Skip to content

Commit

Permalink
updates
Browse files Browse the repository at this point in the history
  • Loading branch information
@simonebruzzechesse
simonebruzzechesse committed May 17, 2024
1 parent 203d5a1 commit 0941e23
Show file tree
Hide file tree
Showing 7 changed files with 350 additions and 124 deletions.
98 changes: 76 additions & 22 deletions modules/alloydb/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ module "alloydb" {
source = "./fabric/modules/alloydb"
project_id = module.project.project_id
cluster_name = "db"
cluster_network_config = {
network_config = {
network = module.vpc.id
}
name = "db"
Expand Down Expand Up @@ -84,33 +84,87 @@ module "alloydb" {
}
# tftest modules=1 resources=4 inventory=cross_region_replication.yaml e2e
```

In a cross-region replication scenario (like in the previous example) this module also supports [promoting the secondary instance](https://cloud.google.com/alloydb/docs/cross-region-replication/work-with-cross-region-replication#promote-secondary-cluster) to become a primary instance via the `var.cross_region_replication.promote_secondary` flag.

### Custom flags and users definition

```hcl
module "alloydb" {
source = "./fabric/modules/alloydb"
project_id = var.project_id
cluster_name = "primary"
location = var.region
name = "primary"
flags = {
"alloydb.enable_pgaudit" = "on"
"alloydb.iam_authentication" = "on"
idle_in_transaction_session_timeout = "900000"
timezone = "'UTC'"
}
network_config = {
network = var.vpc.self_link
}
users = {
# generate a password for user1
user1 = {
password = null
}
# assign a password to user2
user2 = {
password = "mypassword"
}
}
}
# tftest modules=1 resources=5 inventory=custom.yaml e2e
```

### CMEK encryption

```hcl
module "alloydb" {
source = "./fabric/modules/alloydb"
project_id = var.project_id
cluster_name = "primary"
location = var.region
name = "primary"
network_config = {
network = var.vpc.self_link
}
encryption_config = {
primary_kms_key_name = var.kms_key.id
}
}
# tftest modules=1 resources=2 inventory=cmek.yaml e2e
```
<!-- BEGIN TFDOC -->
## Variables

| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [cluster_name](variables.tf#L85) | Name of the primary cluster. | <code>string</code> || |
| [cluster_network_config](variables.tf#L90) | Network configuration for the cluster. Only one between cluster_network_config and cluster_psc_config can be used. | <code title="object&#40;&#123;&#10; network &#61; string&#10; allocated_ip_range &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [location](variables.tf#L185) | Region or zone of the cluster and instance. | <code>string</code> || |
| [name](variables.tf#L241) | Name of primary instance. | <code>string</code> || |
| [project_id](variables.tf#L256) | The ID of the project where this instances will be created. | <code>string</code> || |
| [cluster_name](variables.tf#L87) | Name of the primary cluster. | <code>string</code> || |
| [location](variables.tf#L168) | Region or zone of the cluster and instance. | <code>string</code> || |
| [name](variables.tf#L224) | Name of primary instance. | <code>string</code> || |
| [network_config](variables.tf#L229) | Network configuration for cluster and instance. Only one between cluster_network_config and cluster_psc_config can be used. | <code title="object&#40;&#123;&#10; network &#61; string&#10; allocated_ip_range &#61; optional&#40;string, null&#41;&#10; authorized_external_networks &#61; optional&#40;list&#40;string&#41;, null&#41;&#10; enable_public_ip &#61; optional&#40;bool, false&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> || |
| [project_id](variables.tf#L254) | The ID of the project where this instances will be created. | <code>string</code> || |
| [automated_backup_configuration](variables.tf#L17) | Automated backup settings for cluster. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; backup_window &#61; optional&#40;string, &#34;1800s&#34;&#41;&#10; location &#61; optional&#40;string&#41;&#10; weekly_schedule &#61; optional&#40;object&#40;&#123;&#10; days_of_week &#61; optional&#40;list&#40;string&#41;, &#91;&#10; &#34;MONDAY&#34;, &#34;TUESDAY&#34;, &#34;WEDNESDAY&#34;, &#34;THURSDAY&#34;, &#34;FRIDAY&#34;, &#34;SATURDAY&#34;, &#34;SUNDAY&#34;&#10; &#93;&#41;&#10; start_times &#61; optional&#40;object&#40;&#123;&#10; hours &#61; optional&#40;number, 23&#41;&#10; minutes &#61; optional&#40;number, 0&#41;&#10; seconds &#61; optional&#40;number, 0&#41;&#10; nanos &#61; optional&#40;number, 0&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10; retention_count &#61; optional&#40;number, 7&#41;&#10; retention_period &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; enabled &#61; false&#10; backup_window &#61; &#34;1800s&#34;&#10; location &#61; null&#10; weekly_schedule &#61; &#123;&#10; days_of_week &#61; &#91;&#34;MONDAY&#34;, &#34;TUESDAY&#34;, &#34;WEDNESDAY&#34;, &#34;THURSDAY&#34;, &#34;FRIDAY&#34;, &#34;SATURDAY&#34;, &#34;SUNDAY&#34;&#93;&#10; start_times &#61; &#123;&#10; hours &#61; 23&#10; minutes &#61; 0&#10; seconds &#61; 0&#10; nanos &#61; 0&#10; &#125;&#10; &#125;&#10; retention_count &#61; 7&#10; retention_period &#61; null&#10;&#125;">&#123;&#8230;&#125;</code> |
