From 956bc09bec4fb72b74a5d6f236711050786fb550 Mon Sep 17 00:00:00 2001
From: mamari90 <130982006+mamari90@users.noreply.github.com>
Date: Fri, 3 Nov 2023 16:31:45 +0100
Subject: [PATCH] doc e refactor

---
 kubernetes_cluster_udr/README.md              |   2 +-
 postgres_flexible_server_replica/01_main.tf   |   6 +-
 .../02_monitor_flexible.tf                    |   9 +-
 .../04_variables.tf                           |  32 +--
 postgres_flexible_server_replica/README.md    | 207 ++++--------------
 5 files changed, 76 insertions(+), 180 deletions(-)

diff --git a/kubernetes_cluster_udr/README.md b/kubernetes_cluster_udr/README.md
index df736351..08a72fc9 100644
--- a/kubernetes_cluster_udr/README.md
+++ b/kubernetes_cluster_udr/README.md
@@ -694,6 +694,7 @@ No modules.
 | <a name="input_automatic_channel_upgrade"></a> [automatic\_channel\_upgrade](#input\_automatic\_channel\_upgrade) | (Optional) The upgrade channel for this Kubernetes Cluster. Possible values are patch, rapid, node-image and stable. Omitting this field sets this value to none. | `string` | `null` | no |
 | <a name="input_custom_metric_alerts"></a> [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    metric_name      = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br><br>    dimension = list(object(<br>      {<br>        name     = string<br>        operator = string<br>        values   = list(string)<br>      }<br>    ))<br>  }))</pre> | `{}` | no |
 | <a name="input_default_metric_alerts"></a> [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    metric_name      = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br><br>    dimension = list(object(<br>      {<br>        name     = string<br>        operator = string<br>        values   = list(string)<br>      }<br>    ))<br>  }))</pre> | <pre>{<br>  "container_cpu": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "kubernetes namespace",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "controllerName",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "cpuExceededPercentage",<br>    "metric_namespace": "Insights.Container/containers",<br>    "operator": "GreaterThan",<br>    "threshold": 95,<br>    "window_size": "PT30M"<br>  },<br>  "container_memory": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "kubernetes namespace",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "controllerName",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "memoryWorkingSetExceededPercentage",<br>    "metric_namespace": "Insights.Container/containers",<br>    "operator": "GreaterThan",<br>    "threshold": 95,<br>    "window_size": "PT30M"<br>  },<br>  "container_oom": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "kubernetes namespace",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "controllerName",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "oomKilledContainerCount",<br>    "metric_namespace": "Insights.Container/pods",<br>    "operator": "GreaterThan",<br>    "threshold": 0,<br>    "window_size": "PT30M"<br>  },<br>  "container_restart": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "kubernetes namespace",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "controllerName",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "restartingContainerCount",<br>    "metric_namespace": "Insights.Container/pods",<br>    "operator": "GreaterThan",<br>    "threshold": 0,<br>    "window_size": "PT30M"<br>  },<br>  "node_cpu": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "host",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "cpuUsagePercentage",<br>    "metric_namespace": "Insights.Container/nodes",<br>    "operator": "GreaterThan",<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "node_disk": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "host",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "device",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "DiskUsedPercentage",<br>    "metric_namespace": "Insights.Container/nodes",<br>    "operator": "GreaterThan",<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "node_memory": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "host",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "memoryWorkingSetPercentage",<br>    "metric_namespace": "Insights.Container/nodes",<br>    "operator": "GreaterThan",<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "node_not_ready": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "status",<br>        "operator": "Include",<br>        "values": [<br>          "NotReady"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "nodesCount",<br>    "metric_namespace": "Insights.Container/nodes",<br>    "operator": "GreaterThan",<br>    "threshold": 0,<br>    "window_size": "PT30M"<br>  },<br>  "pods_failed": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "phase",<br>        "operator": "Include",<br>        "values": [<br>          "Failed"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "podCount",<br>    "metric_namespace": "Insights.Container/pods",<br>    "operator": "GreaterThan",<br>    "threshold": 0,<br>    "window_size": "PT30M"<br>  },<br>  "pods_ready": {<br>    "aggregation": "Average",<br>    "dimension": [<br>      {<br>        "name": "kubernetes namespace",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      },<br>      {<br>        "name": "controllerName",<br>        "operator": "Include",<br>        "values": [<br>          "*"<br>        ]<br>      }<br>    ],<br>    "frequency": "PT5M",<br>    "metric_name": "PodReadyPercentage",<br>    "metric_namespace": "Insights.Container/pods",<br>    "operator": "LessThan",<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  }<br>}</pre> | no |
+| <a name="input_disk_encryption_set_id"></a> [disk\_encryption\_set\_id](#input\_disk\_encryption\_set\_id) | ID of the disk EncryptionSet . | `string` | `null` | no |
 | <a name="input_dns_prefix"></a> [dns\_prefix](#input\_dns\_prefix) | (Required) DNS prefix specified when creating the managed cluster. Changing this forces a new resource to be created. | `string` | n/a | yes |
 | <a name="input_dns_prefix_private_cluster"></a> [dns\_prefix\_private\_cluster](#input\_dns\_prefix\_private\_cluster) | Specifies the DNS prefix to use with private clusters. Changing this forces a new resource to be created. | `string` | `null` | no |
 | <a name="input_kubernetes_version"></a> [kubernetes\_version](#input\_kubernetes\_version) | (Required) Version of Kubernetes specified when creating the AKS managed cluster. | `string` | n/a | yes |
@@ -750,7 +751,6 @@ No modules.
 | <a name="output_id"></a> [id](#output\_id) | n/a |
 | <a name="output_identity_principal_id"></a> [identity\_principal\_id](#output\_identity\_principal\_id) | The Principal ID associated with this Managed Service Identity. |
 | <a name="output_kubelet_identity_id"></a> [kubelet\_identity\_id](#output\_kubelet\_identity\_id) | The Object ID of the user-defined Managed Identity assigned to the Kubelets.If not specified a Managed Identity is created automatically. Changing this forces a new resource to be created. |
-| <a name="output_managed_resource_group_id"></a> [managed\_resource\_group\_id](#output\_managed\_resource\_group\_id) | The ID of the Resource Group containing the resources for this Managed Kubernetes Cluster. |
 | <a name="output_managed_resource_group_name"></a> [managed\_resource\_group\_name](#output\_managed\_resource\_group\_name) | The auto-generated Resource Group which contains the resources for this Managed Kubernetes Cluster. |
 | <a name="output_name"></a> [name](#output\_name) | n/a |
 | <a name="output_private_fqdn"></a> [private\_fqdn](#output\_private\_fqdn) | The FQDN for the Kubernetes Cluster when private link has been enabled, which is only resolvable inside the Virtual Network used by the Kubernetes Cluster. |
diff --git a/postgres_flexible_server_replica/01_main.tf b/postgres_flexible_server_replica/01_main.tf
index e13f78cd..75cf80cc 100644
--- a/postgres_flexible_server_replica/01_main.tf
+++ b/postgres_flexible_server_replica/01_main.tf
@@ -12,15 +12,15 @@ resource "azurerm_postgresql_flexible_server" "this" {
   location            = var.location
   resource_group_name = var.resource_group_name
 
-  create_mode                  = "Replica"
-  zone                         = var.zone
+  create_mode = "Replica"
+  zone        = var.zone
 
   # The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated.
   delegated_subnet_id = var.private_endpoint_enabled ? var.delegated_subnet_id : null
   #  private_dns_zobe_id will be required when setting a delegated_subnet_id
   private_dns_zone_id = var.private_endpoint_enabled ? var.private_dns_zone_id : null
 
