diff --git a/modules/mysql/metadata.display.yaml b/modules/mysql/metadata.display.yaml index 7fa98aac..59e8322c 100644 --- a/modules/mysql/metadata.display.yaml +++ b/modules/mysql/metadata.display.yaml @@ -40,6 +40,12 @@ spec: availability_type: name: availability_type title: Availability Type + invisible: false + enumValueLabels: + - label: REGIONAL + value: REGIONAL + - label: ZONAL + value: ZONAL altDefaults: - type: ALTERNATE_TYPE_DC value: REGIONAL @@ -77,6 +83,11 @@ spec: database_version: name: database_version title: Database Version + enumValueLabels: + - label: MYSQL_8_4 + value: MYSQL_8_4 + - label: MYSQL_8_0 + value: MYSQL_8_0 db_charset: name: db_charset title: Db Charset @@ -86,6 +97,7 @@ spec: db_name: name: db_name title: Db Name + invisible: false delete_timeout: name: delete_timeout title: Delete Timeout @@ -119,15 +131,23 @@ spec: edition: name: edition title: Edition + invisible: false + enumValueLabels: + - label: ENTERPRISE_PLUS + value: ENTERPRISE_PLUS + - label: ENTERPRISE + value: ENTERPRISE altDefaults: - type: ALTERNATE_TYPE_DC value: ENTERPRISE_PLUS enable_default_db: name: enable_default_db title: Enable Default Db + invisible: false enable_default_user: name: enable_default_user title: Enable Default User + invisible: false enable_google_ml_integration: name: enable_google_ml_integration title: Enable Google Ml Integration @@ -170,6 +190,8 @@ spec: name: name: name title: Name + regexValidation: ^[a-z][a-z0-9-]{0,95}[a-z0-9]$ + validation: Use lowercase letters, numbers, and hyphens. Start with a letter and end with letter/number. Must be 97 characters or fewer. password_validation_policy_config: name: password_validation_policy_config title: Password Validation Policy Config @@ -197,6 +219,7 @@ spec: region: name: region title: Region + invisible: false replica_database_version: name: replica_database_version title: Replica Database Version diff --git a/modules/mysql/metadata.yaml b/modules/mysql/metadata.yaml index d2a54483..6d88d6d3 100644 --- a/modules/mysql/metadata.yaml +++ b/modules/mysql/metadata.yaml @@ -66,10 +66,103 @@ spec: description: The project ID to manage the Cloud SQL resources varType: string required: true + - name: region + description: The region of the Cloud SQL resources + varType: string + defaultValue: us-central1 - name: name description: The name of the Cloud SQL resources varType: string required: true + - name: edition + description: The edition of the instance, can be ENTERPRISE or ENTERPRISE_PLUS. + varType: string + - name: database_version + description: The database version to use + varType: string + required: true + - name: availability_type + description: The availability type for the master instance. Can be either `REGIONAL` or `null`. + varType: string + defaultValue: REGIONAL + - name: enable_default_db + description: Enable or disable the creation of the default database + varType: bool + defaultValue: true + - name: db_name + description: The name of the default database to create + varType: string + defaultValue: default + - name: enable_default_user + description: Enable or disable the creation of the default user + varType: bool + defaultValue: true + - name: user_name + description: The name of the default user + varType: string + defaultValue: default + - name: user_host + description: The host for the default user + varType: string + defaultValue: "%" + - name: root_password + description: MySQL password for the root user. + varType: string + - name: user_password + description: The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. + varType: string + defaultValue: "" + - name: deletion_protection + description: Used to block Terraform from deleting a SQL Instance. + varType: bool + defaultValue: true + - name: user_deletion_policy + description: "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." + varType: string + - name: data_cache_enabled + description: Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions + varType: bool + defaultValue: false + - name: additional_databases + description: A list of databases to be created in your cluster + varType: |- + list(object({ + name = string + charset = string + collation = string + })) + defaultValue: [] + - name: additional_users + description: A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. + varType: |- + list(object({ + name = string + password = string + random_password = bool + type = string + host = string + })) + defaultValue: [] + - name: iam_users + description: A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD_IAM_USER, CLOUD_IAM_SERVICE_ACCOUNT, CLOUD_IAM_GROUP and is required for type CLOUD_IAM_GROUP (IAM groups) + varType: |- + list(object({ + id = string, + email = string, + type = optional(string) + })) + defaultValue: [] + connections: + - source: + source: github.com/terraform-google-modules/terraform-google-service-accounts//modules/simple-sa + version: ">= 4.4" + spec: + outputExpr: "{\"id\": account_details.id, \"email\": account_details.email, \"type\": \"CLOUD_IAM_SERVICE_ACCOUNT\"}" + - source: + source: github.com/GoogleCloudPlatform/terraform-google-cloud-run//modules/v2 + version: ">= 0.14" + spec: + outputExpr: "{\"id\": service_account_id.id, \"email\": service_account_id.email, \"type\": \"CLOUD_IAM_SERVICE_ACCOUNT\"}" - name: random_instance_name description: Sets random suffix at the end of the Cloud SQL resource name varType: bool @@ -78,14 +171,6 @@ spec: description: The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database_version and remove this field after update is complete varType: string defaultValue: "" - - name: database_version - description: The database version to use - varType: string - required: true - - name: region - description: The region of the Cloud SQL resources - varType: string - defaultValue: us-central1 - name: master_instance_name description: The name of the existing instance that will act as the master in the replication setup. varType: string @@ -96,9 +181,6 @@ spec: description: The tier for the master instance. varType: string defaultValue: db-n1-standard-1 - - name: edition - description: The edition of the instance, can be ENTERPRISE or ENTERPRISE_PLUS. - varType: string - name: zone description: "The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`." varType: string @@ -112,10 +194,6 @@ spec: description: The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. varType: string defaultValue: ALWAYS - - name: availability_type - description: The availability type for the master instance. Can be either `REGIONAL` or `null`. - varType: string - defaultValue: REGIONAL - name: deletion_protection_enabled description: Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). varType: bool @@ -168,10 +246,6 @@ spec: description: The key/value labels for the master instances. varType: map(string) defaultValue: {} - - name: data_cache_enabled - description: Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions - varType: bool - defaultValue: false - name: deny_maintenance_period description: The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance) varType: |- @@ -221,7 +295,7 @@ spec: connections: - source: source: github.com/terraform-google-modules/terraform-google-network//modules/vpc - version: ~> 9.1 + version: ">= 9.1" spec: outputExpr: network_id inputPath: private_network @@ -281,10 +355,6 @@ spec: description: The optional suffix to add to the read instance name varType: string defaultValue: "" - - name: db_name - description: The name of the default database to create - varType: string - defaultValue: default - name: db_charset description: The charset for the default database varType: string @@ -293,60 +363,6 @@ spec: description: "The collation for the default database. Example: 'utf8_general_ci'" varType: string defaultValue: "" - - name: additional_databases - description: A list of databases to be created in your cluster - varType: |- - list(object({ - name = string - charset = string - collation = string - })) - defaultValue: [] - - name: user_name - description: The name of the default user - varType: string - defaultValue: default - - name: user_host - description: The host for the default user - varType: string - defaultValue: "%" - - name: root_password - description: MySQL password for the root user. - varType: string - - name: user_password - description: The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. - varType: string - defaultValue: "" - - name: additional_users - description: A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. - varType: |- - list(object({ - name = string - password = string - random_password = bool - type = string - host = string - })) - defaultValue: [] - - name: iam_users - description: A list of IAM users to be created in your CloudSQL instance - varType: |- - list(object({ - id = string, - email = string - })) - defaultValue: [] - connections: - - source: - source: github.com/terraform-google-modules/terraform-google-service-accounts//modules/simple-sa - version: ~> 4.4 - spec: - outputExpr: account_details - - source: - source: github.com/GoogleCloudPlatform/terraform-google-cloud-run//modules/v2 - version: ">= 0.14" - spec: - outputExpr: service_account_id - name: create_timeout description: The optional timout that is applied to limit long database creates. varType: string @@ -366,22 +382,10 @@ spec: description: List of modules or resources this module depends on. varType: list(any) defaultValue: [] - - name: deletion_protection - description: Used to block Terraform from deleting a SQL Instance. - varType: bool - defaultValue: true - name: read_replica_deletion_protection description: Used to block Terraform from deleting replica SQL Instances. varType: bool defaultValue: false - - name: enable_default_db - description: Enable or disable the creation of the default database - varType: bool - defaultValue: true - - name: enable_default_user - description: Enable or disable the creation of the default user - varType: bool - defaultValue: true - name: enable_random_password_special description: Enable special characters in generated random passwords. varType: bool @@ -390,9 +394,6 @@ spec: description: Enforce that clients use the connector library varType: bool defaultValue: false - - name: user_deletion_policy - description: "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." - varType: string - name: enable_google_ml_integration description: Enable database ML integration varType: bool @@ -922,9 +923,9 @@ spec: - workflows.