diff --git a/modules/alloydb/README.md b/modules/alloydb/README.md
index c5762eea4e..a26616473c 100644
--- a/modules/alloydb/README.md
+++ b/modules/alloydb/README.md
@@ -12,6 +12,8 @@ Note that this module assumes that some options are the same for both the primar
* [Examples](#examples)
* [Simple example](#simple-example)
* [Cross region replication](#cross-region-replication)
+ * [Custom flags and users definition](#custom-flags-and-users-definition)
+ * [CMEK encryption](#cmek-encryption)
* [Variables](#variables)
* [Outputs](#outputs)
@@ -72,11 +74,11 @@ module "alloydb" {
source = "./fabric/modules/alloydb"
project_id = var.project_id
cluster_name = "db"
- cluster_network_config = {
+ location = var.region
+ name = "db"
+ network_config = {
network = var.vpc.self_link
}
- name = "db"
- location = "europe-west8"
cross_region_replication = {
enabled = true
region = "europe-west12"
@@ -164,7 +166,9 @@ module "alloydb" {
| [maintenance_config](variables.tf#L184) | Set maintenance window configuration. | object({…}) | | {…} |
| [prefix](variables.tf#L244) | Optional prefix used to generate instance names. | string | | null |
| [query_insights_config](variables.tf#L259) | Query insights config. | object({…}) | | {…} |
-| [users](variables.tf#L275) | Map of users to create in the primary instance (and replicated to other replicas). Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'ALLOYDB_BUILT_IN' or 'ALLOYDB_IAM_USER'. | map(object({…})) | | null |
+| [secondary_cluster_name](variables.tf#L275) | Name of secondary cluster instance. | string | | null |
+| [secondary_name](variables.tf#L281) | Name of secondary instance. | string | | null |
+| [users](variables.tf#L287) | Map of users to create in the primary instance (and replicated to other replicas). Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'ALLOYDB_BUILT_IN' or 'ALLOYDB_IAM_USER'. | map(object({…})) | | null |
## Outputs
diff --git a/modules/alloydb/main.tf b/modules/alloydb/main.tf
index f7ace81f01..748dfe9367 100644
--- a/modules/alloydb/main.tf
+++ b/modules/alloydb/main.tf
@@ -20,8 +20,9 @@ locals {
is_regional = var.availability_type == "REGIONAL" ? true : false
# secondary instance type is aligned with cluster type unless apply is targeting a promotion, in that
# case cluster will be 'primary' while instance still 'secondary'.
+ secondary_cluster_name = coalesce(var.secondary_cluster_name, "${var.cluster_name}-sec")
+ secondary_instance_name = coalesce(var.secondary_name, "${var.name}-sec")
secondary_instance_type = try(var.cross_region_replication.promote_secondary && google_alloydb_cluster.secondary[0].cluster_type == "SECONDARY" ? "SECONDARY" : google_alloydb_cluster.secondary[0].cluster_type, null)
-
users = {
for k, v in coalesce(var.users, {}) :
k => {
@@ -189,7 +190,7 @@ resource "google_alloydb_instance" "primary" {
resource "google_alloydb_cluster" "secondary" {
count = var.cross_region_replication.enabled ? 1 : 0
project = var.project_id
- cluster_id = "${local.prefix}${var.cluster_name}-secondary"
+ cluster_id = local.secondary_cluster_name
cluster_type = var.cross_region_replication.promote_secondary ? "PRIMARY" : "SECONDARY"
database_version = var.database_version
deletion_policy = "FORCE"
@@ -301,9 +302,9 @@ resource "google_alloydb_instance" "secondary" {
availability_type = var.availability_type
cluster = google_alloydb_cluster.secondary[0].id
database_flags = var.cross_region_replication.promote_secondary ? var.flags : null
- display_name = "${local.prefix}${var.name}"
+ display_name = local.secondary_instance_name
gce_zone = local.is_regional ? null : var.gce_zone
- instance_id = "${local.prefix}${var.name}-secondary"
+ instance_id = local.secondary_instance_name
instance_type = local.secondary_instance_type
labels = var.labels
diff --git a/modules/alloydb/variables.tf b/modules/alloydb/variables.tf
index d7bd26fe7c..4f7a24ef53 100644
--- a/modules/alloydb/variables.tf
+++ b/modules/alloydb/variables.tf
@@ -272,6 +272,18 @@ variable "query_insights_config" {
}
}
+variable "secondary_cluster_name" {
+ description = "Name of secondary cluster instance."
+ type = string
+ default = null
+}
+
+variable "secondary_name" {
+ description = "Name of secondary instance."
+ type = string
+ default = null
+}
+
variable "users" {
description = "Map of users to create in the primary instance (and replicated to other replicas). Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'ALLOYDB_BUILT_IN' or 'ALLOYDB_IAM_USER'."
type = map(object({
diff --git a/tests/modules/alloydb/examples/cross_region_replication.yaml b/tests/modules/alloydb/examples/cross_region_replication.yaml
index 39bb179ae9..e048ef892a 100644
--- a/tests/modules/alloydb/examples/cross_region_replication.yaml
+++ b/tests/modules/alloydb/examples/cross_region_replication.yaml
@@ -17,6 +17,10 @@ values:
annotations: null
cluster_id: db
cluster_type: PRIMARY
+ continuous_backup_config:
+ - enabled: true
+ encryption_config: []
+ recovery_window_days: 14
database_version: POSTGRES_15
deletion_policy: DEFAULT
display_name: null
@@ -36,8 +40,12 @@ values:
timeouts: null
module.alloydb.google_alloydb_cluster.secondary[0]:
annotations: null
- cluster_id: db-secondary
+ cluster_id: db-sec
cluster_type: SECONDARY
+ continuous_backup_config:
+ - enabled: true
+ encryption_config: []
+ recovery_window_days: 14
database_version: POSTGRES_15
deletion_policy: FORCE
display_name: null
@@ -66,7 +74,9 @@ values:
labels: null
machine_config:
- cpu_count: 2
- network_config: []
+ network_config:
+ - authorized_external_networks: []
+ enable_public_ip: false
query_insights_config:
- query_plans_per_minute: 5
query_string_length: 1024
@@ -77,14 +87,16 @@ values:
module.alloydb.google_alloydb_instance.secondary[0]:
annotations: null
availability_type: REGIONAL
- display_name: db
+ display_name: db-sec
gce_zone: null
- instance_id: db-secondary
+ instance_id: db-sec
instance_type: SECONDARY
labels: null
machine_config:
- cpu_count: 2
- network_config: []
+ network_config:
+ - authorized_external_networks: []
+ enable_public_ip: false
query_insights_config:
- query_plans_per_minute: 5
query_string_length: 1024