This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

sql

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-gcp repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-google repo.

class pulumi_gcp.sql.AwaitableGetCaCertsResult(active_version=None, certs=None, id=None, instance=None, project=None)
class pulumi_gcp.sql.Database(resource_name, opts=None, charset=None, collation=None, instance=None, name=None, project=None, __props__=None, __name__=None, __opts__=None)

Represents a SQL database inside the Cloud SQL instance, hosted in Google’s cloud.

import pulumi
import pulumi_gcp as gcp

instance = gcp.sql.DatabaseInstance("instance",
    region="us-central1",
    settings={
        "tier": "db-f1-micro",
    })
database = gcp.sql.Database("database", instance=instance.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • charset (pulumi.Input[str]) – The charset value. See MySQL’s Supported Character Sets and Collations and Postgres’ Character Set Support for more details and supported values. Postgres databases only support a value of UTF8 at creation time.

  • collation (pulumi.Input[str]) –

    The collation value. See MySQL’s Supported Character Sets and Collations and Postgres’ Collation Support for more details and supported values. Postgres databases only support a value of en_US.UTF8 at creation time.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. This does not include the project ID.

  • name (pulumi.Input[str]) – The name of the database in the Cloud SQL instance. This does not include the project ID or instance name.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

charset: pulumi.Output[str] = None

The charset value. See MySQL’s Supported Character Sets and Collations and Postgres’ Character Set Support for more details and supported values. Postgres databases only support a value of UTF8 at creation time.

collation: pulumi.Output[str] = None

The collation value. See MySQL’s Supported Character Sets and Collations and Postgres’ Collation Support for more details and supported values. Postgres databases only support a value of en_US.UTF8 at creation time.

instance: pulumi.Output[str] = None

The name of the Cloud SQL instance. This does not include the project ID.

name: pulumi.Output[str] = None

The name of the database in the Cloud SQL instance. This does not include the project ID or instance name.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The URI of the created resource.

static get(resource_name, id, opts=None, charset=None, collation=None, instance=None, name=None, project=None, self_link=None)

Get an existing Database resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • charset (pulumi.Input[str]) –

    The charset value. See MySQL’s Supported Character Sets and Collations and Postgres’ Character Set Support for more details and supported values. Postgres databases only support a value of UTF8 at creation time.

  • collation (pulumi.Input[str]) –

    The collation value. See MySQL’s Supported Character Sets and Collations and Postgres’ Collation Support for more details and supported values. Postgres databases only support a value of en_US.UTF8 at creation time.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. This does not include the project ID.

  • name (pulumi.Input[str]) – The name of the database in the Cloud SQL instance. This does not include the project ID or instance name.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • self_link (pulumi.Input[str]) – The URI of the created resource.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.sql.DatabaseInstance(resource_name, opts=None, database_version=None, encryption_key_name=None, master_instance_name=None, name=None, project=None, region=None, replica_configuration=None, root_password=None, settings=None, __props__=None, __name__=None, __opts__=None)

Creates a new Google SQL Database Instance. For more information, see the official documentation, or the JSON API.

NOTE on ``sql.DatabaseInstance``: - First-generation instances have been deprecated and should no longer be created, see upgrade docs for more details. To upgrade your First-generation instance, update your config that the instance has

  • settings.ip_configuration.ipv4_enabled=true

  • settings.backup_configuration.enabled=true

  • settings.backup_configuration.binary_log_enabled=true.
    Apply the config, then upgrade the instance in the console as described in the documentation. Once upgraded, update the following attributes in your config to the correct value according to the above documentation:

  • region

  • database_version (if applicable)

  • tier
    Remove any fields that are not applicable to Second-generation instances:

  • settings.crash_safe_replication

  • settings.replication_type

  • settings.authorized_gae_applications And change values to appropriate values for Second-generation instances for:

  • activation_policy (“ON_DEMAND” is no longer an option)

  • pricing_plan (“PER_USE” is now the only valid option) Change settings.backup_configuration.enabled attribute back to its desired value and apply as necessary.