| [availability_type](variables.tf#L68) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | <code>string</code> | | <code>&#34;REGIONAL&#34;</code> |
| [client_connection_config](variables.tf#L74) | Client connection config. | <code title="object&#40;&#123;&#10; require_connectors &#61; optional&#40;bool, false&#41;&#10; ssl_config &#61; optional&#40;object&#40;&#123;&#10; ssl_mode &#61; string&#10; &#125;&#41;, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [continuous_backup_configuration](variables.tf#L99) | Continuous backup settings for cluster. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; recovery_window_days &#61; optional&#40;number, 14&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; enabled &#61; false&#10; recovery_window_days &#61; 14&#10;&#125;">&#123;&#8230;&#125;</code> |
| [cross_region_replication](variables.tf#L112) | Cross region replication config. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; promote_secondary &#61; optional&#40;bool, false&#41;&#10; region &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [database_version](variables.tf#L126) | Database type and version to create. | <code>string</code> | | <code>&#34;POSTGRES_15&#34;</code> |
| [deletion_policy](variables.tf#L132) | AlloyDB cluster and instance deletion policy. | <code>string</code> | | <code>null</code> |
| [encryption_config](variables.tf#L138) | Set encryption configuration. KMS name format: 'projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]'. | <code title="object&#40;&#123;&#10; primary_kms_key_name &#61; string&#10; secondary_kms_key_name &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [flags](variables.tf#L148) | Map FLAG_NAME=>VALUE for database-specific tuning. | <code>map&#40;string&#41;</code> | | <code>null</code> |
| [initial_user](variables.tf#L155) | AlloyDB cluster initial user credentials. | <code title="object&#40;&#123;&#10; user &#61; optional&#40;string, &#34;root&#34;&#41;&#10; password &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [instance_network_config](variables.tf#L164) | Network configuration for the instance. Only one between instance_network_config and instance_psc_config can be used. | <code title="object&#40;&#123;&#10; authorized_external_networks &#61; list&#40;string&#41;&#10; enable_public_ip &#61; bool&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [labels](variables.tf#L179) | Labels to be attached to all instances. | <code>map&#40;string&#41;</code> | | <code>null</code> |
| [machine_config](variables.tf#L190) | AlloyDB machine config. | <code title="object&#40;&#123;&#10; cpu_count &#61; optional&#40;number, 2&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; cpu_count &#61; 2&#10;&#125;">&#123;&#8230;&#125;</code> |
| [maintenance_config](variables.tf#L201) | Set maintenance window configuration. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; day &#61; optional&#40;string, &#34;SUNDAY&#34;&#41;&#10; start_time &#61; optional&#40;object&#40;&#123;&#10; hours &#61; optional&#40;number, 23&#41;&#10; minutes &#61; optional&#40;number, 0&#41;&#10; seconds &#61; optional&#40;number, 0&#41;&#10; nanos &#61; optional&#40;number, 0&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; enabled &#61; false&#10; day &#61; &#34;SUNDAY&#34;&#10; start_time &#61; &#123;&#10; hours &#61; 23&#10; minutes &#61; 0&#10; seconds &#61; 0&#10; nanos &#61; 0&#10; &#125;&#10;&#125;">&#123;&#8230;&#125;</code> |
| [prefix](variables.tf#L246) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
| [query_insights_config](variables.tf#L261) | Query insights config. | <code title="object&#40;&#123;&#10; query_string_length &#61; optional&#40;number, 1024&#41;&#10; record_application_tags &#61; optional&#40;bool, true&#41;&#10; record_client_address &#61; optional&#40;bool, true&#41;&#10; query_plans_per_minute &#61; optional&#40;number, 5&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; query_string_length &#61; 1024&#10; record_application_tags &#61; true&#10; record_client_address &#61; true&#10; query_plans_per_minute &#61; 5&#10;&#125;">&#123;&#8230;&#125;</code> |
| [users](variables.tf#L277) | Map of users to create in the primary instance (and replicated to other replicas). Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'ALLOYDB_BUILT_IN' or 'ALLOYDB_IAM_USER'. | <code title="map&#40;object&#40;&#123;&#10; password &#61; optional&#40;string&#41;&#10; roles &#61; optional&#40;list&#40;string&#41;, &#91;&#34;alloydbsuperuser&#34;&#93;&#41;&#10; type &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |
