diff --git a/docs/data-sources/pg.md b/docs/data-sources/pg.md
index 59df4dd9b..83a2a0c4e 100644
--- a/docs/data-sources/pg.md
+++ b/docs/data-sources/pg.md
@@ -109,6 +109,7 @@ Read-Only:
- `pg_service_to_fork_from` (String)
- `pg_stat_monitor_enable` (Boolean)
- `pg_version` (String)
+- `pgaudit` (List of Object) (see [below for nested schema](#nestedobjatt--pg_user_config--pgaudit))
- `pgbouncer` (List of Object) (see [below for nested schema](#nestedobjatt--pg_user_config--pgbouncer))
- `pglookout` (List of Object) (see [below for nested schema](#nestedobjatt--pg_user_config--pglookout))
- `private_access` (List of Object) (see [below for nested schema](#nestedobjatt--pg_user_config--private_access))
@@ -217,6 +218,27 @@ Read-Only:
- `track_pg_catalog` (Boolean)
+
+### Nested Schema for `pg_user_config.pgaudit`
+
+Read-Only:
+
+- `feature_enabled` (Boolean)
+- `log` (List of String)
+- `log_catalog` (Boolean)
+- `log_client` (Boolean)
+- `log_level` (String)
+- `log_max_string_length` (Number)
+- `log_nested_statements` (Boolean)
+- `log_parameter` (Boolean)
+- `log_parameter_max_size` (Number)
+- `log_relation` (Boolean)
+- `log_rows` (Boolean)
+- `log_statement` (Boolean)
+- `log_statement_once` (Boolean)
+- `role` (String)
+
+
### Nested Schema for `pg_user_config.pgbouncer`
diff --git a/docs/data-sources/service_integration_endpoint.md b/docs/data-sources/service_integration_endpoint.md
index c50610f97..628e36a08 100644
--- a/docs/data-sources/service_integration_endpoint.md
+++ b/docs/data-sources/service_integration_endpoint.md
@@ -155,6 +155,7 @@ Read-Only:
Read-Only:
+- `default_database` (String)
- `host` (String)
- `password` (String)
- `port` (Number)
diff --git a/docs/resources/pg.md b/docs/resources/pg.md
index 72865cc20..117ebb878 100644
--- a/docs/resources/pg.md
+++ b/docs/resources/pg.md
@@ -132,6 +132,7 @@ Optional:
- `pg_service_to_fork_from` (String) Name of the PG Service from which to fork (deprecated, use service_to_fork_from). This has effect only when a new service is being created.
- `pg_stat_monitor_enable` (Boolean) Enable the pg_stat_monitor extension. Enabling this extension will cause the cluster to be restarted.When this extension is enabled, pg_stat_statements results for utility commands are unreliable. The default value is `false`.
- `pg_version` (String) PostgreSQL major version.
+- `pgaudit` (Block List, Max: 1) System-wide settings for the pgaudit extension (see [below for nested schema](#nestedblock--pg_user_config--pgaudit))
- `pgbouncer` (Block List, Max: 1) PGBouncer connection pooling settings (see [below for nested schema](#nestedblock--pg_user_config--pgbouncer))
- `pglookout` (Block List, Max: 1) System-wide settings for pglookout (see [below for nested schema](#nestedblock--pg_user_config--pglookout))
- `private_access` (Block List, Max: 1) Allow access to selected service ports from private networks (see [below for nested schema](#nestedblock--pg_user_config--private_access))
@@ -246,6 +247,27 @@ Optional:
- `track_pg_catalog` (Boolean, Deprecated) Track quals on system catalogs too. The default value is `false`.
+
+### Nested Schema for `pg_user_config.pgaudit`
+
+Optional:
+
+- `feature_enabled` (Boolean) Enable pgaudit extension. When enabled, pgaudit extension will be automatically installed.Otherwise, extension will be uninstalled but auditing configurations will be preserved. The default value is `false`.
+- `log` (List of String) Specifies which classes of statements will be logged by session audit logging.
+- `log_catalog` (Boolean) Specifies that session logging should be enabled in the casewhere all relations in a statement are in pg_catalog. The default value is `true`.