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 5.25, < 7" + version: ">= 6.1, < 7" - source: hashicorp/google-beta - version: ">= 5.25, < 7" + version: ">= 6.1, < 7" - source: hashicorp/null version: ~> 3.1 - source: hashicorp/random diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index 2e3ef634..ba36d481 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -19,34 +19,142 @@ variable "project_id" { type = string } +// required +variable "region" { + description = "The region of the Cloud SQL resources" + type = string + default = "us-central1" +} + variable "name" { type = string description = "The name of the Cloud SQL resources" } -variable "random_instance_name" { +variable "edition" { + description = "The edition of the instance, can be ENTERPRISE or ENTERPRISE_PLUS." + type = string + default = null +} + +// required +variable "database_version" { + description = "The database version to use" + type = string +} + +variable "availability_type" { + description = "The availability type for the master instance. Can be either `REGIONAL` or `null`." + type = string + default = "REGIONAL" +} + +variable "enable_default_db" { + description = "Enable or disable the creation of the default database" type = bool - description = "Sets random suffix at the end of the Cloud SQL resource name" - default = false + default = true } -variable "replica_database_version" { - description = "The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database_version and remove this field after update is complete" +variable "db_name" { + description = "The name of the default database to create" + type = string + default = "default" +} + +variable "enable_default_user" { + description = "Enable or disable the creation of the default user" + type = bool + default = true +} + + +variable "user_name" { + description = "The name of the default user" + type = string + default = "default" +} + +variable "user_host" { + description = "The host for the default user" + type = string + default = "%" +} + +variable "root_password" { + description = "MySQL password for the root user." + type = string + default = null +} + +variable "user_password" { + description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." type = string default = "" } -// required -variable "database_version" { - description = "The database version to use" +variable "deletion_protection" { + description = "Used to block Terraform from deleting a SQL Instance." + type = bool + default = true +} + +variable "user_deletion_policy" { + description = "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." type = string + default = null } -// required -variable "region" { - description = "The region of the Cloud SQL resources" +variable "data_cache_enabled" { + description = "Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions" + type = bool + default = false +} + +variable "additional_databases" { + description = "A list of databases to be created in your cluster" + type = list(object({ + name = string + charset = string + collation = string + })) + default = [] +} + +variable "additional_users" { + description = "A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set." + type = list(object({ + name = string + password = string + random_password = bool + type = string + host = string + })) + default = [] + validation { + condition = length([for user in var.additional_users : false if user.random_password == true && (user.password != null && user.password != "")]) == 0 + error_message = "You cannot set both password and random_password, choose one of them." + } +} +variable "iam_users" { + description = "A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD_IAM_USER, CLOUD_IAM_SERVICE_ACCOUNT, CLOUD_IAM_GROUP and is required for type CLOUD_IAM_GROUP (IAM groups)" + type = list(object({ + id = string, + email = string, + type = optional(string) + })) + default = [] +} + +variable "random_instance_name" { + type = bool + description = "Sets random suffix at the end of the Cloud SQL resource name" + default = false +} + +variable "replica_database_version" { + description = "The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database_version and