Add support for psc_auto_connections feature to mysql and postgres

Author: OscarVanL

modules/mysql/README.md

@@ -79,7 +79,7 @@ module "mysql-db" {
 | iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | <pre>list(object({<br>    id    = string,<br>    email = string,<br>    type  = optional(string)<br>  }))</pre> | `[]` | no |
 | insights\_config | The insights\_config settings for the database. | <pre>object({<br>    query_plans_per_minute  = number<br>    query_string_length     = number<br>    record_application_tags = bool<br>    record_client_address   = bool<br>  })</pre> | `null` | no |
 | instance\_type | Users can upgrade a read replica instance to a stand-alone Cloud SQL instance with the help of instance\_type. To promote, users have to set the instance\_type property as CLOUD\_SQL\_INSTANCE and remove/unset master\_instance\_name and replica\_configuration from instance configuration. This operation might cause your instance to restart. | `string` | `null` | no |
-| ip\_configuration | The ip\_configuration settings subblock | <pre>object({<br>    authorized_networks                           = optional(list(map(string)), [])<br>    ipv4_enabled                                  = optional(bool, true)<br>    private_network                               = optional(string)<br>    ssl_mode                                      = optional(string)<br>    allocated_ip_range                            = optional(string)<br>    enable_private_path_for_google_cloud_services = optional(bool, false)<br>    psc_enabled                                   = optional(bool, false)<br>    psc_allowed_consumer_projects                 = optional(list(string), [])<br>  })</pre> | `{}` | no |
+| ip\_configuration | The ip\_configuration settings subblock | <pre>object({<br>    authorized_networks                           = optional(list(map(string)), [])<br>    ipv4_enabled                                  = optional(bool, true)<br>    private_network                               = optional(string)<br>    ssl_mode                                      = optional(string)<br>    allocated_ip_range                            = optional(string)<br>    enable_private_path_for_google_cloud_services = optional(bool, false)<br>    psc_enabled                                   = optional(bool, false)<br>    psc_allowed_consumer_projects                 = optional(list(string), [])<br>    psc_auto_connections = optional(list(object({<br>      consumer_network            = string<br>      consumer_service_project_id = string<br>    })), [])<br>  })</pre> | `{}` | no |
 | maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no |
 | maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no |
 | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no |

modules/mysql/main.tf

@@ -160,6 +160,14 @@ resource "google_sql_database_instance" "default" {
           content {
             psc_enabled               = ip_configuration.value.psc_enabled
             allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+            dynamic "psc_auto_connections" {
+              for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+              content {
+                consumer_network            = psc_auto_connections.value.consumer_network
+                consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+              }
+            }
           }
         }
 

modules/mysql/read_replica.tf

@@ -92,6 +92,14 @@ resource "google_sql_database_instance" "replicas" {
           content {
             psc_enabled               = ip_configuration.value.psc_enabled
             allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+            dynamic "psc_auto_connections" {
+              for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+              content {
+                consumer_network            = psc_auto_connections.value.consumer_network
+                consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+              }
+            }
           }
         }
       }

modules/mysql/variables.tf

@@ -342,6 +342,10 @@ variable "ip_configuration" {
     enable_private_path_for_google_cloud_services = optional(bool, false)
     psc_enabled                                   = optional(bool, false)
     psc_allowed_consumer_projects                 = optional(list(string), [])
+    psc_auto_connections = optional(list(object({
+      consumer_network            = string
+      consumer_service_project_id = string
+    })), [])
   })
   default = {}
 }