NOTE on ``sql.DatabaseInstance``: - Second-generation instances include a default ‘root’@’%’ user with no password. This user will be deleted by the provider on instance creation. You should use sql.User to define a custom user with a restricted host and strong password.

import pulumi
import pulumi_gcp as gcp

master = gcp.sql.DatabaseInstance("master",
    database_version="POSTGRES_11",
    region="us-central1",
    settings={
        "tier": "db-f1-micro",
    })
import pulumi
import pulumi_gcp as gcp
import pulumi_random as random

private_network = gcp.compute.Network("privateNetwork")
private_ip_address = gcp.compute.GlobalAddress("privateIpAddress",
    purpose="VPC_PEERING",
    address_type="INTERNAL",
    prefix_length=16,
    network=private_network.id)
private_vpc_connection = gcp.servicenetworking.Connection("privateVpcConnection",
    network=private_network.id,
    service="servicenetworking.googleapis.com",
    reserved_peering_ranges=[private_ip_address.name])
db_name_suffix = random.RandomId("dbNameSuffix", byte_length=4)
instance = gcp.sql.DatabaseInstance("instance",
    region="us-central1",
    settings={
        "tier": "db-f1-micro",
        "ip_configuration": {
            "ipv4Enabled": False,
            "privateNetwork": private_network.id,
        },
    })
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database_version (pulumi.Input[str]) – The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, POSTGRES_9_6,POSTGRES_10, POSTGRES_11, POSTGRES_12, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions.

  • encryption_key_name (pulumi.Input[str]) –

    The full path to the encryption key used for the CMEK disk encryption. Setting up disk encryption currently requires manual steps outside of this provider. The provided key must be in the same region as the SQL instance. In order to use this feature, a special kind of service account must be created and granted permission on this key. This step can currently only be done manually, please see this step. That service account needs the Cloud KMS > Cloud KMS CryptoKey Encrypter/Decrypter role on your key - please see this step.

  • master_instance_name (pulumi.Input[str]) – The name of the instance that will act as the master in the replication setup. Note, this requires the master to have binary_log_enabled set, as well as existing backups.

  • name (pulumi.Input[str]) – A name for this whitelist entry.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • region (pulumi.Input[str]) – The region the instance will sit in. Note, Cloud SQL is not available in all regions - choose from one of the options listed here. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this.

  • replica_configuration (pulumi.Input[dict]) – The configuration for replication. The configuration is detailed below.

  • root_password (pulumi.Input[str]) – Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL.

  • settings (pulumi.Input[dict]) – The settings to use for the database. The configuration is detailed below.

The replica_configuration object supports the following:

  • caCertificate (pulumi.Input[str]) - PEM representation of the trusted CA’s x509 certificate.

  • clientCertificate (pulumi.Input[str]) - PEM representation of the slave’s x509 certificate.

  • clientKey (pulumi.Input[str]) - PEM representation of the slave’s private key. The corresponding public key in encoded in the client_certificate.

  • connectRetryInterval (pulumi.Input[float]) - The number of seconds between connect retries.

  • dumpFilePath (pulumi.Input[str]) - Path to a SQL file in GCS from which slave instances are created. Format is gs://bucket/filename.

  • failoverTarget (pulumi.Input[bool]) - Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. If the master instance fails, the replica instance will be promoted as the new master instance.

  • masterHeartbeatPeriod (pulumi.Input[float]) - Time in ms between replication heartbeats.

  • password (pulumi.Input[str]) - Password for the replication connection.

  • sslCipher (pulumi.Input[str])

  • username (pulumi.Input[str]) - Username for replication connection.

  • verifyServerCertificate (pulumi.Input[bool]) - True if the master’s common name value is checked during the SSL handshake.

The settings object supports the following:

  • activationPolicy (pulumi.Input[str]) - This specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND.

  • authorizedGaeApplications (pulumi.Input[list]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. A list of Google App Engine (GAE) project names that are allowed to access this instance.

  • availabilityType (pulumi.Input[str]) - The availability type of the Cloud SQL instance, high availability (REGIONAL) or single zone (ZONAL).’ For MySQL instances, ensure that settings.backup_configuration.enabled and settings.backup_configuration.binary_log_enabled are both set to true.

  • backupConfiguration (pulumi.Input[dict])

    • binaryLogEnabled (pulumi.Input[bool]) - True if binary logging is enabled. If settings.backup_configuration.enabled is false, this must be as well. Cannot be used with Postgres.

