Azure Database for PostgreSQL - Flexible Server private link connection issue

David He (AU) 0 Reputation points
2024-03-11T00:22:34.3166667+00:00

See error below when trying to use this terraform script to provision private link conn for psql flexible server. Any idea what other params I need to add or anything I have done wrong?

Flexible Server Name: "dave-psql-server"): performing Create: unexpected status 400 with error: InvalidParameterValue: Invalid value given for parameter PublicNetworkAccess. Specify a valid parameter value.

locals {
  rg = {
    name     = "rg"
    location = "eastus"
  }
  vnet = {
    name = "aks-vnet-xxxxxxx"
  }
}


resource "azurerm_subnet" "psql-private-endpoint-subnet" {
  name                                      = "psql-private-endpoint-subnet"
  resource_group_name                       = local.rg.name
  virtual_network_name                      = local.vnet.name
  private_endpoint_network_policies_enabled = false
  address_prefixes                          = ["10.0.0.0/24"]
}

resource "azurerm_private_dns_zone" "psql-private-access" {
  name                = "davepsql.postgres.database.azure.com"
  resource_group_name = local.rg.name
}

resource "azurerm_private_dns_zone_virtual_network_link" "psql-zone-vnet-link" {
  name                  = "dave-psql"
  private_dns_zone_name = azurerm_private_dns_zone.psql-private-access.name
  virtual_network_id    = data.azurerm_virtual_network.aks-managed-vnet.id
  resource_group_name   = local.rg.name
}

resource "azurerm_postgresql_flexible_server" "dave-psql-server" {
  name                   = "dave-psql-server"
  resource_group_name    = local.rg.name
  location               = local.rg.location
  version                = "12"
  private_dns_zone_id    = azurerm_private_dns_zone.psql-private-access.id
  administrator_login    = "pgadmin"
  administrator_password = "password"
  zone                   = "1"

  sku_name   = "B_Standard_B1ms"
  storage_mb = 32768

  depends_on = [azurerm_private_dns_zone_virtual_network_link.psql-zone-vnet-link]
}

resource "azurerm_private_endpoint" "dave-psql-private-endpoint" {
  name                = "dave-psql-private-endpoint"
  location            = local.rg.location
  resource_group_name = local.rg.name
  subnet_id           = azurerm_subnet.psql-private-endpoint-subnet.id

  private_service_connection {
    name = "psql-private-endpoint-conn"
    # resource it's trying to connect to
    private_connection_resource_id = azurerm_postgresql_flexible_server.dave-psql-server.id
    subresource_names              = ["postgresqlServer"]
    is_manual_connection           = false
  }

  private_dns_zone_group {
    name                 = "dave-psql"
    private_dns_zone_ids = [azurerm_private_dns_zone.psql-private-access.id]
  }
}
Azure Private Link
Azure Private Link
An Azure service that provides private connectivity from a virtual network to Azure platform as a service, customer-owned, or Microsoft partner services.
469 questions
Azure Database for PostgreSQL