| [availability_type](variables.tf#L70) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | <code>string</code> | | <code>&#34;REGIONAL&#34;</code> |
| [client_connection_config](variables.tf#L76) | Client connection config. | <code title="object&#40;&#123;&#10; require_connectors &#61; optional&#40;bool, false&#41;&#10; ssl_config &#61; optional&#40;object&#40;&#123;&#10; ssl_mode &#61; string&#10; &#125;&#41;, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [continuous_backup_configuration](variables.tf#L92) | Continuous backup settings for cluster. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; recovery_window_days &#61; optional&#40;number, 14&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; enabled &#61; true&#10; recovery_window_days &#61; 14&#10;&#125;">&#123;&#8230;&#125;</code> |
| [cross_region_replication](variables.tf#L105) | Cross region replication config. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; promote_secondary &#61; optional&#40;bool, false&#41;&#10; region &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>&#123;&#125;</code> |
| [database_version](variables.tf#L119) | Database type and version to create. | <code>string</code> | | <code>&#34;POSTGRES_15&#34;</code> |
| [deletion_policy](variables.tf#L125) | AlloyDB cluster and instance deletion policy. | <code>string</code> | | <code>null</code> |
| [encryption_config](variables.tf#L131) | Set encryption configuration. KMS name format: 'projects/[PROJECT]/locations/[REGION]/keyRings/[RING]/cryptoKeys/[KEY_NAME]'. | <code title="object&#40;&#123;&#10; primary_kms_key_name &#61; string&#10; secondary_kms_key_name &#61; optional&#40;string, null&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [flags](variables.tf#L141) | Map FLAG_NAME=>VALUE for database-specific tuning. | <code>map&#40;string&#41;</code> | | <code>null</code> |
| [gce_zone](variables.tf#L147) | The GCE zone that the instance should serve from. This can ONLY be specified for ZONAL instances. If present for a REGIONAL instance, an error will be thrown. | <code>string</code> | | <code>null</code> |
| [initial_user](variables.tf#L153) | AlloyDB cluster initial user credentials. | <code title="object&#40;&#123;&#10; user &#61; optional&#40;string, &#34;root&#34;&#41;&#10; password &#61; string&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code>null</code> |
| [labels](variables.tf#L162) | Labels to be attached to all instances. | <code>map&#40;string&#41;</code> | | <code>null</code> |
| [machine_config](variables.tf#L173) | AlloyDB machine config. | <code title="object&#40;&#123;&#10; cpu_count &#61; optional&#40;number, 2&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; cpu_count &#61; 2&#10;&#125;">&#123;&#8230;&#125;</code> |
| [maintenance_config](variables.tf#L184) | Set maintenance window configuration. | <code title="object&#40;&#123;&#10; enabled &#61; optional&#40;bool, false&#41;&#10; day &#61; optional&#40;string, &#34;SUNDAY&#34;&#41;&#10; start_time &#61; optional&#40;object&#40;&#123;&#10; hours &#61; optional&#40;number, 23&#41;&#10; minutes &#61; optional&#40;number, 0&#41;&#10; seconds &#61; optional&#40;number, 0&#41;&#10; nanos &#61; optional&#40;number, 0&#41;&#10; &#125;&#41;, &#123;&#125;&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; enabled &#61; false&#10; day &#61; &#34;SUNDAY&#34;&#10; start_time &#61; &#123;&#10; hours &#61; 23&#10; minutes &#61; 0&#10; seconds &#61; 0&#10; nanos &#61; 0&#10; &#125;&#10;&#125;">&#123;&#8230;&#125;</code> |
| [prefix](variables.tf#L244) | Optional prefix used to generate instance names. | <code>string</code> | | <code>null</code> |
| [query_insights_config](variables.tf#L259) | Query insights config. | <code title="object&#40;&#123;&#10; query_string_length &#61; optional&#40;number, 1024&#41;&#10; record_application_tags &#61; optional&#40;bool, true&#41;&#10; record_client_address &#61; optional&#40;bool, true&#41;&#10; query_plans_per_minute &#61; optional&#40;number, 5&#41;&#10;&#125;&#41;">object&#40;&#123;&#8230;&#125;&#41;</code> | | <code title="&#123;&#10; query_string_length &#61; 1024&#10; record_application_tags &#61; true&#10; record_client_address &#61; true&#10; query_plans_per_minute &#61; 5&#10;&#125;">&#123;&#8230;&#125;</code> |
| [users](variables.tf#L275) | Map of users to create in the primary instance (and replicated to other replicas). Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'ALLOYDB_BUILT_IN' or 'ALLOYDB_IAM_USER'. | <code title="map&#40;object&#40;&#123;&#10; password &#61; optional&#40;string&#41;&#10; roles &#61; optional&#40;list&#40;string&#41;, &#91;&#34;alloydbsuperuser&#34;&#93;&#41;&#10; type &#61; optional&#40;string&#41;&#10;&#125;&#41;&#41;">map&#40;object&#40;&#123;&#8230;&#125;&#41;&#41;</code> | | <code>null</code> |

## Outputs

Expand Down
Loading

0 comments on commit 0941e23

Please sign in to comment.