Terraform module which creates MYSQLDB resources on GCP. This module is an abstraction of the terraform-google-sql for MySQL by Google itself.
- AAUser I can deploy a public MySQL Database
- AAUser I can deploy a private MySQL Database within a VPC
- AAUser I can deploy a MySQL Database with N replica
- AAUser I can deploy a MySQL Database with/without TLS encryption
- AAUser I can deploy a cloud scheduler which launches exports with an already existing pubsub function
- AAUser I can encrypt the database with my own encryption key
By default, deployed Database is in HA mode, with a 7 retention days backup strategy.
module "my-private-mysql-db" {
source = "https://github.com/padok-team/terraform-google-sql/modules/mysql"
name = "my-private-mysql-db1" # Mandatory
engine_version = "MYSQL_8_0" # Mandatory
project_id = local.project_id # Mandatory
region = "europe-west1" # Mandatory
availability_type = "ZONAL"
disk_limit = 20
users = ["User_1", "User_2"]
create_secrets = true
backup_configuration = {
enabled = true
location = "europe-west3"
}
databases = {
"MYDB_1" = {
backup = false
}
}
private_network = module.my_network.network_id
custom_sql_script = <<EOT
REVOKE ALL PRIVILEGES ON *.* FROM 'User_1'@'';
GRANT ALL PRIVILEGES ON MYDB_1.* TO 'User_1'@'';
EOT
}If you have set a custom sql script, you need to execute it. As for now, terraform doesn't allow to execute the sql script, you need to use the gcloud command instead
gcloud sql import sql my-private-postgres-db1 MY-BUCKET --project=MY-PROJECT -q- MySQL instance private and zonal
- MySQL instance public and regional
- MySQL instance public, zonal, with backup exporter
| Name | Source | Version |
|---|---|---|
| encryption | ../encryption | n/a |
| mysql-db | GoogleCloudPlatform/sql-db/google//modules/mysql | 14.1.0 |
| secrets | ../secrets | n/a |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| disk_limit | The maximum size to which storage can be auto increased. | number |
n/a | yes |
| name | The name of the Cloud SQL resource. | string |
n/a | yes |
| private_network | The vpc id to create the instance into. | string |
n/a | yes |
| project_id | The project ID to manage the Cloud SQL resource. | string |
n/a | yes |
| region | Region for the master instance. | string |
n/a | yes |
| users | List of the User's name you want to create (passwords will be auto-generated). Warning! All those users will be admin and have access to all databases created with this module. | list(string) |
n/a | yes |
| allocated_ip_range | The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. | string |
null |
no |
| availability_type | Is CloudSQL instance Regional or Zonal correct values = (REGIONAL|ZONAL). | string |
"REGIONAL" |
no |
| backup_configuration | The backup_configuration settings subblock for the database setings. | any |
{} |
no |
| create_secrets | Do we create the secrets in secret manager? | bool |
true |
no |
| custom_sql_script | sql script to execute | string |
"" |
no |
| database_flags | Database configuration flags. | list(object({ |
[] |
no |
| databases | List of the default DBs you want to create. | map(object({ |
{} |
no |
| db_charset | Charset for the DB. | string |
"utf8" |
no |
| db_collation | Collation for the DB. | string |
"utf8_general_ci" |
no |
| disk_type | The disk type (PD_SSD, PD_HDD). | string |
"PD_SSD" |
no |
| encryption_key_id | The full path to the encryption key used for the CMEK disk encryption. The provided key must be in the same region as the SQL instance. If not provided, a KMS key will be generated. | string |
null |
no |
| encryption_key_rotation_period | The encryption key rotation period for the CMEK disk encryption. The provided key must be in the same region as the SQL instance. If encryption_key_id is defined, this variable is not used. | string |
"7889400s" |
no |
| engine_version | The version of MySQL engine. Check https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#database_version for possible versions. | string |
"MYSQL_8_0" |
no |
| instance_deletion_protection | Used to block Terraform from deleting a SQL Instance. | bool |
false |
no |
| labels | Labels to add to the CloudSQL and its replicas. | map(string) |
{} |
no |
| public | Set to true if the master instance should also have a public IP (less secure). | bool |
false |
no |
| replicas | The replicas instance names and configuration. | map(any) |
{} |
no |
| require_ssl | Set to false if you don not want to enforce SSL (less secure). | bool |
true |
no |
| sql_exporter | The SQL exporter to use for backups if needed. | object({ |
null |
no |
| tier | The database tier (db-f1-micro, db-custom-cpu-ram). | string |
"db-f1-micro" |
no |
| users_host | value | string |
"" |
no |
| Name | Description |
|---|---|
| instance_connection_name | The connection name of the master instance to be used in connection strings. |
| instance_name | The instance name for the master instance. |
| private_ip_address | The first private IPv4 address assigned for the master instance. |
| public_ip_address | The first public (PRIMARY) IPv4 address assigned for the master instance. |
| read_replica_instance_names | The instance names for the read replica instances. |
| secrets | The secrets created for the users. |
| users | List of maps of users and passwords. |