+- `log_client` (Boolean) Specifies whether log messages will be visible to a client process such as psql. The default value is `false`.
+- `log_level` (String) Specifies the log level that will be used for log entries. The default value is `log`.
+- `log_max_string_length` (Number) Crop parameters representation and whole statements if they exceed this threshold. A (default) value of -1 disable the truncation. The default value is `-1`.
+- `log_nested_statements` (Boolean) This GUC allows to turn off logging nested statements, that is, statements that are executed as part of another ExecutorRun. The default value is `true`.
+- `log_parameter` (Boolean) Specifies that audit logging should include the parameters that were passed with the statement. The default value is `false`.
+- `log_parameter_max_size` (Number) Specifies that parameter values longer than this setting (in bytes) should not be logged, but replaced with . The default value is `0`.
+- `log_relation` (Boolean) Specifies whether session audit logging should create a separate log entry for each relation (TABLE, VIEW, etc.) referenced in a SELECT or DML statement. The default value is `false`.
+- `log_rows` (Boolean) Specifies that audit logging should include the rows retrieved or affected by a statement. When enabled the rows field will be included after the parameter field. The default value is `false`.
+- `log_statement` (Boolean) Specifies whether logging will include the statement text and parameters (if enabled). The default value is `true`.
+- `log_statement_once` (Boolean) Specifies whether logging will include the statement text and parameters with the first log entry for a statement/substatement combination or with every entry. The default value is `false`.
+- `role` (String) Specifies the master role to use for object audit logging.
+
+
### Nested Schema for `pg_user_config.pgbouncer`
diff --git a/docs/resources/service_integration_endpoint.md b/docs/resources/service_integration_endpoint.md
index cc6359419..837a9d678 100644
--- a/docs/resources/service_integration_endpoint.md
+++ b/docs/resources/service_integration_endpoint.md
@@ -176,6 +176,7 @@ Required:
Optional:
+- `default_database` (String) Default database.
- `password` (String, Sensitive) Password.
- `ssl_client_certificate` (String) Client certificate.
- `ssl_client_key` (String) Client key.
diff --git a/internal/schemautil/userconfig/dist/integration_endpoint_types.go b/internal/schemautil/userconfig/dist/integration_endpoint_types.go
index 9431e9bbb..a83f396c1 100644
--- a/internal/schemautil/userconfig/dist/integration_endpoint_types.go
+++ b/internal/schemautil/userconfig/dist/integration_endpoint_types.go
@@ -345,6 +345,11 @@ func IntegrationEndpointTypeExternalOpensearchLogs() *schema.Schema {
// IntegrationEndpointTypeExternalPostgresql is a generated function returning the schema of the external_postgresql IntegrationEndpointType.
func IntegrationEndpointTypeExternalPostgresql() *schema.Schema {
s := map[string]*schema.Schema{
+ "default_database": {
+ Description: "Default database.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
"host": {
Description: "Hostname or IP address of the server.",
Required: true,
diff --git a/internal/schemautil/userconfig/dist/service_types.go b/internal/schemautil/userconfig/dist/service_types.go
index 6a34883b3..c4d52b442 100644
--- a/internal/schemautil/userconfig/dist/service_types.go
+++ b/internal/schemautil/userconfig/dist/service_types.go
@@ -8119,6 +8119,182 @@ func ServiceTypePg() *schema.Schema {
Optional: true,
Type: schema.TypeString,
},
+ "pgaudit": {
+ Description: "System-wide settings for the pgaudit extension.",
+ DiffSuppressFunc: schemautil.EmptyObjectDiffSuppressFuncSkipArrays(map[string]*schema.Schema{
+ "feature_enabled": {
+ Default: false,
+ Description: "Enable pgaudit extension. When enabled, pgaudit extension will be automatically installed.Otherwise, extension will be uninstalled but auditing configurations will be preserved. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log": {
+ Description: "Specifies which classes of statements will be logged by session audit logging.",
+ Elem: &schema.Schema{Type: schema.TypeString},
+ Optional: true,
+ Type: schema.TypeList,
+ },
+ "log_catalog": {
+ Default: true,
+ Description: "Specifies that session logging should be enabled in the casewhere all relations in a statement are in pg_catalog. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_client": {
+ Default: false,
+ Description: "Specifies whether log messages will be visible to a client process such as psql. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_level": {
+ Default: "log",
+ Description: "Specifies the log level that will be used for log entries. The default value is `log`.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
+ "log_max_string_length": {
+ Default: "-1",
