feat: add pooling configuration for postgresql and mysql

metadata.yaml

@@ -75,11 +75,11 @@ spec:
     roles:
       - level: Project
         roles:
+          - roles/resourcemanager.projectIamAdmin
+          - roles/serviceusage.serviceUsageAdmin
           - roles/cloudsql.admin
           - roles/iam.serviceAccountAdmin
           - roles/iam.serviceAccountUser
-          - roles/resourcemanager.projectIamAdmin
-          - roles/serviceusage.serviceUsageAdmin
     services:
       - cloudresourcemanager.googleapis.com
       - iam.googleapis.com

modules/backup/metadata.yaml

@@ -199,4 +199,4 @@ spec:
       - sqladmin.googleapis.com
     providerVersions:
       - source: hashicorp/google
-        version: ">= 6.11.0, < 7"
+        version: ">= 6.11.0, < 8"

modules/mssql/metadata.yaml

@@ -221,6 +221,10 @@ spec:
           retention_unit: null
           start_time: null
           transaction_log_retention_days: null
+      - name: retain_backups_on_delete
+        description: When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting.
+        varType: bool
+        defaultValue: false
       - name: db_name
         description: The name of the default database to create
         varType: string
@@ -576,9 +580,9 @@ spec:
       - sqladmin.googleapis.com
     providerVersions:
       - source: hashicorp/google
-        version: ">= 5.12, < 7"
+        version: ">= 5.12, < 8"
       - source: hashicorp/google-beta
-        version: ">= 5.12, < 7"
+        version: ">= 5.12, < 8"
       - source: hashicorp/null
         version: ~> 3.2
       - source: hashicorp/random

