We value your privacy
The module creates and manages Cloud SQL instance with one of the supported SQL database engines:
Key features:
Once you have a Corewide Solutions Portal account, this one-time action will use your browser session to retrieve credentials:
shellterraform login solutions.corewide.com
Initialize mandatory providers:
Copy and paste into your Terraform configuration and insert the variables:
hclmodule "tf_gcp_cloudsql" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6.0"
# specify module inputs here or try one of the examples below
...
}
Initialize the setup:
shellterraform init
Corewide DevOps team strictly follows Semantic Versioning
Specification
to
provide our clients with products that have predictable upgrades between versions. We
recommend
pinning
patch versions of our modules using pessimistic
constraint operator (~>) to prevent breaking changes during upgrades.
To get new features during the upgrades (without breaking compatibility), use
~> 1.6 and run
terraform init -upgrade
For the safest setup, use strict pinning with version = "1.6.0"
All notable changes to this project are documented here.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
connection_parameters output: host, private and public IPs, port, private and public connection stringsconnection_parameters.db_uri output renamed to connection_parameters.db_self_linkconnection_parameters.db_uri in favour of connection_parameters.db_self_link and will be deleted in v2.0connection_parameters.db_connection_string outputdatabases)query_insights_config variable for configuring Query Insightssql_server_audit_config variable for configuring SQL Server auditing settingslocation parameter to backup_configuration variable for configuring the region where the backup will be storeddeletion_protection_enabled input variable did not cover deletion protection of a database instance at the GCP level across all surfaces (API, gcloud, Cloud Console and Terraform)read_replicas variable for configuring cluster setupprivate and/or public access settings by means of public_access_enabled and private_network parametersFirst stable version
Create Cloud SQL instance with MySQL engine and required values only:
hclmodule "sql_db" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
name_prefix = "foo"
db_engine = "mysql"
}
Create highly available Cloud SQL instance with a MySQL custom engine with 8.4 version, and 2 highly-available replicas, enabled Query Insights, disabled backups, custom user with password, create 2 databases and firewall for database instance:
hclmodule "sql_db" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
db_engine = "mysql"
name_prefix = "foo"
engine_version = "8.4"
multi_az_enabled = true
backup_configuration = {
enabled = false
}
user = {
name = "myuser"
password = "mypassword123"
}
maintenance_window = {
day = 5
hour = 4
}
databases = [
{
name = "users"
},
{
name = "orders"
},
]
authorized_networks = [
{
name = "backenders"
value = "208.22.15.254/32"
},
{
name = "frontenders"
value = "110.13.37.38/32"
},
]
read_replicas = {
count = 3
multi_az_enabled = true
}
query_insights_config = {
enabled = true
string_length = 1024
plans_per_minute = 10
}
}
Create Cloud SQL instance with PostgreSQL engine and required values only:
hclmodule "sql_db" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
name_prefix = "foo"
db_engine = "postgres"
}
Create highly available Cloud SQL instance with a PostgreSQL custom engine with 14 version, and 2 highly-available replicas, enabled Query Insights, disabled backups, custom user with password, create 2 databases and firewall for database instance:
hclmodule "sql_db" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
db_engine = "postgres"
name_prefix = "foo"
engine_version = "14"
multi_az_enabled = true
private_network = "projects/my-project/global/networks/production"
backup_configuration = {
enabled = false
}
user = {
name = "myuser"
password = "securepassword123"
}
maintenance_window = {
day = 2
hour = 3
}
databases = [
{
name = "backend"
},
{
name = "frontend"
},
]
authorized_networks = [
{
name = "office"
value = "97.3.24.256/32"
},
{
name = "home"
value = "173.162.256.78/32"
},
]
read_replicas = {
count = 2
multi_az_enabled = true
}
query_insights_config = {
enabled = true
string_length = 1024
plans_per_minute = 10
}
}
Create Cloud SQL Server 2022 Standard edition and required values only:
hclmodule "sql_server" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
name_prefix = "development"
db_engine = "sqlserver"
}
Create a highly available Cloud SQL instance with a SQL Server 2022 web edition with enterprise database, highly-available replicas, enabled backups, enabled audit, enabled Query Insights, custom user, create 2 databases, and a firewall for the database instance:
hclmodule "sql_server" {
source = "solutions.corewide.com/google-cloud/tf-gcp-cloudsql/google"
version = "~> 1.6"
name_prefix = "foo"
engine_version = "2022"
db_engine = "sqlserver"
database_edition = "enterprise"
sqlserver_edition = "web"
machine_storage_size = 50
machine_size = "db-custom-2-8192"
region = "europe-north1"
private_network = "projects/my-project/global/networks/production"
multi_az_enabled = true
maintenance_window = {
day = 2
hour = 3
}
databases = [
{
name = "backend"
},
{
name = "frontend"
},
]
authorized_networks = [
{
name = "office"
value = "97.3.24.256/32"
},
{
name = "home"
value = "173.162.256.78/32"
},
]
read_replicas = {
count = 1
multi_az_enabled = true
}
query_insights_config = {
enabled = true
string_length = 1024
plans_per_minute = 10
}
sql_server_audit_config = {
bucket = "audit"
}
