feat(TPG>5.38)!: added deletion_policy to private service access sub-…

…module and promoted to GA provider (#620)

examples/mssql-failover-replica/main.tf

@@ -24,7 +24,7 @@ locals {
 
 module "mssql1" {
   source  = "terraform-google-modules/sql-db/google//modules/mssql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   region = local.region_1
 
@@ -36,7 +36,7 @@ module "mssql1" {
 
   deletion_protection = false
 
-  tier = "db-custom-10-65536"
+  tier = "db-custom-4-15360"
 
   ip_configuration = {
     ipv4_enabled    = false
@@ -56,7 +56,7 @@ module "mssql1" {
 
 module "mssql2" {
   source  = "terraform-google-modules/sql-db/google//modules/mssql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   master_instance_name = module.mssql1.instance_name
 
@@ -70,7 +70,7 @@ module "mssql2" {
 
   deletion_protection = false
 
-  tier = "db-custom-10-65536"
+  tier = "db-custom-4-15360"
 
   ip_configuration = {
     ipv4_enabled    = false

examples/mssql-public/main.tf

@@ -16,7 +16,7 @@
 
 module "mssql" {
   source  = "terraform-google-modules/sql-db/google//modules/mssql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.name
   random_instance_name = true

examples/mysql-backup-create-service-account/main.tf

@@ -16,7 +16,7 @@
 
 module "mysql" {
   source  = "terraform-google-modules/sql-db/google//modules/mysql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = "example-mysql-public"
   database_version     = "MYSQL_8_0"
@@ -45,7 +45,7 @@ resource "google_storage_bucket" "backup" {
 
 module "backup" {
   source  = "terraform-google-modules/sql-db/google//modules/backup"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   region                = "us-central1"
   project_id            = var.project_id

examples/mysql-ha/main.tf

@@ -33,7 +33,7 @@ locals {
 
 module "mysql" {
   source  = "terraform-google-modules/sql-db/google//modules/mysql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.mysql_ha_name
   random_instance_name = true

examples/mysql-private/main.tf

@@ -39,15 +39,15 @@ module "network-safer-mysql-simple" {
 
 module "private-service-access" {
   source  = "terraform-google-modules/sql-db/google//modules/private_service_access"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   project_id  = var.project_id
   vpc_network = module.network-safer-mysql-simple.network_name
 }
 
 module "safer-mysql-db" {
   source  = "terraform-google-modules/sql-db/google//modules/safer_mysql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.db_name
   random_instance_name = true

examples/mysql-psc/main.tf

@@ -27,7 +27,7 @@ locals {
 
 module "mysql" {
   source  = "terraform-google-modules/sql-db/google//modules/mysql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.mysql_ha_name
   random_instance_name = true
@@ -38,7 +38,7 @@ module "mysql" {
   deletion_protection = false
 
   // Master configurations
-  tier                            = "db-custom-4-15360"
+  tier                            = "db-custom-2-7680"
   zone                            = "us-central1-c"
   availability_type               = "REGIONAL"
   maintenance_window_day          = 7
@@ -82,7 +82,7 @@ module "mysql" {
       name              = "0"
       zone              = "us-central1-a"
       availability_type = "REGIONAL"
-      tier              = "db-custom-4-15360"
+      tier              = "db-custom-2-7680"
       ip_configuration  = local.read_replica_ip_configuration
       database_flags    = [{ name = "long_query_time", value = 1 }]
       disk_type         = "PD_SSD"

examples/mysql-public/main.tf

@@ -20,7 +20,7 @@ resource "random_id" "name" {
 
 module "mysql-db" {
   source  = "terraform-google-modules/sql-db/google//modules/mysql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.db_name
   random_instance_name = true

examples/postgresql-backup-provided-service-account/main.tf

@@ -16,7 +16,7 @@
 
 module "postgresql" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = "example-postgres"
   random_instance_name = true
@@ -56,7 +56,7 @@ resource "google_monitoring_notification_channel" "email" {
 
 module "backup" {
   source  = "terraform-google-modules/sql-db/google//modules/backup"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   region                      = "us-central1"
   project_id                  = var.project_id

examples/postgresql-ha/main.tf

@@ -33,7 +33,7 @@ locals {
 
 module "pg" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.pg_ha_name
   random_instance_name = true

examples/postgresql-psc/main.tf

@@ -27,7 +27,7 @@ locals {
 
 module "pg" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.pg_psc_name
   random_instance_name = true
@@ -36,7 +36,7 @@ module "pg" {
   region               = "us-central1"
 
   // Master configurations
-  tier                            = "db-custom-16-61440"
+  tier                            = "db-custom-2-7680"
   zone                            = "us-central1-c"
   availability_type               = "REGIONAL"
   maintenance_window_day          = 7
@@ -78,7 +78,7 @@ module "pg" {
       name              = "0"
       zone              = "us-central1-a"
       availability_type = "REGIONAL"
-      tier              = "db-custom-16-61440"
+      tier              = "db-custom-2-7680"
       ip_configuration  = local.read_replica_ip_configuration
       database_flags    = [{ name = "autovacuum", value = "off" }]
       disk_type         = "PD_SSD"

examples/postgresql-public-iam/main.tf

@@ -17,7 +17,7 @@
 
 module "postgresql-db" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.db_name
   random_instance_name = true

examples/postgresql-public/main.tf

@@ -17,7 +17,7 @@
 
 module "postgresql-db" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
   name                 = var.db_name
   random_instance_name = true

examples/postgresql-with-cross-region-failover/main.tf

@@ -29,7 +29,7 @@ locals {
     ]
   }
   edition            = "ENTERPRISE_PLUS"
-  tier               = local.edition == "ENTERPRISE_PLUS" ? "db-perf-optimized-N-4" : "db-custom-4-15360"
+  tier               = local.edition == "ENTERPRISE_PLUS" ? "db-perf-optimized-N-2" : "db-custom-2-7680"
   data_cache_enabled = local.edition == "ENTERPRISE_PLUS" ? true : false
 }
 