    • enabled (pulumi.Input[bool]) - True if backup configuration is enabled.

    • location (pulumi.Input[str])

    • startTime (pulumi.Input[str]) - HH:MM format time indicating when backup configuration starts.

  • crashSafeReplication (pulumi.Input[bool]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Specific to read instances, indicates when crash-safe replication flags are enabled.

  • databaseFlags (pulumi.Input[list])

    • name (pulumi.Input[str]) - A name for this whitelist entry.

    • value (pulumi.Input[str]) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

  • diskAutoresize (pulumi.Input[bool]) - Configuration to increase storage size automatically. Note that future pulumi apply calls will attempt to resize the disk to the value specified in disk_size - if this is set, do not set disk_size.

  • diskSize (pulumi.Input[float]) - The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased.

  • diskType (pulumi.Input[str]) - The type of data disk: PD_SSD or PD_HDD.

  • ip_configuration (pulumi.Input[dict])

    • authorizedNetworks (pulumi.Input[list])

      • expiration_time (pulumi.Input[str]) - The RFC 3339 formatted date time string indicating when this whitelist expires.

      • name (pulumi.Input[str]) - A name for this whitelist entry.

      • value (pulumi.Input[str]) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

    • ipv4Enabled (pulumi.Input[bool]) - Whether this Cloud SQL instance should be assigned a public IPV4 address. Either ipv4_enabled must be enabled or a private_network must be configured.

    • privateNetwork (pulumi.Input[str]) - The VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. Specifying a network enables private IP. Either ipv4_enabled must be enabled or a private_network must be configured. This setting can be updated, but it cannot be removed after it is set.

    • requireSsl (pulumi.Input[bool]) - True if mysqld should default to REQUIRE X509 for users connecting over IP.

  • locationPreference (pulumi.Input[dict])

    • followGaeApplication (pulumi.Input[str]) - A GAE application whose zone to remain in. Must be in the same region as this instance.

    • zone (pulumi.Input[str]) - The preferred compute engine zone.

  • maintenanceWindow (pulumi.Input[dict])

    • day (pulumi.Input[float]) - Day of week (1-7), starting on Monday

    • hour (pulumi.Input[float]) - Hour of day (0-23), ignored if day not set

    • updateTrack (pulumi.Input[str]) - Receive updates earlier (canary) or later (stable)

  • pricingPlan (pulumi.Input[str]) - Pricing plan for this instance, can only be PER_USE.

  • replicationType (pulumi.Input[str]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Replication type for this instance, can be one of ASYNCHRONOUS or SYNCHRONOUS.

  • tier (pulumi.Input[str]) - The machine type to use. See tiers for more details and supported versions. Postgres supports only shared-core machine types such as db-f1-micro, and custom machine types such as db-custom-2-13312. See the Custom Machine Type Documentation to learn about specifying custom machine types.

  • user_labels (pulumi.Input[dict]) - A set of key/value user label pairs to assign to the instance.

  • version (pulumi.Input[float])

connection_name: pulumi.Output[str] = None

The connection name of the instance to be used in connection strings. For example, when connecting with Cloud SQL Proxy.

database_version: pulumi.Output[str] = None

The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, POSTGRES_9_6,POSTGRES_10, POSTGRES_11, POSTGRES_12, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions.

encryption_key_name: pulumi.Output[str] = None

The full path to the encryption key used for the CMEK disk encryption. Setting up disk encryption currently requires manual steps outside of this provider. The provided key must be in the same region as the SQL instance. In order to use this feature, a special kind of service account must be created and granted permission on this key. This step can currently only be done manually, please see this step. That service account needs the Cloud KMS > Cloud KMS CryptoKey Encrypter/Decrypter role on your key - please see this step.

first_ip_address: pulumi.Output[str] = None

The first IPv4 address of any type assigned.

master_instance_name: pulumi.Output[str] = None

The name of the instance that will act as the master in the replication setup. Note, this requires the master to have binary_log_enabled set, as well as existing backups.

name: pulumi.Output[str] = None

A name for this whitelist entry.

private_ip_address: pulumi.Output[str] = None

The first private (PRIVATE) IPv4 address assigned.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

public_ip_address: pulumi.Output[str] = None

The first public (PRIMARY) IPv4 address assigned.

region: pulumi.Output[str] = None

The region the instance will sit in. Note, Cloud SQL is not available in all regions - choose from one of the options listed here. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this.

replica_configuration: pulumi.Output[dict] = None

The configuration for replication. The configuration is detailed below.