backup_configuration = {
location = "eu"
}
user = {
name = "sqlserver"
}
}
| Variable | Description | Type | Default | Required | Sensitive |
|---|---|---|---|---|---|
db_engine |
Cloud SQL instance engine. Supported engines are: postgres, mysql and sqlserver |
string |
yes | no | |
engine_version |
Cloud SQL instance engine version. Possible values for MySQL: 8.0, 8.4, for PostgreSQL: 12, 13, 14, 15, 16 and 17, for SQL Server: 2022, 2019, 2017 |
string |
yes | no | |
machine_size |
Cloud SQL instance machine size | string |
yes | no | |
name_prefix |
Name prefix for Cloud SQL istance | string |
yes | no | |
private_network |
Private network ID. Used to configure Cloud SQL connection via private IPv4 | string |
yes | no | |
authorized_networks |
List of authorized networks objects | list(object) |
[] |
no | no |
authorized_networks[*].name |
Name of authorized network | string |
no | no | |
authorized_networks[*].value |
CIDR of authorized network | string |
no | no | |
backup_configuration |
Cloud SQL instance backup configuration | object |
{} |
no | no |
backup_configuration.enabled |
Whether to enable backups on Cloud SQL instance. Enforced to true, if multi_az_enabled is set to true |
bool |
true |
no | no |
backup_configuration.hour |
Backup start time in format of 24 hour | string |
3 |
no | no |
backup_configuration.location |
The region where the backup will be stored | string |
no | no | |
backup_configuration.retention_units |
Number of backups to keep before deleting | number |
5 |
no | no |
database_edition |
The edition of the database instance, can be enterprise or enterprise_plus |
string |
enterprise |
no | no |
databases |
List of database objects to create | list(object) |
[] |
no | no |
databases[*].charset |
Database charset. If not specified, these values are considered as default: utf8mb4 for MySQL and utf8 for PostgreSQL |
string |
no | no | |
databases[*].collation |
Database collation. If not specified, these values are considered as default: utf8mb4_general_ci for MySQL and en_US.utf8 for PostgreSQL |
string |
no | no | |
databases[*].name |
Database name | string |
yes | no | |
deletion_protection_enabled |
Enables deletion protection of the primary Cloud SQL instance | bool |
true |
no | no |
machine_storage_size |
Cloud SQL instance disk size in GB | number |
10 |
no | no |
maintenance_window |
Cloud SQL maintenance window parameters | object |
{} |
no | no |
maintenance_window.day |
Day of the week in numbers format (1 - Monday) | number |
3 |
no | no |
maintenance_window.hour |
Start hour for maintenance window in 24-hour format | number |
2 |
no | no |
multi_az_enabled |
Enables High Availability for the primary Cloud SQL instance | bool |
false |
no | no |
public_access_enabled |
Enables public access of Cloud SQL instance via public IPv4 | bool |
true |
no | no |
query_insights_config |
Query Insights configuration parameters | object |
{} |
no | no |
query_insights_config.enabled |
Whether to enable Query Insights feature on Cloud SQL instance. | bool |
false |
no | no |
query_insights_config.plans_per_minute |
Number of query execution plans captured by Insights per minute for all queries combined | number |
5 |
no | no |
query_insights_config.record_application_tags |
True if Query Insights will record application tags from query when enabled | bool |
false |
no | no |
query_insights_config.record_client_address |
True if Query Insights will record client address when enabled | bool |
false |
no | no |
query_insights_config.string_length |
Maximum query length stored. | number |
1024 |
no | no |
read_replicas |
Read replica instances configuration | object |
{} |
no | no |
read_replicas.count |
Number of read replica instances to be created | number |
0 |
no | no |
read_replicas.deletion_protection_enabled |
Enables deletion protection of the read replica Cloud SQL instance | bool |
false |
no | no |
read_replicas.machine_size |
Read replica instance machine size. If not provided, cluster machine_size is used |
string |
no | no | |
read_replicas.multi_az_enabled |
Enables High Availability for the read replica Cloud SQL instances | bool |
false |
no | no |
region |
GCP region to create resources in. Default GCP provider region used if not specified | string |
no | no | |
sql_server_audit_config |
Cloud SQL Server audit configuration parameters | object |
{} |
no | no |
sql_server_audit_config.bucket |
The name of the destination bucket | string |
no | no | |
sql_server_audit_config.retention_interval_seconds |
Duration in seconds how long to keep generated audit files | number |
604800 |
no | no |
sql_server_audit_config.upload_interval_seconds |
Duration in seconds how often to upload generated audit files | number |
600 |
no | no |
sqlserver_edition |
SQL Server edition. Only applicable for SQL Server. Possible values: standard, enterprise, express, web |
string |
standard |
no | no |
user |
User to create in database | object |
{} |
no | no |
user.name |
Name of a user to be created | string |
admin |
no | no |
user.password |
Password for the user, will be generated randomly if not provided | string |
no | no |
| Output | Description | Type | Sensitive |
|---|---|---|---|
connection_parameters |
Cloud SQL instance connection parameters | map |
yes |
databases |
Attributes of Database resources | computed |
no |
primary |
Attributes of Cloud SQL instance | resource |
yes |
read_replicas |
Attributes of Cloud SQL read replicas | resource |
yes |
| Dependency | Version | Kind |
|---|---|---|
terraform |
>= 1.3 |
CLI |
hashicorp/google |
~> 6.2 |
provider |
hashicorp/random |
~> 3.3 |
provider |