+ Description: "Crop parameters representation and whole statements if they exceed this threshold. A (default) value of -1 disable the truncation. The default value is `-1`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_nested_statements": {
+ Default: true,
+ Description: "This GUC allows to turn off logging nested statements, that is, statements that are executed as part of another ExecutorRun. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter": {
+ Default: false,
+ Description: "Specifies that audit logging should include the parameters that were passed with the statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter_max_size": {
+ Default: "0",
+ Description: "Specifies that parameter values longer than this setting (in bytes) should not be logged, but replaced with . The default value is `0`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_relation": {
+ Default: false,
+ Description: "Specifies whether session audit logging should create a separate log entry for each relation (TABLE, VIEW, etc.) referenced in a SELECT or DML statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_rows": {
+ Default: false,
+ Description: "Specifies that audit logging should include the rows retrieved or affected by a statement. When enabled the rows field will be included after the parameter field. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement": {
+ Default: true,
+ Description: "Specifies whether logging will include the statement text and parameters (if enabled). The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement_once": {
+ Default: false,
+ Description: "Specifies whether logging will include the statement text and parameters with the first log entry for a statement/substatement combination or with every entry. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "role": {
+ Description: "Specifies the master role to use for object audit logging.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
+ }),
+ Elem: &schema.Resource{Schema: map[string]*schema.Schema{
+ "feature_enabled": {
+ Default: false,
+ Description: "Enable pgaudit extension. When enabled, pgaudit extension will be automatically installed.Otherwise, extension will be uninstalled but auditing configurations will be preserved. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log": {
+ Description: "Specifies which classes of statements will be logged by session audit logging.",
+ Elem: &schema.Schema{Type: schema.TypeString},
+ Optional: true,
+ Type: schema.TypeList,
+ },
+ "log_catalog": {
+ Default: true,
+ Description: "Specifies that session logging should be enabled in the casewhere all relations in a statement are in pg_catalog. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_client": {
+ Default: false,
+ Description: "Specifies whether log messages will be visible to a client process such as psql. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_level": {
+ Default: "log",
+ Description: "Specifies the log level that will be used for log entries. The default value is `log`.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
+ "log_max_string_length": {
+ Default: "-1",
+ Description: "Crop parameters representation and whole statements if they exceed this threshold. A (default) value of -1 disable the truncation. The default value is `-1`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_nested_statements": {
+ Default: true,
+ Description: "This GUC allows to turn off logging nested statements, that is, statements that are executed as part of another ExecutorRun. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter": {
+ Default: false,
+ Description: "Specifies that audit logging should include the parameters that were passed with the statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter_max_size": {
+ Default: "0",
+ Description: "Specifies that parameter values longer than this setting (in bytes) should not be logged, but replaced with . The default value is `0`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_relation": {
+ Default: false,
+ Description: "Specifies whether session audit logging should create a separate log entry for each relation (TABLE, VIEW, etc.) referenced in a SELECT or DML statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_rows": {
+ Default: false,
+ Description: "Specifies that audit logging should include the rows retrieved or affected by a statement. When enabled the rows field will be included after the parameter field. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement": {
+ Default: true,
+ Description: "Specifies whether logging will include the statement text and parameters (if enabled). The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement_once": {
+ Default: false,
+ Description: "Specifies whether logging will include the statement text and parameters with the first log entry for a statement/substatement combination or with every entry. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "role": {
+ Description: "Specifies the master role to use for object audit logging.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
