mysql

Google Cloud SQL (MySQL) Terraform module

Terraform module which creates MYSQLDB resources on GCP. This module is an abstraction of the terraform-google-sql for MySQL by Google itself.

User Stories for this module

• AAUser I can deploy a public MySQL Database
• AAUser I can deploy a private MySQL Database within a VPC
• AAUser I can deploy a MySQL Database with N replica
• AAUser I can deploy a MySQL Database with/without TLS encryption
• AAUser I can deploy a cloud scheduler which launches exports with an already existing pubsub function
• AAUser I can encrypt the database with my own encryption key

By default, deployed Database is in HA mode, with a 7 retention days backup strategy.

Usage

module "my-private-mysql-db" {
  source = "https://github.com/padok-team/terraform-google-sql/modules/mysql"

  name              = "my-private-mysql-db1" # Mandatory
  engine_version    = "MYSQL_8_0"            # Mandatory
  project_id        = local.project_id       # Mandatory
  region            = "europe-west1"         # Mandatory
  availability_type = "ZONAL"

  disk_limit = 20

  users          = ["User_1", "User_2"]
  create_secrets = true

  backup_configuration = {
    enabled  = true
    location = "europe-west3"
  }

  databases = {
    "MYDB_1" = {
      backup = false
    }
  }

  private_network = module.my_network.network_id
}

Examples

• MySQL instance private and zonal
• MySQL instance public and regional
• MySQL instance public, zonal, with backup exporter

Modules

Name	Source	Version
encryption	../encryption	n/a
mysql-db	GoogleCloudPlatform/sql-db/google//modules/mysql	14.1.0
secrets	../secrets	n/a

Inputs

Name	Description	Type	Default	Required
disk_limit	The maximum size to which storage can be auto increased.	number	n/a	yes
name	The name of the Cloud SQL resource.	string	n/a	yes
private_network	The vpc id to create the instance into.	string	n/a	yes
project_id	The project ID to manage the Cloud SQL resource.	string	n/a	yes
region	Region for the master instance.	string	n/a	yes
users	List of the User's name you want to create (passwords will be auto-generated). Warning! All those users will be admin and have access to all databases created with this module.	list(string)	n/a	yes
allocated_ip_range	The name of the allocated ip range for the private ip CloudSQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range.	string	null	no
availability_type	Is CloudSQL instance Regional or Zonal correct values = (REGIONAL|ZONAL).	string	"REGIONAL"	no
backup_configuration	The backup_configuration settings subblock for the database setings.	any	{}	no
create_secrets	Do we create the secrets in secret manager?	bool	true	no
database_flags	Database configuration flags.	list(object({ name = string value = string }))	[]	no
databases	List of the default DBs you want to create.	map(object({ export_backup = bool export_schedule = optional(string, "0 2 * * *") }))	{}	no
db_charset	Charset for the DB.	string	"utf8"	no
db_collation	Collation for the DB.	string	"utf8_general_ci"	no
disk_type	The disk type (PD_SSD, PD_HDD).	string	"PD_SSD"	no
encryption_key_id	The full path to the encryption key used for the CMEK disk encryption. The provided key must be in the same region as the SQL instance. If not provided, a KMS key will be generated.	string	null	no
encryption_key_rotation_period	The encryption key rotation period for the CMEK disk encryption. The provided key must be in the same region as the SQL instance. If encryption_key_id is defined, this variable is not used.	string	"7889400s"	no
engine_version	The version of MySQL engine. Check https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance#database_version for possible versions.	string	"MYSQL_8_0"	no
instance_deletion_protection	Used to block Terraform from deleting a SQL Instance.	bool	false	no
labels	Labels to add to the CloudSQL and its replicas.	map(string)	{}	no
public	Set to true if the master instance should also have a public IP (less secure).	bool	false	no
replicas	The replicas instance names and configuration.	map(any)	{}	no
require_ssl	Set to false if you don not want to enforce SSL (less secure).	bool	true	no
sql_exporter	The SQL exporter to use for backups if needed.	object({ bucket_name = string pubsub_topic = string timezone = optional(string, "UTC") })	null	no
tier	The database tier (db-f1-micro, db-custom-cpu-ram).	string	"db-f1-micro"	no
users_host	value	string	""	no

Outputs

Name	Description
instance_connection_name	The connection name of the master instance to be used in connection strings.
instance_name	The instance name for the master instance.
private_ip_address	The first private IPv4 address assigned for the master instance.
public_ip_address	The first public (PRIMARY) IPv4 address assigned for the master instance.
read_replica_instance_names	The instance names for the read replica instances.
secrets	The secrets created for the users.
users	List of maps of users and passwords.