From c24c61e324bf43d5ede51f1bd39560180d54de5c Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Thu, 22 May 2025 10:28:48 +0100 Subject: [PATCH 1/8] Expose retain_backups_on_delete configuration --- modules/mysql/main.tf | 1 + modules/mysql/variables.tf | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf index bd14dbd8..57158479 100644 --- a/modules/mysql/main.tf +++ b/modules/mysql/main.tf @@ -80,6 +80,7 @@ resource "google_sql_database_instance" "default" { connector_enforcement = local.connector_enforcement enable_google_ml_integration = var.enable_google_ml_integration enable_dataplex_integration = var.enable_dataplex_integration + retain_backups_on_delete = var.retain_backups_on_delete dynamic "backup_configuration" { for_each = [var.backup_configuration] diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index 2be0451e..ee2f8773 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -480,3 +480,9 @@ variable "database_integration_roles" { type = list(string) default = [] } + +variable "retain_backups_on_delete" { + description = "When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting." + type = bool + default = false +} From c6a5e86994f4289d4ea77ebbb4b165bcec64454b Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Thu, 22 May 2025 11:28:00 +0100 Subject: [PATCH 2/8] Add doc entry --- modules/mysql/README.md | 129 ++++++++++++++++++++-------------------- 1 file changed, 65 insertions(+), 64 deletions(-) diff --git a/modules/mysql/README.md b/modules/mysql/README.md index c1422e23..3ba87f3a 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -43,70 +43,71 @@ module "mysql-db" { ## Inputs -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| activation\_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | `string` | `"ALWAYS"` | no | -| additional\_databases | A list of databases to be created in your cluster | 
list(object({
    name      = string
    charset   = string
    collation = string
  }))
| `[]` | no | -| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
    type            = string
    host            = string
  }))
| `[]` | no | -| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no | -| backup\_configuration | The backup\_configuration settings subblock for the database setings | 
object({
    binary_log_enabled             = optional(bool, false)
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | -| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | -| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | -| data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no | -| database\_flags | List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | 
list(object({
    name  = string
    value = string
  }))
| `[]` | no | -| database\_integration\_roles | The roles required by default database instance service account for integration with GCP services | `list(string)` | `[]` | no | -| database\_version | The database version to use | `string` | n/a | yes | -| db\_charset | The charset for the default database | `string` | `""` | no | -| db\_collation | The collation for the default database. Example: 'utf8\_general\_ci' | `string` | `""` | no | -| db\_name | The name of the default database to create. This should be unique per Cloud SQL instance. | `string` | `"default"` | no | -| delete\_timeout | The optional timout that is applied to limit long database deletes. | `string` | `"30m"` | no | -| deletion\_protection | Used to block Terraform from deleting a SQL Instance. | `bool` | `true` | no | -| deletion\_protection\_enabled | Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | -| deny\_maintenance\_period | The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance) | 
list(object({
    end_date   = string
    start_date = string
    time       = string
  }))
| `[]` | no | -| disk\_autoresize | Configuration to increase storage size | `bool` | `true` | no | -| disk\_autoresize\_limit | The maximum size to which storage can be auto increased. | `number` | `0` | no | -| disk\_size | The disk size (in GB) for the master instance | `number` | `10` | no | -| disk\_type | The disk type for the master instance. | `string` | `"PD_SSD"` | no | -| edition | The edition of the instance, can be ENTERPRISE or ENTERPRISE\_PLUS. | `string` | `null` | no | -| enable\_dataplex\_integration | Enable database Dataplex integration | `bool` | `false` | no | -| enable\_default\_db | Enable or disable the creation of the default database | `bool` | `true` | no | -| enable\_default\_user | Enable or disable the creation of the default user | `bool` | `true` | no | -| enable\_google\_ml\_integration | Enable database ML integration | `bool` | `false` | no | -| enable\_random\_password\_special | Enable special characters in generated random passwords. | `bool` | `false` | no | -| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | -| failover\_dr\_replica\_name | If the instance is a primary instance, then this field identifies the disaster recovery (DR) replica. The standard format of this field is "your-project:your-instance". You can also set this field to "your-instance", but cloud SQL backend will convert it to the aforementioned standard format. | `string` | `null` | no | -| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | -| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | -| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | -| instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no | -| ip\_configuration | The ip\_configuration settings subblock | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | -| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | -| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | -| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | -| maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"canary"` | no | -| master\_instance\_name | The name of the existing instance that will act as the master in the replication setup. | `string` | `null` | no | -| module\_depends\_on | List of modules or resources this module depends on. | `list(any)` | `[]` | no | -| name | The name of the Cloud SQL resources | `string` | n/a | yes | -| password\_validation\_policy\_config | The password validation policy settings for the database instance. | 
object({
    enable_password_policy      = bool
    min_length                  = optional(number)
    complexity                  = optional(string)
    disallow_username_substring = optional(bool)
    reuse_interval              = optional(number)
  })
| `null` | no | -| pricing\_plan | The pricing plan for the master instance. | `string` | `"PER_USE"` | no | -| project\_id | The project ID to manage the Cloud SQL resources | `string` | n/a | yes | -| random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | `bool` | `false` | no | -| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | -| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | -| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | -| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | -| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | -| root\_password | MySQL password for the root user. | `string` | `null` | no | -| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | -| tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | -| update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"30m"` | no | -| user\_deletion\_policy | The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: "ABANDON". | `string` | `null` | no | -| user\_host | The host for the default user | `string` | `"%"` | no | -| user\_labels | The key/value labels for the master instances. | `map(string)` | `{}` | no | -| user\_name | The name of the default user | `string` | `"default"` | no | -| user\_password | The password for the default user. If not set, a random one will be generated and available in the generated\_user\_password output variable. | `string` | `""` | no | -| zone | The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | +| Name | Description | Type | Default | Required | +|----------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------|:--------:| +| activation\_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | `string` | `"ALWAYS"` | no | +| additional\_databases | A list of databases to be created in your cluster | 
list(object({
    name      = string
    charset   = string
    collation = string
  }))
| `[]` | no | +| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
    type            = string
    host            = string
  }))
| `[]` | no | +| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no | +| backup\_configuration | The backup\_configuration settings subblock for the database setings | 
object({
    binary_log_enabled             = optional(bool, false)
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | +| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | +| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | +| data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no | +| database\_flags | List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | 
list(object({
    name  = string
    value = string
  }))
| `[]` | no | +| database\_integration\_roles | The roles required by default database instance service account for integration with GCP services | `list(string)` | `[]` | no | +| database\_version | The database version to use | `string` | n/a | yes | +| db\_charset | The charset for the default database | `string` | `""` | no | +| db\_collation | The collation for the default database. Example: 'utf8\_general\_ci' | `string` | `""` | no | +| db\_name | The name of the default database to create. This should be unique per Cloud SQL instance. | `string` | `"default"` | no | +| delete\_timeout | The optional timout that is applied to limit long database deletes. | `string` | `"30m"` | no | +| deletion\_protection | Used to block Terraform from deleting a SQL Instance. | `bool` | `true` | no | +| deletion\_protection\_enabled | Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | +| deny\_maintenance\_period | The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance) | 
list(object({
    end_date   = string
    start_date = string
    time       = string
  }))
| `[]` | no | +| disk\_autoresize | Configuration to increase storage size | `bool` | `true` | no | +| disk\_autoresize\_limit | The maximum size to which storage can be auto increased. | `number` | `0` | no | +| disk\_size | The disk size (in GB) for the master instance | `number` | `10` | no | +| disk\_type | The disk type for the master instance. | `string` | `"PD_SSD"` | no | +| edition | The edition of the instance, can be ENTERPRISE or ENTERPRISE\_PLUS. | `string` | `null` | no | +| enable\_dataplex\_integration | Enable database Dataplex integration | `bool` | `false` | no | +| enable\_default\_db | Enable or disable the creation of the default database | `bool` | `true` | no | +| enable\_default\_user | Enable or disable the creation of the default user | `bool` | `true` | no | +| enable\_google\_ml\_integration | Enable database ML integration | `bool` | `false` | no | +| enable\_random\_password\_special | Enable special characters in generated random passwords. | `bool` | `false` | no | +| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | +| failover\_dr\_replica\_name | If the instance is a primary instance, then this field identifies the disaster recovery (DR) replica. The standard format of this field is "your-project:your-instance". You can also set this field to "your-instance", but cloud SQL backend will convert it to the aforementioned standard format. | `string` | `null` | no | +| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | +| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | +| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | +| instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no | +| ip\_configuration | The ip\_configuration settings subblock | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | +| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | +| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | +| maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"canary"` | no | +| master\_instance\_name | The name of the existing instance that will act as the master in the replication setup. | `string` | `null` | no | +| module\_depends\_on | List of modules or resources this module depends on. | `list(any)` | `[]` | no | +| name | The name of the Cloud SQL resources | `string` | n/a | yes | +| password\_validation\_policy\_config | The password validation policy settings for the database instance. | 
