Commita35c13c

committed

feat: adding support for automatic creation of psc consumer

1 parent0c3ba89 commita35c13cCopy full SHA for a35c13c

File tree

6 files changed

+97

-0

lines changed

examples/postgresql-psc
- main.tf
modules/postgresql
test/setup
- iam.tf
- main.tf

6 files changed

+97

-0

lines changed

`‎examples/postgresql-psc/main.tf‎`

Lines changed: 22 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -25,6 +25,22 @@ locals {`
`25`	`25`	`}`
`26`	`26`	`}`
`27`	`27`
	`28`	`+module"network-auto-psc" {`
	`29`	`+source="terraform-google-modules/network/google"`
	`30`	`+version="~> 9.0"`
	`31`	`+`
	`32`	`+project_id=var.project_id`
	`33`	`+network_name="your_network_name"`
	`34`	`+`
	`35`	`+subnets=[`
	`36`	`+ {`
	`37`	`+ subnet_name="your-subnet"`
	`38`	`+ subnet_ip="10.4.0.0/16"`
	`39`	`+ subnet_region="us-central1"`
	`40`	`+ }`
	`41`	`+ ]`
	`42`	`+}`
	`43`	`+`
`28`	`44`	`module"pg" {`
`29`	`45`	`source="terraform-google-modules/sql-db/google//modules/postgresql"`
`30`	`46`	`version="~> 20.0"`
`@@ -86,6 +102,12 @@ module "pg" {`
`86`	`102`	`},`
`87`	`103`	`]`
`88`	`104`
	`105`	`+psc_consumer={`
	`106`	`+ enabled=true`
	`107`	`+ subnet_id= module.network-auto-psc.subnets_ids[0]`
	`108`	`+ network_id= module.network-auto-psc.network_id`
	`109`	`+ }`
	`110`	`+`
`89`	`111`	`db_name=var.pg_psc_name`
`90`	`112`	`db_charset="UTF8"`
`91`	`113`	`db_collation="en_US.UTF8"`

`‎modules/postgresql/README.md‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -157,6 +157,7 @@ module "pg" {`
`157`	`157`	\| password\_validation\_policy\_config\| The password validation policy settings for the database instance.\| <pre>object({<br> min_length = optional(number)<br> complexity = optional(string)<br> reuse_interval = optional(number)<br> disallow_username_substring = optional(bool)<br> password_change_interval = optional(string)<br> })</pre>\|`null`\| no\|
`158`	`158`	\| pricing\_plan\| The pricing plan for the Cloud SQL instance.\|`string`\|`"PER_USE"`\| no\|
`159`	`159`	\| project\_id\| The project ID to manage the Cloud SQL resources\|`string`\| n/a\| yes\|
	`160`	+\| psc\_consumer\| The psc consumer to be created on the same project as the SQL instance(s). Remember to add the project under psc\_allowed\_consumer\_projects in the ip\_configuration block.\| <pre>object({<br> subnet_id = optional(string, "")<br> network_id = optional(string, "")<br> enabled = optional(bool, false)<br> allow_psc_global_access = optional(bool, false)<br> })</pre>\|`{}`\| no\|
`160`	`161`	\| random\_instance\_name\| Sets random suffix at the end of the Cloud SQL resource name\|`bool`\|`false`\| no\|
`161`	`162`	\| read\_replica\_deletion\_protection\| Used to block Terraform from deleting replica SQL Instances.\|`bool`\|`false`\| no\|
`162`	`163`	\| read\_replica\_deletion\_protection\_enabled\| Enables protection of replica instance from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform).\|`bool`\|`false`\| no\|

