Google Cloud SQL Database Instance

This page shows how to write Terraform for Cloud SQL Database Instance and write them securely.

google_sql_database_instance (Terraform)

The Database Instance in Cloud SQL can be configured in Terraform with the resource name google_sql_database_instance. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

sql_database_instance_test.tf#L6
resource "google_sql_database_instance" "sql_server" {
  name             = "master-instance"
  database_version = "SQLSERVER_2017_ENTERPRISE"
  settings {
    tier              = "db-custom-16-61440"
    availability_type = "ZONAL"
positive.tf#L1
resource "google_sql_database_instance" "positive1" {
  name             = "master-instance"
  database_version = "POSTGRES_11"
  region           = "us-central1"

  settings {
sql_database_instance_test.tf#L6
resource "google_sql_database_instance" "sql_server" {
  name             = "master-instance"
  database_version = "SQLSERVER_2017_ENTERPRISE"
  settings {
    tier              = "db-custom-16-61440"
    availability_type = "ZONAL"
positive.tf#L1
resource "google_sql_database_instance" "positive1" {
  name             = "master-instance"
  database_version = "POSTGRES_11"
  region           = "us-central1"

  settings {
positive.tf#L1
resource "google_sql_database_instance" "positive1" {
    name             = "master-instance"
    database_version = "POSTGRES_11"
    region           = "us-central1"

    settings {

Parameters

  • connection_name requiredcomputed - string
    • The connection name of the instance to be used in connection strings. For example, when connecting with Cloud SQL Proxy.

  • database_version optional - string
    • The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, MYSQL_8_0, POSTGRES_9_6,POSTGRES_11, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions.

  • deletion_protection optional - bool
    • Used to block Terraform from deleting a SQL Instance.

  • first_ip_address requiredcomputed - string
    • The first IPv4 address of any type assigned. This is to support accessing the first address in the list in a terraform output when the resource is configured with a count.

  • id optionalcomputed - string
  • ip_address requiredcomputed - list / object
  • master_instance_name optionalcomputed - string
    • The name of the instance that will act as the master in the replication setup. Note, this requires the master to have binary_log_enabled set, as well as existing backups.

  • name optionalcomputed - string
    • The name of the instance. If the name is left blank, Terraform will randomly generate one when the instance is first created. This is done because after a name is used, it cannot be reused for up to one week.

  • private_ip_address requiredcomputed - string
    • IPv4 address assigned. This is a workaround for an issue fixed in Terraform 0.12 but also provides a convenient way to access an IP of a specific type without performing filtering in a Terraform config.

  • project optionalcomputed - string
    • The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • public_ip_address requiredcomputed - string
    • IPv4 address assigned. This is a workaround for an issue fixed in Terraform 0.12 but also provides a convenient way to access an IP of a specific type without performing filtering in a Terraform config.

  • region optionalcomputed - string
    • The region the instance will sit in. Note, Cloud SQL is not available in all regions. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this.

  • root_password optional - string
    • Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL.

  • self_link requiredcomputed - string
    • The URI of the created resource.

  • server_ca_cert requiredcomputed - list / object
  • service_account_email_address requiredcomputed - string
    • The service account email address assigned to the instance.

Explanation in Terraform Registry

Creates a new Google SQL Database Instance. For more information, see the official documentation, or the JSON API.

NOTE on google_sql_database_instance: - Second-generation instances include a default 'root'@'%' user with no password. This user will be deleted by Terraform on instance creation. You should use google_sql_user to define a custom user with a restricted host and strong password. -> Note: On newer versions of the provider, you must explicitly set deletion_protection=false (and run terraform apply to write the field to state) in order to destroy an instance. It is recommended to not set this field (or set it to true) until you're ready to destroy the instance and its databases.

Frequently asked questions

What is Google Cloud SQL Database Instance?

Google Cloud SQL Database Instance is a resource for Cloud SQL of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Cloud SQL Database Instance?

For Terraform, the infracost/infracost, Checkmarx/kics and gilyas/infracost source code examples are useful. See the Terraform Example section for further details.

security-icon

Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.