Configuring PostgreSQL workspace data connections

During workspace creation, under Connection Type, select PostgreSQL.

Connecting to the source database

In the Source Settings section, provide the details about connecting to the source database.

Providing the connection details

To provide the connection details, you can either populate the connection fields or use a connection string.

Populating the connection fields

By default, Use connection string is off, and you provide the connection values in the individual fields:

1. In the Server field, provide the server where the database is located.

2. In the Database field, provide the name of the database.

3. In the Port field, provide the port to use to connect to the database.

4. In the Username field, provide the username for the account to use to connect to the database.

5. In the Password field, provide the password for the specified username.

6. To test the connection to the source database, click Test Source Connection.

Using a connection string

To use a connection string to connect to the source database:

1. Toggle Use connection string to the on position.

2. In the Connection String field, provide the connection string.

The connection string uses the following format:

Server=serverIP;Database=databaseName;Port=portNumber;User Id=userName;Password=<password>

For Password, you set the value to <password>, and then type the actual password in the Password field.

To test the connection to the source database, click Test Source Connection.

Ensuring encryption of source database authentication

The Enable SSL/TLS setting indicates whether to encrypt source database authentication.

By default, the toggle is in the on position. We strongly recommend that you do not turn off this setting.

Trusting the server certificate

To indicate that Structural should trust the server certificate, toggle Trust Server Certificate to the on position.

Connecting through an SSH bastion

For additional security, to connect to an SSH bastion :

1. Toggle Enable SSH Tunnel to the on position.

2. In the SSH Host field, provide the host for the SSH bastion.

3. In the SSH Port field, provide the port for the SSH bastion.

4. In the SSH User field, provide the name of the user to use to connect to the SSH bastion.

5. If you do not use a private key, then in the SSH Passphrase field, provide the passphrase to use for authentication.

6. If you do use a private key, then in the SSH Private Key field, provide the private key. If the private key uses a passphrase, then in the SSH Passphrase field, provide the passphrase for the private key.

Providing your own client certificate

To specify your own client certificate for authentication:

1. Click the expand icon for Client certificate settings.

2. For Client Cert, choose the client certificate file.

3. For Client Key, choose the key file for the client certificate.

4. For Root Cert, choose the root certificate file.

Limiting the included schemas

By default, the source database includes all of the schemas. To specify a list of specific schemas to either include or exclude:

1. Toggle Limit Schemas to the on position.

2. From the filter option dropdown list, select whether to include or exclude the listed schemas.

3. In the field, provide the list of schemas to either include or exclude. Use commas or semicolons to separate the schemas.

Do not exclude schemas that are referred to by included schemas, unless you create those schemas manually outside of Tonic Structural.

Blocking data generation for all schema changes

By default, data generation is not blocked as long as schema changes do not conflict with your workspace configuration.

To block data generation when there are any schema changes, regardless of whether they conflict with your workspace configuration, toggle Block data generation on schema changes to the on position.

Connecting to the intermediate database for upsert

PostgreSQL supports the upsert process. When you enable upsert for the workspace, the data generation process initially writes the transformed data to an intermediate database.

After the initial data generation is complete, the upsert job writes new records to the destination database, and updates existing records in the destination database. It does not touch any other records that are in the destination database.

In the Upsert section, when you enable upsert, you are prompted to configure the upsert processing and to provide the connection information for the intermediate database.

If the intermediate database is in the same location as the source database, then you can copy the connection and authentication details from the source database.

Copying the connection and authentication details from the source database

To copy the connection and authentication details from the source database:

1. Click Copy Settings from Source.

2. In the Password field, provide the password.

3. To test the connection to the intermediate database, click Test Intermediate Connection.

Providing the connection details

If you don't copy the details from the source database, then you can either populate the connection fields or use a connection string.

Populating the connection fields

By default, Use connection string is off, and you provide the connection values in the individual fields:

1. In the Server field, provide the server where the database is located.

2. In the Database field, provide the name of the database.

3. In the Port field, provide the port to use to connect to the database.

4. In the Username field, provide the username for the account to use to connect to the database.

5. In the Password field, provide the password for the specified username.

6. To test the connection to the intermediate database, click Test Intermediate Connection.

Using a connection string

To use a connection string to connect to the intermediate database:

1. Toggle Use connection string to the on position.

2. In the Connection String field, provide the connection string.

The connection string uses the following format:

Server=serverIP;Database=databaseName;Port=portNumber;User Id=userName;Password=<password>

For Password, you set the value to <password>, and then type the actual password in the Password field.

