Created
April 13, 2021 14:21
-
-
Save apc-kamezaki/852e941abfdbb4cce7426bae29646973 to your computer and use it in GitHub Desktop.
deploy azure database for PostgreSQL with private vnet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
param appName string = 'bicep-sample' | |
param vnetName string = '${appName}-vnet' | |
param subnetName string = 'computing' | |
param dbName string = '${appName}-db' | |
param pgAdminUser string | |
param pgAdminPassword string | |
var tags = { | |
app: appName | |
mode: 'experimental' | |
} | |
module vn 'vnet.bicep' = { | |
name: 'deploy-${vnetName}-${subnetName}' | |
params: { | |
virtualNetworkName: vnetName | |
subnetName: subnetName | |
tags: tags | |
} | |
} | |
module pgsql 'postgresql.bicep' = { | |
name: 'deploy-${dbName}' | |
params: { | |
name: dbName | |
skuTier: 'GeneralPurpose' | |
adminUser: pgAdminUser | |
adminPassword: pgAdminPassword | |
} | |
} | |
var postgresDomainName = 'privatelink.postgres.database.azure.com' | |
var endpointName = '${dbName}-endpoint' | |
module endpoint 'private-endpoint.bicep' = { | |
name: 'deploy-${endpointName}' | |
params: { | |
name: endpointName | |
subnetId: vn.outputs.subnetIds[0].id | |
linkServiceConnections: [ | |
{ | |
serviceId: pgsql.outputs.id | |
groupIds: [ | |
'postgresqlServer' | |
] | |
} | |
] | |
} | |
} | |
module dns 'private-dns.bicep' = { | |
name: 'deploy-dns-${postgresDomainName}' | |
params: { | |
name: postgresDomainName | |
vnId: vn.outputs.id | |
} | |
} | |
module dnsGroup 'private-zone-groups.bicep' = { | |
name: 'deploy-dns-group-${postgresDomainName}' | |
params: { | |
name: '${endpointName}/default' | |
zoneIds: [ | |
{ | |
zoneName: postgresDomainName | |
zoneId: dns.outputs.id | |
} | |
] | |
} | |
dependsOn: [ | |
pgsql | |
endpoint | |
] | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment