diff --git a/modules/mysql/README.md b/modules/mysql/README.md
index c903872e..d460d6f4 100644
--- a/modules/mysql/README.md
+++ b/modules/mysql/README.md
@@ -35,7 +35,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no |
| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no |
| iam\_users | A list of IAM users to be created in your CloudSQL instance | list(object({
id = string,
email = string
})) | `[]` | no |
-| insights\_config | The insights\_config settings for the database. | object({
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
+| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
| ip\_configuration | The ip\_configuration settings subblock | object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
enable_private_path_for_google_cloud_services = optional(bool)
}) | {
"allocated_ip_range": null,
"authorized_networks": [],
"enable_private_path_for_google_cloud_services": false,
"ipv4_enabled": true,
"private_network": null,
"require_ssl": null
} | no |
| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no |
| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no |
@@ -49,7 +49,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no |
| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no |
| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no |
-| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = string
edition = optional(string)
zone = string
availability_type = string
disk_type = string
disk_autoresize = bool
disk_autoresize_limit = number
disk_size = string
user_labels = map(string)
database_flags = list(object({
name = string
value = string
}))
insights_config = optional(object({
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
enable_private_path_for_google_cloud_services = optional(bool)
})
encryption_key_name = string
})) | `[]` | no |
+| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = string
edition = optional(string)
zone = string
availability_type = string
disk_type = string
disk_autoresize = bool
disk_autoresize_limit = number
disk_size = string
user_labels = map(string)
database_flags = list(object({
name = string
value = string
}))
insights_config = optional(object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
enable_private_path_for_google_cloud_services = optional(bool)
})
encryption_key_name = string
})) | `[]` | no |
| region | The region of the Cloud SQL resources | `string` | `"us-central1"` | no |
| replica\_database\_version | The read replica database version to use. This var should only be used during a database update. The update sequence 1. read-replica 2. master, setting this to an updated version will cause the replica to update, then you may update the master with the var database\_version and remove this field after update is complete | `string` | `""` | no |
| root\_password | Mysql password for the root user. If not set, a random one will be generated and available in the root\_password output variable. | `string` | `""` | no |
diff --git a/modules/mysql/main.tf b/modules/mysql/main.tf
index 3d424bac..a1d131ce 100644
--- a/modules/mysql/main.tf
+++ b/modules/mysql/main.tf
@@ -90,6 +90,7 @@ resource "google_sql_database_instance" "default" {
content {
query_insights_enabled = true
+ query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5)
query_string_length = lookup(insights_config.value, "query_string_length", 1024)
record_application_tags = lookup(insights_config.value, "record_application_tags", false)
record_client_address = lookup(insights_config.value, "record_client_address", false)
diff --git a/modules/mysql/metadata.yaml b/modules/mysql/metadata.yaml
index 0868f658..a3b267bf 100644
--- a/modules/mysql/metadata.yaml
+++ b/modules/mysql/metadata.yaml
@@ -187,6 +187,7 @@ spec:
description: The insights_config settings for the database.
type: |-
object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
diff --git a/modules/mysql/read_replica.tf b/modules/mysql/read_replica.tf
index a16081aa..4eaee7e1 100644
--- a/modules/mysql/read_replica.tf
+++ b/modules/mysql/read_replica.tf
@@ -48,6 +48,7 @@ resource "google_sql_database_instance" "replicas" {
content {
query_insights_enabled = true
+ query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5)
query_string_length = lookup(insights_config.value, "query_string_length", 1024)
record_application_tags = lookup(insights_config.value, "record_application_tags", false)
record_client_address = lookup(insights_config.value, "record_client_address", false)
@@ -110,4 +111,3 @@ resource "google_sql_database_instance" "replicas" {
delete = var.delete_timeout
}
}
-
diff --git a/modules/mysql/variables.tf b/modules/mysql/variables.tf
index 527e6a45..41c31e27 100644
--- a/modules/mysql/variables.tf
+++ b/modules/mysql/variables.tf
@@ -208,6 +208,7 @@ variable "backup_configuration" {
variable "insights_config" {
description = "The insights_config settings for the database."
type = object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
@@ -266,6 +267,7 @@ variable "read_replicas" {
value = string
}))
insights_config = optional(object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
diff --git a/modules/postgresql/README.md b/modules/postgresql/README.md
index 1bf03fe1..ffd5ad08 100644
--- a/modules/postgresql/README.md
+++ b/modules/postgresql/README.md
@@ -35,7 +35,7 @@ Note: CloudSQL provides [disk autoresize](https://cloud.google.com/sql/docs/mysq
| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no |
| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no |
| iam\_users | A list of IAM users to be created in your CloudSQL instance | list(object({
id = string,
email = string
})) | `[]` | no |
-| insights\_config | The insights\_config settings for the database. | object({
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
+| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
| ip\_configuration | The ip configuration for the master instances. | object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
enable_private_path_for_google_cloud_services = optional(bool)
}) | {
"allocated_ip_range": null,
"authorized_networks": [],
"enable_private_path_for_google_cloud_services": false,
"ipv4_enabled": true,
"private_network": null,
"require_ssl": null
} | no |
| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no |
| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no |
diff --git a/modules/postgresql/main.tf b/modules/postgresql/main.tf
index e86c3563..a64eaa02 100644
--- a/modules/postgresql/main.tf
+++ b/modules/postgresql/main.tf
@@ -117,6 +117,7 @@ resource "google_sql_database_instance" "default" {
content {
query_insights_enabled = true
+ query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5)
query_string_length = lookup(insights_config.value, "query_string_length", 1024)
record_application_tags = lookup(insights_config.value, "record_application_tags", false)
record_client_address = lookup(insights_config.value, "record_client_address", false)
diff --git a/modules/postgresql/metadata.yaml b/modules/postgresql/metadata.yaml
index a315fefd..d773137c 100644
--- a/modules/postgresql/metadata.yaml
+++ b/modules/postgresql/metadata.yaml
@@ -192,6 +192,7 @@ spec:
description: The insights_config settings for the database.