  • caCertificate (str) - PEM representation of the trusted CA’s x509 certificate.

  • clientCertificate (str) - PEM representation of the slave’s x509 certificate.

  • clientKey (str) - PEM representation of the slave’s private key. The corresponding public key in encoded in the client_certificate.

  • connectRetryInterval (float) - The number of seconds between connect retries.

  • dumpFilePath (str) - Path to a SQL file in GCS from which slave instances are created. Format is gs://bucket/filename.

  • failoverTarget (bool) - Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. If the master instance fails, the replica instance will be promoted as the new master instance.

  • masterHeartbeatPeriod (float) - Time in ms between replication heartbeats.

  • password (str) - Password for the replication connection.

  • sslCipher (str)

  • username (str) - Username for replication connection.

  • verifyServerCertificate (bool) - True if the master’s common name value is checked during the SSL handshake.

root_password: pulumi.Output[str] = None

Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL.

The URI of the created resource.

service_account_email_address: pulumi.Output[str] = None

The service account email address assigned to the instance.

settings: pulumi.Output[dict] = None

The settings to use for the database. The configuration is detailed below.

  • activationPolicy (str) - This specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND.

  • authorizedGaeApplications (list) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. A list of Google App Engine (GAE) project names that are allowed to access this instance.

  • availabilityType (str) - The availability type of the Cloud SQL instance, high availability (REGIONAL) or single zone (ZONAL).’ For MySQL instances, ensure that settings.backup_configuration.enabled and settings.backup_configuration.binary_log_enabled are both set to true.

  • backupConfiguration (dict)

    • binaryLogEnabled (bool) - True if binary logging is enabled. If settings.backup_configuration.enabled is false, this must be as well. Cannot be used with Postgres.

    • enabled (bool) - True if backup configuration is enabled.

    • location (str)

    • startTime (str) - HH:MM format time indicating when backup configuration starts.

  • crashSafeReplication (bool) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Specific to read instances, indicates when crash-safe replication flags are enabled.

  • databaseFlags (list)

    • name (str) - A name for this whitelist entry.

    • value (str) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

  • diskAutoresize (bool) - Configuration to increase storage size automatically. Note that future pulumi apply calls will attempt to resize the disk to the value specified in disk_size - if this is set, do not set disk_size.

  • diskSize (float) - The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased.

  • diskType (str) - The type of data disk: PD_SSD or PD_HDD.

  • ip_configuration (dict)

    • authorizedNetworks (list)

      • expiration_time (str) - The RFC 3339 formatted date time string indicating when this whitelist expires.

      • name (str) - A name for this whitelist entry.

      • value (str) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

    • ipv4Enabled (bool) - Whether this Cloud SQL instance should be assigned a public IPV4 address. Either ipv4_enabled must be enabled or a private_network must be configured.

    • privateNetwork (str) - The VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. Specifying a network enables private IP. Either ipv4_enabled must be enabled or a private_network must be configured. This setting can be updated, but it cannot be removed after it is set.

    • requireSsl (bool) - True if mysqld should default to REQUIRE X509 for users connecting over IP.

  • locationPreference (dict)

    • followGaeApplication (str) - A GAE application whose zone to remain in. Must be in the same region as this instance.

    • zone (str) - The preferred compute engine zone.

  • maintenanceWindow (dict)

    • day (float) - Day of week (1-7), starting on Monday

    • hour (float) - Hour of day (0-23), ignored if day not set

    • updateTrack (str) - Receive updates earlier (canary) or later (stable)

  • pricingPlan (str) - Pricing plan for this instance, can only be PER_USE.

  • replicationType (str) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Replication type for this instance, can be one of ASYNCHRONOUS or SYNCHRONOUS.

  • tier (str) - The machine type to use. See tiers for more details and supported versions. Postgres supports only shared-core machine types such as db-f1-micro, and custom machine types such as db-custom-2-13312. See the Custom Machine Type Documentation to learn about specifying custom machine types.

  • user_labels (dict) - A set of key/value user label pairs to assign to the instance.

  • version (float)

static get(resource_name, id, opts=None, connection_name=None, database_version=None, encryption_key_name=None, first_ip_address=None, ip_addresses=None, master_instance_name=None, name=None, private_ip_address=None, project=None, public_ip_address=None, region=None, replica_configuration=None, root_password=None, self_link=None, server_ca_cert=None, service_account_email_address=None, settings=None)

Get an existing DatabaseInstance resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • connection_name (pulumi.Input[str]) –

    The connection name of the instance to be used in connection strings. For example, when connecting with Cloud SQL Proxy.

  • database_version (pulumi.Input[str]) –

    The MySQL, PostgreSQL or SQL Server (beta) version to use. Supported values include MYSQL_5_6, MYSQL_5_7, POSTGRES_9_6,POSTGRES_10, POSTGRES_11, POSTGRES_12, SQLSERVER_2017_STANDARD, SQLSERVER_2017_ENTERPRISE, SQLSERVER_2017_EXPRESS, SQLSERVER_2017_WEB. Database Version Policies includes an up-to-date reference of supported versions.

  • encryption_key_name (pulumi.Input[str]) –

    The full path to the encryption key used for the CMEK disk encryption. Setting up disk encryption currently requires manual steps outside of this provider. The provided key must be in the same region as the SQL instance. In order to use this feature, a special kind of service account must be created and granted permission on this key. This step can currently only be done manually, please see this step. That service account needs the Cloud KMS > Cloud KMS CryptoKey Encrypter/Decrypter role on your key - please see this step.

  • first_ip_address (pulumi.Input[str]) – The first IPv4 address of any type assigned.

  • master_instance_name (pulumi.Input[str]) – The name of the instance that will act as the master in the replication setup. Note, this requires the master to have binary_log_enabled set, as well as existing backups.

  • name (pulumi.Input[str]) – A name for this whitelist entry.

  • private_ip_address (pulumi.Input[str]) – The first private (PRIVATE) IPv4 address assigned.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • public_ip_address (pulumi.Input[str]) – The first public (PRIMARY) IPv4 address assigned.

  • region (pulumi.Input[str]) –

    The region the instance will sit in. Note, Cloud SQL is not available in all regions - choose from one of the options listed here. A valid region must be provided to use this resource. If a region is not provided in the resource definition, the provider region will be used instead, but this will be an apply-time error for instances if the provider region is not supported with Cloud SQL. If you choose not to provide the region argument for this resource, make sure you understand this.

  • replica_configuration (pulumi.Input[dict]) – The configuration for replication. The configuration is detailed below.

  • root_password (pulumi.Input[str]) – Initial root password. Required for MS SQL Server, ignored by MySQL and PostgreSQL.

  • self_link (pulumi.Input[str]) – The URI of the created resource.

  • service_account_email_address (pulumi.Input[str]) – The service account email address assigned to the instance.

  • settings (pulumi.Input[dict]) – The settings to use for the database. The configuration is detailed below.

The ip_addresses object supports the following:

  • ip_address (pulumi.Input[str])

  • timeToRetire (pulumi.Input[str])

  • type (pulumi.Input[str])

The replica_configuration object supports the following:

  • caCertificate (pulumi.Input[str]) - PEM representation of the trusted CA’s x509 certificate.

  • clientCertificate (pulumi.Input[str]) - PEM representation of the slave’s x509 certificate.

  • clientKey (pulumi.Input[str]) - PEM representation of the slave’s private key. The corresponding public key in encoded in the client_certificate.

  • connectRetryInterval (pulumi.Input[float]) - The number of seconds between connect retries.

  • dumpFilePath (pulumi.Input[str]) - Path to a SQL file in GCS from which slave instances are created. Format is gs://bucket/filename.

  • failoverTarget (pulumi.Input[bool]) - Specifies if the replica is the failover target. If the field is set to true the replica will be designated as a failover replica. If the master instance fails, the replica instance will be promoted as the new master instance.

  • masterHeartbeatPeriod (pulumi.Input[float]) - Time in ms between replication heartbeats.

  • password (pulumi.Input[str]) - Password for the replication connection.

  • sslCipher (pulumi.Input[str])

  • username (pulumi.Input[str]) - Username for replication connection.

