Add require_tls param to cloudsql module.

2021-07-18 22:11:22 -04:00 · 2021-07-18 22:11:22 -04:00 · c3e5b70a84
commit c3e5b70a84
parent b087d1eed9
1 changed files with 7 additions and 1 deletions
--- a/terraform/modules/cloudsql/cloudsql.tf
+++ b/terraform/modules/cloudsql/cloudsql.tf
@ -33,6 +33,12 @@ variable "postgres_password" {
  default     = "hunter2"
 }

+variable "require_tls" {
+  description = "Whether or not we should require TLS when connecting to cloudsql."
+  type        = bool
+  default     = false
+}
+
 output "connection_name" {
  description = "The connection string for connecting to the cloudsql instance (for example, through cloudsql proxy)."
  value       = google_sql_database_instance.instance.connection_name
@ -71,7 +77,7 @@ resource "google_sql_database_instance" "instance" {
    ip_configuration {
      ipv4_enabled    = false
      private_network = var.private_network_id
-      require_ssl     = true
+      require_ssl     = var.require_tls
    }

    database_flags {