Terraform - Creating Private link for Postgresql

Question

I want to create a private link for postgres database. The config shown in the screenshot is exactly I want to configure suing TERRAFORM but could not find any solution.

DNS CONFIG

I tried using following TERRAFORM code

resource "azurerm_private_dns_zone" "priv-dns" {
  name                = var.azurerm_private_dns_zone_name
  resource_group_name = var.resource_group_name
}

resource "azurerm_private_dns_zone_virtual_network_link" "priv-dns-link" {
  name                  = "priv-dns-link"
  resource_group_name   = var.resource_group_name
  private_dns_zone_name = azurerm_private_dns_zone.priv-dns.name
  virtual_network_id    = var.virtual_network_id
  registration_enabled  = true
}

resource "azurerm_private_endpoint" "sql_postgres" {
  name                = var.postgresql_private_endpoint
  location            = var.location
  resource_group_name = var.resource_group_name
  subnet_id           = var.data_subnet_id

  private_service_connection {
    name                           = var.postgresql_private_link
    private_connection_resource_id = azurerm_postgresql_server.postgresql.id
    subresource_names              = ["postgresqlServer"]
    is_manual_connection           = false
  }

  private_dns_zone_group {
    name                  = "dns-group"
    private_dns_zone_ids  = [ azurerm_private_dns_zone.priv-dns.id ]
  }
}

I end up getting below DNS config which doesn't work

wrong DNS config

silent · Answer 1 · 2022-05-30T16:37:07.040

Use this full example to modify to your own needs. Important is to not change the DNS zone name.

resource "azurerm_private_dns_zone" "pgdb" {
  name                = "privatelink.postgres.database.azure.com"
  resource_group_name = azurerm_resource_group.rg.name
}

resource "azurerm_private_dns_zone_virtual_network_link" "pgdb" {
  name                  = "${local.prefix}-pg-pl"
  resource_group_name   = azurerm_resource_group.rg.name
  private_dns_zone_name = azurerm_private_dns_zone.pgdb.name
  virtual_network_id    = azurerm_virtual_network.vnet.id
}

resource "azurerm_private_endpoint" "pgdb_primary" {
  name                = "${local.prefix}-pg-pe"
  location            = azurerm_resource_group.rg.location
  resource_group_name = azurerm_resource_group.rg.name
  subnet_id           = azurerm_subnet.snet_datastores.id

  private_dns_zone_group {
    name                 = "privatepgdb"
    private_dns_zone_ids = [azurerm_private_dns_zone.pgdb.id]
  }

  private_service_connection {
    name                           = "pg-psconn"
    private_connection_resource_id = azurerm_postgresql_server.pgprimary.id
    subresource_names              = ["postgresqlServer"]
    is_manual_connection           = false
  }
}

It does all the OP was asking for. He was on the right track, this is a similar working version. Nothing to really add from my side :) — silent, May 30 '22 at 16:36
Thanks @Silent , its working now, The important is to not change DNS Zone name — Akshay, Jun 12 '22 at 10:06

Terraform - Creating Private link for Postgresql

1 Answers1