diff --git a/modules/mysql/README.md b/modules/mysql/README.md
index 8b9ed6a1..4884bf26 100644
--- a/modules/mysql/README.md
+++ b/modules/mysql/README.md
@@ -79,7 +79,7 @@ module "mysql-db" {
| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | list(object({
id = string,
email = string,
type = optional(string)
})) | `[]` | no |
| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
| instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no |
-| ip\_configuration | The ip\_configuration settings subblock | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool, true)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
}) | `{}` | no |
+| ip\_configuration | The ip\_configuration settings subblock | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool, true)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
psc_auto_connections = optional(list(object({
consumer_network = string
consumer_service_project_id = string
})), [])
}) | `{}` | no |
| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no |
| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no |
| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no |
diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf
index 57158479..ec00e4f3 100644
--- a/modules/mysql/main.tf
+++ b/modules/mysql/main.tf
@@ -160,6 +160,14 @@ resource "google_sql_database_instance" "default" {
content {
psc_enabled = ip_configuration.value.psc_enabled
allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+ dynamic "psc_auto_connections" {
+ for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+ content {
+ consumer_network = psc_auto_connections.value.consumer_network
+ consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+ }
+ }
}
}
diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf
index 01995648..52802ff7 100644
--- a/modules/mysql/read_replica.tf
+++ b/modules/mysql/read_replica.tf
@@ -92,6 +92,14 @@ resource "google_sql_database_instance" "replicas" {
content {
psc_enabled = ip_configuration.value.psc_enabled
allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+ dynamic "psc_auto_connections" {
+ for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+ content {
+ consumer_network = psc_auto_connections.value.consumer_network
+ consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+ }
+ }
}
}
}
diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf
index db742727..6518e7ec 100644
--- a/modules/mysql/variables.tf
+++ b/modules/mysql/variables.tf
@@ -342,6 +342,10 @@ variable "ip_configuration" {
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
+ psc_auto_connections = optional(list(object({
+ consumer_network = string
+ consumer_service_project_id = string
+ })), [])
})
default = {}
}
diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md
index 8288c664..a1145444 100644
--- a/modules/postgresql/README.md
+++ b/modules/postgresql/README.md
@@ -152,7 +152,7 @@ module "pg" {
| iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | list(object({
id = string,
email = string,
type = optional(string)
})) | `[]` | no |
| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = optional(number, 5)
query_string_length = optional(number, 1024)
record_application_tags = optional(bool, false)
record_client_address = optional(bool, false)
}) | `null` | no |
| instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE if master\_instance\_name value is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no |
-| ip\_configuration | The ip configuration for the Cloud SQL instances. | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool, true)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
server_ca_mode = optional(string)
server_ca_pool = optional(string)
custom_subject_alternative_names = optional(list(string), [])
}) | `{}` | no |
+| ip\_configuration | The ip configuration for the Cloud SQL instances. | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool, true)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
psc_auto_connections = optional(list(object({
consumer_network = string
consumer_service_project_id = string
})), [])
server_ca_mode = optional(string)
server_ca_pool = optional(string)
custom_subject_alternative_names = optional(list(string), [])
}) | `{}` | no |
| kms\_key\_handle\_name | key handle name. If not provided module will use instance name as key handle name | `string` | `null` | no |
| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no |
| maintenance\_window\_day | The day of week (1-7) for the Cloud SQL instance maintenance. | `number` | `1` | no |
diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf
index 01cbcf9a..def05ad4 100644
--- a/modules/postgresql/main.tf
+++ b/modules/postgresql/main.tf
@@ -145,6 +145,14 @@ resource "google_sql_database_instance" "default" {
content {
psc_enabled = ip_configuration.value.psc_enabled
allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+ dynamic "psc_auto_connections" {
+ for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+ content {
+ consumer_network = psc_auto_connections.value.consumer_network
+ consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+ }
+ }
}
}
diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf
index 3cae2aa1..c5d2308d 100644
--- a/modules/postgresql/read_replica.tf
+++ b/modules/postgresql/read_replica.tf
@@ -67,6 +67,14 @@ resource "google_sql_database_instance" "replicas" {
content {
psc_enabled = ip_configuration.value.psc_enabled
allowed_consumer_projects = ip_configuration.value.psc_enabled ? ip_configuration.value.psc_allowed_consumer_projects : []
+
+ dynamic "psc_auto_connections" {
+ for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+ content {
+ consumer_network = psc_auto_connections.value.consumer_network
+ consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+ }
+ }
}
}
}
diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf
index 88c2e231..7129430b 100644
--- a/modules/postgresql/variables.tf
+++ b/modules/postgresql/variables.tf
@@ -330,9 +330,13 @@ variable "ip_configuration" {
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
- server_ca_mode = optional(string)
- server_ca_pool = optional(string)
- custom_subject_alternative_names = optional(list(string), [])
+ psc_auto_connections = optional(list(object({
+ consumer_network = string
+ consumer_service_project_id = string
+ })), [])
+ server_ca_mode = optional(string)
+ server_ca_pool = optional(string)
+ custom_subject_alternative_names = optional(list(string), [])
})
default = {}
}