Skip to content

Commit

Permalink
fix: random password for default user and additional users will also …
Browse files Browse the repository at this point in the history 
…follow password validation policy (#443)

Co-authored-by: Bharath KKB <bharathkrishnakb@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: g-awmalik <malik.awais@gmail.com>
Co-authored-by: Awais Malik <awmalik@google.com>
Co-authored-by: CFT Bot <cloud-foundation-bot@google.com>
  • Loading branch information
@ravisiddhu @bharathkkb
@renovate @g-awmalik @cloud-foundation-bot
6 people committed Mar 15, 2023
1 parent 7d98bda commit 0ceb0ed
Show file tree
Hide file tree
Showing 2 changed files with 28 additions and 13 deletions.
20 changes: 14 additions & 6 deletions modules/mysql/main.tf
View file
Expand Up @@ -188,19 +188,27 @@ resource "random_password" "user-password" {
name = google_sql_database_instance.default.name
}

length = 32
special = var.enable_random_password_special
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
min_lower = 1
min_numeric = 1
min_upper = 1
length = var.password_validation_policy_config != null ? (var.password_validation_policy_config.min_length != null ? var.password_validation_policy_config.min_length + 4 : 32) : 32
special = var.enable_random_password_special ? true : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? true : false) : false)
min_special = var.enable_random_password_special ? 1 : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? 1 : 0) : 0)
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
}

resource "random_password" "additional_passwords" {
for_each = local.users
keepers = {
name = google_sql_database_instance.default.name
}
length = 32
special = var.enable_random_password_special
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
min_lower = 1
min_numeric = 1
min_upper = 1
length = var.password_validation_policy_config != null ? (var.password_validation_policy_config.min_length != null ? var.password_validation_policy_config.min_length + 4 : 32) : 32
special = var.enable_random_password_special ? true : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? true : false) : false)
min_special = var.enable_random_password_special ? 1 : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? 1 : 0) : 0)
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
}

resource "google_sql_user" "default" {
Expand Down
21 changes: 14 additions & 7 deletions modules/postgresql/main.tf
View file
Expand Up @@ -197,20 +197,27 @@ resource "random_password" "user-password" {
keepers = {
name = google_sql_database_instance.default.name
}

length = 32
special = var.enable_random_password_special
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
min_lower = 1
min_numeric = 1
min_upper = 1
length = var.password_validation_policy_config != null ? (var.password_validation_policy_config.min_length != null ? var.password_validation_policy_config.min_length + 4 : 32) : 32
special = var.enable_random_password_special ? true : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? true : false) : false)
min_special = var.enable_random_password_special ? 1 : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? 1 : 0) : 0)
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
}

resource "random_password" "additional_passwords" {
for_each = local.users
keepers = {
name = google_sql_database_instance.default.name
}
length = 32
special = var.enable_random_password_special
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
min_lower = 1
min_numeric = 1
min_upper = 1
length = var.password_validation_policy_config != null ? (var.password_validation_policy_config.min_length != null ? var.password_validation_policy_config.min_length + 4 : 32) : 32
special = var.enable_random_password_special ? true : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? true : false) : false)
min_special = var.enable_random_password_special ? 1 : (var.password_validation_policy_config != null ? (var.password_validation_policy_config.complexity != "COMPLEXITY_UNSPECIFIED" ? 1 : 0) : 0)
depends_on = [null_resource.module_depends_on, google_sql_database_instance.default]
}

resource "google_sql_user" "default" {
Expand Down

0 comments on commit 0ceb0ed

Please sign in to comment.