diff --git a/examples/mysql-ha/main.tf b/examples/mysql-ha/main.tf
index 3bc7723c..0de3ce6c 100644
--- a/examples/mysql-ha/main.tf
+++ b/examples/mysql-ha/main.tf
@@ -79,10 +79,13 @@ module "mysql" {
}
backup_configuration = {
- enabled = true
- binary_log_enabled = true
- start_time = "20:55"
- location = null
+ enabled = true
+ binary_log_enabled = true
+ start_time = "20:55"
+ location = null
+ transaction_log_retention_days = null
+ retained_backups = 365
+ retention_unit = "COUNT"
}
// Read replica configurations
diff --git a/examples/postgresql-ha/main.tf b/examples/postgresql-ha/main.tf
index 80b68708..a667b199 100644
--- a/examples/postgresql-ha/main.tf
+++ b/examples/postgresql-ha/main.tf
@@ -81,6 +81,9 @@ module "pg" {
start_time = "20:55"
location = null
point_in_time_recovery_enabled = false
+ transaction_log_retention_days = null
+ retained_backups = 365
+ retention_unit = "COUNT"
}
// Read replica configurations
diff --git a/modules/mssql/README.md b/modules/mssql/README.md
index e161bc31..4d18f1ca 100644
--- a/modules/mssql/README.md
+++ b/modules/mssql/README.md
@@ -14,7 +14,7 @@ The following dependency must be available for SQL Server module:
| additional\_users | A list of users to be created in your cluster | list(object({
name = string
password = string
})) | `[]` | no |
| authorized\_gae\_applications | The authorized gae applications for the Cloud SQL instances | `list(string)` | `[]` | no |
| availability\_type | The availability type for the master instance.This is only used to set up high availability for the MSSQL instance. Can be either `ZONAL` or `REGIONAL`. | `string` | `"ZONAL"` | no |
-| backup\_configuration | The database backup configuration. | object({
binary_log_enabled = bool
enabled = bool
point_in_time_recovery_enabled = bool
start_time = string
}) | {
"binary_log_enabled": null,
"enabled": false,
"point_in_time_recovery_enabled": null,
"start_time": null
} | no |
+| backup\_configuration | The database backup configuration. | object({
binary_log_enabled = bool
enabled = bool
point_in_time_recovery_enabled = bool
start_time = string
transaction_log_retention_days = string
retained_backups = number
retention_unit = string
}) | {
"binary_log_enabled": null,
"enabled": false,
"point_in_time_recovery_enabled": null,
"retained_backups": null,
"retention_unit": null,
"start_time": null,
"transaction_log_retention_days": null
} | no |
| create\_timeout | The optional timeout that is applied to limit long database creates. | `string` | `"15m"` | no |
| database\_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/sqlserver/flags) | list(object({
name = string
value = string
})) | `[]` | no |
| database\_version | The database version to use: SQLSERVER\_2017\_STANDARD, SQLSERVER\_2017\_ENTERPRISE, SQLSERVER\_2017\_EXPRESS, or SQLSERVER\_2017\_WEB | `string` | `"SQLSERVER_2017_STANDARD"` | no |
diff --git a/modules/mssql/main.tf b/modules/mssql/main.tf
index 505703b9..2508e840 100644
--- a/modules/mssql/main.tf
+++ b/modules/mssql/main.tf
@@ -24,6 +24,9 @@ locals {
databases = { for db in var.additional_databases : db.name => db }
users = { for u in var.additional_users : u.name => u }
+
+ retained_backups = lookup(var.backup_configuration, "retained_backups", null)
+ retention_unit = lookup(var.backup_configuration, "retention_unit", null)
}
resource "random_id" "suffix" {
@@ -59,6 +62,15 @@ resource "google_sql_database_instance" "default" {
enabled = lookup(backup_configuration.value, "enabled", null)
start_time = lookup(backup_configuration.value, "start_time", null)
point_in_time_recovery_enabled = lookup(backup_configuration.value, "point_in_time_recovery_enabled", null)
+ transaction_log_retention_days = lookup(backup_configuration.value, "transaction_log_retention_days", null)
+
+ dynamic "backup_retention_settings" {
+ for_each = local.retained_backups != null || local.retention_unit != null ? [var.backup_configuration] : []
+ content {
+ retained_backups = local.retained_backups
+ retention_unit = local.retention_unit
+ }
+ }
}
}
dynamic "ip_configuration" {
diff --git a/modules/mssql/variables.tf b/modules/mssql/variables.tf
index e043221c..8d8ce9ce 100644
--- a/modules/mssql/variables.tf
+++ b/modules/mssql/variables.tf
@@ -153,12 +153,18 @@ variable "backup_configuration" {
enabled = bool
point_in_time_recovery_enabled = bool
start_time = string
+ transaction_log_retention_days = string
+ retained_backups = number
+ retention_unit = string
})
default = {
binary_log_enabled = null
enabled = false
point_in_time_recovery_enabled = null
start_time = null
+ transaction_log_retention_days = null
+ retained_backups = null
+ retention_unit = null
}
}
diff --git a/modules/mssql/versions.tf b/modules/mssql/versions.tf
index d83eb094..970c3e82 100644
--- a/modules/mssql/versions.tf
+++ b/modules/mssql/versions.tf
@@ -20,7 +20,7 @@ terraform {
google-beta = {
source = "hashicorp/google-beta"
- version = "~> 3.53"
+ version = "~> 3.60"
}
}
diff --git a/modules/mysql/README.md b/modules/mysql/README.md
index 8800afa3..50af5331 100644
--- a/modules/mysql/README.md
+++ b/modules/mysql/README.md
@@ -12,7 +12,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| additional\_users | A list of users to be created in your cluster | list(object({
name = string
password = string
host = string
})) | `[]` | no |
| authorized\_gae\_applications | The list of authorized App Engine project names | `list(string)` | `[]` | no |
| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no |
-| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
binary_log_enabled = bool
enabled = bool
start_time = string
location = string
}) | {
"binary_log_enabled": false,
"enabled": false,
"location": null,
"start_time": null
} | no |
+| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
binary_log_enabled = bool
enabled = bool
start_time = string
location = string
transaction_log_retention_days = string
retained_backups = number
retention_unit = string
}) | {
"binary_log_enabled": false,
"enabled": false,
"location": null,
"retained_backups": null,
"retention_unit": null,
"start_time": null,
"transaction_log_retention_days": null
} | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"10m"` | no |
| database\_flags | List of Cloud SQL flags that are applied to the database server. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | list(object({
name = string
value = string
})) | `[]` | no |
| database\_version | The database version to use | `string` | n/a | yes |
diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf
index debbd9d2..940e815b 100644
--- a/modules/mysql/main.tf
+++ b/modules/mysql/main.tf
@@ -31,6 +31,9 @@ locals {
// HA method using REGIONAL availability_type requires binary logs to be enabled
binary_log_enabled = var.availability_type == "REGIONAL" ? true : lookup(var.backup_configuration, "binary_log_enabled", null)
backups_enabled = var.availability_type == "REGIONAL" ? true : lookup(var.backup_configuration, "enabled", null)
+
+ retained_backups = lookup(var.backup_configuration, "retained_backups", null)
+ retention_unit = lookup(var.backup_configuration, "retention_unit", null)
}
resource "random_id" "suffix" {
@@ -56,10 +59,19 @@ resource "google_sql_database_instance" "default" {
dynamic "backup_configuration" {
for_each = [var.backup_configuration]
content {
- binary_log_enabled = local.binary_log_enabled
- enabled = local.backups_enabled
- start_time = lookup(backup_configuration.value, "start_time", null)
- location = lookup(backup_configuration.value, "location", null)
+ binary_log_enabled = local.binary_log_enabled
+ enabled = local.backups_enabled
+ start_time = lookup(backup_configuration.value, "start_time", null)
+ location = lookup(backup_configuration.value, "location", null)
+ transaction_log_retention_days = lookup(backup_configuration.value, "transaction_log_retention_days", null)
+
+ dynamic "backup_retention_settings" {
+ for_each = local.retained_backups != null || local.retention_unit != null ? [var.backup_configuration] : []
+ content {
+ retained_backups = local.retained_backups
+ retention_unit = local.retention_unit
+ }
+ }
}
}
dynamic "ip_configuration" {
diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf
index 4b21bb7d..5d634170 100644
--- a/modules/mysql/variables.tf
+++ b/modules/mysql/variables.tf
@@ -134,16 +134,22 @@ variable "user_labels" {
variable "backup_configuration" {
description = "The backup_configuration settings subblock for the database setings"
type = object({
- binary_log_enabled = bool
- enabled = bool