object({
    enable_password_policy      = bool
    min_length                  = optional(number)
    complexity                  = optional(string)
    disallow_username_substring = optional(bool)
    reuse_interval              = optional(number)
  })
| `null` | no | +| pricing\_plan | The pricing plan for the master instance. | `string` | `"PER_USE"` | no | +| project\_id | The project ID to manage the Cloud SQL resources | `string` | n/a | yes | +| random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | `bool` | `false` | no | +| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | +| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | +| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | +| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | +| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting. | `bool` | `false` | no | +| root\_password | MySQL password for the root user. | `string` | `null` | no | +| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | +| tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | +| update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"30m"` | no | +| user\_deletion\_policy | The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: "ABANDON". | `string` | `null` | no | +| user\_host | The host for the default user | `string` | `"%"` | no | +| user\_labels | The key/value labels for the master instances. | `map(string)` | `{}` | no | +| user\_name | The name of the default user | `string` | `"default"` | no | +| user\_password | The password for the default user. If not set, a random one will be generated and available in the generated\_user\_password output variable. | `string` | `""` | no | +| zone | The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | ## Outputs From 571f9adc462b448ed264095c328a9970d9c04587 Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Thu, 22 May 2025 11:31:26 +0100 Subject: [PATCH 3/8] Fixup autoformat --- modules/mysql/README.md | 130 ++++++++++++++++++++-------------------- 1 file changed, 65 insertions(+), 65 deletions(-) diff --git a/modules/mysql/README.md b/modules/mysql/README.md index 3ba87f3a..e9e496d5 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -43,71 +43,71 @@ module "mysql-db" { ## Inputs -| Name | Description | Type | Default | Required | -|----------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------|:--------:| -| activation\_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | `string` | `"ALWAYS"` | no | -| additional\_databases | A list of databases to be created in your cluster | 
list(object({
    name      = string
    charset   = string
    collation = string
  }))
| `[]` | no | -| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
    type            = string
    host            = string
  }))
| `[]` | no | -| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no | -| backup\_configuration | The backup\_configuration settings subblock for the database setings | 
object({
    binary_log_enabled             = optional(bool, false)
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | -| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | -| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | -| data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no | -| database\_flags | List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | 
list(object({
    name  = string
    value = string
  }))
| `[]` | no | -| database\_integration\_roles | The roles required by default database instance service account for integration with GCP services | `list(string)` | `[]` | no | -| database\_version | The database version to use | `string` | n/a | yes | -| db\_charset | The charset for the default database | `string` | `""` | no | -| db\_collation | The collation for the default database. Example: 'utf8\_general\_ci' | `string` | `""` | no | -| db\_name | The name of the default database to create. This should be unique per Cloud SQL instance. | `string` | `"default"` | no | -| delete\_timeout | The optional timout that is applied to limit long database deletes. | `string` | `"30m"` | no | -| deletion\_protection | Used to block Terraform from deleting a SQL Instance. | `bool` | `true` | no | -| deletion\_protection\_enabled | Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | -| deny\_maintenance\_period | The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance) | 
list(object({
    end_date   = string
    start_date = string
    time       = string
  }))
