql:Database
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      serverName: ${exampleServer.name}
      charset: UTF8
      collation: English_United States.1252
  exampleBackupVault:
    type: azure:dataprotection:BackupVault
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      location: ${exampleResourceGroup.location}
      datastoreType: VaultStore
      redundancy: LocallyRedundant
      identity:
        type: SystemAssigned
  exampleKeyVault:
    type: azure:keyvault:KeyVault
    properties:
      location: ${exampleResourceGroup.location}
      resourceGroupName: ${exampleResourceGroup.name}
      tenantId: ${current.tenantId}
      skuName: premium
      softDeleteRetentionDays: 7
      accessPolicies:
        - tenantId: ${current.tenantId}
          objectId: ${current.objectId}
          keyPermissions:
            - Create
            - Get
          secretPermissions:
            - Set
            - Get
            - Delete
            - Purge
            - Recover
        - tenantId: ${exampleBackupVault.identity.tenantId}
          objectId: ${exampleBackupVault.identity.principalId}
          keyPermissions:
            - Create
            - Get
          secretPermissions:
            - Set
            - Get
            - Delete
            - Purge
            - Recover
  exampleSecret:
    type: azure:keyvault:Secret
    properties:
      value: Server=${exampleServer.name}.postgres.database.azure.com;Database=${exampleDatabase.name};Port=5432;User Id=psqladmin@${exampleServer.name};Password=H@Sh1CoR3!;Ssl Mode=Require;
      keyVaultId: ${exampleKeyVault.id}
  exampleBackupPolicyPostgresql:
    type: azure:dataprotection:BackupPolicyPostgresql
    properties:
      resourceGroupName: ${exampleResourceGroup.name}
      vaultName: ${exampleBackupVault.name}
      backupRepeatingTimeIntervals:
        - R/2021-05-23T02:30:00+00:00/P1W
      defaultRetentionDuration: P4M
  exampleAssignment:
    type: azure:authorization:Assignment
    properties:
      scope: ${exampleServer.id}
      roleDefinitionName: Reader
      principalId: ${exampleBackupVault.identity.principalId}
  exampleBackupInstancePostgresql:
    type: azure:dataprotection:BackupInstancePostgresql
    properties:
      location: ${exampleResourceGroup.location}
      vaultId: ${exampleBackupVault.id}
      databaseId: ${exampleDatabase.id}
      backupPolicyId: ${exampleBackupPolicyPostgresql.id}
      databaseCredentialKeyVaultSecretId: ${exampleSecret.versionlessId}
variables:
  current:
    fn::invoke:
      Function: azure:core:getClientConfig
      Arguments: {}

Create BackupInstancePostgresql Resource

new BackupInstancePostgresql(name: string, args: BackupInstancePostgresqlArgs, opts?: CustomResourceOptions);
@overload
def BackupInstancePostgresql(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             backup_policy_id: Optional[str] = None,
                             database_credential_key_vault_secret_id: Optional[str] = None,
                             database_id: Optional[str] = None,
                             location: Optional[str] = None,
                             name: Optional[str] = None,
                             vault_id: Optional[str] = None)
@overload
def BackupInstancePostgresql(resource_name: str,
                             args: BackupInstancePostgresqlArgs,
                             opts: Optional[ResourceOptions] = None)
func NewBackupInstancePostgresql(ctx *Context, name string, args BackupInstancePostgresqlArgs, opts ...ResourceOption) (*BackupInstancePostgresql, error)
public BackupInstancePostgresql(string name, BackupInstancePostgresqlArgs args, CustomResourceOptions? opts = null)
public BackupInstancePostgresql(String name, BackupInstancePostgresqlArgs args)
public BackupInstancePostgresql(String name, BackupInstancePostgresqlArgs args, CustomResourceOptions options)
type: azure:dataprotection:BackupInstancePostgresql
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args BackupInstancePostgresqlArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args BackupInstancePostgresqlArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args BackupInstancePostgresqlArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args BackupInstancePostgresqlArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args BackupInstancePostgresqlArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

BackupInstancePostgresql Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The BackupInstancePostgresql resource accepts the following input properties:

BackupPolicyId string

The ID of the Backup Policy.

DatabaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

VaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

DatabaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

Location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

BackupPolicyId string

The ID of the Backup Policy.

DatabaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

VaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

DatabaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

Location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId String

The ID of the Backup Policy.

databaseId String

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId String

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

databaseCredentialKeyVaultSecretId String

The ID or versionless ID of the key vault secret which stores the connection string of the database.

location String

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name String

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId string

The ID of the Backup Policy.

databaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

databaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

backup_policy_id str

The ID of the Backup Policy.

database_id str

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

vault_id str

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

database_credential_key_vault_secret_id str

The ID or versionless ID of the key vault secret which stores the connection string of the database.

location str

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name str

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId String

The ID of the Backup Policy.

databaseId String

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId String

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

databaseCredentialKeyVaultSecretId String

The ID or versionless ID of the key vault secret which stores the connection string of the database.

location String

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name String

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

Outputs

All input properties are implicitly available as output properties. Additionally, the BackupInstancePostgresql resource produces the following output properties:

Id string

The provider-assigned unique ID for this managed resource.

Id string

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

id string

The provider-assigned unique ID for this managed resource.

id str

The provider-assigned unique ID for this managed resource.

id String

The provider-assigned unique ID for this managed resource.

Look up Existing BackupInstancePostgresql Resource

Get an existing BackupInstancePostgresql resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: BackupInstancePostgresqlState, opts?: CustomResourceOptions): BackupInstancePostgresql
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        backup_policy_id: Optional[str] = None,
        database_credential_key_vault_secret_id: Optional[str] = None,
        database_id: Optional[str] = None,
        location: Optional[str] = None,
        name: Optional[str] = None,
        vault_id: Optional[str] = None) -> BackupInstancePostgresql
func GetBackupInstancePostgresql(ctx *Context, name string, id IDInput, state *BackupInstancePostgresqlState, opts ...ResourceOption) (*BackupInstancePostgresql, error)
public static BackupInstancePostgresql Get(string name, Input<string> id, BackupInstancePostgresqlState? state, CustomResourceOptions? opts = null)
public static BackupInstancePostgresql get(String name, Output<String> id, BackupInstancePostgresqlState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
BackupPolicyId string

The ID of the Backup Policy.

DatabaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

DatabaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

VaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

BackupPolicyId string

The ID of the Backup Policy.

DatabaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

DatabaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

Name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

VaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId String

The ID of the Backup Policy.

databaseCredentialKeyVaultSecretId String

The ID or versionless ID of the key vault secret which stores the connection string of the database.

databaseId String

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

location String

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name String

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId String

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId string

The ID of the Backup Policy.

databaseCredentialKeyVaultSecretId string

The ID or versionless ID of the key vault secret which stores the connection string of the database.

databaseId string

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

location string

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name string

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId string

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

backup_policy_id str

The ID of the Backup Policy.

database_credential_key_vault_secret_id str

The ID or versionless ID of the key vault secret which stores the connection string of the database.

database_id str

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

location str

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name str

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

vault_id str

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

backupPolicyId String

The ID of the Backup Policy.

databaseCredentialKeyVaultSecretId String

The ID or versionless ID of the key vault secret which stores the connection string of the database.

databaseId String

The ID of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

location String

The location of the source database. Changing this forces a new Backup Instance PostgreSQL to be created.

name String

The name which should be used for this Backup Instance PostgreSQL. Changing this forces a new Backup Instance PostgreSQL to be created.

vaultId String

The ID of the Backup Vault within which the PostgreSQL Backup Instance should exist. Changing this forces a new Backup Instance PostgreSQL to be created.

Import

Backup Instance PostgreSQL can be imported using the resource id, e.g.

 $ pulumi import azure:dataprotection/backupInstancePostgresql:BackupInstancePostgresql example /subscriptions/00000000-0000-0000-0000-000000000000/resourceGroups/group1/providers/Microsoft.DataProtection/backupVaults/vault1/backupInstances/backupInstance1

Package Details

Repository
Azure Classic pulumi/pulumi-azure
License
Apache-2.0
Notes

This Pulumi package is based on the azurerm Terraform Provider.