To test the connection to the intermediate database, click Test Intermediate Connection.

Ensuring encryption of intermediate database authentication

The Enable SSL/TLS setting indicates whether to encrypt intermediate database authentication.

By default, the toggle is in the on position. We strongly recommend that you do not turn off this setting.

Trusting the server certificate

To indicate that Structural should trust the server certificate, toggle Trust Server Certificate to the on position.

Connecting through an SSH bastion

To connect to an SSH bastion for additional security:

1. Toggle Enable SSH Tunnel to the on position.

2. In the SSH Host field, provide the host for the SSH bastion.

3. In the SSH Port field, provide the port for the SSH bastion.

4. In the SSH User field, provide the name of the user to use to connect to the SSH bastion.

5. If you do not use a private key, then in the SSH Passphrase field, provide the passphrase to use for authentication.

6. If you do use a private key, then in the SSH Private Key field, provide the private key. If the private key uses a passphrase, then in the SSH Passphrase field, provide the passphrase for the private key.

Providing your own client certificate

To specify your own client certificate for authentication:

1. Click the expand icon for Client certificate settings.

2. For Client Cert, choose the client certificate file.

3. For Client Key, choose the key file for the client certificate.

4. For Root Cert, choose the root certificate file.

Connecting to the destination database

For a PostgreSQL workspace, you can write the destination data to either:

• A destination database server.

• A Tonic Ephemeral snapshot. For more information, go to Writing output to Tonic Ephemeral.

• A container repository. For more information, go to Writing output to a container repository.

Under Destination Settings, to write the transformed data to a destination database on a database server, click Database Server. Structural installs any generally available extensions that are used on the source database. However, you must manually install any custom extensions and plugins.

Copying the connection and authentication details from the source database

If the destination database is in the same location as the source database, then you can copy the connection and authentication details from the source database.

To copy the connection and authentication details from the source database:

1. Click Copy Settings from Source.

2. In the Password field, provide the password.

3. To test the connection to the destination database, click Test Destination Connection.

Providing the connection details

If you don't copy the details from the source database, then you can either populate the connection fields or use a connection string.

Populating the connection fields

By default, Use connection string is off, and you provide the connection values in the individual fields:

1. In the Server field, provide the server where the database is located.

2. In the Database field, provide the name of the database.

3. In the Port field, provide the port to use to connect to the database.

4. In the Username field, provide the username for the account to use to connect to the database.

5. In the Password field, provide the password for the specified username.

6. To test the connection to the destination database, click Test Destination Connection.

Using a connection string

To use a connection string to connect to the source database:

1. Toggle Use connection string to the on position.

2. In the Connection String field, provide the connection string.

The connection string uses the following format:

Server=serverIP;Database=databaseName;User Id=userName;Password=<password>

For Password, you set the value to <password>, and then type the actual password in the Password field.

To test the connection to the destination database, click Test Destination Connection.

Ensuring the encryption of destination database authentication

The Enable SSL/TLS setting indicates whether to encrypt destination database authentication.

By default, the toggle is in the on position. We strongly recommend that you do not turn off this setting.

Trusting the server certificate

To indicate that Tonic should trust the server certificate, toggle Trust Server Certificate to the on position.

Connecting through an SSH bastion

For additional security, to connect through an SSH bastion :

1. Toggle Enable SSH Tunnel to the on position.

2. In the SSH Host field, provide the host for the SSH bastion.

3. In the SSH Port field, provide the port for the SSH bastion.

4. In the SSH User field, provide the name of the user to use to connect to the SSH bastion.

5. If you do not use a private key, then in the SSH Passphrase field, provide the passphrase to use for authentication.

6. If you do use a private key, then in the SSH Private Key field, provide the private key. If the private key uses a passphrase, then in the SSH Passphrase field, provide the passphrase for the private key.

Providing your own client certificate

To specify your own client certificate for authentication:

1. Click the expand icon for Client certificate settings.

2. For Client Cert, choose the client certificate file.

3. For Client Key, choose the key file for the client certificate.

4. For Root Cert, choose the root certificate file.