-  sku_name   = var.sku_name
+  sku_name = var.sku_name
 
   source_server_id = var.source_server_id
 
diff --git a/postgres_flexible_server_replica/02_monitor_flexible.tf b/postgres_flexible_server_replica/02_monitor_flexible.tf
index ed2743b1..4f6b922a 100644
--- a/postgres_flexible_server_replica/02_monitor_flexible.tf
+++ b/postgres_flexible_server_replica/02_monitor_flexible.tf
@@ -1,8 +1,13 @@
 #
 # Monitor Metrics
 #
+locals {
+  replica_metrics = merge(local.default_replica_server_metrics, var.replica_server_metric_alerts)
+  main_metrics    = merge(local.default_main_server_metrics, var.main_server_additional_alerts)
+}
+
 resource "azurerm_monitor_metric_alert" "replica_alerts" {
-  for_each = var.replica_server_metric_alerts
+  for_each = var.replica_metrics
 
   enabled             = var.alerts_enabled
   name                = "${var.name}-${upper(each.key)}"
@@ -32,7 +37,7 @@ resource "azurerm_monitor_metric_alert" "replica_alerts" {
 }
 
 resource "azurerm_monitor_metric_alert" "main_server_alerts" {
-  for_each = var.main_server_additional_alerts
+  for_each = var.main_metrics
 
   enabled             = var.alerts_enabled
   name                = "${var.name}-${upper(each.key)}"
diff --git a/postgres_flexible_server_replica/04_variables.tf b/postgres_flexible_server_replica/04_variables.tf
index 6ab12c0e..ebf9691e 100644
--- a/postgres_flexible_server_replica/04_variables.tf
+++ b/postgres_flexible_server_replica/04_variables.tf
@@ -119,19 +119,8 @@ variable "replica_server_metric_alerts" {
     # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
     severity = number
   }))
+  default = {}
 
-  default = {
-    replica_lag = {
-      frequency        = "PT5M"
-      window_size      = "PT30M"
-      metric_namespace = "Microsoft.DBforPostgreSQL/flexibleServers"
-      aggregation      = "Average"
-      metric_name      = "physical_replication_delay_in_seconds"
-      operator         = "GreaterThanOrEqual"
-      threshold        = 240
-      severity         = 2
-    }
-  }
 }
 
 
@@ -157,8 +146,11 @@ variable "main_server_additional_alerts" {
     # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.
     severity = number
   }))
+  default = {}
+}
 
-  default = {
+locals {
+  default_main_server_metrics = {
     replication_delay_bytes = {
       frequency        = "PT5M"
       window_size      = "PT30M"
@@ -170,6 +162,18 @@ variable "main_server_additional_alerts" {
       severity         = 2
     }
   }
+  default_replica_server_metrics = {
+    replica_lag = {
+      frequency        = "PT5M"
+      window_size      = "PT30M"
+      metric_namespace = "Microsoft.DBforPostgreSQL/flexibleServers"
+      aggregation      = "Average"
+      metric_name      = "physical_replication_delay_in_seconds"
+      operator         = "GreaterThanOrEqual"
+      threshold        = 240
+      severity         = 2
+    }
+  }
 }
 
 variable "alerts_enabled" {
@@ -208,7 +212,7 @@ variable "diagnostic_setting_destination_storage_id" {
 }
 
 variable "source_server_id" {
-  type = string
+  type        = string
   description = "(Required) Id of the source server to be replicated"
 }
 
diff --git a/postgres_flexible_server_replica/README.md b/postgres_flexible_server_replica/README.md
index e8665c52..0e00e232 100644
--- a/postgres_flexible_server_replica/README.md
+++ b/postgres_flexible_server_replica/README.md
@@ -1,14 +1,12 @@
-# Postgres Flexible Server
+# Postgres Flexible Server Replica
 
-Module that allows the creation of a postgres flexible.
+Module that allows the creation of a postgres flexible replica
 
 ## Production Ready
 
 > See how to use in production: <https://pagopa.atlassian.net/wiki/spaces/DEVOPS/pages/484474896/Postgres+Flexible>
 
-## Architecture
 
-![architecture](./docs/module-arch.drawio.png)
 
 ## Connection to DB
 
@@ -18,20 +16,13 @@ Module that allows the creation of a postgres flexible.
 