@@ -47,7 +47,7 @@ data "google_compute_zones" "available_region2" {
 
 module "pg1" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
 
   name                 = var.pg_name_1
@@ -156,7 +156,7 @@ module "pg1" {
 
 module "pg2" {
   source  = "terraform-google-modules/sql-db/google//modules/postgresql"
-  version = "~> 20.0"
+  version = "~> 21.0"
 
 
   # Comment this parameter to promot instance 2 as primary instance. This will break replication between instance 1 and 2

examples/private_service_access/README.md

@@ -0,0 +1,35 @@
+# Private Service Acces
+
+This example shows how to create private service access
+
+## Run Terraform
+
+Create resources with terraform:
+
+```bash
+terraform init
+terraform plan
+terraform apply
+```
+
+To remove all resources created by terraform:
+
+```bash
+terraform destroy
+```
+
+<!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
+## Inputs
+
+| Name | Description | Type | Default | Required |
+|------|-------------|------|---------|:--------:|
+| project\_id | The project to run tests against | `string` | n/a | yes |
+
+## Outputs
+
+| Name | Description |
+|------|-------------|
+| project\_id | The project to run tests against |
+| psa | psa created |
+
+<!-- END OF PRE-COMMIT-TERRAFORM DOCS HOOK -->

examples/private_service_access/main.tf

@@ -0,0 +1,33 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+resource "google_compute_network" "default" {
+  name                    = "test-psa-network"
+  project                 = var.project_id
+  auto_create_subnetworks = false
+  description             = "test network"
+}
+
+module "test_psa" {
+  source  = "terraform-google-modules/sql-db/google//modules/private_service_access"
+  version = "~> 21.0"
+
+  project_id      = var.project_id
+  vpc_network     = google_compute_network.default.name
+  address         = "10.220.0.0"
+  deletion_policy = "ABANDON"
+  depends_on      = [google_compute_network.default]
+}

examples/private_service_access/outputs.tf

@@ -0,0 +1,25 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+output "project_id" {
+  description = "The project to run tests against"
+  value       = var.project_id
+}
+
+output "psa" {
+  description = "psa created"
+  value       = module.test_psa
+}

examples/private_service_access/variables.tf

@@ -0,0 +1,20 @@
+/**
+ * Copyright 2019 Google LLC
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+variable "project_id" {
+  type        = string
+  description = "The project to run tests against"
+}

modules/private_service_access/README.md

@@ -1,4 +1,4 @@
-# Submodule for VPC peering Cloud SQL services
+# Submodule for Private Service Access
 
 MySQL [Private IP](https://cloud.google.com/sql/docs/mysql/private-ip)
 configurations require a special peering between your VPC network and a
@@ -10,12 +10,30 @@ that are connected to the same VPC.
 > NOTE: See the linked [documentation](https://cloud.google.com/sql/docs/mysql/private-ip)
 > for all requirements for accessing a MySQL instance via its Private IP.
 
+## Usage
+Basic usage of this module is as follows:
+
+```
+module "test_psa" {
+  source  = "terraform-google-modules/sql-db/google//modules/private_service_access"
+  version = "~> 21.0"
+
+  project_id      = var.project_id
+  vpc_network     = google_compute_network.default.name
+  address         = "10.220.0.0"
+  deletion_policy = "ABANDON"
+  depends_on      = [google_compute_network.default]
+}
+```
+
+
 <!-- BEGINNING OF PRE-COMMIT-TERRAFORM DOCS HOOK -->
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | address | First IP address of the IP range to allocate to CLoud SQL instances and other Private Service Access services. If not set, GCP will pick a valid one for you. | `string` | `""` | no |
+| deletion\_policy | The deletion policy for the service networking connection. Setting to ABANDON allows the resource to be abandoned rather than deleted. This will enable a successful terraform destroy when destroying CloudSQL instances. Use with care as it can lead to dangling resources. | `string` | `null` | no |
 | description | An optional description of the Global Address resource. | `string` | `""` | no |
 | ip\_version | IP Version for the allocation. Can be IPV4 or IPV6. | `string` | `""` | no |
 | labels | The key/value labels for the IP range allocated to the peered network. | `map(string)` | `{}` | no |

modules/private_service_access/main.tf

@@ -24,7 +24,6 @@ data "google_compute_network" "main" {
 // have a private IP within the provided range.
 // https://cloud.google.com/vpc/docs/configure-private-services-access
 resource "google_compute_global_address" "google-managed-services-range" {
-  provider      = google-beta
   project       = var.project_id
   name          = "google-managed-services-${var.vpc_network}"
   description   = var.description
@@ -39,10 +38,10 @@ resource "google_compute_global_address" "google-managed-services-range" {
 
 # Creates the peering with the producer network.
 resource "google_service_networking_connection" "private_service_access" {
-  provider                = google-beta
   network                 = data.google_compute_network.main.self_link
   service                 = "servicenetworking.googleapis.com"
   reserved_peering_ranges = [google_compute_global_address.google-managed-services-range.name]
+  deletion_policy         = var.deletion_policy
 }
 
 resource "null_resource" "dependency_setter" {