Skip to content

feat: Support existing postgres database in different existing resour… #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

feat: Support existing postgres database in different existing resour… #18

wants to merge 1 commit into from

Conversation

cfernhout
Copy link
Contributor

…ce group

Add support for existing PostgreSQL databases with cross-VNet connectivity

This PR extends the terraform-azure-datafold module to support using existing PostgreSQL databases located in different VNets and resource groups, while maintaining backward compatibility with the existing database creation functionality.

✨ New Features

  • Existing Database Support: New use_existing_database flag allows referencing existing PostgreSQL Flexible Servers instead of creating new ones
  • Cross-VNet Connectivity: Automatic VNet peering setup when existing database is in a different VNet
  • Private Endpoint Integration: Creates private endpoints for secure connectivity to existing databases
  • DNS Integration: Leverages existing private DNS zones for proper name resolution
  • Resource Name Overrides: Added override variables for new networking resources (private endpoints, VNet peering)

🔧 Configuration

module "azure" {
  # ... existing config ...
  
  # Enable existing database usage
  use_existing_database = true
  
  # Database details
  existing_database_resource_group_name = "shared-services-rg"
  existing_postgresql_server_name       = "prod-postgres-01" 
  existing_postgresql_database_name     = "datafold"
  
  # VNet peering configuration
  existing_vnet_resource_group_name = "shared-services-network-rg"
  existing_vnet_name                = "shared-services-vnet"
  existing_database_subnet_name     = "database-subnet"
}

🛠️ Technical Changes

  • Added new variables and validation for existing database configuration
  • Implemented conditional resource creation using count based on use_existing_database flag
  • Added data sources for existing PostgreSQL server, VNet, and private DNS zone
  • Created bidirectional VNet peering resources
  • Updated outputs to handle both created and existing database scenarios
  • Fixed missing resource_group_name_override variable and invalid data source issues

📚 Documentation

  • Added comprehensive examples and troubleshooting guide in examples/README.md
  • Documented VNet peering scenarios and prerequisites
  • Included complete configuration examples for different use cases

🔒 Security & Networking

  • All database connectivity uses private endpoints (no public access)
  • DNS resolution handled through existing private DNS zones
  • Network traffic flows through VNet peering for secure communication

✅ Backward Compatibility

All existing functionality remains unchanged. The new features are opt-in via the use_existing_database flag (defaults to false).

@cfernhout cfernhout requested a review from a team as a code owner August 15, 2025 13:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@cfernhout