diff --git a/edbterraform/data/templates/aws/biganimal.tf.j2 b/edbterraform/data/templates/aws/biganimal.tf.j2 index 8f3510b7..c6291fe0 100644 --- a/edbterraform/data/templates/aws/biganimal.tf.j2 +++ b/edbterraform/data/templates/aws/biganimal.tf.j2 @@ -7,7 +7,6 @@ module "biganimal" { name = each.key name_id = module.spec.hex_id - cloud_account = each.value.cloud_account cluster_name = module.spec.base.tags.cluster_name password = each.value.password data_groups = each.value.data_groups diff --git a/edbterraform/data/templates/azure/biganimal.tf.j2 b/edbterraform/data/templates/azure/biganimal.tf.j2 index 8f3510b7..c6291fe0 100644 --- a/edbterraform/data/templates/azure/biganimal.tf.j2 +++ b/edbterraform/data/templates/azure/biganimal.tf.j2 @@ -7,7 +7,6 @@ module "biganimal" { name = each.key name_id = module.spec.hex_id - cloud_account = each.value.cloud_account cluster_name = module.spec.base.tags.cluster_name password = each.value.password data_groups = each.value.data_groups diff --git a/edbterraform/data/templates/gcloud/biganimal.tf.j2 b/edbterraform/data/templates/gcloud/biganimal.tf.j2 index 8f3510b7..c6291fe0 100644 --- a/edbterraform/data/templates/gcloud/biganimal.tf.j2 +++ b/edbterraform/data/templates/gcloud/biganimal.tf.j2 @@ -7,7 +7,6 @@ module "biganimal" { name = each.key name_id = module.spec.hex_id - cloud_account = each.value.cloud_account cluster_name = module.spec.base.tags.cluster_name password = each.value.password data_groups = each.value.data_groups diff --git a/edbterraform/data/terraform/aws/modules/biganimal/main.tf b/edbterraform/data/terraform/aws/modules/biganimal/main.tf index 193378d0..c8e239c1 100644 --- a/edbterraform/data/terraform/aws/modules/biganimal/main.tf +++ b/edbterraform/data/terraform/aws/modules/biganimal/main.tf @@ -1,7 +1,7 @@ resource "biganimal_cluster" "instance" { for_each = local.use_wal_volume || local.use_pgd ? {} : local.data_groups # required - cloud_provider = local.cloud_provider + cloud_provider = each.value.cloud_provider_id cluster_architecture { id = each.value.type nodes = each.value.node_count @@ -42,7 +42,7 @@ resource "biganimal_cluster" "instance" { } private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = each.value.superuser_access } resource "biganimal_pgd" "clusters" { @@ -56,7 +56,7 @@ resource "biganimal_pgd" "clusters" { data_groups = [ for key, values in local.data_groups: { cloud_provider = { - cloud_provider_id = local.cloud_provider + cloud_provider_id = values.cloud_provider_id } cluster_architecture = { cluster_architecture_id = values.type @@ -105,13 +105,13 @@ resource "biganimal_pgd" "clusters" { ] pe_allowed_principled_ids = [] - service_account_ids = contains(["gcp", "bah:gcp"], var.cloud_provider) ? [] : null + service_account_ids = contains(["gcp"], var.cloud_provider) ? [] : null backup_retention_period = "1d" csp_auth = false private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = values.superuser_access } ] @@ -121,7 +121,7 @@ resource "biganimal_pgd" "clusters" { region_id = v.region } cloud_provider = { - cloud_provider_id = v.cloud_service_provider + cloud_provider_id = v.cloud_account ? v.cloud_service_provider : "bah:${v.cloud_service_provider}" } maintenance_window = { is_enabled = v.maintenance_window.is_enabled @@ -287,7 +287,7 @@ locals { } resource "toolbox_external" "vpc" { - count = var.cloud_account && !local.use_pgd ? 1 : 0 + count = local.cloud_account_non_pgd ? 1 : 0 program = [ "bash", "-c", diff --git a/edbterraform/data/terraform/aws/modules/biganimal/outputs.tf b/edbterraform/data/terraform/aws/modules/biganimal/outputs.tf index 55c407e6..640fb449 100644 --- a/edbterraform/data/terraform/aws/modules/biganimal/outputs.tf +++ b/edbterraform/data/terraform/aws/modules/biganimal/outputs.tf @@ -112,7 +112,7 @@ output "biganimal_id" { } output "buckets" { - value = var.cloud_account ? { + value = local.cloud_account_non_pgd ? { postgres = { bucket = local.postgres_bucket prefix = local.postgres_bucket_prefix @@ -128,7 +128,7 @@ output "buckets" { } output "loadbalancer" { - value = var.cloud_account && !local.use_pgd ? { + value = local.cloud_account_non_pgd ? { name = toolbox_external.vpc.0.result.loadbalancer_name dns = toolbox_external.vpc.0.result.loadbalancer_dns } : {} diff --git a/edbterraform/data/terraform/aws/modules/biganimal/variables.tf b/edbterraform/data/terraform/aws/modules/biganimal/variables.tf index 4a2c3057..6509c0e3 100644 --- a/edbterraform/data/terraform/aws/modules/biganimal/variables.tf +++ b/edbterraform/data/terraform/aws/modules/biganimal/variables.tf @@ -1,5 +1,6 @@ variable data_groups { type = map(object({ + cloud_account = optional(bool, true) type = string region = string node_count = number @@ -100,6 +101,15 @@ variable data_groups { EOT ) } + + validation { + condition = alltrue([for name, grouping in var.data_groups: grouping.type != "pgd" || grouping.node_count == 2 || grouping.node_count == 3]) + error_message = ( + <<-EOT + When using pgd, node_count must be 2 or 3. + EOT + ) + } } variable "witness_groups" { @@ -108,6 +118,7 @@ variable "witness_groups" { nullable = false type = map(object({ region = string + cloud_account = optional(bool, true) cloud_service_provider = string maintenance_window = optional(object({ is_enabled = bool @@ -143,12 +154,6 @@ variable "project" { variable "name" {} variable "name_id" {} -variable "cloud_account" { - type = bool - default = true - nullable = false - description = "Option for selecting if biganimal should host the resources with your own cloud account instead of biganimal hosted resources" -} variable "cluster_name" {} variable "password" { nullable = true @@ -170,7 +175,7 @@ variable "cloud_provider" { default = "aws" nullable = false validation { - condition = contains(["aws", "bah:aws"], var.cloud_provider) + condition = contains(["aws"], var.cloud_provider) error_message = "Invalid cloud provider" } } @@ -211,9 +216,6 @@ variable "tags" { } locals { - # superuser not allowed for biganimal-hosted clusters - superuser_access = var.cloud_account ? true : false - service_cidrblocks = [ for cidr in var.service_cidrblocks : { cidr_block = cidr @@ -255,14 +257,24 @@ locals { # resource expects a cloud provider prefix infront of its instance type instance_type = !startswith("${var.cloud_provider}:", values.instance_type) ? format("${var.cloud_provider}:%s", values.instance_type) : values.instance_type volume_size = "${values.volume.size_gb} Gi" + + # superuser not allowed for biganimal-hosted clusters + superuser_access = values.cloud_account ? true : false + + # Format the cloud provider id + cloud_provider_id = values.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" })) } + cloud_account_non_pgd = ( + alltrue([for group in var.data_groups: group.cloud_account == true]) + && !local.use_pgd + ? true : false + ) + } locals { - - cloud_provider = var.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" cluster_name = format("%s-%s", var.name, var.name_id) // Create an object that excludes any null objects @@ -276,7 +288,7 @@ locals { // Remove null values from the volume properties and save with the api variable naming as the key // Size must be saved as a string and with the Gi suffix API_DATA = concat([ - for group_name, group_values in var.data_groups: { + for group_name, group_values in local.data_groups: { clusterName = local.cluster_name clusterType = group_values.type password = local.password @@ -296,8 +308,8 @@ locals { for key, value in group_values.wal_volume == null ? {} : group_values.wal_volume : local.TERRAFORM_API_MAPPING[key] => key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } - # required - provider = { cloudProviderId = local.cloud_provider } + # required + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -310,7 +322,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = true + superuserAccess = group_values.superuser_access }], [{ # PGD configuration clusterName = local.cluster_name clusterType = one(distinct([for group_name, group_values in var.data_groups: group_values.type])) @@ -334,7 +346,7 @@ locals { key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } # required - provider = { cloudProviderId = local.cloud_provider } + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -347,7 +359,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = local.superuser_access + superuserAccess = group_values.superuser_access } ]} # Ternary requires consistent types. diff --git a/edbterraform/data/terraform/aws/modules/specification/variables.tf b/edbterraform/data/terraform/aws/modules/specification/variables.tf index 7a7a6846..8d6545c5 100644 --- a/edbterraform/data/terraform/aws/modules/specification/variables.tf +++ b/edbterraform/data/terraform/aws/modules/specification/variables.tf @@ -159,9 +159,9 @@ variable "spec" { project = object({ id = optional(string) }) - cloud_account = optional(bool) password = optional(string) data_groups = optional(map(object({ + cloud_account = optional(bool) type = string region = string node_count = number @@ -195,6 +195,7 @@ variable "spec" { }))) witness_groups = optional(map(object({ region = string + cloud_account = optional(bool) cloud_service_provider = string })), {}) tags = optional(map(string), {}) diff --git a/edbterraform/data/terraform/azure/modules/biganimal/main.tf b/edbterraform/data/terraform/azure/modules/biganimal/main.tf index 8ca9236d..9df2748c 100644 --- a/edbterraform/data/terraform/azure/modules/biganimal/main.tf +++ b/edbterraform/data/terraform/azure/modules/biganimal/main.tf @@ -1,7 +1,7 @@ resource "biganimal_cluster" "instance" { for_each = local.use_wal_volume || local.use_pgd ? {} : local.data_groups # required - cloud_provider = local.cloud_provider + cloud_provider = each.value.cloud_provider_id cluster_architecture { id = each.value.type nodes = each.value.node_count @@ -42,7 +42,7 @@ resource "biganimal_cluster" "instance" { } private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = each.value.superuser_access } resource "biganimal_pgd" "clusters" { @@ -56,7 +56,7 @@ resource "biganimal_pgd" "clusters" { data_groups = [ for key, values in local.data_groups: { cloud_provider = { - cloud_provider_id = local.cloud_provider + cloud_provider_id = values.cloud_provider_id } cluster_architecture = { cluster_architecture_id = values.type @@ -105,13 +105,13 @@ resource "biganimal_pgd" "clusters" { ] pe_allowed_principled_ids = [] - service_account_ids = contains(["gcp", "bah:gcp"], var.cloud_provider) ? [] : null + service_account_ids = contains(["gcp"], var.cloud_provider) ? [] : null backup_retention_period = "1d" csp_auth = false private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = values.superuser_access } ] @@ -121,7 +121,7 @@ resource "biganimal_pgd" "clusters" { region_id = v.region } cloud_provider = { - cloud_provider_id = v.cloud_service_provider + cloud_provider_id = v.cloud_account ? v.cloud_service_provider : "bah:${v.cloud_service_provider}" } maintenance_window = { is_enabled = v.maintenance_window.is_enabled diff --git a/edbterraform/data/terraform/azure/modules/biganimal/outputs.tf b/edbterraform/data/terraform/azure/modules/biganimal/outputs.tf index 55c407e6..640fb449 100644 --- a/edbterraform/data/terraform/azure/modules/biganimal/outputs.tf +++ b/edbterraform/data/terraform/azure/modules/biganimal/outputs.tf @@ -112,7 +112,7 @@ output "biganimal_id" { } output "buckets" { - value = var.cloud_account ? { + value = local.cloud_account_non_pgd ? { postgres = { bucket = local.postgres_bucket prefix = local.postgres_bucket_prefix @@ -128,7 +128,7 @@ output "buckets" { } output "loadbalancer" { - value = var.cloud_account && !local.use_pgd ? { + value = local.cloud_account_non_pgd ? { name = toolbox_external.vpc.0.result.loadbalancer_name dns = toolbox_external.vpc.0.result.loadbalancer_dns } : {} diff --git a/edbterraform/data/terraform/azure/modules/biganimal/variables.tf b/edbterraform/data/terraform/azure/modules/biganimal/variables.tf index 79b20c65..dbcc8069 100644 --- a/edbterraform/data/terraform/azure/modules/biganimal/variables.tf +++ b/edbterraform/data/terraform/azure/modules/biganimal/variables.tf @@ -1,5 +1,6 @@ variable data_groups { type = map(object({ + cloud_account = optional(bool, true) type = string region = string node_count = number @@ -100,6 +101,15 @@ variable data_groups { EOT ) } + + validation { + condition = alltrue([for name, grouping in var.data_groups: grouping.type != "pgd" || grouping.node_count == 2 || grouping.node_count == 3]) + error_message = ( + <<-EOT + When using pgd, node_count must be 2 or 3. + EOT + ) + } } variable "witness_groups" { @@ -108,6 +118,7 @@ variable "witness_groups" { nullable = false type = map(object({ region = string + cloud_account = optional(bool, true) cloud_service_provider = string maintenance_window = optional(object({ is_enabled = bool @@ -143,12 +154,6 @@ variable "project" { variable "name" {} variable "name_id" {} -variable "cloud_account" { - type = bool - default = true - nullable = false - description = "Option for selecting if biganimal should host the resources with your own cloud account instead of biganimal hosted resources" -} variable "cluster_name" {} variable "password" { nullable = true @@ -170,7 +175,7 @@ variable "cloud_provider" { default = "azure" nullable = false validation { - condition = contains(["azure", "bah:azure"], var.cloud_provider) + condition = contains(["azure"], var.cloud_provider) error_message = "Invalid cloud provider" } } @@ -211,9 +216,6 @@ variable "tags" { } locals { - # superuser not allowed for biganimal-hosted clusters - superuser_access = var.cloud_account ? true : false - service_cidrblocks = [ for cidr in var.service_cidrblocks : { cidr_block = cidr @@ -255,17 +257,24 @@ locals { # resource expects a cloud provider prefix infront of its instance type instance_type = !startswith("${var.cloud_provider}:", values.instance_type) ? format("${var.cloud_provider}:%s", values.instance_type) : values.instance_type volume_size = "${values.volume.size_gb} Gi" - # resource expects a cloud provider prefix infront of volume type when using premiumstorage - volume_type = !startswith("${var.cloud_provider}", var.volume.type) && endswith("premiumstorage", var.volume.type) ? format("${var.cloud_provider}%s", var.volume.type) : var.volume.type + + # superuser not allowed for biganimal-hosted clusters + superuser_access = values.cloud_account ? true : false + + # Format the cloud provider id + cloud_provider_id = values.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" })) } -} + cloud_account_non_pgd = ( + try((one(local.data_groups)).cloud_account, false) + && !local.use_pgd + ? true : false + ) +} locals { - - cloud_provider = var.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" cluster_name = format("%s-%s", var.name, var.name_id) // Create an object that excludes any null objects @@ -279,7 +288,7 @@ locals { // Remove null values from the volume properties and save with the api variable naming as the key // Size must be saved as a string and with the Gi suffix API_DATA = concat([ - for group_name, group_values in var.data_groups: { + for group_name, group_values in local.data_groups: { clusterName = local.cluster_name clusterType = group_values.type password = local.password @@ -299,8 +308,8 @@ locals { for key, value in group_values.wal_volume == null ? {} : group_values.wal_volume : local.TERRAFORM_API_MAPPING[key] => key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } - # required - provider = { cloudProviderId = local.cloud_provider } + # required + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -313,7 +322,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = true + superuserAccess = group_values.superuser_access }], [{ # PGD configuration clusterName = local.cluster_name clusterType = one(distinct([for group_name, group_values in var.data_groups: group_values.type])) @@ -337,7 +346,7 @@ locals { key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } # required - provider = { cloudProviderId = local.cloud_provider } + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -350,7 +359,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = local.superuser_access + superuserAccess = group_values.superuser_access } ]} # Ternary requires consistent types. diff --git a/edbterraform/data/terraform/azure/modules/specification/variables.tf b/edbterraform/data/terraform/azure/modules/specification/variables.tf index 6a32fb1f..5bc5ea2c 100644 --- a/edbterraform/data/terraform/azure/modules/specification/variables.tf +++ b/edbterraform/data/terraform/azure/modules/specification/variables.tf @@ -107,9 +107,9 @@ variable "spec" { project = object({ id = optional(string) }) - cloud_account = optional(bool) password = optional(string) data_groups = optional(map(object({ + cloud_account = optional(bool) type = string region = string node_count = number @@ -143,6 +143,7 @@ variable "spec" { }))) witness_groups = optional(map(object({ region = string + cloud_account = optional(bool) cloud_service_provider = string })), {}) tags = optional(map(string), {}) diff --git a/edbterraform/data/terraform/gcloud/modules/biganimal/main.tf b/edbterraform/data/terraform/gcloud/modules/biganimal/main.tf index 8ca9236d..9df2748c 100644 --- a/edbterraform/data/terraform/gcloud/modules/biganimal/main.tf +++ b/edbterraform/data/terraform/gcloud/modules/biganimal/main.tf @@ -1,7 +1,7 @@ resource "biganimal_cluster" "instance" { for_each = local.use_wal_volume || local.use_pgd ? {} : local.data_groups # required - cloud_provider = local.cloud_provider + cloud_provider = each.value.cloud_provider_id cluster_architecture { id = each.value.type nodes = each.value.node_count @@ -42,7 +42,7 @@ resource "biganimal_cluster" "instance" { } private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = each.value.superuser_access } resource "biganimal_pgd" "clusters" { @@ -56,7 +56,7 @@ resource "biganimal_pgd" "clusters" { data_groups = [ for key, values in local.data_groups: { cloud_provider = { - cloud_provider_id = local.cloud_provider + cloud_provider_id = values.cloud_provider_id } cluster_architecture = { cluster_architecture_id = values.type @@ -105,13 +105,13 @@ resource "biganimal_pgd" "clusters" { ] pe_allowed_principled_ids = [] - service_account_ids = contains(["gcp", "bah:gcp"], var.cloud_provider) ? [] : null + service_account_ids = contains(["gcp"], var.cloud_provider) ? [] : null backup_retention_period = "1d" csp_auth = false private_networking = !var.publicly_accessible read_only_connections = false - superuser_access = local.superuser_access + superuser_access = values.superuser_access } ] @@ -121,7 +121,7 @@ resource "biganimal_pgd" "clusters" { region_id = v.region } cloud_provider = { - cloud_provider_id = v.cloud_service_provider + cloud_provider_id = v.cloud_account ? v.cloud_service_provider : "bah:${v.cloud_service_provider}" } maintenance_window = { is_enabled = v.maintenance_window.is_enabled diff --git a/edbterraform/data/terraform/gcloud/modules/biganimal/outputs.tf b/edbterraform/data/terraform/gcloud/modules/biganimal/outputs.tf index 55c407e6..640fb449 100644 --- a/edbterraform/data/terraform/gcloud/modules/biganimal/outputs.tf +++ b/edbterraform/data/terraform/gcloud/modules/biganimal/outputs.tf @@ -112,7 +112,7 @@ output "biganimal_id" { } output "buckets" { - value = var.cloud_account ? { + value = local.cloud_account_non_pgd ? { postgres = { bucket = local.postgres_bucket prefix = local.postgres_bucket_prefix @@ -128,7 +128,7 @@ output "buckets" { } output "loadbalancer" { - value = var.cloud_account && !local.use_pgd ? { + value = local.cloud_account_non_pgd ? { name = toolbox_external.vpc.0.result.loadbalancer_name dns = toolbox_external.vpc.0.result.loadbalancer_dns } : {} diff --git a/edbterraform/data/terraform/gcloud/modules/biganimal/variables.tf b/edbterraform/data/terraform/gcloud/modules/biganimal/variables.tf index 7f266d07..3526834c 100644 --- a/edbterraform/data/terraform/gcloud/modules/biganimal/variables.tf +++ b/edbterraform/data/terraform/gcloud/modules/biganimal/variables.tf @@ -1,5 +1,6 @@ variable data_groups { type = map(object({ + cloud_account = optional(bool, true) type = string region = string node_count = number @@ -100,6 +101,15 @@ variable data_groups { EOT ) } + + validation { + condition = alltrue([for name, grouping in var.data_groups: grouping.type != "pgd" || grouping.node_count == 2 || grouping.node_count == 3]) + error_message = ( + <<-EOT + When using pgd, node_count must be 2 or 3. + EOT + ) + } } variable "witness_groups" { @@ -108,6 +118,7 @@ variable "witness_groups" { nullable = false type = map(object({ region = string + cloud_account = optional(bool, true) cloud_service_provider = string maintenance_window = optional(object({ is_enabled = bool @@ -143,12 +154,6 @@ variable "project" { variable "name" {} variable "name_id" {} -variable "cloud_account" { - type = bool - default = true - nullable = false - description = "Option for selecting if biganimal should host the resources with your own cloud account instead of biganimal hosted resources" -} variable "cluster_name" {} variable "password" { nullable = true @@ -170,7 +175,7 @@ variable "cloud_provider" { default = "gcp" nullable = false validation { - condition = contains(["gcp", "bah:gcp"], var.cloud_provider) + condition = contains(["gcp"], var.cloud_provider) error_message = "Invalid cloud provider" } } @@ -211,9 +216,6 @@ variable "tags" { } locals { - # superuser not allowed for biganimal-hosted clusters - superuser_access = var.cloud_account ? true : false - service_cidrblocks = [ for cidr in var.service_cidrblocks : { cidr_block = cidr @@ -255,15 +257,24 @@ locals { # resource expects a cloud provider prefix infront of its instance type instance_type = !startswith("${var.cloud_provider}:", values.instance_type) ? format("${var.cloud_provider}:%s", values.instance_type) : values.instance_type volume_size = "${values.volume.size_gb} Gi" + + # superuser not allowed for biganimal-hosted clusters + superuser_access = values.cloud_account ? true : false + + # Format the cloud provider id + cloud_provider_id = values.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" })) } -} + cloud_account_non_pgd = ( + try((one(local.data_groups)).cloud_account, false) + && !local.use_pgd + ? true : false + ) +} locals { - - cloud_provider = var.cloud_account ? var.cloud_provider : "bah:${var.cloud_provider}" cluster_name = format("%s-%s", var.name, var.name_id) // Create an object that excludes any null objects @@ -277,7 +288,7 @@ locals { // Remove null values from the volume properties and save with the api variable naming as the key // Size must be saved as a string and with the Gi suffix API_DATA = concat([ - for group_name, group_values in var.data_groups: { + for group_name, group_values in local.data_groups: { clusterName = local.cluster_name clusterType = group_values.type password = local.password @@ -297,8 +308,8 @@ locals { for key, value in group_values.wal_volume == null ? {} : group_values.wal_volume : local.TERRAFORM_API_MAPPING[key] => key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } - # required - provider = { cloudProviderId = local.cloud_provider } + # required + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -311,7 +322,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = true + superuserAccess = group_values.superuser_access }], [{ # PGD configuration clusterName = local.cluster_name clusterType = one(distinct([for group_name, group_values in var.data_groups: group_values.type])) @@ -335,7 +346,7 @@ locals { key == "size_gb" ? "${value} Gi" : tostring(value) if value != null } # required - provider = { cloudProviderId = local.cloud_provider } + provider = { cloudProviderId = group_values.cloud_provider_id } clusterArchitecture = { clusterArchitectureId = group_values.type nodes = group_values.type == "single" ? 1 : group_values.node_count @@ -348,7 +359,7 @@ locals { backupRetentionPeriod = "1d" cspAuth = false readOnlyConnections = false - superuserAccess = local.superuser_access + superuserAccess = group_values.superuser_access } ]} # Ternary requires consistent types. diff --git a/edbterraform/data/terraform/gcloud/modules/specification/variables.tf b/edbterraform/data/terraform/gcloud/modules/specification/variables.tf index 1b002b86..0a14f248 100644 --- a/edbterraform/data/terraform/gcloud/modules/specification/variables.tf +++ b/edbterraform/data/terraform/gcloud/modules/specification/variables.tf @@ -122,9 +122,9 @@ variable "spec" { project = object({ id = optional(string) }) - cloud_account = optional(bool) password = optional(string) data_groups = optional(map(object({ + cloud_account = optional(bool) type = string region = string node_count = number @@ -158,6 +158,7 @@ variable "spec" { }))) witness_groups = optional(map(object({ region = string + cloud_account = optional(bool) cloud_service_provider = string })), {}) tags = optional(map(string), {})