modules/postgresql/README.md

@@ -151,7 +151,7 @@ module "pg" {
 | iam\_users | A list of IAM users to be created in your CloudSQL instance. iam.users.type can be CLOUD\_IAM\_USER, CLOUD\_IAM\_SERVICE\_ACCOUNT, CLOUD\_IAM\_GROUP and is required for type CLOUD\_IAM\_GROUP (IAM groups) | <pre>list(object({<br>    id    = string,<br>    email = string,<br>    type  = optional(string)<br>  }))</pre> | `[]` | no |
 | insights\_config | The insights\_config settings for the database. | <pre>object({<br>    query_plans_per_minute  = optional(number, 5)<br>    query_string_length     = optional(number, 1024)<br>    record_application_tags = optional(bool, false)<br>    record_client_address   = optional(bool, false)<br>  })</pre> | `null` | no |
 | instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE if master\_instance\_name value is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no |
-| ip\_configuration | The ip configuration for the Cloud SQL instances. | <pre>object({<br>    authorized_networks                           = optional(list(map(string)), [])<br>    ipv4_enabled                                  = optional(bool, true)<br>    private_network                               = optional(string)<br>    ssl_mode                                      = optional(string)<br>    allocated_ip_range                            = optional(string)<br>    enable_private_path_for_google_cloud_services = optional(bool, false)<br>    psc_enabled                                   = optional(bool, false)<br>    psc_allowed_consumer_projects                 = optional(list(string), [])<br>    server_ca_mode                                = optional(string)<br>    server_ca_pool                                = optional(string)<br>    custom_subject_alternative_names              = optional(list(string), [])<br>  })</pre> | `{}` | no |
+| ip\_configuration | The ip configuration for the Cloud SQL instances. | <pre>object({<br>    authorized_networks                           = optional(list(map(string)), [])<br>    ipv4_enabled                                  = optional(bool, true)<br>    private_network                               = optional(string)<br>    ssl_mode                                      = optional(string)<br>    allocated_ip_range                            = optional(string)<br>    enable_private_path_for_google_cloud_services = optional(bool, false)<br>    psc_enabled                                   = optional(bool, false)<br>    psc_allowed_consumer_projects                 = optional(list(string), [])<br>    psc_auto_connections = optional(list(object({<br>      consumer_network            = string<br>      consumer_service_project_id = string<br>    })), [])<br>    server_ca_mode                   = optional(string)<br>    server_ca_pool                   = optional(string)<br>    custom_subject_alternative_names = optional(list(string), [])<br>  })</pre> | `{}` | no |
 | maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no |
 | maintenance\_window\_day | The day of week (1-7) for the Cloud SQL instance maintenance. | `number` | `1` | no |
 | maintenance\_window\_hour | The hour of day (0-23) maintenance window for the Cloud SQL instance maintenance. | `number` | `23` | no |

modules/postgresql/main.tf

@@ -145,6 +145,14 @@ resource "google_sql_database_instance" "default" {
           content {
             psc_enabled               = ip_configuration.value.psc_enabled
             allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+
+            dynamic "psc_auto_connections" {
+              for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+              content {
+                consumer_network            = psc_auto_connections.value.consumer_network
+                consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+              }
+            }
           }
         }
 

modules/postgresql/read_replica.tf

@@ -67,6 +67,14 @@ resource "google_sql_database_instance" "replicas" {
           content {
             psc_enabled               = ip_configuration.value.psc_enabled
             allowed_consumer_projects = ip_configuration.value.psc_enabled ? ip_configuration.value.psc_allowed_consumer_projects : []
+
+            dynamic "psc_auto_connections" {
+              for_each = lookup(ip_configuration.value, "psc_auto_connections", [])
+              content {
+                consumer_network            = psc_auto_connections.value.consumer_network
+                consumer_service_project_id = psc_auto_connections.value.consumer_service_project_id
+              }
+            }
           }
         }
       }

modules/postgresql/variables.tf

@@ -330,9 +330,13 @@ variable "ip_configuration" {
     enable_private_path_for_google_cloud_services = optional(bool, false)
     psc_enabled                                   = optional(bool, false)
     psc_allowed_consumer_projects                 = optional(list(string), [])
-    server_ca_mode                                = optional(string)
-    server_ca_pool                                = optional(string)
-    custom_subject_alternative_names              = optional(list(string), [])
+    psc_auto_connections = optional(list(object({
+      consumer_network            = string
+      consumer_service_project_id = string
+    })), [])
+    server_ca_mode                   = optional(string)
+    server_ca_pool                   = optional(string)
+    custom_subject_alternative_names = optional(list(string), [])
   })
   default = {}
 }