diff --git a/blueprints/data-solutions/cloudsql-multiregion/variables.tf b/blueprints/data-solutions/cloudsql-multiregion/variables.tf index 5ed906ddbe..3abae5efda 100644 --- a/blueprints/data-solutions/cloudsql-multiregion/variables.tf +++ b/blueprints/data-solutions/cloudsql-multiregion/variables.tf @@ -22,7 +22,7 @@ variable "data_eng_principal" { variable "deletion_protection" { description = "Prevent Terraform from destroying data storage resources (storage buckets, GKE clusters, CloudSQL instances) in this blueprint. When this field is set in Terraform state, a terraform destroy or terraform apply that would delete data storage resources will fail." - type = true + type = bool default = false nullable = false } diff --git a/blueprints/data-solutions/cmek-via-centralized-kms/main.tf b/blueprints/data-solutions/cmek-via-centralized-kms/main.tf index 78dbbfff61..54f3a5758c 100644 --- a/blueprints/data-solutions/cmek-via-centralized-kms/main.tf +++ b/blueprints/data-solutions/cmek-via-centralized-kms/main.tf @@ -163,5 +163,5 @@ module "kms-gcs" { location = var.region storage_class = "REGIONAL" encryption_key = local.kms_keys.gcs - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } diff --git a/blueprints/data-solutions/data-platform-foundations/02-load.tf b/blueprints/data-solutions/data-platform-foundations/02-load.tf index fd37a57328..e262e960f5 100644 --- a/blueprints/data-solutions/data-platform-foundations/02-load.tf +++ b/blueprints/data-solutions/data-platform-foundations/02-load.tf @@ -98,7 +98,7 @@ module "load-cs-df-0" { location = var.location storage_class = "MULTI_REGIONAL" encryption_key = try(local.service_encryption_keys.storage, null) - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "load-vpc" { diff --git a/blueprints/data-solutions/data-platform-foundations/03-orchestration.tf b/blueprints/data-solutions/data-platform-foundations/03-orchestration.tf index 28505ac555..3412ab6bcd 100644 --- a/blueprints/data-solutions/data-platform-foundations/03-orchestration.tf +++ b/blueprints/data-solutions/data-platform-foundations/03-orchestration.tf @@ -109,7 +109,7 @@ module "orch-cs-0" { location = var.location storage_class = "MULTI_REGIONAL" encryption_key = try(local.service_encryption_keys.storage, null) - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "orch-vpc" { @@ -165,7 +165,7 @@ module "orch-cs-df-template" { location = var.region storage_class = "REGIONAL" encryption_key = try(local.service_encryption_keys.storage, null) - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "orch-cs-build-staging" { @@ -176,7 +176,7 @@ module "orch-cs-build-staging" { location = var.region storage_class = "REGIONAL" encryption_key = try(local.service_encryption_keys.storage, null) - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "orch-sa-df-build" { diff --git a/blueprints/data-solutions/data-platform-foundations/04-transformation.tf b/blueprints/data-solutions/data-platform-foundations/04-transformation.tf index 5086a81a5f..164bc8630c 100644 --- a/blueprints/data-solutions/data-platform-foundations/04-transformation.tf +++ b/blueprints/data-solutions/data-platform-foundations/04-transformation.tf @@ -97,7 +97,7 @@ module "transf-cs-df-0" { location = var.location storage_class = "MULTI_REGIONAL" encryption_key = try(local.service_encryption_keys.storage, null) - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "transf-sa-bq-0" { diff --git a/blueprints/data-solutions/data-platform-foundations/variables.tf b/blueprints/data-solutions/data-platform-foundations/variables.tf index aa8e75db0c..e3e72950cb 100644 --- a/blueprints/data-solutions/data-platform-foundations/variables.tf +++ b/blueprints/data-solutions/data-platform-foundations/variables.tf @@ -119,7 +119,7 @@ variable "data_catalog_tags" { variable "deletion_protection" { description = "Prevent Terraform from destroying data storage resources (storage buckets, GKE clusters, CloudSQL instances) in this blueprint. When this field is set in Terraform state, a terraform destroy or terraform apply that would delete data storage resources will fail." - type = true + type = bool default = false nullable = false } diff --git a/blueprints/data-solutions/data-playground/main.tf b/blueprints/data-solutions/data-playground/main.tf index 4a68c60609..a0f7e43593 100644 --- a/blueprints/data-solutions/data-playground/main.tf +++ b/blueprints/data-solutions/data-playground/main.tf @@ -163,7 +163,7 @@ module "bucket" { location = var.location name = "data" encryption_key = try(local.service_encryption_keys.storage, null) # Example assignment of an encryption key - force_delete = !var.deletion_protection + force_destroy = !var.deletion_protection } module "dataset" { diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf index 4bd266e7bc..a5a16485e0 100644 --- a/blueprints/gke/multitenant-fleet/variables.tf +++ b/blueprints/gke/multitenant-fleet/variables.tf @@ -91,7 +91,7 @@ variable "clusters" { variable "deletion_protection" { description = "Prevent Terraform from destroying data storage resources (storage buckets, GKE clusters, CloudSQL instances) in this blueprint. When this field is set in Terraform state, a terraform destroy or terraform apply that would delete data storage resources will fail." - type = true + type = bool default = false nullable = false } diff --git a/fast/stages/3-data-platform/dev/main.tf b/fast/stages/3-data-platform/dev/main.tf index 25dfe24aa2..f536070ed1 100644 --- a/fast/stages/3-data-platform/dev/main.tf +++ b/fast/stages/3-data-platform/dev/main.tf @@ -1,5 +1,5 @@ /** - * Copyright 2022 Google LLC + * Copyright 2023 Google LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -17,10 +17,10 @@ # tfdoc:file:description Data Platform. module "data-platform" { - source = "../../../../blueprints/data-solutions/data-platform-foundations" - composer_config = var.composer_config - data_force_destroy = var.data_force_destroy - data_catalog_tags = var.data_catalog_tags + source = "../../../../blueprints/data-solutions/data-platform-foundations" + composer_config = var.composer_config + deletion_protection = var.deletion_protection + data_catalog_tags = var.data_catalog_tags project_config = { billing_account_id = var.billing_account.id parent = var.folder_ids.data-platform-dev diff --git a/fast/stages/3-data-platform/dev/variables.tf b/fast/stages/3-data-platform/dev/variables.tf index ef28fb27fc..ac5ee4b356 100644 --- a/fast/stages/3-data-platform/dev/variables.tf +++ b/fast/stages/3-data-platform/dev/variables.tf @@ -1,4 +1,4 @@ -# Copyright 2022 Google LLC +# Copyright 2023 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -98,10 +98,11 @@ variable "data_catalog_tags" { } } -variable "data_force_destroy" { - description = "Flag to set 'force_destroy' on data services like BigQery or Cloud Storage." +variable "deletion_protection" { + description = "Prevent Terraform from destroying data storage resources (storage buckets, GKE clusters, CloudSQL instances) in this blueprint. When this field is set in Terraform state, a terraform destroy or terraform apply that would delete data storage resources will fail." type = bool - default = false + default = true + nullable = false } variable "folder_ids" { diff --git a/tests/modules/cloudsql_instance/examples/insights.yaml b/tests/modules/cloudsql_instance/examples/insights.yaml index eecb1461a1..1c54188352 100644 --- a/tests/modules/cloudsql_instance/examples/insights.yaml +++ b/tests/modules/cloudsql_instance/examples/insights.yaml @@ -26,7 +26,7 @@ values: collation: null data_cache_config: [] database_flags: [] - deletion_protection_enabled: false + deletion_protection_enabled: true deny_maintenance_period: [] disk_autoresize: true disk_autoresize_limit: 0 diff --git a/tests/modules/cloudsql_instance/examples/public-ip.yaml b/tests/modules/cloudsql_instance/examples/public-ip.yaml index 0865d44a04..9ba4622033 100644 --- a/tests/modules/cloudsql_instance/examples/public-ip.yaml +++ b/tests/modules/cloudsql_instance/examples/public-ip.yaml @@ -37,7 +37,7 @@ values: collation: null data_cache_config: [] database_flags: [] - deletion_protection_enabled: false + deletion_protection_enabled: true deny_maintenance_period: [] disk_autoresize: true disk_autoresize_limit: 0 @@ -72,7 +72,7 @@ values: collation: null data_cache_config: [] database_flags: [] - deletion_protection_enabled: false + deletion_protection_enabled: true deny_maintenance_period: [] disk_autoresize: true disk_autoresize_limit: 0 diff --git a/tests/modules/cloudsql_instance/examples/simple.yaml b/tests/modules/cloudsql_instance/examples/simple.yaml index 3cedbf7833..d4c0558d9c 100644 --- a/tests/modules/cloudsql_instance/examples/simple.yaml +++ b/tests/modules/cloudsql_instance/examples/simple.yaml @@ -27,7 +27,7 @@ values: collation: null data_cache_config: [] database_flags: [] - deletion_protection_enabled: false + deletion_protection_enabled: true deny_maintenance_period: [] disk_autoresize: true disk_autoresize_limit: 0