type: |-
object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
diff --git a/modules/postgresql/read_replica.tf b/modules/postgresql/read_replica.tf
index 9012366e..3ed5a4ff 100644
--- a/modules/postgresql/read_replica.tf
+++ b/modules/postgresql/read_replica.tf
@@ -66,6 +66,7 @@ resource "google_sql_database_instance" "replicas" {
content {
query_insights_enabled = true
+ query_plans_per_minute = lookup(insights_config.value, "query_plans_per_minute", 5)
query_string_length = lookup(insights_config.value, "query_string_length", 1024)
record_application_tags = lookup(insights_config.value, "record_application_tags", false)
record_client_address = lookup(insights_config.value, "record_client_address", false)
@@ -108,4 +109,3 @@ resource "google_sql_database_instance" "replicas" {
delete = var.delete_timeout
}
}
-
diff --git a/modules/postgresql/variables.tf b/modules/postgresql/variables.tf
index a413f47c..fc5053d7 100644
--- a/modules/postgresql/variables.tf
+++ b/modules/postgresql/variables.tf
@@ -199,6 +199,7 @@ variable "backup_configuration" {
variable "insights_config" {
description = "The insights_config settings for the database."
type = object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
diff --git a/modules/safer_mysql/README.md b/modules/safer_mysql/README.md
index a49887d1..9a8f5995 100644
--- a/modules/safer_mysql/README.md
+++ b/modules/safer_mysql/README.md
@@ -190,7 +190,7 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p
| encryption\_key\_name | The full path to the encryption key used for the CMEK disk encryption | `string` | `null` | no |
| follow\_gae\_application | A Google App Engine application whose zone to remain in. Must be in the same region as this instance. | `string` | `null` | no |
| iam\_users | A list of IAM users to be created in your CloudSQL instance | list(object({
id = string,
email = string
})) | `[]` | no |
-| insights\_config | The insights\_config settings for the database. | object({
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
+| insights\_config | The insights\_config settings for the database. | object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}) | `null` | no |
| maintenance\_window\_day | The day of week (1-7) for the master instance maintenance. | `number` | `1` | no |
| maintenance\_window\_hour | The hour of day (0-23) maintenance window for the master instance maintenance. | `number` | `23` | no |
| maintenance\_window\_update\_track | The update track of maintenance window for the master instance maintenance. Can be either `canary` or `stable`. | `string` | `"stable"` | no |
@@ -202,7 +202,7 @@ mysql -S $HOME/mysql_sockets/myproject:region:instance -u user -p
| read\_replica\_deletion\_protection | Used to block Terraform from deleting replica SQL Instances. | `bool` | `false` | no |
| read\_replica\_deletion\_protection\_enabled | Enables protection of a read replica from accidental deletion across all surfaces (API, gcloud, Cloud Console and Terraform). | `bool` | `false` | no |
| read\_replica\_name\_suffix | The optional suffix to add to the read instance name | `string` | `""` | no |
-| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = string
edition = string
availability_type = string
zone = string
disk_type = string
disk_autoresize = bool
disk_autoresize_limit = number
disk_size = string
user_labels = map(string)
database_flags = list(object({
name = string
value = string
}))
insights_config = optional(object({
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
})
encryption_key_name = string
})) | `[]` | no |
+| read\_replicas | List of read replicas to create. Encryption key is required for replica in different region. For replica in same region as master set encryption\_key\_name = null | list(object({
name = string
name_override = optional(string)
tier = string
edition = string
availability_type = string
zone = string
disk_type = string
disk_autoresize = bool
disk_autoresize_limit = number
disk_size = string
user_labels = map(string)
database_flags = list(object({
name = string
value = string
}))
insights_config = optional(object({
query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
}))
ip_configuration = object({
authorized_networks = list(map(string))
ipv4_enabled = bool
private_network = string
require_ssl = bool
allocated_ip_range = string
})
encryption_key_name = string
})) | `[]` | no |
| region | The region of the Cloud SQL resources | `string` | n/a | yes |
| secondary\_zone | The preferred zone for the secondary/failover instance, it should be something like: `us-central1-a`, `us-east1-c`. | `string` | `null` | no |
| tier | The tier for the master instance. | `string` | `"db-n1-standard-1"` | no |
diff --git a/modules/safer_mysql/metadata.yaml b/modules/safer_mysql/metadata.yaml
index f0a80db5..747af74c 100644
--- a/modules/safer_mysql/metadata.yaml
+++ b/modules/safer_mysql/metadata.yaml
@@ -178,6 +178,7 @@ spec:
description: The insights_config settings for the database.
type: |-
object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
diff --git a/modules/safer_mysql/variables.tf b/modules/safer_mysql/variables.tf
index fd5a37f1..98118178 100644
--- a/modules/safer_mysql/variables.tf
+++ b/modules/safer_mysql/variables.tf
@@ -241,6 +241,7 @@ variable "read_replicas" {
value = string
}))
insights_config = optional(object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool
@@ -363,6 +364,7 @@ variable "encryption_key_name" {
variable "insights_config" {
description = "The insights_config settings for the database."
type = object({
+ query_plans_per_minute = number
query_string_length = number
record_application_tags = bool
record_client_address = bool