Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/jameswoolfenden/terraform-gcp-cloudsql

A module to create a private database setup
https://github.com/jameswoolfenden/terraform-gcp-cloudsql

gcp module sql terraform

Last synced: 12 months ago
JSON representation

A module to create a private database setup

Awesome Lists containing this project

README 

          
# terraform-gcp-cloudsql



[![Build Status](https://github.com/JamesWoolfenden/terraform-gcp-cloudsql/workflows/Verify/badge.svg?branch=master)](https://github.com/JamesWoolfenden/terraform-gcp-cloudsql)

[![Latest Release](https://img.shields.io/github/release/JamesWoolfenden/terraform-gcp-cloudsql.svg)](https://github.com/JamesWoolfenden/terraform-gcp-cloudsql/releases/latest)

[![pre-commit](https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white)](https://github.com/pre-commit/pre-commit)

[![checkov](https://img.shields.io/badge/checkov-verified-brightgreen)](https://www.checkov.io/)



The beginnings of a cloudsql module for GCP, currently targeting a private endpoint.



## Usage



You need to have enabled the API's for this to work if you haven't used this part of GCP before:



[servicenetworking.googleapis.com](https://console.developers.google.com/apis/api/servicenetworking.googleapis.com/overview)



[sqladmin.googleapis.com](https://console.developers.google.com/apis/api/sqladmin.googleapis.com/overview)



Add **module.cloudsql.tf** to your code:-



```terraform

module cloudsql {

  source       = "JamesWoolfenden/cloudsql/gcp"

  version      = "0.1.13"

  name         = var.name

  network_name = var.network_name

  database     = var.database

  users        = var.users

}

```



You can also create databases with this module and the variable database:



```terraform

variable "database" {

    type=list(object({

        name = string

    }))

    default=[]

}

```



Setting database to



```terraform

    database=[{

        name= "my-database"

    },

    {

        name= "your-database"

    }]

```



Will create 2 databases.



You can then optionally create resource based on that object being populated, or not.



```terraform

resource "google_sql_database" "database" {

  count    = length(var.database)

  name     = var.database[count.index]["name"]

  instance = google_sql_database_instance.instance.name

}

```



The "Users" variable and resource follows the same pattern.



## Requirements



No requirements.



## Providers



| Name | Version |

|------|---------|

|  [google](#provider\_google) | n/a |



## Modules



No modules.



## Resources



| Name | Type |

|------|------|

| [google_compute_global_address.private_ip_address](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_global_address) | resource |

| [google_service_networking_connection.private_vpc_connection](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_networking_connection) | resource |

| [google_sql_database.database](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database) | resource |

| [google_sql_database_instance.instance](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance) | resource |

| [google_sql_user.users](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_user) | resource |

| [google_compute_network.private_network](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/compute_network) | data source |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [database](#input\_database) | A list of objects that describes if any databases to be created | 
list(object({
    name = string
  }))
 | `[]` | no |

|  [instance](#input\_instance) | n/a | `map(any)` | 
{
  "database_version": "POSTGRES_14",
  "region": "us-central1",
  "tier": "db-custom-1-3840"
}
 | no |

|  [mw\_day](#input\_mw\_day) | n/a | `number` | `1` | no |

|  [mw\_hour](#input\_mw\_hour) | n/a | `number` | `12` | no |

|  [name](#input\_name) | The name of the database instance | `string` | n/a | yes |

|  [network\_name](#input\_network\_name) | The name of the VCP to provision this in to | `string` | n/a | yes |

|  [require\_ssl](#input\_require\_ssl) | Require SSL connections or not. | `bool` | `true` | no |

|  [users](#input\_users) | A list of user that belong to a database instance | 
list(object({
    name     = string
    password = string
  }))
 | `[]` | no |



## Outputs



| Name | Description |

|------|-------------|

|  [instance](#output\_instance) | n/a |

|  [network](#output\_network) | n/a |

|  [private\_ip\_address](#output\_private\_ip\_address) | n/a |

|  [vpc\_connection](#output\_vpc\_connection) | n/a |



## Role and Permissions



The Terraform resource required is:



```golang



resource "google_project_iam_custom_role" "terraform_pike" {

  project     = "pike"

  role_id     = "terraform_pike"

  title       = "terraform_pike"

  description = "A user with least privileges"

  permissions = [

    "cloudsql.databases.create",

    "cloudsql.databases.delete",

    "cloudsql.databases.get",

    "cloudsql.databases.update",

    "cloudsql.instances.create",

    "cloudsql.instances.delete",

    "cloudsql.instances.get",

    "cloudsql.instances.update",

    "cloudsql.users.create",

    "cloudsql.users.delete",

    "cloudsql.users.list",

    "cloudsql.users.update",

    "compute.globalAddresses.create",

    "compute.globalAddresses.createInternal",

    "compute.globalAddresses.delete",

    "compute.globalAddresses.deleteInternal",

    "compute.globalAddresses.get",

    "compute.networks.get",

    "compute.networks.removePeering",

    "compute.networks.use",

    "resourcemanager.projects.get",

    "servicenetworking.services.addPeering",

    "servicenetworking.services.get"

  ]

}



```



## Related Projects



Check out these related projects.



- [terraform-aws-codecommit](https://github.com/jameswoolfenden/terraform-aws-codebuild) - Storing ones code



## Help



**Got a question?**



File a GitHub [issue](https://github.com/jameswoolfenden/terraform-gcp-cloudsql/issues).



## Contributing



### Bug Reports & Feature Requests



Please use the [issue tracker](https://github.com/jameswoolfenden/terraform-gcp-cloudsql/issues) to report any bugs or file feature requests.



## Copyrights



Copyright © 2019-2023 James Woolfenden



## License



[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)



See [LICENSE](LICENSE) for full details.



Licensed to the Apache Software Foundation (ASF) under one

or more contributor license agreements. See the NOTICE file

distributed with this work for additional information

regarding copyright ownership. The ASF licenses this file

to you under the Apache License, Version 2.0 (the

"License"); you may not use this file except in compliance

with the License. You may obtain a copy of the License at



Unless required by applicable law or agreed to in writing,

software distributed under the License is distributed on an

"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY

KIND, either express or implied. See the License for the

specific language governing permissions and limitations

under the License.



### Contributors



[![James Woolfenden][jameswoolfenden_avatar]][jameswoolfenden_homepage]
[James Woolfenden][jameswoolfenden_homepage]



[jameswoolfenden_homepage]: https://github.com/jameswoolfenden

[jameswoolfenden_avatar]: https://github.com/jameswoolfenden.png?size=150