Get started
Yandex Data Transfer

Configuring a PostgreSQL target endpoint

Written by

When creating or editing an endpoint, you can define:

Managed Service for PostgreSQL cluster

Connecting to the database with the cluster ID specified in Yandex Cloud. Available only for clusters deployed in Yandex Managed Service for PostgreSQL.

  • MDB cluster ID: Select the cluster to connect to.

  • Security groups: Select the cloud network to host the endpoint and security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the selected network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • Database name: Specify the name of the database in the selected cluster.

  • Username: Specify the username that Data Transfer will use to connect to the database.

  • Password: Enter the user's password to the database.

  • Endpoint type: postgres-target.

  • --cluster-id: ID of the cluster you need to connect to.

  • --database: Database name.

  • --user: Username that Data Transfer will use to connect to the database.

  • To set a user password to access the DB, use one of the following parameters:

    • --raw-password: Password as text.

    • --password-file: The path to the password file.

  • Endpoint type: postgres_target.

  • connection.mdb_cluster_id: ID of cluster to connect to.

  • database — Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Password in text form.

Example configuration file structure:

resource "yandex_datatransfer_endpoint" "<endpoint name in Terraform>" {
  name = "<endpoint name>"
  settings {
    postgres_target {
      security_groups = [ "list of security group IDs" ]
      connection {
        mdb_cluster_id = "<Managed Service for PostgreSQL cluster ID>"
      }
      database = "<name of database being transferred>"
      user     = "<username for connection>"
      password {
        raw = "<user password>"
      }
    }
  }
}

For more information, see the Terraform provider documentation.

  • mdbClusterId: ID of the cluster you need to connect to.

  • database: Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Database user password (in text form).

Custom installation

For OnPremise, all fields are filled in manually.

  • Database port: Set the number of the port that Data Transfer will use for the connection.

  • CA Certificate: Upload the certificate file or add its contents as text if encryption of the transmitted data is required, for example, to meet the requirements of PCI DSS.

  • Host IP or FQDN: Enter the IP address or FQDN of the master host to connect to.

  • Endpoint network interface: Select or create a subnet in the desired availability zone.

    If the source and target are geographically close, connecting via the selected subnet speeds up the transfer.

  • Security groups: Select the cloud network to host the endpoint and security groups for network traffic.

    This will let you apply the specified security group rules to the VMs and clusters in the selected network without changing the settings of these VMs and clusters. For more information, see Network in Yandex Data Transfer.

  • Database name: Specify the name of the database in the selected cluster.

  • Username: Specify the username that Data Transfer will use to connect to the database.

  • Password: Enter the user's password to the database.

  • Endpoint type: postgres-target.

  • --host: IP address or FQDN of the master host you want to connect to.

  • --port: Number of the port that Data Transfer will use for the connection.

  • --ca-certificate — If the transmitted data needs to be encrypted, for example, to meet the requirements of PCI DSS.

  • --subnet-id: ID of the subnet the host resides in.

  • --database: Database name.

  • --user: Username that Data Transfer will use to connect to the database.

  • To set a user password to access the DB, use one of the following parameters:

    • --raw-password: Password as text.

    • --password-file: The path to the password file.

  • Endpoint type: postgres_target.

  • on_premise.hosts: List of IPs or FQDNs of hosts to connect to. Since only single-item lists are supported, specify the master host address.

  • on_premise.port: Port number that Data Transfer will use for connections.

  • on_premise.tls_mode.enabled.ca_certificate: CA certificate if the data to transfer must be encrypted to comply with PCI DSS requirements.

  • on_premise.subnet_id: ID of subnet that host is on.

  • database — Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Password in text form.

Example configuration file structure:

resource "yandex_datatransfer_endpoint" "<endpoint name in Terraform>" {
  name = "<endpoint name>"
  settings {
    postgres_target {
      security_groups = [ "list of security group IDs" ]
      connection {
        on_premise {
          hosts = ["<host list>"]
          port  = <connection port>
        }
      }
      database = "<name of database being transferred>"
      user     = "<username for connection>"
      password {
        raw = "<user password>"
      }
    }
  }
}

For more information, see the Terraform provider documentation.

  • onPremise: Database connection parameters:

    • hosts — IP address or FQDN of the master host to connect to.

    • port: The number of the port that Data Transfer will use for the connection.

    • tlsMode: Parameters of encryption of transmitted data if it is required, for example, to meet the requirements of PCI DSS.

    • subnetId: ID of the subnet the host resides in.

  • database: Database name.

  • user: Username that Data Transfer will use to connect to the database.

  • password.raw: Database user password (in text form).

Additional settings

  • Cleanup policy: Select a way to clean up data in the target database before the transfer:

    • Drop: Fully delete tables included in the transfer (default).

      Use this option so that the latest version of the table schema is always transferred to the target database from the source whenever the transfer is activated.

    • Disabled: Do not clean.

      Select this option if only replication without copying data is performed.

    • Truncate: Delete only the data from the tables included in the transfer but leave the schema.

      Use this option if the schema in the target database differs from the one that would have been transferred from the source during the transfer.

  • Save transaction boundaries: Enable so that the service writes data to the target database only after fully reading the transaction data from the source database.

    Warning

    This feature is in the Preview stage.

In this article: