feat: Add variable for managing read replica deletion protection (#155)

terraform-google-modules · Nov 11, 2020 · 9e22cfd · 9e22cfd
1 parent 5210126
commit 9e22cfd
Show file tree

Hide file tree

Showing 16 changed files with 54 additions and 8 deletions.
diff --git a/examples/mssql-public/main.tf b/examples/mssql-public/main.tf
@@ -26,4 +26,6 @@ module "mssql" {
   project_id           = var.project_id
   user_name            = "simpleuser"
   user_password        = "foobar"
+
+  deletion_protection = false
 }
diff --git a/examples/mysql-ha/main.tf b/examples/mysql-ha/main.tf
@@ -50,9 +50,11 @@ module "mysql" {
   database_version     = "MYSQL_5_7"
   region               = "us-central1"
 
+  deletion_protection = false
+
   // Master configurations
   tier                            = "db-n1-standard-1"
-  zone                            = "c"
+  zone                            = "us-central1-c"
   availability_type               = "REGIONAL"
   maintenance_window_day          = 7
   maintenance_window_hour         = 12

diff --git a/examples/mysql-private/main.tf b/examples/mysql-private/main.tf
@@ -65,9 +65,11 @@ module "safer-mysql-db" {
   random_instance_name = true
   project_id           = var.project_id
 
+  deletion_protection = false
+
   database_version = "MYSQL_5_6"
   region           = "us-central1"
-  zone             = "c"
+  zone             = "us-central1-c"
   tier             = "db-n1-standard-1"
 
   // By default, all users will be permitted to connect only via the

diff --git a/examples/mysql-public/main.tf b/examples/mysql-public/main.tf
@@ -36,10 +36,12 @@ module "mysql-db" {
   random_instance_name = true
   database_version     = "MYSQL_5_6"
   project_id           = var.project_id
-  zone                 = "c"
+  zone                 = "us-central1-c"
   region               = "us-central1"
   tier                 = "db-n1-standard-1"
 
+  deletion_protection = false
+
   ip_configuration = {
     ipv4_enabled        = true
     private_network     = null

diff --git a/examples/postgresql-ha/main.tf b/examples/postgresql-ha/main.tf
@@ -50,12 +50,14 @@ module "pg" {
 
   // Master configurations
   tier                            = "db-custom-2-13312"
-  zone                            = "c"
+  zone                            = "us-central1-c"
   availability_type               = "REGIONAL"
   maintenance_window_day          = 7
   maintenance_window_hour         = 12
   maintenance_window_update_track = "stable"
 
+  deletion_protection = false
+
   database_flags = [{ name = "autovacuum", value = "off" }]
 
   user_labels = {
@@ -83,7 +85,6 @@ module "pg" {
 
   // Read replica configurations
   read_replica_name_suffix = "-test"
-
   read_replicas = [
     {
       name             = "0"

diff --git a/examples/postgresql-public/main.tf b/examples/postgresql-public/main.tf
@@ -36,10 +36,12 @@ module "postgresql-db" {
   random_instance_name = true
   database_version     = "POSTGRES_9_6"
   project_id           = var.project_id
-  zone                 = "c"
+  zone                 = "us-central1-c"
   region               = "us-central1"
   tier                 = "db-f1-micro"
 
+  deletion_protection = false
+
   ip_configuration = {
     ipv4_enabled        = true
     private_network     = null

diff --git a/modules/mysql/README.md b/modules/mysql/README.md
@@ -34,6 +34,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
 | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no |
 | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes |
 | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no |
+| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | bool | `"false"` | no |
 | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no |
 | read\_replicas | List of read replicas to create | object | `<list>` | no |
 | region | The region of the Cloud SQL resources | string | `"us-central1"` | no |

diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf
@@ -27,6 +27,7 @@ resource "google_sql_database_instance" "replicas" {
   database_version     = var.database_version
   region               = join("-", slice(split("-", lookup(each.value, "zone", var.zone)), 0, 2))
   master_instance_name = google_sql_database_instance.default.name
+  deletion_protection  = var.read_replica_deletion_protection
 