- start_time = string
- location = string
+ binary_log_enabled = bool
+ enabled = bool
+ start_time = string
+ location = string
+ transaction_log_retention_days = string
+ retained_backups = number
+ retention_unit = string
})
default = {
- binary_log_enabled = false
- enabled = false
- start_time = null
- location = null
+ binary_log_enabled = false
+ enabled = false
+ start_time = null
+ location = null
+ transaction_log_retention_days = null
+ retained_backups = null
+ retention_unit = null
}
}
diff --git a/modules/mysql/versions.tf b/modules/mysql/versions.tf
index a979ce09..bef2a54b 100644
--- a/modules/mysql/versions.tf
+++ b/modules/mysql/versions.tf
@@ -27,7 +27,7 @@ terraform {
}
google = {
source = "hashicorp/google"
- version = "~> 3.53"
+ version = "~> 3.60"
}
}
diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md
index dae0a89d..cceaa8e8 100644
--- a/modules/postgresql/README.md
+++ b/modules/postgresql/README.md
@@ -11,7 +11,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| additional\_databases | A list of databases to be created in your cluster | list(object({
name = string
charset = string
collation = string
})) | `[]` | no |
| additional\_users | A list of users to be created in your cluster | list(object({
name = string
password = string
})) | `[]` | no |
| availability\_type | The availability type for the master instance.This is only used to set up high availability for the PostgreSQL instance. Can be either `ZONAL` or `REGIONAL`. | `string` | `"ZONAL"` | no |
-| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
enabled = bool
start_time = string
location = string
point_in_time_recovery_enabled = bool
}) | {
"enabled": false,
"location": null,
"point_in_time_recovery_enabled": false,
"start_time": null
} | no |
+| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
enabled = bool
start_time = string
location = string
point_in_time_recovery_enabled = bool
transaction_log_retention_days = string
retained_backups = number
retention_unit = string
}) | {
"enabled": false,
"location": null,
"point_in_time_recovery_enabled": false,
"retained_backups": null,
"retention_unit": null,
"start_time": null,
"transaction_log_retention_days": null
} | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"15m"` | no |
| database\_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/postgres/flags) | list(object({
name = string
value = string
})) | `[]` | no |
| database\_version | The database version to use | `string` | n/a | yes |
diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf
index 9c200160..b486ec00 100644
--- a/modules/postgresql/main.tf
+++ b/modules/postgresql/main.tf
@@ -30,6 +30,9 @@ locals {
email = iu,
is_account_sa = trimsuffix(iu, "gserviceaccount.com") == iu ? false : true
}]
+
+ retained_backups = lookup(var.backup_configuration, "retained_backups", null)
+ retention_unit = lookup(var.backup_configuration, "retention_unit", null)
}
resource "random_id" "suffix" {
@@ -60,6 +63,15 @@ resource "google_sql_database_instance" "default" {
start_time = lookup(backup_configuration.value, "start_time", null)
location = lookup(backup_configuration.value, "location", null)
point_in_time_recovery_enabled = lookup(backup_configuration.value, "point_in_time_recovery_enabled", false)
+ transaction_log_retention_days = lookup(backup_configuration.value, "transaction_log_retention_days", null)
+
+ dynamic "backup_retention_settings" {
+ for_each = local.retained_backups != null || local.retention_unit != null ? [var.backup_configuration] : []
+ content {
+ retained_backups = local.retained_backups
+ retention_unit = local.retention_unit
+ }
+ }
}
}
dynamic "ip_configuration" {
diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf
index dcb0dde4..6a989187 100644
--- a/modules/postgresql/variables.tf
+++ b/modules/postgresql/variables.tf
@@ -129,12 +129,18 @@ variable "backup_configuration" {
start_time = string
location = string
point_in_time_recovery_enabled = bool
+ transaction_log_retention_days = string
+ retained_backups = number
+ retention_unit = string
})
default = {
enabled = false
start_time = null
location = null
point_in_time_recovery_enabled = false
+ transaction_log_retention_days = null
+ retained_backups = null
+ retention_unit = null
}
}