`‎modules/postgresql/main.tf‎`

Lines changed: 47 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -43,6 +43,9 @@ locals {`
`43`	`43`
`44`	`44`	`// Force the usage of connector_enforcement`
`45`	`45`	`connector_enforcement=var.connector_enforcement?"REQUIRED":"NOT_REQUIRED"`
	`46`	`+`
	`47`	`+psc_consumers=var.psc_consumer.enabled? {forinstanceinconcat([google_sql_database_instance.default],values(google_sql_database_instance.replicas)):instance.name=>instance }: {}`
	`48`	`+`
`46`	`49`	`}`
`47`	`50`
`48`	`51`	`resource"random_id""suffix" {`
`@@ -317,8 +320,52 @@ resource "google_sql_user" "iam_account" {`
`317`	`320`	`deletion_policy=var.user_deletion_policy`
`318`	`321`	`}`
`319`	`322`
	`323`	`+resource"google_compute_address""psc_ilb_consumer_address" {`
	`324`	`+for_each=local.psc_consumers`
	`325`	`+region=var.region`
	`326`	`+name=each.value.name`
	`327`	`+subnetwork=var.psc_consumer.subnet_id`
	`328`	`+address_type="INTERNAL"`
	`329`	`+}`
	`330`	`+`
	`331`	`+resource"google_compute_forwarding_rule""psc_ilb_consumer" {`
	`332`	`+for_each=local.psc_consumers`
	`333`	`+region=var.region`
	`334`	`+name=each.value.name`
	`335`	`+target=each.value.psc_service_attachment_link`
	`336`	`+load_balancing_scheme=""`
	`337`	`+network=var.psc_consumer.network_id`
	`338`	`+subnetwork=var.psc_consumer.subnet_id`
	`339`	`+allow_psc_global_access=var.psc_consumer.allow_psc_global_access`
	`340`	`+ip_address=google_compute_address.psc_ilb_consumer_address[each.value.name].id`
	`341`	`+}`
	`342`	`+`
	`343`	`+resource"google_dns_managed_zone""psc_dns_zone" {`
	`344`	`+for_each=local.psc_consumers`
	`345`	`+name=each.value.name`
	`346`	`+dns_name=each.value.dns_name`
	`347`	`+visibility="private"`
	`348`	`+private_visibility_config {`
	`349`	`+networks {`
	`350`	`+network_url=var.psc_consumer.network_id`
	`351`	`+ }`
	`352`	`+ }`
	`353`	`+}`
	`354`	`+`
	`355`	`+resource"google_dns_record_set""a" {`
	`356`	`+for_each=local.psc_consumers`
	`357`	`+name=each.value.dns_name`
	`358`	`+managed_zone=google_dns_managed_zone.psc_dns_zone[each.value.name].name`
	`359`	`+type="A"`
	`360`	`+ttl=300`
	`361`	`+rrdatas=[google_compute_address.psc_ilb_consumer_address[each.value.name].address]`
	`362`	`+}`
	`363`	`+`
	`364`	`+`
`320`	`365`	`resource"null_resource""module_depends_on" {`
`321`	`366`	`triggers={`
`322`	`367`	`value=length(var.module_depends_on)`
`323`	`368`	`}`
`324`	`369`	`}`
	`370`	`+`
	`371`	`+`

`‎modules/postgresql/variables.tf‎`

Lines changed: 25 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -439,3 +439,28 @@ variable "data_cache_enabled" {`
`439`	`439`	`type=bool`
`440`	`440`	`default=false`
`441`	`441`	`}`
	`442`	`+`
	`443`	`+variable"psc_consumer" {`
	`444`	`+description="The psc consumer to be created on the same project as the SQL instance(s). Remember to add the project under psc_allowed_consumer_projects in the ip_configuration block."`
	`445`	`+type=object({`
	`446`	`+ subnet_id=optional(string,"")`
	`447`	`+ network_id=optional(string,"")`
	`448`	`+ enabled=optional(bool,false)`
	`449`	`+ allow_psc_global_access=optional(bool,false)`
	`450`	`+ })`
	`451`	`+`
	`452`	`+default={}`
	`453`	`+`
	`454`	`+validation {`
	`455`	`+condition=(!var.psc_consumer.enabled\|\| (var.psc_consumer.network_id!=""&& var.psc_consumer.subnet_id!=""))`
	`456`	`+error_message="In order to use the psc_consumer submodule you must specify both network and subnet id"`
	`457`	`+ }`
	`458`	`+}`
	`459`	`+`
	`460`	`+`
	`461`	`+`
	`462`	`+`
	`463`	`+`
	`464`	`+`
	`465`	`+`
	`466`	`+`

`‎test/setup/iam.tf‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -22,6 +22,7 @@ locals {`
`22`	`22`	`"roles/cloudsql.admin",`
`23`	`23`	`"roles/compute.admin",`
`24`	`24`	`"roles/compute.networkAdmin",`
	`25`	`+"roles/dns.admin",`
`25`	`26`	`"roles/iam.serviceAccountAdmin",`
`26`	`27`	`"roles/iam.serviceAccountUser",`
`27`	`28`	`"roles/monitoring.editor",`

`‎test/setup/main.tf‎`

Lines changed: 1 addition & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -35,6 +35,7 @@ module "project" {`
`35`	`35`	`"serviceusage.googleapis.com",`
`36`	`36`	`"sqladmin.googleapis.com",`
`37`	`37`	`"workflows.googleapis.com",`
	`38`	`+"dns.googleapis.com",`
`38`	`39`	`]`
`39`	`40`	`}`
`40`	`41`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commita35c13c

File tree

6 files changed

6 files changed

`‎examples/postgresql-psc/main.tf‎`

`‎modules/postgresql/README.md‎`

`‎modules/postgresql/main.tf‎`

`‎modules/postgresql/variables.tf‎`

`‎test/setup/iam.tf‎`

`‎test/setup/main.tf‎`

0 commit comments