| `[]` | no | -| disk\_autoresize | Configuration to increase storage size | `bool` | `true` | no | -| disk\_autoresize\_limit | The maximum size to which storage can be auto increased. | `number` | `0` | no | -| disk\_size | The disk size (in GB) for the master instance | `number` | `10` | no | -| disk\_type | The disk type for the master instance. | `string` | `"PD_SSD"` | no | -| edition | The edition of the instance, can be ENTERPRISE or ENTERPRISE\_PLUS. | `string` | `null` | no | -| enable\_dataplex\_integration | Enable database Dataplex integration | `bool` | `false` | no | -| enable\_default\_db | Enable or disable the creation of the default database | `bool` | `true` | no | -| enable\_default\_user | Enable or disable the creation of the default user | `bool` | `true` | no | -| enable\_google\_ml\_integration | Enable database ML integration | `bool` | `false` | no | -| enable\_random\_password\_special | Enable special characters in generated random passwords. | `bool` | `false` | no | -| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | -| failover\_dr\_replica\_name | If the instance is a primary instance, then this field identifies the disaster recovery (DR) replica. The standard format of this field is "your-project:your-instance". You can also set this field to "your-instance", but cloud SQL backend will convert it to the aforementioned standard format. | `string` | `null` | no | -| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | -| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | -| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | -| instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no | -| ip\_configuration | The ip\_configuration settings subblock | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | -| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | -| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | -| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | -| maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"canary"` | no | -| master\_instance\_name | The name of the existing instance that will act as the master in the replication setup. | `string` | `null` | no | -| module\_depends\_on | List of modules or resources this module depends on. | `list(any)` | `[]` | no | -| name | The name of the Cloud SQL resources | `string` | n/a | yes | -| password\_validation\_policy\_config | The password validation policy settings for the database instance. | 
object({
    enable_password_policy      = bool
    min_length                  = optional(number)
    complexity                  = optional(string)
    disallow_username_substring = optional(bool)
    reuse_interval              = optional(number)
  })
| `null` | no | -| pricing\_plan | The pricing plan for the master instance. | `string` | `"PER_USE"` | no | -| project\_id | The project ID to manage the Cloud SQL resources | `string` | n/a | yes | -| random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | `bool` | `false` | no | -| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | -| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | -| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | -| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | -| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | -| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting. | `bool` | `false` | no | -| root\_password | MySQL password for the root user. | `string` | `null` | no | -| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | -| tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | -| update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"30m"` | no | -| user\_deletion\_policy | The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: "ABANDON". | `string` | `null` | no | -| user\_host | The host for the default user | `string` | `"%"` | no | -| user\_labels | The key/value labels for the master instances. | `map(string)` | `{}` | no | -| user\_name | The name of the default user | `string` | `"default"` | no | -| user\_password | The password for the default user. If not set, a random one will be generated and available in the generated\_user\_password output variable. | `string` | `""` | no | -| zone | The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| activation\_policy | The activation policy for the master instance. Can be either `ALWAYS`, `NEVER` or `ON_DEMAND`. | `string` | `"ALWAYS"` | no | +| additional\_databases | A list of databases to be created in your cluster | 
list(object({
    name      = string
    charset   = string
    collation = string
  }))
| `[]` | no | +| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
    type            = string
    host            = string
  }))
| `[]` | no | +| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no | +| backup\_configuration | The backup\_configuration settings subblock for the database setings | 
object({
    binary_log_enabled             = optional(bool, false)
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | +| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | +| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | +| data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no | +| database\_flags | List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | 
list(object({
    name  = string
    value = string
  }))
| `[]` | no | +| database\_integration\_roles | The roles required by default database instance service account for integration with GCP services | `list(string)` | `[]` | no | +| database\_version | The database version to use | `string` | n/a | yes | +| db\_charset | The charset for the default database | `string` | `""` | no | +| db\_collation | The collation for the default database. Example: 'utf8\_general\_ci' | `string` | `""` | no | +| db\_name | The name of the default database to create. This should be unique per Cloud SQL instance. | `string` | `"default"` | no | +| delete\_timeout | The optional timout that is applied to limit long database deletes. | `string` | `"30m"` | no | +| deletion\_protection | Used to block Terraform from deleting a SQL Instance. | `bool` | `true` | no | +| deletion\_protection\_enabled | Enables protection of an instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | +| deny\_maintenance\_period | The Deny Maintenance Period fields to prevent automatic maintenance from occurring during a 90-day time period. List accepts only one value. See [more details](https://cloud.google.com/sql/docs/mysql/maintenance) | 
list(object({
    end_date   = string
    start_date = string
