diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md index ad9ec395..ecd26017 100644 --- a/modules/cloudsql-instance/README.md +++ b/modules/cloudsql-instance/README.md @@ -161,6 +161,27 @@ module "db" { } # tftest modules=1 resources=2 inventory=public-ip.yaml ``` + +### Query Insights + +Provide `insights_config` (can be just empty `{}`) to enable [Query Insights](https://cloud.google.com/sql/docs/postgres/using-query-insights) + +```hcl +module "db" { + source = "./fabric/modules/cloudsql-instance" + project_id = var.project_id + network = var.vpc.self_link + name = "db" + region = "europe-west1" + database_version = "POSTGRES_13" + tier = "db-g1-small" + + insights_config = { + query_string_length = 2048 + } +} +# tftest modules=1 resources=1 inventory=insights.yaml +``` ## Variables @@ -168,11 +189,11 @@ module "db" { | name | description | type | required | default | |---|---|:---:|:---:|:---:| | [database_version](variables.tf#L61) | Database type and version to create. | string | ✓ | | -| [name](variables.tf#L114) | Name of primary instance. | string | ✓ | | -| [network](variables.tf#L119) | VPC self link where the instances will be deployed. Private Service Networking must be enabled and configured in this VPC. | string | ✓ | | -| [project_id](variables.tf#L140) | The ID of the project where this instances will be created. | string | ✓ | | -| [region](variables.tf#L145) | Region of the primary instance. | string | ✓ | | -| [tier](variables.tf#L165) | The machine type to use for the instances. | string | ✓ | | +| [name](variables.tf#L125) | Name of primary instance. | string | ✓ | | +| [network](variables.tf#L130) | VPC self link where the instances will be deployed. Private Service Networking must be enabled and configured in this VPC. | string | ✓ | | +| [project_id](variables.tf#L151) | The ID of the project where this instances will be created. | string | ✓ | | +| [region](variables.tf#L156) | Region of the primary instance. | string | ✓ | | +| [tier](variables.tf#L176) | The machine type to use for the instances. | string | ✓ | | | [allocated_ip_ranges](variables.tf#L17) | (Optional)The name of the allocated ip range for the private ip CloudSQL instance. For example: \"google-managed-services-default\". If set, the instance ip will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z?. | object({…}) | | {} | | [authorized_networks](variables.tf#L26) | Map of NAME=>CIDR_RANGE to allow to connect to the database(s). | map(string) | | null | | [availability_type](variables.tf#L32) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | string | | "ZONAL" | @@ -183,13 +204,14 @@ module "db" { | [disk_type](variables.tf#L84) | The type of data disk: `PD_SSD` or `PD_HDD`. | string | | "PD_SSD" | | [encryption_key_name](variables.tf#L90) | The full path to the encryption key used for the CMEK disk encryption of the primary instance. | string | | null | | [flags](variables.tf#L96) | Map FLAG_NAME=>VALUE for database-specific tuning. | map(string) | | null | -| [ipv4_enabled](variables.tf#L102) | Add a public IP address to database instance. | bool | | false | -| [labels](variables.tf#L108) | Labels to be attached to all instances. | map(string) | | null | -| [postgres_client_certificates](variables.tf#L124) | Map of cert keys connect to the application(s) using public IP. | list(string) | | null | -| [prefix](variables.tf#L130) | Optional prefix used to generate instance names. | string | | null | -| [replicas](variables.tf#L150) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} | -| [root_password](variables.tf#L159) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string | | null | -| [users](variables.tf#L170) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | map(string) | | null | +| [insights_config](variables.tf#L102) | Query Insights configuration. Defaults to null which disables Query Insights. | object({…}) | | null | +| [ipv4_enabled](variables.tf#L113) | Add a public IP address to database instance. | bool | | false | +| [labels](variables.tf#L119) | Labels to be attached to all instances. | map(string) | | null | +| [postgres_client_certificates](variables.tf#L135) | Map of cert keys connect to the application(s) using public IP. | list(string) | | null | +| [prefix](variables.tf#L141) | Optional prefix used to generate instance names. | string | | null | +| [replicas](variables.tf#L161) | Map of NAME=> {REGION, KMS_KEY} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} | +| [root_password](variables.tf#L170) | Root password of the Cloud SQL instance. Required for MS SQL Server. | string | | null | +| [users](variables.tf#L181) | Map of users to create in the primary instance (and replicated to other replicas) in the format USER=>PASSWORD. For MySQL, anything afterr the first `@` (if persent) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. | map(string) | | null | ## Outputs diff --git a/modules/cloudsql-instance/main.tf b/modules/cloudsql-instance/main.tf index 2419dc0d..67111a7b 100644 --- a/modules/cloudsql-instance/main.tf +++ b/modules/cloudsql-instance/main.tf @@ -105,6 +105,17 @@ resource "google_sql_database_instance" "primary" { value = flag.value } } + + dynamic "insights_config" { + for_each = var.insights_config != null ? [1] : [] + content { + query_insights_enabled = true + query_string_length = var.insights_config.query_string_length + record_application_tags = var.insights_config.record_application_tags + record_client_address = var.insights_config.record_client_address + query_plans_per_minute = var.insights_config.query_plans_per_minute + } + } } deletion_protection = var.deletion_protection } diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf index c7c4ef8d..8b3e0fff 100644 --- a/modules/cloudsql-instance/variables.tf +++ b/modules/cloudsql-instance/variables.tf @@ -99,6 +99,17 @@ variable "flags" { default = null } +variable "insights_config" { + description = "Query Insights configuration. Defaults to null which disables Query Insights." + type = object({ + query_string_length = optional(number, 1024) + record_application_tags = optional(bool, false) + record_client_address = optional(bool, false) + query_plans_per_minute = optional(number, 5) + }) + default = null +} + variable "ipv4_enabled" { description = "Add a public IP address to database instance." type = bool diff --git a/tests/modules/cloudsql_instance/examples/insights.yaml b/tests/modules/cloudsql_instance/examples/insights.yaml new file mode 100644 index 00000000..b861c3ea --- /dev/null +++ b/tests/modules/cloudsql_instance/examples/insights.yaml @@ -0,0 +1,54 @@ +# Copyright 2023 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +values: + module.db.google_sql_database_instance.primary: + database_version: POSTGRES_13 + name: db + project: project-id + region: europe-west1 + settings: + - activation_policy: ALWAYS + active_directory_config: [] + advanced_machine_features: [] + availability_type: ZONAL + collation: null + database_flags: [] + deletion_protection_enabled: null + deny_maintenance_period: [] + disk_autoresize: true + disk_autoresize_limit: 0 + disk_type: PD_SSD + insights_config: + - query_insights_enabled: true + query_plans_per_minute: 5 + query_string_length: 2048 + record_application_tags: false + record_client_address: false + ip_configuration: + - allocated_ip_range: null + authorized_networks: [] + enable_private_path_for_google_cloud_services: null + ipv4_enabled: false + private_network: projects/xxx/global/networks/aaa + require_ssl: null + maintenance_window: [] + password_validation_policy: [] + pricing_plan: PER_USE + sql_server_audit_config: [] + tier: db-g1-small + time_zone: null + +counts: + google_sql_database_instance: 1