diff --git a/metadata.yaml b/metadata.yaml
index d9b8747b..0e26b6fa 100644
--- a/metadata.yaml
+++ b/metadata.yaml
@@ -75,11 +75,11 @@ spec:
roles:
- level: Project
roles:
+ - roles/resourcemanager.projectIamAdmin
+ - roles/serviceusage.serviceUsageAdmin
- roles/cloudsql.admin
- roles/iam.serviceAccountAdmin
- roles/iam.serviceAccountUser
- - roles/resourcemanager.projectIamAdmin
- - roles/serviceusage.serviceUsageAdmin
services:
- cloudresourcemanager.googleapis.com
- iam.googleapis.com
diff --git a/modules/backup/metadata.yaml b/modules/backup/metadata.yaml
index e9c3a59b..abfe3405 100644
--- a/modules/backup/metadata.yaml
+++ b/modules/backup/metadata.yaml
@@ -199,4 +199,4 @@ spec:
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 6.11.0, < 7"
+ version: ">= 6.11.0, < 8"
diff --git a/modules/mssql/metadata.yaml b/modules/mssql/metadata.yaml
index 28fa8cb0..8842db00 100644
--- a/modules/mssql/metadata.yaml
+++ b/modules/mssql/metadata.yaml
@@ -221,6 +221,10 @@ spec:
retention_unit: null
start_time: null
transaction_log_retention_days: null
+ - name: retain_backups_on_delete
+ description: When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting.
+ varType: bool
+ defaultValue: false
- name: db_name
description: The name of the default database to create
varType: string
@@ -576,9 +580,9 @@ spec:
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 5.12, < 7"
+ version: ">= 5.12, < 8"
- source: hashicorp/google-beta
- version: ">= 5.12, < 7"
+ version: ">= 5.12, < 8"
- source: hashicorp/null
version: ~> 3.2
- source: hashicorp/random
diff --git a/modules/mysql/README.md b/modules/mysql/README.md
index e6f4e5d2..1958be03 100644
--- a/modules/mysql/README.md
+++ b/modules/mysql/README.md
@@ -50,6 +50,7 @@ module "mysql-db" {
| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | list(object({
name = string
password = string
random_password = bool
type = string
host = string
})) | `[]` | no |
| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no |
| backup\_configuration | The backup\_configuration settings subblock for the database settings | object({
binary_log_enabled = optional(bool, false)
enabled = optional(bool, false)
start_time = optional(string)
location = optional(string)
transaction_log_retention_days = optional(string)
retained_backups = optional(number)
retention_unit = optional(string)
}) | `{}` | no |
+| connection\_pool\_config | Manager connection pooling configuration | object({
enabled = optional(bool, false)
flags = optional(list(object({
name = string
value = string
})), [])
}) | n/a | yes |
| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no |
| data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no |
@@ -94,7 +95,7 @@ module "mysql-db" {
| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no |
| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no |
| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no |
-| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = optional(string)
edition = optional(string)
availability_type = optional(string)
zone = optional(string)
disk_type = optional(string)
disk_autoresize = optional(bool)
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
database_flags = list(object({
name = string
value = string
}))
backup_configuration = optional(object({
binary_log_enabled = bool
transaction_log_retention_days = string
}))
insights_config = optional(object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
})
encryption_key_name = optional(string)
data_cache_enabled = optional(bool)
})) | `[]` | no |
+| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = optional(string)
edition = optional(string)
availability_type = optional(string)
zone = optional(string)
disk_type = optional(string)
disk_autoresize = optional(bool)
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
connection_pool_config = optional(object({
enabled = optional(bool, false)
flags = optional(list(object({
name = string
value = string
})), [])
}), null)
database_flags = list(object({
name = string
value = string
}))
backup_configuration = optional(object({
binary_log_enabled = bool
transaction_log_retention_days = string
}))
insights_config = optional(object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
})
encryption_key_name = optional(string)
data_cache_enabled = optional(bool)
})) | `[]` | no |
| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no |
| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no |
| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no |
diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf
index 57158479..f124a266 100644
--- a/modules/mysql/main.tf
+++ b/modules/mysql/main.tf
@@ -173,6 +173,21 @@ resource "google_sql_database_instance" "default" {
disk_type = var.disk_type
pricing_plan = var.pricing_plan
user_labels = var.user_labels
+
+ dynamic "connection_pool_config" {
+ for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+ content {
+ connection_pooling_enabled = var.connection_pool_config.enabled
+ dynamic "flags" {
+ for_each = var.connection_pool_config.flags
+ content {
+ name = flags.name
+ value = flags.value
+ }
+ }
+ }
+ }
+
dynamic "database_flags" {
for_each = var.database_flags
content {
diff --git a/modules/mysql/metadata.yaml b/modules/mysql/metadata.yaml
index 43a5f122..092ddb88 100644
--- a/modules/mysql/metadata.yaml
+++ b/modules/mysql/metadata.yaml
@@ -189,7 +189,7 @@ spec:
description: Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance_type. To promote, users have to set the instance_type property as CLOUD_SQL_INSTANCE and remove/unset master_instance_name and replica_configuration from instance configuration. This operation might cause your instance to restart.
