diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index 50c59cca7e..b4fc40cc1f 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -371,7 +371,7 @@ module "db" { | [network_config](variables.tf#L184) | Network configuration for the instance. Only one between private_network and psc_config can be used. | object({…}) | ✓ | | | [project_id](variables.tf#L217) | The ID of the project where this instances will be created. | string | ✓ | | | [region](variables.tf#L222) | Region of the primary instance. | string | ✓ | | -| [tier](variables.tf#L264) | The machine type to use for the instances. | string | ✓ | | +| [tier](variables.tf#L265) | The machine type to use for the instances. | string | ✓ | | | [activation_policy](variables.tf#L16) | This variable specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND. Default is ALWAYS. | string | | "ALWAYS" | | [availability_type](variables.tf#L27) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | string | | "ZONAL" | | [backup_configuration](variables.tf#L33) | Backup settings for primary instance. Will be automatically enabled if using MySQL with one or more replicas. | object({…}) | | {…} | @@ -391,11 +391,11 @@ module "db" { | [maintenance_config](variables.tf#L146) | Set maintenance window configuration and maintenance deny period (up to 90 days). Date format: 'yyyy-mm-dd'. | object({…}) | | {} | | [prefix](variables.tf#L207) | Optional prefix used to generate instance names. | string | | null | | [replicas](variables.tf#L227) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} | -| [root_password](variables.tf#L236) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string | | null | -| [ssl](variables.tf#L242) | Setting to enable SSL, set config and certificates. | object({…}) | | {} | -| [terraform_deletion_protection](variables.tf#L257) | Prevent terraform from deleting instances. | bool | | true | -| [time_zone](variables.tf#L269) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string | | null | -| [users](variables.tf#L275) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…})) | | null | +| [root_password](variables.tf#L237) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string | | null | +| [ssl](variables.tf#L243) | Setting to enable SSL, set config and certificates. | object({…}) | | {} | +| [terraform_deletion_protection](variables.tf#L258) | Prevent terraform from deleting instances. | bool | | true | +| [time_zone](variables.tf#L270) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string | | null | +| [users](variables.tf#L276) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…})) | | null | ## Outputs diff --git a/modules/cloudsql-instance/main.tf b/modules/cloudsql-instance/main.tf index 52f6ea5160..eeb2b40219 100644 --- a/modules/cloudsql-instance/main.tf +++ b/modules/cloudsql-instance/main.tf @@ -18,7 +18,7 @@ locals { prefix = var.prefix == null ? "" : "${var.prefix}-" is_mysql = can(regex("^MYSQL", var.database_version)) is_postgres = can(regex("^POSTGRES", var.database_version)) - has_replicas = try(length(var.replicas) > 0, false) + has_replicas = length(var.replicas) > 0 is_regional = var.availability_type == "REGIONAL" ? true : false // Enable backup if the user asks for it or if the user is deploying @@ -30,15 +30,15 @@ locals { k => local.is_mysql ? { - name = try(v.type, "BUILT_IN") == "BUILT_IN" ? split("@", k)[0] : k - host = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(split("@", k)[1], null) : null - password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null - type = try(v.type, "BUILT_IN") + name = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? split("@", k)[0] : k + host = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(split("@", k)[1], null) : null + password = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null + type = coalesce(v.type, "BUILT_IN") } : { name = local.is_postgres ? try(trimsuffix(k, ".gserviceaccount.com"), k) : k host = null - password = try(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null - type = try(v.type, "BUILT_IN") + password = coalesce(v.type, "BUILT_IN") == "BUILT_IN" ? try(random_password.passwords[k].result, v.password) : null + type = coalesce(v.type, "BUILT_IN") } } diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf index 83fd8dcff4..b1590dc6cb 100644 --- a/modules/cloudsql-instance/variables.tf +++ b/modules/cloudsql-instance/variables.tf @@ -230,7 +230,8 @@ variable "replicas" { region = string encryption_key_name = optional(string) })) - default = {} + default = {} + nullable = false } variable "root_password" {