» postgresql_schema

The postgresql_schema resource creates and manages schema objects within a PostgreSQL database.

» Usage

resource "postgresql_role" "app_www" {
  name = "app_www"
}

resource "postgresql_role" "app_dba" {
  name = "app_dba"
}

resource "postgresql_role" "app_releng" {
  name = "app_releng"
}

resource "postgresql_schema" "my_schema" {
  name  = "my_schema"
  owner = "postgres"

  policy {
    usage = true
    role  = "${postgresql_role.app_www.name}"
  }

  # app_releng can create new objects in the schema.  This is the role that
  # migrations are executed as.
  policy {
    create = true
    usage  = true
    role   = "${postgresql_role.app_releng.name}"
  }

  policy {
    create_with_grant = true
    usage_with_grant  = true
    role              = "${postgresql_role.app_dba.name}"
  }
}

» Argument Reference

  • name - (Required) The name of the schema. Must be unique in the PostgreSQL database instance where it is configured.
  • database - (Optional) The DATABASE in which where this schema will be created. (Default: The database used by your provider configuration)
  • owner - (Optional) The ROLE who owns the schema.
  • if_not_exists - (Optional) When true, use the existing schema if it exists. (Default: true)
  • drop_cascade - (Optional) When true, will also drop all the objects that are contained in the schema. (Default: false)
  • policy - (Optional) Can be specified multiple times for each policy. Each policy block supports fields documented below.

The policy block supports:

  • create - (Optional) Should the specified ROLE have CREATE privileges to the specified SCHEMA.
  • create_with_grant - (Optional) Should the specified ROLE have CREATE privileges to the specified SCHEMA and the ability to GRANT the CREATE privilege to other ROLEs.
  • role - (Optional) The ROLE who is receiving the policy. If this value is empty or not specified it implies the policy is referring to the PUBLIC role.
  • usage - (Optional) Should the specified ROLE have USAGE privileges to the specified SCHEMA.
  • usage_with_grant - (Optional) Should the specified ROLE have USAGE privileges to the specified SCHEMA and the ability to GRANT the USAGE privilege to other ROLEs.

» Import Example

postgresql_schema supports importing resources. Supposing the following Terraform:

resource "postgresql_schema" "public" {
  name = "public"
}

resource "postgresql_schema" "schema_foo" {
  name  = "my_schema"
  owner = "postgres"

  policy {
    usage = true
  }
}

It is possible to import a postgresql_schema resource with the following command:

$ terraform import postgresql_schema.schema_foo my_schema

Where my_schema is the name of the schema in the PostgreSQL database and postgresql_schema.schema_foo is the name of the resource whose state will be populated as a result of the command.