talexander/infra_snippets
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Output a connection URL for cloudsql.

Browse Source
This commit is contained in:
Tom Alexander 2021-07-18 21:47:20 -04:00
parent dfb5191868
commit b087d1eed9
Signed by: talexander
GPG Key ID: D3A179C9A53C0EDE
2 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
terraform/basic_gke/main.tf
View File

@ -149,6 +149,11 @@ resource "local_file" "pgclient_key" {
directory_permission = "0700" directory_permission = "0700"
} }
output "cloudsql_connection_string" {
description = "Connection URL for main user in cloudsql."
value = "postgresql://postgres@${module.cloudsql.instance.ip_address.0.ip_address}/postgres?ssl=true&sslmode=verify-ca&sslcert=${urlencode(abspath(local_file.pgclient_crt.filename))}&sslkey=${urlencode(abspath(local_file.pgclient_key.filename))}&sslrootcert=${urlencode(abspath(local_file.pgserver_crt.filename))}"
}
# Create a workload identity service account for IAM authentication to # Create a workload identity service account for IAM authentication to
# cloudsql # cloudsql
module "cloudsql_test_sa" { module "cloudsql_test_sa" {

1
terraform/modules/cloudsql/cloudsql.tf
View File

@ -92,6 +92,7 @@ resource "google_sql_user" "postgres" {
} }
resource "google_sql_ssl_cert" "client_cert" { resource "google_sql_ssl_cert" "client_cert" {
project = var.project
common_name = "client-name" common_name = "client-name"
instance = google_sql_database_instance.instance.name instance = google_sql_database_instance.instance.name
} }