文档

修改pg_hba.conf文件配置

更新时间:

本文介绍如何使用Terraform修改pg_hba.conf文件配置。

前提条件

  • 已创建RDS PostgreSQL实例,详情请参见创建RDS PostgreSQL实例

  • 实例状态为运行中,您可以通过如下两种方式查看:

    • 参见查询实例详情查看参数status,如果取值为Runing则表示实例状态为运行中。

    • 前往RDS管理控制台,切换到目标地域,找到指定实例后,查看实例状态。

操作步骤

说明

通过terraform修改pg_hba.conf文件配置时,会覆盖原默认配置。

  1. terraform.tf配置文件的中resource "alicloud_db_instance" "instance"中,补充pg_hba_conf配置项,具体配置如下。

    resource "alicloud_db_instance" "instance" {
    ...
      pg_hba_conf  {
          type =  "host"
          database = "all"
          user = "all"
          address = "127.0.0.1"
          method = "md5"
          priority_id = 1
      }
    }
  2. 运行terraform apply

    出现如下配置信息后,确认配置信息并输入yes,开始修改。

    alicloud_vpc.main: Refreshing state... [id=vpc-****]
    alicloud_vswitch.main: Refreshing state... [id=vsw-****]
    alicloud_db_instance.instance: Refreshing state... [id=pgm-****]
    alicloud_db_account.account: Refreshing state... [id=pgm-****:tf_account_test]
    
    Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
      ~ update in-place
    
    Terraform will perform the following actions:
    
      # alicloud_db_instance.instance will be updated in-place
      ~ resource "alicloud_db_instance" "instance" {
            id                         = "pgm-****"
            # (34 unchanged attributes hidden)
    
          + pg_hba_conf {
              + address     = "127.0.0.1"
              + database    = "all"
              + method      = "md5"
              + priority_id = 1
              + type        = "host"
              + user        = "all"
            }
        }
    
    Plan: 0 to add, 1 to change, 0 to destroy.
    
    Do you want to perform these actions?
      Terraform will perform the actions described above.
      Only 'yes' will be accepted to approve.
    
      Enter a value:

    出现类似如下日志时,表示修改成功。

    alicloud_db_instance.instance: Modifying... [id=****]
    alicloud_db_instance.instance: Still modifying... [id=pgm-****], 10s elapsed]
    ...
    alicloud_db_instance.instance: Still modifying... [id=pgm-****], 1m10s elapsed]
    alicloud_db_instance.instance: Modifications complete after 1m18s [id=pgm-****]]
    
    Apply complete! Resources: 0 added, 1 changed, 0 destroyed.
  3. 查看结果。

    • 运行terraform show查看pg_hba.conf文件配置。

      # alicloud_db_account.account:
      resource "alicloud_db_account" "account" {
          account_name     = "tf_account_test"
          account_password = (sensitive value)
          account_type     = "Normal"
          db_instance_id   = "pgm-****"
          id               = "pgm-****:tf_account_test"
          instance_id      = "pgm-****"
          name             = "tf_account_test"
          status           = "Available"
          type             = "Normal"
      }
      
      # alicloud_db_instance.instance:
      resource "alicloud_db_instance" "instance" {
          client_ca_enabled          = 0
          client_crl_enabled         = 0
          connection_string          = "pgm-****.pg.rds.aliyuncs.com"
          connection_string_prefix   = "pgm-****"
          db_instance_storage_type   = "cloud_essd"
          db_time_zone               = "Asia/Shanghai"
          deletion_protection        = false
          engine                     = "PostgreSQL"
          engine_version             = "13.0"
          force_restart              = false
          ha_config                  = "Auto"
          id                         = "pgm-****"
          instance_charge_type       = "Postpaid"
          instance_name              = "terraformtest"
          instance_storage           = 50
          instance_type              = "pg.n2.2c.2m"
          maintain_time              = "05:00Z-06:00Z"
          monitoring_period          = 300
          period                     = 0
          port                       = "5432"
          private_ip_address         = "172.16.XX.XX"
          resource_group_id          = "rg-****"
          security_group_ids         = []
          security_ip_mode           = "normal"
          security_ips               = [
              "127.0.0.1",
          ]
          sql_collector_config_value = 30
          sql_collector_status       = "Disabled"
          storage_auto_scale         = "Enable"
          storage_threshold          = 30
          storage_upper_bound        = 100
          target_minor_version       = "rds_postgres_1300_20220730"
          tcp_connection_type        = "SHORT"
          vpc_id                     = "vpc-****"
          vswitch_id                 = "vsw-****"
          zone_id                    = "cn-hangzhou-j"
      
          pg_hba_conf {
              address     = "127.0.0.1"
              database    = "all"
              method      = "md5"
              priority_id = 1
              type        = "host"
              user        = "all"
          }
      }
                                      
    • 登录RDS控制台查看pg_hba.conf文件配置。pg_hba.conf