modules/mysql/README.md

@@ -50,6 +50,7 @@ module "mysql-db" {
 | additional\_users | A list of users to be created in your cluster. A random password would be set for the user if the `random_password` variable is set. | <pre>list(object({<br>    name            = string<br>    password        = string<br>    random_password = bool<br>    type            = string<br>    host            = string<br>  }))</pre> | `[]` | no |
 | availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no |
 | backup\_configuration | The backup\_configuration settings subblock for the database settings | <pre>object({<br>    binary_log_enabled             = optional(bool, false)<br>    enabled                        = optional(bool, false)<br>    start_time                     = optional(string)<br>    location                       = optional(string)<br>    transaction_log_retention_days = optional(string)<br>    retained_backups               = optional(number)<br>    retention_unit                 = optional(string)<br>  })</pre> | `{}` | no |
+| connection\_pool\_config | Manager connection pooling configuration | <pre>object({<br>    enabled = optional(bool, false)<br>    flags = optional(list(object({<br>      name  = string<br>      value = string<br>    })), [])<br>  })</pre> | n/a | yes |
 | connector\_enforcement | Enforce that clients use the connector library | `bool` | `false` | no |
 | create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"30m"` | no |
 | data\_cache\_enabled | Whether data cache is enabled for the instance. Defaults to false. Feature is only available for ENTERPRISE\_PLUS tier and supported database\_versions | `bool` | `false` | no |
@@ -94,7 +95,7 @@ module "mysql-db" {
 | read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no |
 | read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no |
 | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no |
-| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | <pre>list(object({<br>    name                  = string<br>    name_override         = optional(string)<br>    tier                  = optional(string)<br>    edition               = optional(string)<br>    availability_type     = optional(string)<br>    zone                  = optional(string)<br>    disk_type             = optional(string)<br>    disk_autoresize       = optional(bool)<br>    disk_autoresize_limit = optional(number)<br>    disk_size             = optional(string)<br>    user_labels           = map(string)<br>    database_flags = list(object({<br>      name  = string<br>      value = string<br>    }))<br>    backup_configuration = optional(object({<br>      binary_log_enabled             = bool<br>      transaction_log_retention_days = string<br>    }))<br>    insights_config = optional(object({<br>      query_plans_per_minute  = number<br>      query_string_length     = number<br>      record_application_tags = bool<br>      record_client_address   = bool<br>    }))<br>    ip_configuration = object({<br>      authorized_networks                           = optional(list(map(string)), [])<br>      ipv4_enabled                                  = optional(bool)<br>      private_network                               = optional(string)<br>      ssl_mode                                      = optional(string)<br>      allocated_ip_range                            = optional(string)<br>      enable_private_path_for_google_cloud_services = optional(bool, false)<br>      psc_enabled                                   = optional(bool, false)<br>      psc_allowed_consumer_projects                 = optional(list(string), [])<br>    })<br>    encryption_key_name = optional(string)<br>    data_cache_enabled  = optional(bool)<br>  }))</pre> | `[]` | no |
+| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | <pre>list(object({<br>    name                  = string<br>    name_override         = optional(string)<br>    tier                  = optional(string)<br>    edition               = optional(string)<br>    availability_type     = optional(string)<br>    zone                  = optional(string)<br>    disk_type             = optional(string)<br>    disk_autoresize       = optional(bool)<br>    disk_autoresize_limit = optional(number)<br>    disk_size             = optional(string)<br>    user_labels           = map(string)<br>    connection_pool_config = optional(object({<br>      enabled = optional(bool, false)<br>      flags = optional(list(object({<br>        name  = string<br>        value = string<br>      })), [])<br>    }), null)<br>    database_flags = list(object({<br>      name  = string<br>      value = string<br>    }))<br>    backup_configuration = optional(object({<br>      binary_log_enabled             = bool<br>      transaction_log_retention_days = string<br>    }))<br>    insights_config = optional(object({<br>      query_plans_per_minute  = number<br>      query_string_length     = number<br>      record_application_tags = bool<br>      record_client_address   = bool<br>    }))<br>    ip_configuration = object({<br>      authorized_networks                           = optional(list(map(string)), [])<br>      ipv4_enabled                                  = optional(bool)<br>      private_network                               = optional(string)<br>      ssl_mode                                      = optional(string)<br>      allocated_ip_range                            = optional(string)<br>      enable_private_path_for_google_cloud_services = optional(bool, false)<br>      psc_enabled                                   = optional(bool, false)<br>      psc_allowed_consumer_projects                 = optional(list(string), [])<br>    })<br>    encryption_key_name = optional(string)<br>    data_cache_enabled  = optional(bool)<br>  }))</pre> | `[]` | no |
 | region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no |
 | replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no |
 | retain\_backups\_on\_delete | When this parameter is set to true, Cloud SQL retains backups of the instance even after the instance is deleted. The ON\_DEMAND backup will be retained until customer deletes the backup or the project. The AUTOMATED backup will be retained based on the backups retention setting. | `bool` | `false` | no |

modules/mysql/main.tf

@@ -173,6 +173,21 @@ resource "google_sql_database_instance" "default" {
     disk_type    = var.disk_type
     pricing_plan = var.pricing_plan
     user_labels  = var.user_labels
+
+    dynamic "connection_pool_config" {
+      for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+      content {
+        connection_pooling_enabled = var.connection_pool_config.enabled
+        dynamic "flags" {
+          for_each = var.connection_pool_config.flags
+          content {
+            name  = flags.name
+            value = flags.value
+          }
+        }
+      }
+    }
+
     dynamic "database_flags" {
       for_each = var.database_flags
       content {