  • verifyServerCertificate (pulumi.Input[bool]) - True if the master’s common name value is checked during the SSL handshake.

The server_ca_cert object supports the following:

  • cert (pulumi.Input[str])

  • common_name (pulumi.Input[str])

  • create_time (pulumi.Input[str])

  • expiration_time (pulumi.Input[str]) - The RFC 3339 formatted date time string indicating when this whitelist expires.

  • sha1_fingerprint (pulumi.Input[str])

The settings object supports the following:

  • activationPolicy (pulumi.Input[str]) - This specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND.

  • authorizedGaeApplications (pulumi.Input[list]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. A list of Google App Engine (GAE) project names that are allowed to access this instance.

  • availabilityType (pulumi.Input[str]) - The availability type of the Cloud SQL instance, high availability (REGIONAL) or single zone (ZONAL).’ For MySQL instances, ensure that settings.backup_configuration.enabled and settings.backup_configuration.binary_log_enabled are both set to true.

  • backupConfiguration (pulumi.Input[dict])

    • binaryLogEnabled (pulumi.Input[bool]) - True if binary logging is enabled. If settings.backup_configuration.enabled is false, this must be as well. Cannot be used with Postgres.

    • enabled (pulumi.Input[bool]) - True if backup configuration is enabled.

    • location (pulumi.Input[str])

    • startTime (pulumi.Input[str]) - HH:MM format time indicating when backup configuration starts.

  • crashSafeReplication (pulumi.Input[bool]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Specific to read instances, indicates when crash-safe replication flags are enabled.

  • databaseFlags (pulumi.Input[list])

    • name (pulumi.Input[str]) - A name for this whitelist entry.

    • value (pulumi.Input[str]) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

  • diskAutoresize (pulumi.Input[bool]) - Configuration to increase storage size automatically. Note that future pulumi apply calls will attempt to resize the disk to the value specified in disk_size - if this is set, do not set disk_size.

  • diskSize (pulumi.Input[float]) - The size of data disk, in GB. Size of a running instance cannot be reduced but can be increased.

  • diskType (pulumi.Input[str]) - The type of data disk: PD_SSD or PD_HDD.

  • ip_configuration (pulumi.Input[dict])

    • authorizedNetworks (pulumi.Input[list])

      • expiration_time (pulumi.Input[str]) - The RFC 3339 formatted date time string indicating when this whitelist expires.

      • name (pulumi.Input[str]) - A name for this whitelist entry.

      • value (pulumi.Input[str]) - A CIDR notation IPv4 or IPv6 address that is allowed to access this instance. Must be set even if other two attributes are not for the whitelist to become active.

    • ipv4Enabled (pulumi.Input[bool]) - Whether this Cloud SQL instance should be assigned a public IPV4 address. Either ipv4_enabled must be enabled or a private_network must be configured.

    • privateNetwork (pulumi.Input[str]) - The VPC network from which the Cloud SQL instance is accessible for private IP. For example, projects/myProject/global/networks/default. Specifying a network enables private IP. Either ipv4_enabled must be enabled or a private_network must be configured. This setting can be updated, but it cannot be removed after it is set.

    • requireSsl (pulumi.Input[bool]) - True if mysqld should default to REQUIRE X509 for users connecting over IP.

  • locationPreference (pulumi.Input[dict])

    • followGaeApplication (pulumi.Input[str]) - A GAE application whose zone to remain in. Must be in the same region as this instance.

    • zone (pulumi.Input[str]) - The preferred compute engine zone.

  • maintenanceWindow (pulumi.Input[dict])

    • day (pulumi.Input[float]) - Day of week (1-7), starting on Monday

    • hour (pulumi.Input[float]) - Hour of day (0-23), ignored if day not set

    • updateTrack (pulumi.Input[str]) - Receive updates earlier (canary) or later (stable)

  • pricingPlan (pulumi.Input[str]) - Pricing plan for this instance, can only be PER_USE.

  • replicationType (pulumi.Input[str]) - This property is only applicable to First Generation instances. First Generation instances are now deprecated, see here for information on how to upgrade to Second Generation instances. Replication type for this instance, can be one of ASYNCHRONOUS or SYNCHRONOUS.