 * **HA** and **pg bouncer** is not avaible for `B series` machines
 
-## Customer managed key
-
-It's now possible to use a `Customer managed key`. To achieve this result you need to set:
-```
-customer_managed_key_enabled      = true (default = false)
-```
-Please have a look at the example in the `tests` folder to understand how to proceed and see a working example.
 
 ## Metrics
 
-By default the module has his own metrics, but if you want to override it you can use the parameter `custom_metric_alerts` with this example structure:
-
+By default the module has his own metrics (replica lag in bytes and in seconds), but if you want to add your own metrics you can use the parameters `main_server_additional_alerts` and `replica_server_metric_alerts` with this example structure:
+They will be added to the already provided metrics
 ```ts
-variable "pgflex_public_metric_alerts" {
+variable "main_server_additional_alerts" {
   description = <<EOD
   Map of name = criteria objects
   EOD
@@ -68,38 +59,25 @@ variable "pgflex_public_metric_alerts" {
 }
 ```
 
-## How to use it (Public mode & Private mode)
-
-```ts
-  # KV secrets flex server
-  data "azurerm_key_vault_secret" "pgres_flex_admin_login" {
-    name         = "pgres-flex-admin-login"
-    key_vault_id = data.azurerm_key_vault.kv.id
-  }
-
-  data "azurerm_key_vault_secret" "pgres_flex_admin_pwd" {
-    name         = "pgres-flex-admin-pwd"
-    key_vault_id = data.azurerm_key_vault.kv.id
-  }
-
-  #------------------------------------------------
-  resource "azurerm_resource_group" "postgres_dbs" {
-    name     = "${local.program}-postgres-dbs-rg"
-    location = var.location
+## How to use it
 
-    tags = var.tags
+```hcl
+  data "azurerm_virtual_network" "vnet_replica" {
+    name                = local.vnet_replica_name
+    resource_group_name = local.vnet_resource_group_name
   }
 
   # Postgres Flexible Server subnet
-  module "postgres_flexible_snet" {
-    source                                    = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v3.15.0"
-    name                                      = "${local.program}-pgres-flexible-snet"
-    address_prefixes                          = var.cidr_subnet_flex_dbms
-    resource_group_name                       = data.azurerm_resource_group.rg_vnet.name
-    virtual_network_name                      = data.azurerm_virtual_network.vnet.name
-    service_endpoints                         = ["Microsoft.Storage"]
-    private_endpoint_network_policies_enabled = true
-
+  module "postgres_flexible_snet_replica" {
+    count = var.geo_replica_enabled ? 1 : 0
+    source                                        = "git::https://github.com/pagopa/terraform-azurerm-v3.git//subnet?ref=v6.2.1"
+    name                                          = "${local.project_replica}-pgres-flexible-snet"
+    address_prefixes                              = var.geo_replica_cidr_subnet_postgresql
+    resource_group_name                           = data.azurerm_resource_group.rg_vnet.name
+    virtual_network_name                          = data.azurerm_virtual_network.vnet_replica.name
+    service_endpoints                             = ["Microsoft.Storage"]
+    private_link_service_network_policies_enabled = true
+  
     delegation = {
       name = "delegation"
       service_delegation = {
@@ -133,114 +111,33 @@ variable "pgflex_public_metric_alerts" {
     tags = var.tags
   }
 