modules/mysql/metadata.yaml

@@ -189,7 +189,7 @@ spec:
         description: Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance_type. To promote, users have to set the instance_type property as CLOUD_SQL_INSTANCE and remove/unset master_instance_name and replica_configuration from instance configuration. This operation might cause your instance to restart.
         varType: string
       - name: tier
-        description: The tier for the master instance, for ADC its defualt value will be db-perf-optimized-N-8 which is tier value for edtion ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
+        description: The tier for the master instance, for ADC its default value will be db-perf-optimized-N-8 which is tier value for edition ENTERPRISE_PLUS, if user wants to change the edition, he should chose compatible tier.
         varType: string
         defaultValue: db-n1-standard-1
       - name: zone
@@ -267,7 +267,7 @@ spec:
             }))
         defaultValue: []
       - name: backup_configuration
-        description: The backup_configuration settings subblock for the database setings
+        description: The backup_configuration settings subblock for the database settings
         varType: |-
           object({
               binary_log_enabled             = optional(bool, false)
@@ -338,6 +338,13 @@ spec:
               disk_autoresize_limit = optional(number)
               disk_size             = optional(string)
               user_labels           = map(string)
+              connection_pool_config = optional(object({
+                enabled = optional(bool, false)
+                flags = optional(list(object({
+                  name  = string
+                  value = string
+                })), [])
+              }), null)
               database_flags = list(object({
                 name  = string
                 value = string
@@ -421,6 +428,17 @@ spec:
         description: The roles required by default database instance service account for integration with GCP services
         varType: list(string)
         defaultValue: []
+      - name: connection_pool_config
+        description: Manager connection pooling configuration
+        varType: |-
+          object({
+              enabled = optional(bool, false)
+              flags = optional(list(object({
+                name  = string
+                value = string
+              })), [])
+            })
+        required: true
     outputs:
       - name: additional_users
         description: List of maps of additional users and passwords
@@ -918,12 +936,12 @@ spec:
     roles:
       - level: Project
         roles:
-          - roles/iam.serviceAccountUser
-          - roles/compute.networkAdmin
           - roles/cloudkms.cryptoKeyEncrypterDecrypter
           - roles/logging.logWriter
           - roles/cloudsql.admin
           - roles/resourcemanager.projectIamAdmin
+          - roles/iam.serviceAccountUser
+          - roles/compute.networkAdmin
     services:
       - cloudkms.googleapis.com
       - cloudresourcemanager.googleapis.com
@@ -935,9 +953,9 @@ spec:
       - sqladmin.googleapis.com
     providerVersions:
       - source: hashicorp/google
-        version: ">= 6.31, < 7"
+        version: ">= 6.31, < 8"
       - source: hashicorp/google-beta
-        version: ">= 6.31, < 7"
+        version: ">= 6.31, < 8"
       - source: hashicorp/null
         version: ~> 3.1
       - source: hashicorp/random

modules/mysql/read_replica.tf

@@ -104,6 +104,20 @@ resource "google_sql_database_instance" "replicas" {
     pricing_plan          = "PER_USE"
     user_labels           = lookup(each.value, "user_labels", var.user_labels)
 
+    dynamic "connection_pool_config" {
+      for_each = var.connection_pool_config != null ? [var.connection_pool_config] : []
+      content {
+        connection_pooling_enabled = var.connection_pool_config.enabled
+        dynamic "flags" {
+          for_each = var.connection_pool_config.flags
+          content {
+            name  = flags.value.name
+            value = flags.value.value
+          }
+        }
+      }
+    }
+
     dynamic "database_flags" {
       for_each = lookup(each.value, "database_flags", [])
       content {

modules/mysql/variables.tf

@@ -373,6 +373,13 @@ variable "read_replicas" {
     disk_autoresize_limit = optional(number)
     disk_size             = optional(string)
     user_labels           = map(string)
+    connection_pool_config = optional(object({
+      enabled = optional(bool, false)
+      flags = optional(list(object({
+        name  = string
+        value = string
+      })), [])
+    }), null)
     database_flags = list(object({
       name  = string
       value = string
@@ -487,3 +494,13 @@ variable "database_integration_roles" {
   default     = []
 }
 
+variable "connection_pool_config" {
+  description = "Manager connection pooling configuration"
+  type = object({
+    enabled = optional(bool, false)
+    flags = optional(list(object({
+      name  = string
+      value = string
+    })), [])
+  })
+}