  • tier (pulumi.Input[str]) - The machine type to use. See tiers for more details and supported versions. Postgres supports only shared-core machine types such as db-f1-micro, and custom machine types such as db-custom-2-13312. See the Custom Machine Type Documentation to learn about specifying custom machine types.

  • user_labels (pulumi.Input[dict]) - A set of key/value user label pairs to assign to the instance.

  • version (pulumi.Input[float])

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.sql.GetCaCertsResult(active_version=None, certs=None, id=None, instance=None, project=None)

A collection of values returned by getCaCerts.

active_version = None

SHA1 fingerprint of the currently active CA certificate.

certs = None

A list of server CA certificates for the instance. Each contains:

id = None

The provider-assigned unique ID for this managed resource.

class pulumi_gcp.sql.SourceRepresentationInstance(resource_name, opts=None, database_version=None, host=None, name=None, port=None, project=None, region=None, __props__=None, __name__=None, __opts__=None)

A source representation instance is a Cloud SQL instance that represents the source database server to the Cloud SQL replica. It is visible in the Cloud Console and appears the same as a regular Cloud SQL instance, but it contains no data, requires no configuration or maintenance, and does not affect billing. You cannot update the source representation instance.

import pulumi
import pulumi_gcp as gcp

instance = gcp.sql.SourceRepresentationInstance("instance",
    database_version="MYSQL_5_7",
    host="10.20.30.40",
    port=3306,
    region="us-central1")
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database_version (pulumi.Input[str]) – The MySQL version running on your source database server.

  • host (pulumi.Input[str]) – The externally accessible IPv4 address for the source database server.

  • name (pulumi.Input[str]) – The name of the source representation instance. Use any valid Cloud SQL instance name.

  • port (pulumi.Input[float]) – The externally accessible port for the source database server. Defaults to 3306.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • region (pulumi.Input[str]) – The Region in which the created instance should reside. If it is not provided, the provider region is used.

database_version: pulumi.Output[str] = None

The MySQL version running on your source database server.

host: pulumi.Output[str] = None

The externally accessible IPv4 address for the source database server.

name: pulumi.Output[str] = None

The name of the source representation instance. Use any valid Cloud SQL instance name.

port: pulumi.Output[float] = None

The externally accessible port for the source database server. Defaults to 3306.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

region: pulumi.Output[str] = None

The Region in which the created instance should reside. If it is not provided, the provider region is used.

static get(resource_name, id, opts=None, database_version=None, host=None, name=None, port=None, project=None, region=None)

Get an existing SourceRepresentationInstance resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • database_version (pulumi.Input[str]) – The MySQL version running on your source database server.

  • host (pulumi.Input[str]) – The externally accessible IPv4 address for the source database server.

  • name (pulumi.Input[str]) – The name of the source representation instance. Use any valid Cloud SQL instance name.

  • port (pulumi.Input[float]) – The externally accessible port for the source database server. Defaults to 3306.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • region (pulumi.Input[str]) – The Region in which the created instance should reside. If it is not provided, the provider region is used.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.sql.SslCert(resource_name, opts=None, common_name=None, instance=None, project=None, __props__=None, __name__=None, __opts__=None)

Creates a new Google SQL SSL Cert on a Google SQL Instance. For more information, see the official documentation, or the JSON API.

import pulumi
import pulumi_gcp as gcp
import pulumi_random as random

db_name_suffix = random.RandomId("dbNameSuffix", byte_length=4)
master = gcp.sql.DatabaseInstance("master", settings={
    "tier": "db-f1-micro",
})
client_cert = gcp.sql.SslCert("clientCert",
    common_name="client-name",
    instance=master.name)
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • common*name (pulumi.Input[str]) –

    The common name to be used in the certificate to identify the client. Constrained to [a-zA-Z.-* ]+. Changing this forces a new resource to be created.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. Changing this forces a new resource to be created.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

cert: pulumi.Output[str] = None

The actual certificate data for this client certificate.

cert_serial_number: pulumi.Output[str] = None

The serial number extracted from the certificate data.

common_name: pulumi.Output[str] = None

The common name to be used in the certificate to identify the client. Constrained to [a-zA-Z.-_ ]+. Changing this forces a new resource to be created.

create_time: pulumi.Output[str] = None

The time when the certificate was created in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.

expiration_time: pulumi.Output[str] = None

The time when the certificate expires in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.

