diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md
index 50c59cca7e..b4fc40cc1f 100644
--- a/modules/cloudsql-instance/README.md
+++ b/modules/cloudsql-instance/README.md
@@ -371,7 +371,7 @@ module "db" {
| [network_config](variables.tf#L184) | Network configuration for the instance. Only one between private_network and psc_config can be used. | object({…})
| ✓ | |
| [project_id](variables.tf#L217) | The ID of the project where this instances will be created. | string
| ✓ | |
| [region](variables.tf#L222) | Region of the primary instance. | string
| ✓ | |
-| [tier](variables.tf#L264) | The machine type to use for the instances. | string
| ✓ | |
+| [tier](variables.tf#L265) | The machine type to use for the instances. | string
| ✓ | |
| [activation_policy](variables.tf#L16) | This variable specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND. Default is ALWAYS. | string
| | "ALWAYS"
|
| [availability_type](variables.tf#L27) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | string
| | "ZONAL"
|
| [backup_configuration](variables.tf#L33) | Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas. | object({…})
| | {…}
|
@@ -391,11 +391,11 @@ module "db" {
| [maintenance_config](variables.tf#L146) | Set maintenance window configuration and maintenance deny period (up to 90 days). Date format: 'yyyy-mm-dd'. | object({…})
| | {}
|
| [prefix](variables.tf#L207) | Optional prefix used to generate instance names. | string
| | null
|
| [replicas](variables.tf#L227) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…}))
| | {}
|
-| [root_password](variables.tf#L236) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string
| | null
|
-| [ssl](variables.tf#L242) | Setting to enable SSL, set config and certificates. | object({…})
| | {}
|
-| [terraform_deletion_protection](variables.tf#L257) | Prevent terraform from deleting instances. | bool
| | true
|
-| [time_zone](variables.tf#L269) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string
| | null
|
-| [users](variables.tf#L275) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…}))
| | null
|
+| [root_password](variables.tf#L237) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string
| | null
|
+| [ssl](variables.tf#L243) | Setting to enable SSL, set config and certificates. | object({…})
| | {}
|
+| [terraform_deletion_protection](variables.tf#L258) | Prevent terraform from deleting instances. | bool
| | true
|
+| [time_zone](variables.tf#L270) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string
| | null
|
+| [users](variables.tf#L276) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…}))
| | null
|
## Outputs
diff --git a/modules/cloudsql-instance/main.tf b/modules/cloudsql-instance/main.tf
index 52f6ea5160..eeb2b40219 100644
--- a/modules/cloudsql-instance/main.tf
+++ b/modules/cloudsql-instance/main.tf
@@ -18,7 +18,7 @@ locals {
prefix = var.prefix == null ? "" : "${var.prefix}-"
is_mysql = can(regex("^MYSQL", var.database_version))
is_postgres = can(regex("^POSTGRES", var.database_version))
- has_replicas = try(length(var.replicas) > 0, false)
+ has_replicas = length(var.replicas) > 0
is_regional = var.availability_type == "REGIONAL" ? true : false
// Enable backup if the user asks for it or if the user is deploying
@@ -30,15 +30,15 @@ locals {
k =>
local.is_mysql ?
{
- name = try(v.type, "BUILT_IN") == "BUILT_IN" ? split("@", k)[0] : k
- host = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(split("@", k)[1], null) : null
- password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null
- type = try(v.type, "BUILT_IN")
+ name = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? split("@", k)[0] : k
+ host = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(split("@", k)[1], null) : null
+ password = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null
+ type = coalesce(v.type, "BUILT_IN")
} : {
name = local.is_postgres ? try(trimsuffix(k, ".gserviceaccount.com"), k) : k
host = null
- password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null
- type = try(v.type, "BUILT_IN")
+ password = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null
+ type = coalesce(v.type, "BUILT_IN")
}
}
diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf
index 83fd8dcff4..b1590dc6cb 100644
--- a/modules/cloudsql-instance/variables.tf
+++ b/modules/cloudsql-instance/variables.tf
@@ -230,7 +230,8 @@ variable "replicas" {
region = string
encryption_key_name = optional(string)
}))
- default = {}
+ default = {}
+ nullable = false
}
variable "root_password" {