varType: string
- name: tier
- description: The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
+ description: The tier for the master instance, for ADC its default value will be db-perf-optimized-N-8 which is tier value for edition ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
varType: string
defaultValue: db-n1-standard-1
- name: zone
@@ -267,7 +267,7 @@ spec:
}))
defaultValue: []
- name: backup_configuration
- description: The backup_configuration settings subblock for the database setings
+ description: The backup_configuration settings subblock for the database settings
varType: |-
object({
binary_log_enabled = optional(bool, false)
@@ -338,6 +338,13 @@ spec:
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
+ connection_pool_config = optional(object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ }), null)
database_flags = list(object({
name = string
value = string
@@ -421,6 +428,17 @@ spec:
description: The roles required by default database instance service account for integration with GCP services
varType: list(string)
defaultValue: []
+ - name: connection_pool_config
+ description: Manager connection pooling configuration
+ varType: |-
+ object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ })
+ required: true
outputs:
- name: additional_users
description: List of maps of additional users and passwords
@@ -918,12 +936,12 @@ spec:
roles:
- level: Project
roles:
- - roles/iam.serviceAccountUser
- - roles/compute.networkAdmin
- roles/cloudkms.cryptoKeyEncrypterDecrypter
- roles/logging.logWriter
- roles/cloudsql.admin
- roles/resourcemanager.projectIamAdmin
+ - roles/iam.serviceAccountUser
+ - roles/compute.networkAdmin
services:
- cloudkms.googleapis.com
- cloudresourcemanager.googleapis.com
@@ -935,9 +953,9 @@ spec:
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 6.31, < 7"
+ version: ">= 6.31, < 8"
- source: hashicorp/google-beta
- version: ">= 6.31, < 7"
+ version: ">= 6.31, < 8"
- source: hashicorp/null
version: ~> 3.1
- source: hashicorp/random
diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf
index 01995648..799da972 100644
--- a/modules/mysql/read_replica.tf
+++ b/modules/mysql/read_replica.tf
@@ -104,6 +104,20 @@ resource "google_sql_database_instance" "replicas" {
pricing_plan = "PER_USE"
user_labels = lookup(each.value, "user_labels", var.user_labels)
+ dynamic "connection_pool_config" {
+ for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+ content {
+ connection_pooling_enabled = var.connection_pool_config.enabled
+ dynamic "flags" {
+ for_each = var.connection_pool_config.flags
+ content {
+ name = flags.value.name
+ value = flags.value.value
+ }
+ }
+ }
+ }
+
dynamic "database_flags" {
for_each = lookup(each.value, "database_flags", [])
content {
diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf
index bdb4424e..2eb7a04d 100644
--- a/modules/mysql/variables.tf
+++ b/modules/mysql/variables.tf
@@ -373,6 +373,13 @@ variable "read_replicas" {
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
+ connection_pool_config = optional(object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ }), null)
database_flags = list(object({
name = string
value = string
@@ -487,3 +494,13 @@ variable "database_integration_roles" {
default = []
}
+variable "connection_pool_config" {
+ description = "Manager connection pooling configuration"
+ type = object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ })
+}
diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md
index cb40cb82..85dc25e8 100644
--- a/modules/postgresql/README.md
+++ b/modules/postgresql/README.md
@@ -121,6 +121,7 @@ module "pg" {
| additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | list(object({
name = string
password = string
random_password = bool
})) | `[]` | no |
| availability\_type | The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | `string` | `"ZONAL"` | no |
| backup\_configuration | The backup\_configuration settings subblock for the database settings | object({
enabled = optional(bool, false)
start_time = optional(string)
location = optional(string)
point_in_time_recovery_enabled = optional(bool, false)
transaction_log_retention_days = optional(string)
retained_backups = optional(number)
retention_unit = optional(string)
}) | `{}` | no |
+| connection\_pool\_config | Manager connection pooling configuration | object({
enabled = optional(bool, false)
flags = optional(list(object({
name = string
value = string
})), [])
}) | n/a | yes |
| connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no |