-  # https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compare-single-server-flexible-server
-  module "postgres_flexible_server_private" {
-
-    count = var.pgflex_private_config.enabled ? 1 : 0
-
-    source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server?ref=v3.15.0"
-
-    name                = "${local.program}-private-pgflex"
-    location            = azurerm_resource_group.postgres_dbs.location
-    resource_group_name = azurerm_resource_group.postgres_dbs.name
-
-    ### Network
-    private_endpoint_enabled = false
-    private_dns_zone_id      = azurerm_private_dns_zone.privatelink_postgres_database_azure_com.id
-    delegated_subnet_id      = module.postgres_flexible_snet.id
-
-    ### Admin
-    administrator_login    = data.azurerm_key_vault_secret.pgres_flex_admin_login.value
-    administrator_password = data.azurerm_key_vault_secret.pgres_flex_admin_pwd.value
-
-    sku_name   = "B_Standard_B1ms"
-    db_version = "13"
-    # Possible values are 32768, 65536, 131072, 262144, 524288, 1048576,
-    # 2097152, 4194304, 8388608, 16777216, and 33554432.
-    storage_mb = 32768
-
-    ### zones & HA
-    zone                      = 1
-    high_availability_enabled = false
-    standby_availability_zone = 3
-
-    maintenance_window_config = {
-      day_of_week  = 0
-      start_hour   = 2
-      start_minute = 0
-    }
-
-    ### backup
-    backup_retention_days        = 7
-    geo_redundant_backup_enabled = false
-
-    pgbouncer_enabled = false
-
-    tags = var.tags
-
-    custom_metric_alerts = var.pgflex_public_metric_alerts
-    alerts_enabled       = true
-
-    diagnostic_settings_enabled               = true
-    log_analytics_workspace_id                = data.azurerm_log_analytics_workspace.log_analytics_workspace.id
-    diagnostic_setting_destination_storage_id = data.azurerm_storage_account.security_monitoring_storage.id
-
-    depends_on = [azurerm_private_dns_zone_virtual_network_link.privatelink_postgres_database_azure_com_vnet]
-
-  }
-
-  #
-  # Public Flexible
-  #
-
-  # https://docs.microsoft.com/en-us/azure/postgresql/flexible-server/concepts-compare-single-server-flexible-server
-  module "postgres_flexible_server_public" {
-
-    count = var.pgflex_public_config.enabled ? 1 : 0
-
-    source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server?ref=v3.15.0"
-
-    name                = "${local.program}-public-pgflex"
-    location            = azurerm_resource_group.postgres_dbs.location
-    resource_group_name = azurerm_resource_group.postgres_dbs.name
-
-    administrator_login    = data.azurerm_key_vault_secret.pgres_flex_admin_login.value
-    administrator_password = data.azurerm_key_vault_secret.pgres_flex_admin_pwd.value
-
-    sku_name   = "B_Standard_B1ms"
-    db_version = "13"
-    # Possible values are 32768, 65536, 131072, 262144, 524288, 1048576,
-    # 2097152, 4194304, 8388608, 16777216, and 33554432.
-    storage_mb                   = 32768
-    zone                         = 1
-    backup_retention_days        = 7
-    geo_redundant_backup_enabled = false
-
+  module "postgresql_fdr_replica_db" {
+    source = "git::https://github.com/pagopa/terraform-azurerm-v3.git//postgres_flexible_server_replica?ref=eb2a36b"
+    count = var.geo_replica_enabled ? 1 : 0
+  
+    name = "${local.project_replica}-flexible-postgresql"
+    resource_group_name = azurerm_resource_group.db_rg.name
+    location = var.location_replica
+  
+    private_dns_zone_id = var.env_short != "d" ? data.azurerm_private_dns_zone.postgres[0].id : null
+    delegated_subnet_id = module.postgres_flexible_snet_replica[0].id
+    private_endpoint_enabled = var.pgres_flex_params.pgres_flex_private_endpoint_enabled
+  
+    sku_name = var.pgres_flex_params.sku_name
+  
     high_availability_enabled = false
-    private_endpoint_enabled  = false
-    pgbouncer_enabled         = false
-
+    pgbouncer_enabled = var.pgres_flex_params.pgres_flex_pgbouncer_enabled
+  
+    source_server_id = module.postgres_flexible_server_fdr.id # the original server id to which we want to add a replica
+  
+    diagnostic_settings_enabled = false