+ }},
+ MaxItems: 1,
+ Optional: true,
+ Type: schema.TypeList,
+ },
"pgbouncer": {
Description: "System-wide settings for pgbouncer.",
DiffSuppressFunc: schemautil.EmptyObjectDiffSuppressFuncSkipArrays(map[string]*schema.Schema{
diff --git a/internal/sdkprovider/userconfig/service/pg.go b/internal/sdkprovider/userconfig/service/pg.go
index d76f25c48..21a8122f2 100644
--- a/internal/sdkprovider/userconfig/service/pg.go
+++ b/internal/sdkprovider/userconfig/service/pg.go
@@ -462,6 +462,89 @@ func pgUserConfig() *schema.Schema {
Type: schema.TypeString,
ValidateFunc: validation.StringInSlice([]string{"11", "12", "13", "14", "15", "10", "16"}, false),
},
+ "pgaudit": {
+ Description: "System-wide settings for the pgaudit extension",
+ Elem: &schema.Resource{Schema: map[string]*schema.Schema{
+ "feature_enabled": {
+ Description: "Enable pgaudit extension. When enabled, pgaudit extension will be automatically installed.Otherwise, extension will be uninstalled but auditing configurations will be preserved. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log": {
+ Description: "Specifies which classes of statements will be logged by session audit logging.",
+ Elem: &schema.Schema{
+ Type: schema.TypeString,
+ ValidateFunc: validation.StringInSlice([]string{"all", "ddl", "function", "misc", "misc_set", "read", "role", "write"}, false),
+ },
+ Optional: true,
+ Type: schema.TypeList,
+ },
+ "log_catalog": {
+ Description: "Specifies that session logging should be enabled in the casewhere all relations in a statement are in pg_catalog. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_client": {
+ Description: "Specifies whether log messages will be visible to a client process such as psql. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_level": {
+ Description: "Specifies the log level that will be used for log entries. The default value is `log`.",
+ Optional: true,
+ Type: schema.TypeString,
+ ValidateFunc: validation.StringInSlice([]string{"debug1", "debug2", "debug3", "debug4", "debug5", "info", "notice", "warning", "log"}, false),
+ },
+ "log_max_string_length": {
+ Description: "Crop parameters representation and whole statements if they exceed this threshold. A (default) value of -1 disable the truncation. The default value is `-1`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_nested_statements": {
+ Description: "This GUC allows to turn off logging nested statements, that is, statements that are executed as part of another ExecutorRun. The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter": {
+ Description: "Specifies that audit logging should include the parameters that were passed with the statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_parameter_max_size": {
+ Description: "Specifies that parameter values longer than this setting (in bytes) should not be logged, but replaced with . The default value is `0`.",
+ Optional: true,
+ Type: schema.TypeInt,
+ },
+ "log_relation": {
+ Description: "Specifies whether session audit logging should create a separate log entry for each relation (TABLE, VIEW, etc.) referenced in a SELECT or DML statement. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_rows": {
+ Description: "Specifies that audit logging should include the rows retrieved or affected by a statement. When enabled the rows field will be included after the parameter field. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement": {
+ Description: "Specifies whether logging will include the statement text and parameters (if enabled). The default value is `true`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "log_statement_once": {
+ Description: "Specifies whether logging will include the statement text and parameters with the first log entry for a statement/substatement combination or with every entry. The default value is `false`.",
+ Optional: true,
+ Type: schema.TypeBool,
+ },
+ "role": {
+ Description: "Specifies the master role to use for object audit logging.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
+ }},
+ MaxItems: 1,
+ Optional: true,
+ Type: schema.TypeList,
+ },
"pgbouncer": {
Description: "PGBouncer connection pooling settings",
Elem: &schema.Resource{Schema: map[string]*schema.Schema{
diff --git a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_postgresql.go b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_postgresql.go
index c68080849..0b451790c 100644
--- a/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_postgresql.go
+++ b/internal/sdkprovider/userconfig/serviceintegrationendpoint/external_postgresql.go
@@ -14,6 +14,11 @@ func externalPostgresqlUserConfig() *schema.Schema {
Description: "ExternalPostgresql user configurable settings",
DiffSuppressFunc: diff.SuppressUnchanged,
Elem: &schema.Resource{Schema: map[string]*schema.Schema{
+ "default_database": {
+ Description: "Default database.",
+ Optional: true,
+ Type: schema.TypeString,
+ },
"host": {
Description: "Hostname or IP address of the server.",
Required: true,