3.1 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
postgresql | PostgreSQL: postgresql_schema | docs-postgresql-resource-postgresql_schema | Creates and manages a schema within a PostgreSQL database. |
postgresql_schema
The postgresql_schema
resource creates and manages a schema
objects within
a PostgreSQL database.
Usage
resource "postgresql_role" "app_www" {
name = "app_www"
}
resource "postgresql_role" "app_dba" {
name = "app_dba"
}
resource "postgresql_role" "app_releng" {
name = "app_releng"
}
resource "postgresql_schema" "my_schema" {
name = "my_schema"
owner = "postgres"
policy {
usage = true
role = "${postgresql_role.app_www.name}"
}
# app_releng can create new objects in the schema. This is the role that
# migrations are executed as.
policy {
create = true
usage = true
role = "${postgresql_role.app_releng.name}"
}
policy {
create_with_grant = true
usage_with_grant = true
role = "${postgresql_role.app_dba.name}"
}
}
Argument Reference
name
- (Required) The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.owner
- (Optional) The ROLE who owns the schema.policy
- (Optional) Can be specified multiple times for each policy. Each policy block supports fields documented below.
The policy
block supports:
create
- (Optional) Should the specified ROLE have CREATE privileges to the specified SCHEMA.create_with_grant
- (Optional) Should the specified ROLE have CREATE privileges to the specified SCHEMA and the ability to GRANT the CREATE privilege to other ROLEs.role
- (Optional) The ROLE who is receiving the policy. If this value is empty or not specified it implies the policy is referring to thePUBLIC
role.usage
- (Optional) Should the specified ROLE have USAGE privileges to the specified SCHEMA.usage_with_grant
- (Optional) Should the specified ROLE have USAGE privileges to the specified SCHEMA and the ability to GRANT the USAGE privilege to other ROLEs.
~> NOTE on policy
: The permissions of a role specified in multiple policy blocks is cumulative. For example, if the same role is specified in two different policy
each with different permissions (e.g. create
and usage_with_grant
, respectively), then the specified role with have both create
and usage_with_grant
privileges.
Import Example
postgresql_schema
supports importing resources. Supposing the following
Terraform:
resource "postgresql_schema" "public" {
name = "public"
}
resource "postgresql_schema" "schema_foo" {
name = "my_schema"
owner = "postgres"
policy {
usage = true
}
}
It is possible to import a postgresql_schema
resource with the following
command:
$ terraform import postgresql_schema.schema_foo my_schema
Where my_schema
is the name of the schema in the PostgreSQL database and
postgresql_schema.schema_foo
is the name of the resource whose state will be
populated as a result of the command.