diff --git a/modules/mssql/README.md b/modules/mssql/README.md
index 4b977b8f..03ee17d9 100644
--- a/modules/mssql/README.md
+++ b/modules/mssql/README.md
@@ -62,7 +62,7 @@ module "mssql" {
| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no |
| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = optional(number, 5)
query_string_length = optional(number, 1024)
record_application_tags = optional(bool, false)
record_client_address = optional(bool, false)
}) | `null` | no |
| instance\_type | The type of the instance. The supported values are SQL\_INSTANCE\_TYPE\_UNSPECIFIED, CLOUD\_SQL\_INSTANCE, ON\_PREMISES\_INSTANCE and READ\_REPLICA\_INSTANCE. Set to READ\_REPLICA\_INSTANCE when primary\_instance\_name is provided | `string` | `"CLOUD_SQL_INSTANCE"` | no |
-| ip\_configuration | The ip configuration for the Cloud SQL instances. | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
allocated_ip_range = optional(string)
ssl_mode = optional(string)
}) | {
"allocated_ip_range": null,
"authorized_networks": [],
"ipv4_enabled": true,
"private_network": null,
"ssl_mode": null
} | no |
+| ip\_configuration | The ip configuration for the Cloud SQL instances. | object({
authorized_networks = optional(list(map(string)), [])
ipv4_enabled = optional(bool)
private_network = optional(string)
allocated_ip_range = optional(string)
ssl_mode = optional(string)
psc_enabled = optional(bool, false)
psc_allowed_consumer_projects = optional(list(string), [])
}) | {
"allocated_ip_range": null,
"authorized_networks": [],
"ipv4_enabled": true,
"private_network": null,
"psc_allowed_consumer_projects": [],
"psc_enabled": false,
"ssl_mode": null
} | no |
| maintenance\_version | The current software version on the instance. This attribute can not be set during creation. Refer to available\_maintenance\_versions attribute to see what maintenance\_version are available for upgrade. When this attribute gets updated, it will cause an instance restart. Setting a maintenance\_version value that is older than the current one on the instance will be ignored | `string` | `null` | no |
| maintenance\_window\_day | The day of week (1-7) for the Cloud SQL maintenance. | `number` | `1` | no |
| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the Cloud SQL maintenance. | `number` | `23` | no |
@@ -97,6 +97,7 @@ module "mssql" {
| instance\_connection\_name | The connection name of the master instance to be used in connection strings |
| instance\_first\_ip\_address | The first IPv4 address of the addresses assigned. |
| instance\_name | The instance name for the master instance |
+| instance\_psc\_attachment | The psc\_service\_attachment\_link created for the master instance |
| instance\_self\_link | The URI of the master instance |
| instance\_server\_ca\_cert | The CA certificate information used to connect to the SQL instance via SSL |
| instance\_service\_account\_email\_address | The service account email address assigned to the master instance |
diff --git a/modules/mssql/main.tf b/modules/mssql/main.tf
index c5756c6a..218cdb12 100644
--- a/modules/mssql/main.tf
+++ b/modules/mssql/main.tf
@@ -113,6 +113,13 @@ resource "google_sql_database_instance" "default" {
value = lookup(authorized_networks.value, "value", null)
}
}
+ dynamic "psc_config" {
+ for_each = ip_configuration.value.psc_enabled ? ["psc_enabled"] : []
+ content {
+ psc_enabled = ip_configuration.value.psc_enabled
+ allowed_consumer_projects = ip_configuration.value.psc_allowed_consumer_projects
+ }
+ }
}
}
diff --git a/modules/mssql/outputs.tf b/modules/mssql/outputs.tf
index 4a143876..9633ae02 100644
--- a/modules/mssql/outputs.tf
+++ b/modules/mssql/outputs.tf
@@ -79,6 +79,11 @@ output "root_password" {
sensitive = true
}
+output "instance_psc_attachment" {
+ value = google_sql_database_instance.default.psc_service_attachment_link
+ description = "The psc_service_attachment_link created for the master instance"
+}
+
// Resources
output "primary" {
value = google_sql_database_instance.default
diff --git a/modules/mssql/variables.tf b/modules/mssql/variables.tf
index fb1ddf98..4b373e1e 100644
--- a/modules/mssql/variables.tf
+++ b/modules/mssql/variables.tf
@@ -204,18 +204,22 @@ variable "user_labels" {
variable "ip_configuration" {
description = "The ip configuration for the Cloud SQL instances."
type = object({
- authorized_networks = optional(list(map(string)), [])
- ipv4_enabled = optional(bool)
- private_network = optional(string)
- allocated_ip_range = optional(string)
- ssl_mode = optional(string)
+ authorized_networks = optional(list(map(string)), [])
+ ipv4_enabled = optional(bool)
+ private_network = optional(string)
+ allocated_ip_range = optional(string)
+ ssl_mode = optional(string)
+ psc_enabled = optional(bool, false)
+ psc_allowed_consumer_projects = optional(list(string), [])
})
default = {
authorized_networks = []
- ipv4_enabled = true
- private_network = null
- allocated_ip_range = null
- ssl_mode = null
+ ipv4_enabled = true
+ private_network = null
+ allocated_ip_range = null
+ ssl_mode = null
+ psc_enabled = false
+ psc_allowed_consumer_projects = []
}
}