From 9f619baca71ed190990f77195e71b95b96ae71b8 Mon Sep 17 00:00:00 2001 From: Quoc Trung HOANG Date: Mon, 29 Sep 2025 09:57:42 +0200 Subject: [PATCH] feat: add pooling configuration for postgresql and mysql --- metadata.yaml | 4 +-- modules/backup/metadata.yaml | 2 +- modules/mssql/metadata.yaml | 8 +++-- modules/mysql/README.md | 3 +- modules/mysql/main.tf | 15 +++++++++ modules/mysql/metadata.yaml | 30 +++++++++++++---- modules/mysql/read_replica.tf | 14 ++++++++ modules/mysql/variables.tf | 17 ++++++++++ modules/postgresql/README.md | 3 +- modules/postgresql/main.tf | 14 ++++++++ modules/postgresql/metadata.yaml | 34 ++++++++++++++++---- modules/postgresql/read_replica.tf | 14 ++++++++ modules/postgresql/variables.tf | 18 +++++++++++ modules/private_service_access/metadata.yaml | 8 ++--- modules/restore/metadata.yaml | 2 +- modules/safer_mysql/metadata.yaml | 6 ++-- 16 files changed, 164 insertions(+), 28 deletions(-) diff --git a/metadata.yaml b/metadata.yaml index d9b8747b..0e26b6fa 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -75,11 +75,11 @@ spec: roles: - level: Project roles: + - roles/resourcemanager.projectIamAdmin + - roles/serviceusage.serviceUsageAdmin - roles/cloudsql.admin - roles/iam.serviceAccountAdmin - roles/iam.serviceAccountUser - - roles/resourcemanager.projectIamAdmin - - roles/serviceusage.serviceUsageAdmin services: - cloudresourcemanager.googleapis.com - iam.googleapis.com diff --git a/modules/backup/metadata.yaml b/modules/backup/metadata.yaml index e9c3a59b..abfe3405 100644 --- a/modules/backup/metadata.yaml +++ b/modules/backup/metadata.yaml @@ -199,4 +199,4 @@ spec: - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 6.11.0, < 7" + version: ">= 6.11.0, < 8" diff --git a/modules/mssql/metadata.yaml b/modules/mssql/metadata.yaml index 28fa8cb0..8842db00 100644 --- a/modules/mssql/metadata.yaml +++ b/modules/mssql/metadata.yaml @@ -221,6 +221,10 @@ spec: retention_unit: null start_time: null transaction_log_retention_days: null + - name: retain_backups_on_delete + description: When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. + varType: bool + defaultValue: false - name: db_name description: The name of the default database to create varType: string @@ -576,9 +580,9 @@ spec: - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 5.12, < 7" + version: ">= 5.12, < 8" - source: hashicorp/google-beta - version: ">= 5.12, < 7" + version: ">= 5.12, < 8" - source: hashicorp/null version: ~> 3.2 - source: hashicorp/random diff --git a/modules/mysql/README.md b/modules/mysql/README.md index e6f4e5d2..1958be03 100644 --- a/modules/mysql/README.md +++ b/modules/mysql/README.md @@ -50,6 +50,7 @@ module "mysql-db" { | additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
    type            = string
    host            = string
  }))
| `[]` | no | | availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no | | backup\_configuration | The backup\_configuration settings subblock for the database settings | 
object({
    binary_log_enabled             = optional(bool, false)
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | +| connection\_pool\_config | Manager connection pooling configuration | 
object({
    enabled = optional(bool, false)
    flags = optional(list(object({
      name  = string
      value = string
    })), [])
  })
| n/a | yes | | connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | | create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | | data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no | @@ -94,7 +95,7 @@ module "mysql-db" { | read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | | read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    connection_pool_config = optional(object({
      enabled = optional(bool, false)
      flags = optional(list(object({
        name  = string
        value = string
      })), [])
    }), null)
    database_flags = list(object({
      name  = string
      value = string
    }))
    backup_configuration = optional(object({
      binary_log_enabled             = bool
      transaction_log_retention_days = string
    }))
    insights_config = optional(object({
      query_plans_per_minute  = number
      query_string_length     = number
      record_application_tags = bool
      record_client_address   = bool
    }))
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no | | retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no | diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf index 57158479..f124a266 100644 --- a/modules/mysql/main.tf +++ b/modules/mysql/main.tf @@ -173,6 +173,21 @@ resource "google_sql_database_instance" "default" { disk_type = var.disk_type pricing_plan = var.pricing_plan user_labels = var.user_labels + + dynamic "connection_pool_config" { + for_each = var.connection_pool_config != null ? [var.connection_pool_config] : [] + content { + connection_pooling_enabled = var.connection_pool_config.enabled + dynamic "flags" { + for_each = var.connection_pool_config.flags + content { + name = flags.name + value = flags.value + } + } + } + } + dynamic "database_flags" { for_each = var.database_flags content { diff --git a/modules/mysql/metadata.yaml b/modules/mysql/metadata.yaml index 43a5f122..092ddb88 100644 --- a/modules/mysql/metadata.yaml +++ b/modules/mysql/metadata.yaml @@ -189,7 +189,7 @@ spec: description: Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance_type. To promote, users have to set the instance_type property as CLOUD_SQL_INSTANCE and remove/unset master_instance_name and replica_configuration from instance configuration. This operation might cause your instance to restart. varType: string - name: tier - description: The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier. + description: The tier for the master instance, for ADC its default value will be db-perf-optimized-N-8 which is tier value for edition ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier. varType: string defaultValue: db-n1-standard-1 - name: zone @@ -267,7 +267,7 @@ spec: })) defaultValue: [] - name: backup_configuration - description: The backup_configuration settings subblock for the database setings + description: The backup_configuration settings subblock for the database settings varType: |- object({ binary_log_enabled = optional(bool, false) @@ -338,6 +338,13 @@ spec: disk_autoresize_limit = optional(number) disk_size = optional(string) user_labels = map(string) + connection_pool_config = optional(object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }), null) database_flags = list(object({ name = string value = string @@ -421,6 +428,17 @@ spec: description: The roles required by default database instance service account for integration with GCP services varType: list(string) defaultValue: [] + - name: connection_pool_config + description: Manager connection pooling configuration + varType: |- + object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }) + required: true outputs: - name: additional_users description: List of maps of additional users and passwords @@ -918,12 +936,12 @@ spec: roles: - level: Project roles: - - roles/iam.serviceAccountUser - - roles/compute.networkAdmin - roles/cloudkms.cryptoKeyEncrypterDecrypter - roles/logging.logWriter - roles/cloudsql.admin - roles/resourcemanager.projectIamAdmin + - roles/iam.serviceAccountUser + - roles/compute.networkAdmin services: - cloudkms.googleapis.com - cloudresourcemanager.googleapis.com @@ -935,9 +953,9 @@ spec: - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 6.31, < 7" + version: ">= 6.31, < 8" - source: hashicorp/google-beta - version: ">= 6.31, < 7" + version: ">= 6.31, < 8" - source: hashicorp/null version: ~> 3.1 - source: hashicorp/random diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf index 01995648..799da972 100644 --- a/modules/mysql/read_replica.tf +++ b/modules/mysql/read_replica.tf @@ -104,6 +104,20 @@ resource "google_sql_database_instance" "replicas" { pricing_plan = "PER_USE" user_labels = lookup(each.value, "user_labels", var.user_labels) + dynamic "connection_pool_config" { + for_each = var.connection_pool_config != null ? [var.connection_pool_config] : [] + content { + connection_pooling_enabled = var.connection_pool_config.enabled + dynamic "flags" { + for_each = var.connection_pool_config.flags + content { + name = flags.value.name + value = flags.value.value + } + } + } + } + dynamic "database_flags" { for_each = lookup(each.value, "database_flags", []) content { diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf index bdb4424e..2eb7a04d 100644 --- a/modules/mysql/variables.tf +++ b/modules/mysql/variables.tf @@ -373,6 +373,13 @@ variable "read_replicas" { disk_autoresize_limit = optional(number) disk_size = optional(string) user_labels = map(string) + connection_pool_config = optional(object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }), null) database_flags = list(object({ name = string value = string @@ -487,3 +494,13 @@ variable "database_integration_roles" { default = [] } +variable "connection_pool_config" { + description = "Manager connection pooling configuration" + type = object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }) +} diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md index cb40cb82..85dc25e8 100644 --- a/modules/postgresql/README.md +++ b/modules/postgresql/README.md @@ -121,6 +121,7 @@ module "pg" { | additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | 
list(object({
    name            = string
    password        = string
    random_password = bool
  }))
| `[]` | no | | availability\_type | The availability type for the Cloud SQL instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | `string` | `"ZONAL"` | no | | backup\_configuration | The backup\_configuration settings subblock for the database settings | 
object({
    enabled                        = optional(bool, false)
    start_time                     = optional(string)
    location                       = optional(string)
    point_in_time_recovery_enabled = optional(bool, false)
    transaction_log_retention_days = optional(string)
    retained_backups               = optional(number)