+  
+    log_analytics_workspace_id = data.azurerm_log_analytics_workspace.log_analytics.id
+    zone = 2
     tags = var.tags
-
-    custom_metric_alerts = var.pgflex_public_metric_alerts
-    alerts_enabled       = true
-
-    diagnostic_settings_enabled               = true
-    log_analytics_workspace_id                = data.azurerm_log_analytics_workspace.log_analytics_workspace.id
-    diagnostic_setting_destination_storage_id = data.azurerm_storage_account.security_monitoring_storage.id
-
   }
 ```
 
-## Migration from v2
-
-### 🔥 re-import the resource azurerm_monitor_diagnostic_setting
-
-Is possible that you need to re-import this resource
-
-```ts
-module.postgres_flexible_server_public[0].azurerm_monitor_diagnostic_setting.this[0]
-```
 
 See [Generic resorce migration](../docs/MIGRATION_GUIDE_GENERIC_RESOURCES.md)
 
@@ -263,7 +160,8 @@ No modules.
 | Name | Type |
 |------|------|
 | [azurerm_monitor_diagnostic_setting.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_diagnostic_setting) | resource |
-| [azurerm_monitor_metric_alert.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_monitor_metric_alert.main_server_alerts](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
+| [azurerm_monitor_metric_alert.replica_alerts](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/monitor_metric_alert) | resource |
 | [azurerm_postgresql_flexible_server.this](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server) | resource |
 | [azurerm_postgresql_flexible_server_configuration.pgbouncer_enabled](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/postgresql_flexible_server_configuration) | resource |
 | [null_resource.ha_sku_check](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |
@@ -273,34 +171,25 @@ No modules.
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
-| <a name="input_administrator_login"></a> [administrator\_login](#input\_administrator\_login) | Flexible PostgreSql server administrator\_login | `string` | n/a | yes |
-| <a name="input_administrator_password"></a> [administrator\_password](#input\_administrator\_password) | Flexible PostgreSql server administrator\_password | `string` | n/a | yes |
 | <a name="input_alert_action"></a> [alert\_action](#input\_alert\_action) | The ID of the Action Group and optional map of custom string properties to include with the post webhook operation. | <pre>set(object(<br>    {<br>      action_group_id    = string<br>      webhook_properties = map(string)<br>    }<br>  ))</pre> | `[]` | no |
 | <a name="input_alerts_enabled"></a> [alerts\_enabled](#input\_alerts\_enabled) | Should Metrics Alert be enabled? | `bool` | `true` | no |
-| <a name="input_backup_retention_days"></a> [backup\_retention\_days](#input\_backup\_retention\_days) | (Optional) The backup retention days for the PostgreSQL Flexible Server. Possible values are between 7 and 35 days. | `number` | `7` | no |
-| <a name="input_create_mode"></a> [create\_mode](#input\_create\_mode) | (Optional) The creation mode. Can be used to restore or replicate existing servers. Possible values are Default, Replica, GeoRestore, and PointInTimeRestore | `string` | `"Default"` | no |
-| <a name="input_custom_metric_alerts"></a> [custom\_metric\_alerts](#input\_custom\_metric\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    metric_name = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br>    # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.<br>    severity = number<br>  }))</pre> | `null` | no |
-| <a name="input_customer_managed_key_enabled"></a> [customer\_managed\_key\_enabled](#input\_customer\_managed\_key\_enabled) | enable customer\_managed\_key | `bool` | `"false"` | no |
-| <a name="input_customer_managed_key_kv_key_id"></a> [customer\_managed\_key\_kv\_key\_id](#input\_customer\_managed\_key\_kv\_key\_id) | The ID of the Key Vault Key | `string` | `null` | no |
-| <a name="input_db_version"></a> [db\_version](#input\_db\_version) | (Required) The version of PostgreSQL Flexible Server to use. Possible values are 11,12 and 13. Required when create\_mode is Default | `number` | n/a | yes |