| create\_kms\_key\_handle | KeyHandles cannot be deleted from Google Cloud Platform. Destroying a Terraform-managed KeyHandle will remove it from state but will not delete the resource from the project. Set this to false if key handle already exists | `bool` | `true` | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no |
@@ -168,7 +169,7 @@ module "pg" {
| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no |
| read\_replica\_deletion\_protection\_enabled | Enables protection of replica instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no |
| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no |
-| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = optional(string)
edition = optional(string)
availability_type = optional(string)
zone = optional(string)
disk_type = optional(string)
disk_autoresize = optional(bool)
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
database_flags = optional(list(object({
name = string
value = string
})), [])
insights_config = optional(object({
query_plans_per_minute = optional(number, 5)
query_string_length = optional(number, 1024)
record_application_tags = optional(bool, false)
record_client_address = optional(bool, false)
}), null)
ip_configuration = object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
})
encryption_key_name = optional(string)
data_cache_enabled = optional(bool)
})) | `[]` | no |
+| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = optional(string)
edition = optional(string)
availability_type = optional(string)
zone = optional(string)
disk_type = optional(string)
disk_autoresize = optional(bool)
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
connection_pool_config = optional(object({
enabled = optional(bool, false)
flags = optional(list(object({
name = string
value = string
})), [])
}), null)
database_flags = optional(list(object({
name = string
value = string
})), [])
insights_config = optional(object({
query_plans_per_minute = optional(number, 5)
query_string_length = optional(number, 1024)
record_application_tags = optional(bool, false)
record_client_address = optional(bool, false)
}), null)
ip_configuration = object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
ssl_mode = optional(string)
allocated_ip_range = optional(string)
enable_private_path_for_google_cloud_services = optional(bool, false)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
})
encryption_key_name = optional(string)
data_cache_enabled = optional(bool)
})) | `[]` | no |
| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no |
| retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no |
| root\_password | Initial root password during creation | `string` | `null` | no |
diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf
index 01cbcf9a..a0edf21a 100644
--- a/modules/postgresql/main.tf
+++ b/modules/postgresql/main.tf
@@ -181,6 +181,20 @@ resource "google_sql_database_instance" "default" {
disk_type = var.disk_type
pricing_plan = var.pricing_plan
+ dynamic "connection_pool_config" {
+ for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+ content {
+ connection_pooling_enabled = var.connection_pool_config.enabled
+ dynamic "flags" {
+ for_each = var.connection_pool_config.flags
+ content {
+ name = flags.value.name
+ value = flags.value.value
+ }
+ }
+ }
+ }
+
dynamic "database_flags" {
for_each = var.database_flags
content {
diff --git a/modules/postgresql/metadata.yaml b/modules/postgresql/metadata.yaml
index 2628782a..1b2f383b 100644
--- a/modules/postgresql/metadata.yaml
+++ b/modules/postgresql/metadata.yaml
@@ -166,7 +166,7 @@ spec:
varType: bool
defaultValue: false
- name: tier
- description: The tier for the Cloud SQL instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
+ description: The tier for the Cloud SQL instance, for ADC its default value will be db-perf-optimized-N-8 which is tier value for edition ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
varType: string
defaultValue: db-f1-micro
- name: zone
@@ -236,7 +236,7 @@ spec:
}))
defaultValue: []
- name: backup_configuration
- description: The backup_configuration settings subblock for the database setings
+ description: The backup_configuration settings subblock for the database settings
varType: |-
object({
enabled = optional(bool, false)
@@ -306,6 +306,13 @@ spec:
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
+ connection_pool_config = optional(object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ }), null)
database_flags = optional(list(object({
name = string
value = string
@@ -425,6 +432,17 @@ spec:
description: When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting.