remove this field after update is complete" type = string - default = "us-central1" + default = "" } // optional @@ -70,12 +178,6 @@ variable "tier" { default = "db-n1-standard-1" } -variable "edition" { - description = "The edition of the instance, can be ENTERPRISE or ENTERPRISE_PLUS." - type = string - default = null -} - variable "zone" { description = "The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`." type = string @@ -100,12 +202,6 @@ variable "activation_policy" { default = "ALWAYS" } -variable "availability_type" { - description = "The availability type for the master instance. Can be either `REGIONAL` or `null`." - type = string - default = "REGIONAL" -} - variable "deletion_protection_enabled" { description = "Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform)." type = bool @@ -182,12 +278,6 @@ variable "user_labels" { description = "The key/value labels for the master instances." } -variable "data_cache_enabled" { - description = "Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions" - type = bool - default = false -} - variable "deny_maintenance_period" { description = "The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance)" type = list(object({ @@ -301,12 +391,6 @@ variable "read_replica_name_suffix" { default = "" } -variable "db_name" { - description = "The name of the default database to create" - type = string - default = "default" -} - variable "db_charset" { description = "The charset for the default database" type = string @@ -319,65 +403,6 @@ variable "db_collation" { default = "" } -variable "additional_databases" { - description = "A list of databases to be created in your cluster" - type = list(object({ - name = string - charset = string - collation = string - })) - default = [] -} - -variable "user_name" { - description = "The name of the default user" - type = string - default = "default" -} - -variable "user_host" { - description = "The host for the default user" - type = string - default = "%" -} - -variable "root_password" { - description = "MySQL password for the root user." - type = string - default = null -} - -variable "user_password" { - description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." - type = string - default = "" -} - -variable "additional_users" { - description = "A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set." - type = list(object({ - name = string - password = string - random_password = bool - type = string - host = string - })) - default = [] - validation { - condition = length([for user in var.additional_users : false if user.random_password == true && (user.password != null && user.password != "")]) == 0 - error_message = "You cannot set both password and random_password, choose one of them." - } -} -variable "iam_users" { - description = "A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD_IAM_USER, CLOUD_IAM_SERVICE_ACCOUNT, CLOUD_IAM_GROUP and is required for type CLOUD_IAM_GROUP (IAM groups)" - type = list(object({ - id = string, - email = string, - type = optional(string) - })) - default = [] -} - variable "create_timeout" { description = "The optional timout that is applied to limit long database creates." type = string @@ -408,30 +433,12 @@ variable "module_depends_on" { default = [] } -variable "deletion_protection" { - description = "Used to block Terraform from deleting a SQL Instance." - type = bool - default = true -} - variable "read_replica_deletion_protection" { description = "Used to block Terraform from deleting replica SQL Instances." type = bool default = false } -variable "enable_default_db" { - description = "Enable or disable the creation of the default database" - type = bool - default = true -} - -variable "enable_default_user" { - description = "Enable or disable the creation of the default user" - type = bool - default = true -} - variable "enable_random_password_special" { description = "Enable special characters in generated random passwords." type = bool @@ -444,12 +451,6 @@ variable "connector_enforcement" { default = false } -variable "user_deletion_policy" { - description = "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." - type = string - default = null -} - variable "enable_google_ml_integration" { description = "Enable database ML integration" type = bool diff --git a/modules/postgresql/metadata.display.yaml b/modules/postgresql/metadata.display.yaml index 3ed9d8b8..fde9bb48 100644 --- a/modules/postgresql/metadata.display.yaml +++ b/modules/postgresql/metadata.display.yaml @@ -40,6 +40,7 @@ spec: availability_type: name: availability_type title: Availability Type + invisible: false altDefaults: - type: ALTERNATE_TYPE_DC value: REGIONAL @@ -80,6 +81,19 @@ spec: database_version: name: database_version title: Database Version + enumValueLabels: + - label: POSTGRES_12 + value: POSTGRES_12 + - label: POSTGRES_13 + value: POSTGRES_13 + - label: POSTGRES_14 + value: POSTGRES_14 + - label: POSTGRES_15 + value: POSTGRES_15 + - label: POSTGRES_16 + value: POSTGRES_16 + - label: POSTGRES_17 + value: POSTGRES_17 db_charset: name: db_charset title: Db Charset @@ -89,6 +103,7 @@ spec: db_name: name: db_name title: Db Name + invisible: false delete_timeout: name: delete_timeout title: Delete Timeout @@ -122,15 +137,23 @@ spec: edition: name: edition title: Edition + invisible: false + enumValueLabels: + - label: ENTERPRISE_PLUS + value: ENTERPRISE_PLUS + - label: ENTERPRISE + value: ENTERPRISE altDefaults: - type: ALTERNATE_TYPE_DC value: ENTERPRISE_PLUS enable_default_db: name: enable_default_db title: Enable Default Db + invisible: false enable_default_user: name: enable_default_user title: Enable Default User + invisible: false enable_google_ml_integration: name: enable_google_ml_integration title: Enable Google Ml Integration @@ -173,6 +196,8 @@ spec: name: name: name title: Name + regexValidation: ^[a-z][a-z0-9-]{0,95}[a-z0-9]$ + validation: Use lowercase letters, numbers, and hyphens. Start with a letter and end with letter/number. Must be 97 characters or fewer. password_validation_policy_config: name: password_validation_policy_config title: Password Validation Policy Config @@ -200,6 +225,7 @@ spec: region: name: region title: Region + invisible: false root_password: name: root_password title: Root Password diff --git a/modules/postgresql/metadata.yaml b/modules/postgresql/metadata.yaml index a07a88ee..3fe13152 100644 --- a/modules/postgresql/metadata.yaml +++ b/modules/postgresql/metadata.yaml @@ -66,10 +66,85 @@ spec: description: The project ID to manage the Cloud SQL resources varType: string required: true + - name: region + description: The region of the Cloud SQL resources + varType: string + defaultValue: us-central1 - name: name description: The name of the Cloud SQL instance varType: string required: true + - name: edition + description: The edition of the Cloud SQL instance, can be ENTERPRISE or ENTERPRISE_PLUS. + varType: string + - name: database_version + description: The database version to use + varType: string + required: true + - name: availability_type + description: The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. + varType: string + defaultValue: ZONAL + - name: enable_default_db + description: Enable or disable the creation of the default database + varType: bool + defaultValue: true + - name: db_name + description: The name of the default database to create + varType: string + defaultValue: default + - name: enable_default_user + description: Enable or disable the creation of the default user + varType: bool + defaultValue: true + - name: user_name + description: The name of the default user + varType: string + defaultValue: default + - name: user_password + description: The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. + varType: string + defaultValue: "" + - name: deletion_protection + description: Used to block Terraform from deleting a SQL Instance. + varType: bool + defaultValue: true + - name: database_flags + description: The database flags for the Cloud SQL instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags) + varType: |- + list(object({ + name = string + value = string + })) + defaultValue: [] + - name: database_deletion_policy + description: "The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: \"ABANDON\"." + varType: string + - name: user_deletion_policy + description: "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." + varType: string + - name: data_cache_enabled + description: Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions + varType: bool + defaultValue: false + - name: additional_users + description: A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. + varType: |- + list(object({ + name = string + password = string + random_password = bool + })) + defaultValue: [] + - name: additional_databases + description: A list of databases to be created in your cluster + varType: |- + list(object({ + name = string + charset = string + collation = string + })) + defaultValue: [] - name: master_instance_name description: Name of the master instance if this is a failover replica. Required for creating failover replica instance. Not needed for master instance. When removed, next terraform apply will promote this failover failover replica instance as master instance varType: string @@ -81,21 +156,10 @@ spec: description: Sets random suffix at the end of the Cloud SQL resource name varType: bool defaultValue: false - - name: database_version - description: The database version to use - varType: string - required: true - - name: region - description: The region of the Cloud SQL resources - varType: string - defaultValue: us-central1 - name: tier description: The tier for the Cloud SQL instance. varType: string defaultValue: db-f1-micro - - name: edition - description: The edition of the Cloud SQL instance, can be ENTERPRISE or ENTERPRISE_PLUS. - varType: string - name: zone description: "The zone for the Cloud SQL instance, it should be something like: `us-central1-a`, `us-east1-c`." varType: string @@ -109,10 +173,6 @@ spec: description: The activation policy for the Cloud SQL instance.Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. varType: string defaultValue: ALWAYS - - name: availability_type - description: The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. - varType: string - defaultValue: ZONAL - name: deletion_protection_enabled description: Enables protection of an Cloud SQL instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). varType: bool @@ -153,14 +213,6 @@ spec: description: The update track of maintenance window for the Cloud SQL instance maintenance.Can be either `canary` or `stable`. varType: string defaultValue: canary - - name: database_flags - description: The database flags for the Cloud SQL instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags) - varType: |- - list(object({ - name = string - value = string - })) - defaultValue: [] - name: user_labels description: The key/value labels for the Cloud SQL instances. varType: map(string) @@ -223,7 +275,7 @@ spec: connections: - source: source: github.com/terraform-google-modules/terraform-google-network//modules/vpc - version: ~> 9.1 + version: ">= 9.1" spec: outputExpr: network_id inputPath: private_network @@ -270,10 +322,6 @@ spec: description: The optional suffix to add to the read instance name varType: string defaultValue: "" - - name: db_name - description: The name of the default database to create - varType: string - defaultValue: default - name: db_charset description: The charset for the default database varType: string @@ -282,51 +330,26 @@ spec: description: "The collation for the default database. Example: 'en_US.UTF8'" varType: string defaultValue: "" - - name: additional_databases - description: A list of databases to be created in your cluster - varType: |- - list(object({ - name = string - charset = string - collation = string - })) - defaultValue: [] - - name: user_name - description: The name of the default user - varType: string - defaultValue: default - - name: user_password - description: The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable. - varType: string - defaultValue: "" - - name: additional_users - description: A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. - varType: |- - list(object({ - name = string - password = string - random_password = bool - })) - defaultValue: [] - name: iam_users - description: A list of IAM users to be created in your CloudSQL instance + description: A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD_IAM_USER, CLOUD_IAM_SERVICE_ACCOUNT, CLOUD_IAM_GROUP and is required for type CLOUD_IAM_GROUP (IAM groups) varType: |- list(object({ id = string, - email = string + email = string, + type = optional(string) })) defaultValue: [] connections: - source: source: github.com/terraform-google-modules/terraform-google-service-accounts//modules/simple-sa - version: ~> 4.4 + version: ">= 4.4" spec: - outputExpr: account_details + outputExpr: "{\"id\": account_details.id, \"email\": account_details.email, \"type\": \"CLOUD_IAM_SERVICE_ACCOUNT\"}" - source: source: github.com/GoogleCloudPlatform/terraform-google-cloud-run//modules/v2 version: ">= 0.14" spec: - outputExpr: service_account_id + outputExpr: "{\"id\": service_account_id.id, \"email\": service_account_id.email, \"type\": \"CLOUD_IAM_SERVICE_ACCOUNT\"}" - name: create_timeout description: The optional timout that is applied to limit long database creates. varType: string @@ -346,28 +369,10 @@ spec: description: List of modules or resources this module depends on. varType: list(any) defaultValue: [] - - name: deletion_protection - description: Used to block Terraform from deleting a SQL Instance. - varType: bool - defaultValue: true - name: read_replica_deletion_protection description: Used to block Terraform from deleting replica SQL Instances. varType: bool defaultValue: false - - name: enable_default_db - description: Enable or disable the creation of the default database - varType: bool - defaultValue: true - - name: enable_default_user - description: Enable or disable the creation of the default user - varType: bool - defaultValue: true - - name: database_deletion_policy - description: "The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: \"ABANDON\"." - varType: string - - name: user_deletion_policy - description: "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." - varType: string - name: enable_random_password_special description: Enable special characters in generated random passwords. varType: bool @@ -379,10 +384,6 @@ spec: - name: root_password description: Initial root password during creation varType: string - - name: data_cache_enabled - description: Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions - varType: bool - defaultValue: false - name: enable_google_ml_integration description: Enable database ML integration varType: bool @@ -912,9 +913,9 @@ spec: - workflows.