    retention_unit                 = optional(string)
  })
| `{}` | no | +| connection\_pool\_config | Manager connection pooling configuration | 
object({
    enabled = optional(bool, false)
    flags = optional(list(object({
      name  = string
      value = string
    })), [])
  })
| n/a | yes | | connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no | | create\_kms\_key\_handle | KeyHandles cannot be deleted from Google Cloud Platform. Destroying a Terraform-managed KeyHandle will remove it from state but will not delete the resource from the project. Set this to false if key handle already exists | `bool` | `true` | no | | create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no | @@ -168,7 +169,7 @@ module "pg" { | read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no | | read\_replica\_deletion\_protection\_enabled | Enables protection of replica instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no | | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no | -| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | +| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | 
list(object({
    name                  = string
    name_override         = optional(string)
    tier                  = optional(string)
    edition               = optional(string)
    availability_type     = optional(string)
    zone                  = optional(string)
    disk_type             = optional(string)
    disk_autoresize       = optional(bool)
    disk_autoresize_limit = optional(number)
    disk_size             = optional(string)
    user_labels           = map(string)
    connection_pool_config = optional(object({
      enabled = optional(bool, false)
      flags = optional(list(object({
        name  = string
        value = string
      })), [])
    }), null)
    database_flags = optional(list(object({
      name  = string
      value = string
    })), [])
    insights_config = optional(object({
      query_plans_per_minute  = optional(number, 5)
      query_string_length     = optional(number, 1024)
      record_application_tags = optional(bool, false)
      record_client_address   = optional(bool, false)
    }), null)
    ip_configuration = object({
      authorized_networks                           = optional(list(map(string)), [])
      ipv4_enabled                                  = optional(bool)
      private_network                               = optional(string)
      ssl_mode                                      = optional(string)
      allocated_ip_range                            = optional(string)
      enable_private_path_for_google_cloud_services = optional(bool, false)
      psc_enabled                                   = optional(bool, false)
      psc_allowed_consumer_projects                 = optional(list(string), [])
    })
    encryption_key_name = optional(string)
    data_cache_enabled  = optional(bool)
  }))
| `[]` | no | | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no | | retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no | | root\_password | Initial root password during creation | `string` | `null` | no | diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf index 01cbcf9a..a0edf21a 100644 --- a/modules/postgresql/main.tf +++ b/modules/postgresql/main.tf @@ -181,6 +181,20 @@ resource "google_sql_database_instance" "default" { disk_type = var.disk_type pricing_plan = var.pricing_plan + dynamic "connection_pool_config" { + for_each = var.connection_pool_config != null ? [var.connection_pool_config] : [] + content { + connection_pooling_enabled = var.connection_pool_config.enabled + dynamic "flags" { + for_each = var.connection_pool_config.flags + content { + name = flags.value.name + value = flags.value.value + } + } + } + } + dynamic "database_flags" { for_each = var.database_flags content { diff --git a/modules/postgresql/metadata.yaml b/modules/postgresql/metadata.yaml index 2628782a..1b2f383b 100644 --- a/modules/postgresql/metadata.yaml +++ b/modules/postgresql/metadata.yaml @@ -166,7 +166,7 @@ spec: varType: bool defaultValue: false - name: tier - description: The tier for the Cloud SQL instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier. + description: The tier for the Cloud SQL instance, for ADC its default value will be db-perf-optimized-N-8 which is tier value for edition ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier. varType: string defaultValue: db-f1-micro - name: zone @@ -236,7 +236,7 @@ spec: })) defaultValue: [] - name: backup_configuration - description: The backup_configuration settings subblock for the database setings + description: The backup_configuration settings subblock for the database settings varType: |- object({ enabled = optional(bool, false) @@ -306,6 +306,13 @@ spec: disk_autoresize_limit = optional(number) disk_size = optional(string) user_labels = map(string) + connection_pool_config = optional(object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }), null) database_flags = optional(list(object({ name = string value = string @@ -425,6 +432,17 @@ spec: description: When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. varType: bool defaultValue: false + - name: connection_pool_config + description: Manager connection pooling configuration + varType: |- + object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }) + required: true outputs: - name: additional_user_passwords_map description: Map of auto generated passwords for the additional users @@ -905,6 +923,8 @@ spec: type: - tuple - [] + - name: replicas_instance_psc_attachments + description: The psc_service_attachment_links created for the replica instances - name: replicas_instance_self_links description: The URIs of the replica instances type: @@ -924,15 +944,15 @@ spec: roles: - level: Project roles: - - roles/cloudkms.admin - - roles/logging.logWriter - roles/cloudsql.admin - - roles/storage.admin - roles/resourcemanager.projectIamAdmin - roles/iam.serviceAccountUser - roles/compute.networkAdmin + - roles/cloudkms.admin - roles/cloudkms.autokeyAdmin + - roles/storage.admin - roles/cloudkms.cryptoKeyEncrypterDecrypter + - roles/logging.logWriter services: - cloudkms.googleapis.com - cloudresourcemanager.googleapis.com @@ -944,9 +964,9 @@ spec: - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 6.31, < 7" + version: ">= 6.31, < 8" - source: hashicorp/google-beta - version: ">= 6.31, < 7" + version: ">= 6.31, < 8" - source: hashicorp/null version: ~> 3.1 - source: hashicorp/random diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf index f2c0bae7..6dfa7aad 100644 --- a/modules/postgresql/read_replica.tf +++ b/modules/postgresql/read_replica.tf @@ -90,6 +90,20 @@ resource "google_sql_database_instance" "replicas" { pricing_plan = "PER_USE" user_labels = lookup(each.value, "user_labels", var.user_labels) + dynamic "connection_pool_config" { + for_each = var.connection_pool_config != null ? [var.connection_pool_config] : [] + content { + connection_pooling_enabled = var.connection_pool_config.enabled + dynamic "flags" { + for_each = var.connection_pool_config.flags + content { + name = flags.value.name + value = flags.value.value + } + } + } + } + dynamic "database_flags" { for_each = lookup(each.value, "database_flags", []) content { diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf index e0976f8c..e3ea12c7 100644 --- a/modules/postgresql/variables.tf +++ b/modules/postgresql/variables.tf @@ -352,6 +352,13 @@ variable "read_replicas" { disk_autoresize_limit = optional(number) disk_size = optional(string) user_labels = map(string) + connection_pool_config = optional(object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }), null) database_flags = optional(list(object({ name = string value = string @@ -495,3 +502,14 @@ variable "retain_backups_on_delete" { type = bool default = false } + +variable "connection_pool_config" { + description = "Manager connection pooling configuration" + type = object({ + enabled = optional(bool, false) + flags = optional(list(object({ + name = string + value = string + })), []) + }) +} diff --git a/modules/private_service_access/metadata.yaml b/modules/private_service_access/metadata.yaml index 03b226d6..f82cda44 100644 --- a/modules/private_service_access/metadata.yaml +++ b/modules/private_service_access/metadata.yaml @@ -63,7 +63,7 @@ spec: interfaces: variables: - name: project_id - description: The project ID of the VPC network to peer. This can be a shared VPC host projec. + description: The project ID of the VPC network to peer. This can be a shared VPC host project. varType: string required: true - name: vpc_network @@ -104,15 +104,15 @@ spec: roles: - level: Project roles: - - roles/servicenetworking.networksAdmin - roles/iam.serviceAccountUser + - roles/servicenetworking.networksAdmin services: - servicenetworking.googleapis.com - serviceusage.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 5.38, < 7" + version: ">= 5.38, < 8" - source: hashicorp/google-beta - version: ">= 5.38, < 7" + version: ">= 5.38, < 8" - source: hashicorp/null version: ~> 3.1 diff --git a/modules/restore/metadata.yaml b/modules/restore/metadata.yaml index 6bb0bb81..c9cddbe0 100644 --- a/modules/restore/metadata.yaml +++ b/modules/restore/metadata.yaml @@ -103,4 +103,4 @@ spec: - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 4.0, < 7" + version: ">= 4.0, < 8" diff --git a/modules/safer_mysql/metadata.yaml b/modules/safer_mysql/metadata.yaml index 3f737777..97b5f447 100644 --- a/modules/safer_mysql/metadata.yaml +++ b/modules/safer_mysql/metadata.yaml @@ -191,7 +191,7 @@ spec: varType: map(string) defaultValue: {} - name: backup_configuration - description: The backup_configuration settings subblock for the database setings + description: The backup_configuration settings subblock for the database settings varType: |- object({ binary_log_enabled = bool @@ -384,12 +384,12 @@ spec: roles: - level: Project roles: + - roles/cloudsql.admin - roles/iam.serviceAccountUser - roles/logging.logWriter - - roles/cloudsql.admin services: - serviceusage.googleapis.com - sqladmin.googleapis.com providerVersions: - source: hashicorp/google - version: ">= 6.31, < 7" + version: ">= 6.31, < 8"