   replica_configuration {
     failover_target = false

diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf
@@ -285,3 +285,9 @@ variable "deletion_protection" {
   type        = bool
   default     = true
 }
+
+variable "read_replica_deletion_protection" {
+  description = "Used to block Terraform from deleting replica SQL Instances."
+  type        = bool
+  default     = false
+}
diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md
@@ -33,6 +33,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
 | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no |
 | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes |
 | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no |
+| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | bool | `"false"` | no |
 | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no |
 | read\_replicas | List of read replicas to create | object | `<list>` | no |
 | region | The region of the Cloud SQL resources | string | `"us-central1"` | no |

diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf
@@ -27,6 +27,7 @@ resource "google_sql_database_instance" "replicas" {
   database_version     = var.database_version
   region               = join("-", slice(split("-", lookup(each.value, "zone", var.zone)), 0, 2))
   master_instance_name = google_sql_database_instance.default.name
+  deletion_protection  = var.read_replica_deletion_protection
 
   replica_configuration {
     failover_target = false

diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf
@@ -269,3 +269,9 @@ variable "deletion_protection" {
   type        = bool
   default     = true
 }
+
+variable "read_replica_deletion_protection" {
+  description = "Used to block Terraform from deleting replica SQL Instances."
+  type        = bool
+  default     = false
+}
diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md
@@ -178,6 +178,7 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p
 | db\_collation | The collation for the default database. Example: 'utf8_general_ci' | string | `""` | no |
 | db\_name | The name of the default database to create | string | `"default"` | no |
 | delete\_timeout | The optional timout that is applied to limit long database deletes. | string | `"15m"` | no |
+| deletion\_protection | Used to block Terraform from deleting a SQL Instance. | bool | `"true"` | no |
 | disk\_autoresize | Configuration to increase storage size | bool | `"true"` | no |
 | disk\_size | The disk size for the master instance | number | `"10"` | no |
 | disk\_type | The disk type for the master instance. | string | `"PD_SSD"` | no |
@@ -189,6 +190,7 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p
 | pricing\_plan | The pricing plan for the master instance. | string | `"PER_USE"` | no |
 | project\_id | The project ID to manage the Cloud SQL resources | string | n/a | yes |
 | random\_instance\_name | Sets random suffix at the end of the Cloud SQL resource name | bool | `"false"` | no |
+| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | bool | `"false"` | no |
 | read\_replica\_name\_suffix | The optional suffix to add to the read instance name | string | `""` | no |
 | read\_replicas | List of read replicas to create | object | `<list>` | no |
 | region | The region of the Cloud SQL resources | string | n/a | yes |

diff --git a/modules/safer_mysql/main.tf b/modules/safer_mysql/main.tf
@@ -35,6 +35,8 @@ module "safer_mysql" {
   maintenance_window_update_track = var.maintenance_window_update_track
   database_flags                  = var.database_flags
 
+  deletion_protection = var.deletion_protection
+
   user_labels = var.user_labels
 
   backup_configuration = var.backup_configuration
@@ -62,8 +64,9 @@ module "safer_mysql" {
   additional_users = var.additional_users
 
   // Read replica
-  read_replica_name_suffix = var.read_replica_name_suffix
-  read_replicas            = var.read_replicas
+  read_replica_name_suffix         = var.read_replica_name_suffix
+  read_replica_deletion_protection = var.read_replica_deletion_protection
+  read_replicas                    = var.read_replicas
 
   create_timeout    = var.create_timeout
   update_timeout    = var.update_timeout

diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf
@@ -261,3 +261,15 @@ variable "module_depends_on" {
   type        = list(any)
   default     = []
 }
+
+variable "deletion_protection" {
+  description = "Used to block Terraform from deleting a SQL Instance."
+  type        = bool
+  default     = true
+}
+
+variable "read_replica_deletion_protection" {
+  description = "Used to block Terraform from deleting replica SQL Instances."
+  type        = bool
+  default     = false
+}
diff --git a/test/fixtures/mssql-ha/main.tf b/test/fixtures/mssql-ha/main.tf
@@ -41,6 +41,8 @@ module "mssql" {
   project_id = var.project_id
   db_name    = var.ha_name
 
+  deletion_protection = false
+
   // Master configurations
   tier                            = "db-custom-2-13312"
   availability_type               = "REGIONAL"