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 5.25, < 7" + version: ">= 6.1, < 7" - source: hashicorp/google-beta - version: ">= 5.25, < 7" + version: ">= 6.1, < 7" - source: hashicorp/null version: ~> 3.1 - source: hashicorp/random diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index 0d50fd54..5acf729b 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -19,27 +19,21 @@ variable "project_id" { description = "The project ID to manage the Cloud SQL resources" } -variable "name" { +variable "region" { type = string - description = "The name of the Cloud SQL instance" + description = "The region of the Cloud SQL resources" + default = "us-central1" } -variable "master_instance_name" { +variable "name" { type = string - description = "Name of the master instance if this is a failover replica. Required for creating failover replica instance. Not needed for master instance. When removed, next terraform apply will promote this failover failover replica instance as master instance" - default = null + description = "The name of the Cloud SQL instance" } -variable "instance_type" { +variable "edition" { + description = "The edition of the Cloud SQL instance, can be ENTERPRISE or ENTERPRISE_PLUS." type = string - description = "The type of the instance. The supported values are SQL_INSTANCE_TYPE_UNSPECIFIED, CLOUD_SQL_INSTANCE, ON_PREMISES_INSTANCE and READ_REPLICA_INSTANCE. Set to READ_REPLICA_INSTANCE if master_instance_name value is provided" - default = "CLOUD_SQL_INSTANCE" -} - -variable "random_instance_name" { - type = bool - description = "Sets random suffix at the end of the Cloud SQL resource name" - default = false + default = null } // required @@ -53,25 +47,123 @@ variable "database_version" { } } -// required -variable "region" { +variable "availability_type" { + description = "The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`." type = string - description = "The region of the Cloud SQL resources" - default = "us-central1" + default = "ZONAL" } -variable "tier" { - description = "The tier for the Cloud SQL instance." +variable "enable_default_db" { + description = "Enable or disable the creation of the default database" + type = bool + default = true +} + +variable "db_name" { + description = "The name of the default database to create" type = string - default = "db-f1-micro" + default = "default" } -variable "edition" { - description = "The edition of the Cloud SQL instance, can be ENTERPRISE or ENTERPRISE_PLUS." +variable "enable_default_user" { + description = "Enable or disable the creation of the default user" + type = bool + default = true +} + +variable "user_name" { + description = "The name of the default user" + type = string + default = "default" +} + +variable "user_password" { + description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." + type = string + default = "" +} + +variable "deletion_protection" { + description = "Used to block Terraform from deleting a SQL Instance." + type = bool + default = true +} + +variable "database_flags" { + description = "The database flags for the Cloud SQL instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags)" + type = list(object({ + name = string + value = string + })) + default = [] +} + +variable "database_deletion_policy" { + description = "The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: \"ABANDON\"." + type = string + default = null +} + +variable "user_deletion_policy" { + description = "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." type = string default = null } +variable "data_cache_enabled" { + description = "Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions" + type = bool + default = false +} + +variable "additional_users" { + description = "A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set." + type = list(object({ + name = string + password = string + random_password = bool + })) + default = [] + validation { + condition = length([for user in var.additional_users : false if(user.random_password == false && (user.password == null || user.password == "")) || (user.random_password == true && (user.password != null && user.password != ""))]) == 0 + error_message = "Password is a requird field for built_in Postgres users and you cannot set both password and random_password, choose one of them." + } +} + +variable "additional_databases" { + description = "A list of databases to be created in your cluster" + type = list(object({ + name = string + charset = string + collation = string + })) + default = [] +} + +variable "master_instance_name" { + type = string + description = "Name of the master instance if this is a failover replica. Required for creating failover replica