Skip to content

Commit

Permalink
feat: adds deletion_policy parameter for google_sql_user and google_s…
Browse files Browse the repository at this point in the history
…ql_database resource. (#386)

Co-authored-by: g-awmalik <[email protected]>
  • Loading branch information
isaurabhuttam and g-awmalik authored Dec 9, 2022
1 parent edefa43 commit 8ab6e37
Show file tree
Hide file tree
Showing 3 changed files with 33 additions and 14 deletions.
2 changes: 2 additions & 0 deletions modules/postgresql/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| availability\_type | The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | `string` | `"ZONAL"` | no |
| backup\_configuration | The backup\_configuration settings subblock for the database setings | <pre>object({<br> enabled = bool<br> start_time = string<br> location = string<br> point_in_time_recovery_enabled = bool<br> transaction_log_retention_days = string<br> retained_backups = number<br> retention_unit = string<br> })</pre> | <pre>{<br> "enabled": false,<br> "location": null,<br> "point_in_time_recovery_enabled": false,<br> "retained_backups": null,<br> "retention_unit": null,<br> "start_time": null,<br> "transaction_log_retention_days": null<br>}</pre> | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"15m"` | no |
| database\_deletion\_policy | The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: "ABANDON". | `string` | `null` | no |
| database\_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags) | <pre>list(object({<br> name = string<br> value = string<br> }))</pre> | `[]` | no |
| database\_version | The database version to use | `string` | n/a | yes |
| db\_charset | The charset for the default database | `string` | `""` | no |
Expand Down Expand Up @@ -46,6 +47,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no |
| tier | The tier for the master instance. | `string` | `"db-f1-micro"` | no |
| update\_timeout | The optional timout that is applied to limit long database updates. | `string` | `"15m"` | no |
| user\_deletion\_policy | The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: "ABANDON". | `string` | `null` | no |
| user\_labels | The key/value labels for the master instances. | `map(string)` | `{}` | no |
| user\_name | The name of the default user | `string` | `"default"` | no |
| user\_password | The password for the default user. If not set, a random one will be generated and available in the generated\_user\_password output variable. | `string` | `""` | no |
Expand Down
33 changes: 19 additions & 14 deletions modules/postgresql/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -150,23 +150,25 @@ resource "google_sql_database_instance" "default" {
}

resource "google_sql_database" "default" {
count = var.enable_default_db ? 1 : 0
name = var.db_name
project = var.project_id
instance = google_sql_database_instance.default.name
charset = var.db_charset
collation = var.db_collation
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
count = var.enable_default_db ? 1 : 0
name = var.db_name
project = var.project_id
instance = google_sql_database_instance.default.name
charset = var.db_charset
collation = var.db_collation
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
deletion_policy = var.database_deletion_policy
}

resource "google_sql_database" "additional_databases" {
for_each = local.databases
project = var.project_id
name = each.value.name
charset = lookup(each.value, "charset", null)
collation = lookup(each.value, "collation", null)
instance = google_sql_database_instance.default.name
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
for_each = local.databases
project = var.project_id
name = each.value.name
charset = lookup(each.value, "charset", null)
collation = lookup(each.value, "collation", null)
instance = google_sql_database_instance.default.name
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
deletion_policy = var.database_deletion_policy
}

resource "random_password" "user-password" {
Expand Down Expand Up @@ -201,6 +203,7 @@ resource "google_sql_user" "default" {
google_sql_database_instance.default,
google_sql_database_instance.replicas,
]
deletion_policy = var.user_deletion_policy
}

resource "google_sql_user" "additional_users" {
Expand All @@ -214,6 +217,7 @@ resource "google_sql_user" "additional_users" {
google_sql_database_instance.default,
google_sql_database_instance.replicas,
]
deletion_policy = var.user_deletion_policy
}

resource "google_project_iam_member" "iam_binding" {
Expand Down Expand Up @@ -248,6 +252,7 @@ resource "google_sql_user" "iam_account" {
null_resource.module_depends_on,
google_project_iam_member.iam_binding,
]
deletion_policy = var.user_deletion_policy
}

resource "null_resource" "module_depends_on" {
Expand Down
12 changes: 12 additions & 0 deletions modules/postgresql/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -333,3 +333,15 @@ variable "enable_default_user" {
type = bool
default = true
}

variable "database_deletion_policy" {
description = "The deletion policy for the database. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where databases cannot be deleted from the API if there are users other than cloudsqlsuperuser with access. Possible values are: \"ABANDON\"."
type = string
default = null
}

variable "user_deletion_policy" {
description = "The deletion policy for the user. Setting ABANDON allows the resource to be abandoned rather than deleted. This is useful for Postgres, where users cannot be deleted from the API if they have been granted SQL roles. Possible values are: \"ABANDON\"."
type = string
default = null
}

0 comments on commit 8ab6e37

Please sign in to comment.