diff --git a/modules/postgresql/versions.tf b/modules/postgresql/versions.tf
index 2ff81e63..855c5e41 100644
--- a/modules/postgresql/versions.tf
+++ b/modules/postgresql/versions.tf
@@ -27,7 +27,7 @@ terraform {
}
google = {
source = "hashicorp/google"
- version = "~> 3.53"
+ version = "~> 3.60"
}
}
diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md
index 95c8be0c..3f23d4ae 100644
--- a/modules/safer_mysql/README.md
+++ b/modules/safer_mysql/README.md
@@ -170,7 +170,7 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p
| assign\_public\_ip | Set to true if the master instance should also have a public IP (less secure). | `string` | `false` | no |
| authorized\_gae\_applications | The list of authorized App Engine project names | `list(string)` | `[]` | no |
| availability\_type | The availability type for the master instance. Can be either `REGIONAL` or `null`. | `string` | `"REGIONAL"` | no |
-| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
binary_log_enabled = bool
enabled = bool
start_time = string
location = string
}) | {
"binary_log_enabled": false,
"enabled": false,
"location": null,
"start_time": null
} | no |
+| backup\_configuration | The backup\_configuration settings subblock for the database setings | object({
binary_log_enabled = bool
enabled = bool
start_time = string
location = string
transaction_log_retention_days = string
retained_backups = number
retention_unit = string
}) | {
"binary_log_enabled": false,
"enabled": false,
"location": null,
"retained_backups": null,
"retention_unit": null,
"start_time": null,
"transaction_log_retention_days": null
} | no |
| create\_timeout | The optional timout that is applied to limit long database creates. | `string` | `"15m"` | no |
| database\_flags | The database flags for the master instance. See [more details](https://cloud.google.com/sql/docs/mysql/flags) | list(object({
name = string
value = string
})) | `[]` | no |
| database\_version | The database version to use | `string` | n/a | yes |
diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf
index 3bc0d33c..5535f3f1 100644
--- a/modules/safer_mysql/variables.tf
+++ b/modules/safer_mysql/variables.tf
@@ -138,16 +138,22 @@ variable "user_labels" {
variable "backup_configuration" {
description = "The backup_configuration settings subblock for the database setings"
type = object({
- binary_log_enabled = bool
- enabled = bool
- start_time = string
- location = string
+ binary_log_enabled = bool
+ enabled = bool
+ start_time = string
+ location = string
+ transaction_log_retention_days = string
+ retained_backups = number
+ retention_unit = string
})
default = {
- binary_log_enabled = false
- enabled = false
- start_time = null
- location = null
+ binary_log_enabled = false
+ enabled = false
+ start_time = null
+ location = null
+ transaction_log_retention_days = null
+ retained_backups = null
+ retention_unit = null
}
}
diff --git a/modules/safer_mysql/versions.tf b/modules/safer_mysql/versions.tf
index 6f0a6bed..201d3a8c 100644
--- a/modules/safer_mysql/versions.tf
+++ b/modules/safer_mysql/versions.tf
@@ -20,7 +20,7 @@ terraform {
google = {
source = "hashicorp/google"
- version = "~> 3.53"
+ version = "~> 3.60"
}
}
diff --git a/test/integration/mysql-ha/controls/mysql.rb b/test/integration/mysql-ha/controls/mysql.rb
index d1d7e02a..1812e5fe 100644
--- a/test/integration/mysql-ha/controls/mysql.rb
+++ b/test/integration/mysql-ha/controls/mysql.rb
@@ -136,6 +136,10 @@
it "backup configuration is enabled" do
expect(data['settings']['backupConfiguration']).to include(
+ "backupRetentionSettings" => {
+ "retainedBackups" => 365,
+ "retentionUnit" => "COUNT"
+ },
"binaryLogEnabled" => true,
"enabled" => true,
"kind" => "sql#backupConfiguration",
diff --git a/test/integration/postgresql-ha/controls/pg.rb b/test/integration/postgresql-ha/controls/pg.rb
index e04b5dec..7a20d0be 100644
--- a/test/integration/postgresql-ha/controls/pg.rb
+++ b/test/integration/postgresql-ha/controls/pg.rb
@@ -135,6 +135,10 @@
it "backup configuration is enabled" do
expect(data['settings']['backupConfiguration']).to include(
+ "backupRetentionSettings" => {
+ "retainedBackups" => 365,
+ "retentionUnit" => "COUNT"
+ },
"enabled" => true,
"kind" => "sql#backupConfiguration",
"startTime" => "20:55")