instance: pulumi.Output[str] = None

The name of the Cloud SQL instance. Changing this forces a new resource to be created.

private_key: pulumi.Output[str] = None

The private key associated with the client certificate.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

server_ca_cert: pulumi.Output[str] = None

The CA cert of the server this client cert was generated from.

sha1_fingerprint: pulumi.Output[str] = None

The SHA1 Fingerprint of the certificate.

static get(resource_name, id, opts=None, cert=None, cert_serial_number=None, common_name=None, create_time=None, expiration_time=None, instance=None, private_key=None, project=None, server_ca_cert=None, sha1_fingerprint=None)

Get an existing SslCert resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • cert (pulumi.Input[str]) – The actual certificate data for this client certificate.

  • cert_serial_number (pulumi.Input[str]) – The serial number extracted from the certificate data.

  • common*name (pulumi.Input[str]) –

    The common name to be used in the certificate to identify the client. Constrained to [a-zA-Z.-* ]+. Changing this forces a new resource to be created.

  • create_time (pulumi.Input[str]) – The time when the certificate was created in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.

  • expiration_time (pulumi.Input[str]) – The time when the certificate expires in RFC 3339 format, for example 2012-11-15T16:19:00.094Z.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. Changing this forces a new resource to be created.

  • private_key (pulumi.Input[str]) – The private key associated with the client certificate.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

  • server_ca_cert (pulumi.Input[str]) – The CA cert of the server this client cert was generated from.

  • sha1_fingerprint (pulumi.Input[str]) – The SHA1 Fingerprint of the certificate.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

class pulumi_gcp.sql.User(resource_name, opts=None, host=None, instance=None, name=None, password=None, project=None, __props__=None, __name__=None, __opts__=None)

Creates a new Google SQL User on a Google SQL User Instance. For more information, see the official documentation, or the JSON API.

import pulumi
import pulumi_gcp as gcp
import pulumi_random as random

db_name_suffix = random.RandomId("dbNameSuffix", byte_length=4)
master = gcp.sql.DatabaseInstance("master", settings={
    "tier": "db-f1-micro",
})
users = gcp.sql.User("users",
    instance=master.name,
    host="me.com",
    password="changeme")
Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • host (pulumi.Input[str]) – The host the user can connect from. This is only supported for MySQL instances. Don’t set this field for PostgreSQL instances. Can be an IP address. Changing this forces a new resource to be created.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the user. Changing this forces a new resource to be created.

  • password (pulumi.Input[str]) – The password for the user. Can be updated. For Postgres instances this is a Required field.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

host: pulumi.Output[str] = None

The host the user can connect from. This is only supported for MySQL instances. Don’t set this field for PostgreSQL instances. Can be an IP address. Changing this forces a new resource to be created.

instance: pulumi.Output[str] = None

The name of the Cloud SQL instance. Changing this forces a new resource to be created.

name: pulumi.Output[str] = None

The name of the user. Changing this forces a new resource to be created.

password: pulumi.Output[str] = None

The password for the user. Can be updated. For Postgres instances this is a Required field.

project: pulumi.Output[str] = None

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

static get(resource_name, id, opts=None, host=None, instance=None, name=None, password=None, project=None)

Get an existing User resource’s state with the given name, id, and optional extra properties used to qualify the lookup.

Parameters
  • resource_name (str) – The unique name of the resulting resource.

  • id (str) – The unique provider ID of the resource to lookup.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • host (pulumi.Input[str]) – The host the user can connect from. This is only supported for MySQL instances. Don’t set this field for PostgreSQL instances. Can be an IP address. Changing this forces a new resource to be created.

  • instance (pulumi.Input[str]) – The name of the Cloud SQL instance. Changing this forces a new resource to be created.

  • name (pulumi.Input[str]) – The name of the user. Changing this forces a new resource to be created.

  • password (pulumi.Input[str]) – The password for the user. Can be updated. For Postgres instances this is a Required field.

  • project (pulumi.Input[str]) – The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_gcp.sql.get_ca_certs(instance=None, project=None, opts=None)

Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance. For more information see the official documentation and API.

Parameters
  • instance (str) – The name or self link of the instance.

  • project (str) – The ID of the project in which the resource belongs. If project is not provided, the provider project is used.