varType: bool
defaultValue: false
+ - name: connection_pool_config
+ description: Manager connection pooling configuration
+ varType: |-
+ object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ })
+ required: true
outputs:
- name: additional_user_passwords_map
description: Map of auto generated passwords for the additional users
@@ -905,6 +923,8 @@ spec:
type:
- tuple
- []
+ - name: replicas_instance_psc_attachments
+ description: The psc_service_attachment_links created for the replica instances
- name: replicas_instance_self_links
description: The URIs of the replica instances
type:
@@ -924,15 +944,15 @@ spec:
roles:
- level: Project
roles:
- - roles/cloudkms.admin
- - roles/logging.logWriter
- roles/cloudsql.admin
- - roles/storage.admin
- roles/resourcemanager.projectIamAdmin
- roles/iam.serviceAccountUser
- roles/compute.networkAdmin
+ - roles/cloudkms.admin
- roles/cloudkms.autokeyAdmin
+ - roles/storage.admin
- roles/cloudkms.cryptoKeyEncrypterDecrypter
+ - roles/logging.logWriter
services:
- cloudkms.googleapis.com
- cloudresourcemanager.googleapis.com
@@ -944,9 +964,9 @@ spec:
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 6.31, < 7"
+ version: ">= 6.31, < 8"
- source: hashicorp/google-beta
- version: ">= 6.31, < 7"
+ version: ">= 6.31, < 8"
- source: hashicorp/null
version: ~> 3.1
- source: hashicorp/random
diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf
index f2c0bae7..6dfa7aad 100644
--- a/modules/postgresql/read_replica.tf
+++ b/modules/postgresql/read_replica.tf
@@ -90,6 +90,20 @@ resource "google_sql_database_instance" "replicas" {
pricing_plan = "PER_USE"
user_labels = lookup(each.value, "user_labels", var.user_labels)
+ dynamic "connection_pool_config" {
+ for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+ content {
+ connection_pooling_enabled = var.connection_pool_config.enabled
+ dynamic "flags" {
+ for_each = var.connection_pool_config.flags
+ content {
+ name = flags.value.name
+ value = flags.value.value
+ }
+ }
+ }
+ }
+
dynamic "database_flags" {
for_each = lookup(each.value, "database_flags", [])
content {
diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf
index e0976f8c..e3ea12c7 100644
--- a/modules/postgresql/variables.tf
+++ b/modules/postgresql/variables.tf
@@ -352,6 +352,13 @@ variable "read_replicas" {
disk_autoresize_limit = optional(number)
disk_size = optional(string)
user_labels = map(string)
+ connection_pool_config = optional(object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ }), null)
database_flags = optional(list(object({
name = string
value = string
@@ -495,3 +502,14 @@ variable "retain_backups_on_delete" {
type = bool
default = false
}
+
+variable "connection_pool_config" {
+ description = "Manager connection pooling configuration"
+ type = object({
+ enabled = optional(bool, false)
+ flags = optional(list(object({
+ name = string
+ value = string
+ })), [])
+ })
+}
diff --git a/modules/private_service_access/metadata.yaml b/modules/private_service_access/metadata.yaml
index 03b226d6..f82cda44 100644
--- a/modules/private_service_access/metadata.yaml
+++ b/modules/private_service_access/metadata.yaml
@@ -63,7 +63,7 @@ spec:
interfaces:
variables:
- name: project_id
- description: The project ID of the VPC network to peer. This can be a shared VPC host projec.
+ description: The project ID of the VPC network to peer. This can be a shared VPC host project.
varType: string
required: true
- name: vpc_network
@@ -104,15 +104,15 @@ spec:
roles:
- level: Project
roles:
- - roles/servicenetworking.networksAdmin
- roles/iam.serviceAccountUser
+ - roles/servicenetworking.networksAdmin
services:
- servicenetworking.googleapis.com
- serviceusage.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 5.38, < 7"
+ version: ">= 5.38, < 8"
- source: hashicorp/google-beta
- version: ">= 5.38, < 7"
+ version: ">= 5.38, < 8"
- source: hashicorp/null
version: ~> 3.1
diff --git a/modules/restore/metadata.yaml b/modules/restore/metadata.yaml
index 6bb0bb81..c9cddbe0 100644
--- a/modules/restore/metadata.yaml
+++ b/modules/restore/metadata.yaml
@@ -103,4 +103,4 @@ spec:
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 4.0, < 7"
+ version: ">= 4.0, < 8"
diff --git a/modules/safer_mysql/metadata.yaml b/modules/safer_mysql/metadata.yaml
index 3f737777..97b5f447 100644
--- a/modules/safer_mysql/metadata.yaml
+++ b/modules/safer_mysql/metadata.yaml
@@ -191,7 +191,7 @@ spec:
varType: map(string)
defaultValue: {}
- name: backup_configuration
- description: The backup_configuration settings subblock for the database setings
+ description: The backup_configuration settings subblock for the database settings
varType: |-
object({
binary_log_enabled = bool
@@ -384,12 +384,12 @@ spec:
roles:
- level: Project
roles:
+ - roles/cloudsql.admin
- roles/iam.serviceAccountUser
- roles/logging.logWriter
- - roles/cloudsql.admin
services:
- serviceusage.googleapis.com
- sqladmin.googleapis.com
providerVersions:
- source: hashicorp/google
- version: ">= 6.31, < 7"
+ version: ">= 6.31, < 8"