    time       = string
  }))
| `[]` | no | +| disk\_autoresize | Configuration to increase storage size | `bool` | `true` | no | +| disk\_autoresize\_limit | The maximum size to which storage can be auto increased. | `number` | `0` | no | +| disk\_size | The disk size (in GB) for the master instance | `number` | `10` | no | +| disk\_type | The disk type for the master instance. | `string` | `"PD_SSD"` | no | +| edition | The edition of the instance, can be ENTERPRISE or ENTERPRISE\_PLUS. | `string` | `null` | no | +| enable\_dataplex\_integration | Enable database Dataplex integration | `bool` | `false` | no | +| enable\_default\_db | Enable or disable the creation of the default database | `bool` | `true` | no | +| enable\_default\_user | Enable or disable the creation of the default user | `bool` | `true` | no | +| enable\_google\_ml\_integration | Enable database ML integration | `bool` | `false` | no | +| enable\_random\_password\_special | Enable special characters in generated random passwords. | `bool` | `false` | no | +| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no | +| failover\_dr\_replica\_name | If the instance is a primary instance, then this field identifies the disaster recovery (DR) replica. The standard format of this field is "your-project:your-instance". You can also set this field to "your-instance", but cloud SQL backend will convert it to the aforementioned standard format. | `string` | `null` | no | +| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no | +| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | 
list(object({
    id    = string,
    email = string,
    type  = optional(string)
  }))
| `[]` | no | +| insights\_config | The insights\_config settings for the database. | 
object({
    query_plans_per_minute  = number
    query_string_length     = number
    record_application_tags = bool
    record_client_address   = bool
  })
| `null` | no | +| instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no | +| ip\_configuration | The ip\_configuration settings subblock | 
object({
    authorized_networks                           = optional(list(map(string)), [])
    ipv4_enabled                                  = optional(bool, true)
    private_network                               = optional(string)
    ssl_mode                                      = optional(string)
    allocated_ip_range                            = optional(string)
    enable_private_path_for_google_cloud_services = optional(bool, false)
    psc_enabled                                   = optional(bool, false)
    psc_allowed_consumer_projects                 = optional(list(string), [])
  })
| `{}` | no | +| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no | +| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no | +| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no | +| maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"canary"` | no | +| master\_instance\_name | The name of the existing instance that will act as the master in the replication setup. | `string` | `null` | no | +| module\_depends\_on | List of modules or resources this module depends on. | `list(any)` | `[]` | no | +| name | The name of the Cloud SQL resources | `string` | n/a | yes | +| password\_validation\_policy\_config | The password validation policy settings for the database instance. | 
object({
    enable_password_policy      = bool
    min_length                  = optional(number)
    complexity                  = optional(string)
    disallow_username_substring = optional(bool)
    reuse_interval              = optional(number)
  })
| `null` | no | +| pricing\_plan | The pricing plan for the master instance. | `string` | `"PER_USE"` | no | +| project\_id | The project ID to manage the Cloud SQL resources | `string` | n/a | yes | +| random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | `bool` | `false` | no | +| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | +| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | +| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | +| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | +| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting | `false` | no | +| root\_password | MySQL password for the root user. | `string` | `null` | no | +| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | +| tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | +| update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"30m"` | no | +| user\_deletion\_policy | The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: "ABANDON". | `string` | `null` | no | +| user\_host | The host for the default user | `string` | `"%"` | no | +| user\_labels | The key/value labels for the master instances. | `map(string)` | `{}` | no | +| user\_name | The name of the default user | `string` | `"default"` | no | +| user\_password | The password for the default user. If not set, a random one will be generated and available in the generated\_user\_password output variable. | `string` | `""` | no | +| zone | The zone for the master instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | ## Outputs From 952811ad0f9e71de3ecee9ef9c7452cc32b203ec Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Thu, 22 May 2025 11:32:27 +0100 Subject: [PATCH 4/8] Add datatype --- modules/mysql/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/mysql/README.md b/modules/mysql/README.md index e9e496d5..4ae4ed5b 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -97,7 +97,7 @@ module "mysql-db" { | read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | -| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting | `false` | no | +| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting | `bool` | `false` | no | | root\_password | MySQL password for the root user. | `string` | `null` | no | | secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | | tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | From 94ab8dcf7471650aa90bf45b67447004e988298f Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Wed, 28 May 2025 15:54:23 +0100 Subject: [PATCH 5/8] Pin versions.tf to compatible version --- modules/mysql/versions.