instance. Not needed for master instance. When removed, next terraform apply will promote this failover failover replica instance as master instance" + default = null +} + +variable "instance_type" { + type = string + description = "The type of the instance. The supported values are SQL_INSTANCE_TYPE_UNSPECIFIED, CLOUD_SQL_INSTANCE, ON_PREMISES_INSTANCE and READ_REPLICA_INSTANCE. Set to READ_REPLICA_INSTANCE if master_instance_name value is provided" + default = "CLOUD_SQL_INSTANCE" +} + +variable "random_instance_name" { + type = bool + description = "Sets random suffix at the end of the Cloud SQL resource name" + default = false +} + +variable "tier" { + description = "The tier for the Cloud SQL instance." + type = string + default = "db-f1-micro" +} + variable "zone" { type = string description = "The zone for the Cloud SQL instance, it should be something like: `us-central1-a`, `us-east1-c`." @@ -96,12 +188,6 @@ variable "activation_policy" { default = "ALWAYS" } -variable "availability_type" { - description = "The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`." - type = string - default = "ZONAL" -} - variable "deletion_protection_enabled" { description = "Enables protection of an Cloud SQL instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform)." type = bool @@ -162,15 +248,6 @@ variable "maintenance_window_update_track" { default = "canary" } -variable "database_flags" { - description = "The database flags for the Cloud SQL instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags)" - type = list(object({ - name = string - value = string - })) - default = [] -} - variable "user_labels" { description = "The key/value labels for the Cloud SQL instances." type = map(string) @@ -286,12 +363,6 @@ variable "read_replica_name_suffix" { default = "" } -variable "db_name" { - description = "The name of the default database to create" - type = string - default = "default" -} - variable "db_charset" { description = "The charset for the default database" type = string @@ -304,42 +375,6 @@ variable "db_collation" { default = "" } -variable "additional_databases" { - description = "A list of databases to be created in your cluster" - type = list(object({ - name = string - charset = string - collation = string - })) - default = [] -} - -variable "user_name" { - description = "The name of the default user" - type = string - default = "default" -} - -variable "user_password" { - description = "The password for the default user. If not set, a random one will be generated and available in the generated_user_password output variable." - type = string - default = "" -} - -variable "additional_users" { - description = "A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set." - type = list(object({ - name = string - password = string - random_password = bool - })) - default = [] - validation { - condition = length([for user in var.additional_users : false if(user.random_password == false && (user.password == null || user.password == "")) || (user.random_password == true && (user.password != null && user.password != ""))]) == 0 - error_message = "Password is a requird field for built_in Postgres users and you cannot set both password and random_password, choose one of them." - } -} - variable "iam_users" { description = "A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD_IAM_USER, CLOUD_IAM_SERVICE_ACCOUNT, CLOUD_IAM_GROUP and is required for type CLOUD_IAM_GROUP (IAM groups)" type = list(object({ @@ -380,42 +415,12 @@ variable "module_depends_on" { default = [] } -variable "deletion_protection" { - description = "Used to block Terraform from deleting a SQL Instance." - type = bool - default = true -} - variable "read_replica_deletion_protection" { description = "Used to block Terraform from deleting replica SQL Instances." type = bool default = false } -variable "enable_default_db" { - description = "Enable or disable the creation of the default database" - type = bool - default = true -} - -variable "enable_default_user" { - description = "Enable or disable the creation of the default user" - type = bool - default = true -} - -variable "database_deletion_policy" { - description = "The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: \"ABANDON\"." - type = string - default = null -} - -variable "user_deletion_policy" { - description = "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"." - type = string - default = null -} - variable "enable_random_password_special" { description = "Enable special characters in generated random passwords." type = bool @@ -434,12 +439,6 @@ variable "root_password" { default = null } -variable "data_cache_enabled" { - description = "Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE_PLUS tier and supported database_versions" - type = bool - default = false -} - variable "enable_google_ml_integration" { description = "Enable database ML integration" type = bool