-| <a name="input_default_metric_alerts"></a> [default\_metric\_alerts](#input\_default\_metric\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    metric_name = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br>    # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.<br>    severity = number<br>  }))</pre> | <pre>{<br>  "active_connections": {<br>    "aggregation": "Average",<br>    "frequency": "PT5M",<br>    "metric_name": "active_connections",<br>    "metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",<br>    "operator": "GreaterThan",<br>    "severity": 2,<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "connections_failed": {<br>    "aggregation": "Total",<br>    "frequency": "PT5M",<br>    "metric_name": "connections_failed",<br>    "metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",<br>    "operator": "GreaterThan",<br>    "severity": 2,<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "cpu_percent": {<br>    "aggregation": "Average",<br>    "frequency": "PT5M",<br>    "metric_name": "cpu_percent",<br>    "metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",<br>    "operator": "GreaterThan",<br>    "severity": 2,<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "memory_percent": {<br>    "aggregation": "Average",<br>    "frequency": "PT5M",<br>    "metric_name": "memory_percent",<br>    "metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",<br>    "operator": "GreaterThan",<br>    "severity": 2,<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  },<br>  "storage_percent": {<br>    "aggregation": "Average",<br>    "frequency": "PT5M",<br>    "metric_name": "storage_percent",<br>    "metric_namespace": "Microsoft.DBforPostgreSQL/flexibleServers",<br>    "operator": "GreaterThan",<br>    "severity": 2,<br>    "threshold": 80,<br>    "window_size": "PT30M"<br>  }<br>}</pre> | no |
 | <a name="input_delegated_subnet_id"></a> [delegated\_subnet\_id](#input\_delegated\_subnet\_id) | (Optional) The ID of the virtual network subnet to create the PostgreSQL Flexible Server. The provided subnet should not have any other resource deployed in it and this subnet will be delegated to the PostgreSQL Flexible Server, if not already delegated. | `string` | `null` | no |
 | <a name="input_diagnostic_setting_destination_storage_id"></a> [diagnostic\_setting\_destination\_storage\_id](#input\_diagnostic\_setting\_destination\_storage\_id) | (Optional) The ID of the Storage Account where logs should be sent. Changing this forces a new resource to be created. | `string` | `null` | no |
 | <a name="input_diagnostic_settings_enabled"></a> [diagnostic\_settings\_enabled](#input\_diagnostic\_settings\_enabled) | Is diagnostic settings enabled? | `bool` | `true` | no |
-| <a name="input_geo_redundant_backup_enabled"></a> [geo\_redundant\_backup\_enabled](#input\_geo\_redundant\_backup\_enabled) | (Optional) Is Geo-Redundant backup enabled on the PostgreSQL Flexible Server. Defaults to false | `bool` | `false` | no |
 | <a name="input_high_availability_enabled"></a> [high\_availability\_enabled](#input\_high\_availability\_enabled) | (Required) Is the High Availability Enabled | `bool` | n/a | yes |
 | <a name="input_location"></a> [location](#input\_location) | (Required) The Azure Region where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
 | <a name="input_log_analytics_workspace_id"></a> [log\_analytics\_workspace\_id](#input\_log\_analytics\_workspace\_id) | (Optional) Specifies the ID of a Log Analytics Workspace where Diagnostics Data should be sent. | `string` | `null` | no |
+| <a name="input_main_server_additional_alerts"></a> [main\_server\_additional\_alerts](#input\_main\_server\_additional\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    metric_name = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br>    # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.<br>    severity = number<br>  }))</pre> | n/a | yes |