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/modules/mysql/versions.tf b/modules/mysql/versions.tf index ab1c32bd..fd61ed03 100644 --- a/modules/mysql/versions.tf +++ b/modules/mysql/versions.tf @@ -27,11 +27,11 @@ terraform { } google = { source = "hashicorp/google" - version = ">= 6.17, < 7" + version = ">= 6.31, < 7" } google-beta = { source = "hashicorp/google-beta" - version = ">= 6.17, < 7" + version = ">= 6.31, < 7" } } From 7e2c0108d7bf75281bc66719d3270c4a957bc682 Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Wed, 28 May 2025 18:17:34 +0100 Subject: [PATCH 6/8] Regenerate README.md --- modules/mysql/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/mysql/README.md b/modules/mysql/README.md index 4ae4ed5b..371926e0 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -97,7 +97,7 @@ module "mysql-db" { | read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | -| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The `ON_DEMAND` backup will be retained until customer deletes the backup or the project. The `AUTOMATED` backup will be retained based on the backups retention setting | `bool` | `false` | no | +| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no | | root\_password | MySQL password for the root user. | `string` | `null` | no | | secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | | tier | The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE\_PLUS, if user wants to change the edition, he should chose compatible tier. | `string` | `"db-n1-standard-1"` | no | From a4a88fe93499b7300660fd0e734ca761a64bb545 Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Wed, 11 Jun 2025 15:01:51 +0100 Subject: [PATCH 7/8] Also add for safer_mysql --- modules/mysql/variables.tf | 11 ++++++----- modules/safer_mysql/README.md | 1 + modules/safer_mysql/main.tf | 1 + modules/safer_mysql/variables.tf | 6 ++++++ modules/safer_mysql/versions.tf | 2 +- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index ee2f8773..db742727 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -314,6 +314,12 @@ variable "backup_configuration" { default = {} } +variable "retain_backups_on_delete" { + description = "When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting." + type = bool + default = false +} + variable "insights_config" { description = "The insights_config settings for the database." type = object({ @@ -481,8 +487,3 @@ variable "database_integration_roles" { default = [] } -variable "retain_backups_on_delete" { - description = "When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting." - type = bool - default = false -} diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md index a64f2486..c0b9de04 100644 --- a/modules/safer_mysql/README.md +++ b/modules/safer_mysql/README.md @@ -284,6 +284,7 @@ module "safer-mysql-db" { | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | | read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = string
    edition               = string
    availability_type     = string
    zone                  = string
    disk_type             = string
    disk_autoresize       = bool
    disk_autoresize_limit = number
    disk_size             = string
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks = list(map(string))
      ipv4_enabled        = bool
      private_network     = string
      allocated_ip_range  = string
    })
    encryption_key_name = string
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | n/a | yes | +| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `true` | no | | secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no | | tier | The tier for the master instance. | `string` | `"db-n1-standard-1"` | no | | update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"30m"` | no | diff --git a/modules/safer_mysql/main.tf b/modules/safer_mysql/main.tf index d3e784cf..57567d11 100644 --- a/modules/safer_mysql/main.tf +++ b/modules/safer_mysql/main.tf @@ -51,6 +51,7 @@ module "safer_mysql" { user_labels = var.user_labels backup_configuration = var.backup_configuration + retain_backups_on_delete = var.retain_backups_on_delete insights_config = var.insights_config diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf index 33e37357..7b5ff289 100644 --- a/modules/safer_mysql/variables.tf +++ b/modules/safer_mysql/variables.tf @@ -237,6 +237,12 @@ variable "backup_configuration" { } } +variable "retain_backups_on_delete" { + description = "When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting." + type = bool + default = true +} + variable "assign_public_ip" { description = "Set to true if the master instance should also have a public IP (less secure)." type = bool diff --git a/modules/safer_mysql/versions.tf b/modules/safer_mysql/versions.tf index d20bdb38..f6b4d204 100644 --- a/modules/safer_mysql/versions.tf +++ b/modules/safer_mysql/versions.tf @@ -20,7 +20,7 @@ terraform { google = { source = "hashicorp/google" - version = ">= 6.17, < 7" + version = ">= 6.31, < 7" } } From 348b36f812110ae0a3e31210e9dc57a228ac7ce4 Mon Sep 17 00:00:00 2001 From: Oscar van Leusen Date: Mon, 16 Jun 2025 11:09:55 +0100 Subject: [PATCH 8/8] Run terraform fmt --- modules/safer_mysql/main.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/safer_mysql/main.tf b/modules/safer_mysql/main.tf index 57567d11..72398da6 100644 --- a/modules/safer_mysql/main.tf +++ b/modules/safer_mysql/main.tf @@ -50,7 +50,7 @@ module "safer_mysql" { user_labels = var.user_labels - backup_configuration = var.backup_configuration + backup_configuration = var.backup_configuration retain_backups_on_delete = var.retain_backups_on_delete insights_config = var.insights_config