 | <a name="input_maintenance_window_config"></a> [maintenance\_window\_config](#input\_maintenance\_window\_config) | (Optional) Allows the configuration of the maintenance window, if not configured default is Wednesday@2.00am | <pre>object({<br>    day_of_week  = number<br>    start_hour   = number<br>    start_minute = number<br>  })</pre> | <pre>{<br>  "day_of_week": 3,<br>  "start_hour": 2,<br>  "start_minute": 0<br>}</pre> | no |
 | <a name="input_name"></a> [name](#input\_name) | (Required) The name which should be used for this PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | n/a | yes |
 | <a name="input_pgbouncer_enabled"></a> [pgbouncer\_enabled](#input\_pgbouncer\_enabled) | Is PgBouncer enabled into configurations? | `bool` | `true` | no |
-| <a name="input_primary_user_assigned_identity_id"></a> [primary\_user\_assigned\_identity\_id](#input\_primary\_user\_assigned\_identity\_id) | Manages a User Assigned Identity | `string` | `null` | no |
 | <a name="input_private_dns_zone_id"></a> [private\_dns\_zone\_id](#input\_private\_dns\_zone\_id) | (Optional) The ID of the private dns zone to create the PostgreSQL Flexible Server. Changing this forces a new PostgreSQL Flexible Server to be created. | `string` | `null` | no |
 | <a name="input_private_endpoint_enabled"></a> [private\_endpoint\_enabled](#input\_private\_endpoint\_enabled) | Is this instance private only? | `bool` | n/a | yes |
+| <a name="input_replica_server_metric_alerts"></a> [replica\_server\_metric\_alerts](#input\_replica\_server\_metric\_alerts) | Map of name = criteria objects | <pre>map(object({<br>    # criteria.*.aggregation to be one of [Average Count Minimum Maximum Total]<br>    aggregation = string<br>    metric_name = string<br>    # "Insights.Container/pods" "Insights.Container/nodes"<br>    metric_namespace = string<br>    # criteria.0.operator to be one of [Equals NotEquals GreaterThan GreaterThanOrEqual LessThan LessThanOrEqual]<br>    operator  = string<br>    threshold = number<br>    # Possible values are PT1M, PT5M, PT15M, PT30M and PT1H<br>    frequency = string<br>    # Possible values are PT1M, PT5M, PT15M, PT30M, PT1H, PT6H, PT12H and P1D.<br>    window_size = string<br>    # severity: The severity of this Metric Alert. Possible values are 0, 1, 2, 3 and 4. Defaults to 3.<br>    severity = number<br>  }))</pre> | n/a | yes |
 | <a name="input_resource_group_name"></a> [resource\_group\_name](#input\_resource\_group\_name) | (Required) The name of the Resource Group where the PostgreSQL Flexible Server should exist. | `string` | n/a | yes |
 | <a name="input_sku_name"></a> [sku\_name](#input\_sku\_name) | The SKU Name for the PostgreSQL Flexible Server. The name of the SKU, follows the tier + name pattern (e.g. B\_Standard\_B1ms, GP\_Standard\_D2s\_v3, MO\_Standard\_E4s\_v3). | `string` | n/a | yes |
+| <a name="input_source_server_id"></a> [source\_server\_id](#input\_source\_server\_id) | (Required) Id of the source server to be replicated | `string` | n/a | yes |
 | <a name="input_standby_availability_zone"></a> [standby\_availability\_zone](#input\_standby\_availability\_zone) | (Optional) Specifies the Availability Zone in which the standby Flexible Server should be located. | `number` | `null` | no |
-| <a name="input_storage_mb"></a> [storage\_mb](#input\_storage\_mb) | The max storage allowed for the PostgreSQL Flexible Server. Possible values are 32768, 65536, 131072, 262144, 524288, 1048576, 2097152, 4194304, 8388608, 16777216, and 33554432. | `number` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | n/a | `map(any)` | n/a | yes |
 | <a name="input_zone"></a> [zone](#input\_zone) | (Optional) Specifies the Availability Zone in which the PostgreSQL Flexible Server should be located. | `number` | `null` | no |
 
@@ -308,8 +197,6 @@ No modules.
 
 | Name | Description |
 |------|-------------|
-| <a name="output_administrator_login"></a> [administrator\_login](#output\_administrator\_login) | n/a |
-| <a name="output_administrator_password"></a> [administrator\_password](#output\_administrator\_password) | n/a |
 | <a name="output_connection_port"></a> [connection\_port](#output\_connection\_port) | n/a |
 | <a name="output_fqdn"></a> [fqdn](#output\_fqdn) | n/a |
 | <a name="output_id"></a> [id](#output\_id) | n/a |