Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/config/servicemappings/sql.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/config/servicemappings

     1# Copyright 2022 Google LLC
     2#
     3# Licensed under the Apache License, Version 2.0 (the "License");
     4# you may not use this file except in compliance with the License.
     5# You may obtain a copy of the License at
     6#
     7#      http://www.apache.org/licenses/LICENSE-2.0
     8#
     9# Unless required by applicable law or agreed to in writing, software
    10# distributed under the License is distributed on an "AS IS" BASIS,
    11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12# See the License for the specific language governing permissions and
    13# limitations under the License.
    14
    15apiVersion: core.cnrm.cloud.google.com/v1alpha1
    16kind: ServiceMapping
    17metadata:
    18  name: sql.cnrm.cloud.google.com
    19  namespace: cnrm-system
    20spec:
    21  name: SQL
    22  version: v1beta1
    23  serviceHostName: "sqladmin.googleapis.com"
    24  resources:
    25    - name: google_sql_database
    26      kind: SQLDatabase
    27      idTemplate: "projects/{{project}}/instances/{{instance}}/databases/{{name}}"
    28      idTemplateCanBeUsedToMatchResourceName: true
    29      metadataMapping:
    30        name: name
    31      resourceID:
    32        targetField: name
    33      resourceReferences:
    34        - key: instanceRef
    35          tfField: instance
    36          description: |-
    37            The Cloud SQL instance.
    38          gvk:
    39            kind: SQLInstance
    40            version: v1beta1
    41            group: sql.cnrm.cloud.google.com
    42          parent: true
    43      containers:
    44        - type: project
    45          tfField: project
    46    - name: google_sql_database_instance
    47      kind: SQLInstance
    48      metadataMapping:
    49        name: name
    50        labels: settings.user_labels
    51      resourceID:
    52        targetField: name
    53      idTemplate: "projects/{{project}}/instances/{{name}}"
    54      idTemplateCanBeUsedToMatchResourceName: true
    55      resourceAvailableInAssetInventory: true
    56      iamMemberReferenceConfig:
    57        targetField: service_account_email_address
    58        valueTemplate: "serviceAccount:{{value}}"
    59      resourceReferences:
    60        - key: masterInstanceRef
    61          tfField: master_instance_name
    62          gvk:
    63            kind: SQLInstance
    64            version: v1beta1
    65            group: sql.cnrm.cloud.google.com
    66        - tfField: settings.ip_configuration.private_network
    67          key: privateNetworkRef
    68          gvk:
    69            kind: ComputeNetwork
    70            version: v1beta1
    71            group: compute.cnrm.cloud.google.com
    72          targetField: self_link
    73        - tfField: encryption_key_name
    74          key: encryptionKMSCryptoKeyRef
    75          gvk:
    76            kind: KMSCryptoKey
    77            version: v1beta1
    78            group: kms.cnrm.cloud.google.com
    79          targetField: self_link
    80        - tfField: settings.sql_server_audit_config.bucket
    81          key: bucketRef
    82          description: The name of the destination bucket (e.g., gs://mybucket).
    83          gvk:
    84            kind: StorageBucket
    85            version: v1beta1
    86            group: storage.cnrm.cloud.google.com
    87          targetField: url
    88      ignoredFields:
    89        - settings.version
    90        - deletion_protection
    91        - restore_backup_context
    92        - clone # b/179734967
    93      containers:
    94        - type: project
    95          tfField: project
    96      mutableButUnreadableFields:
    97        - root_password
    98    - name: google_sql_ssl_cert
    99      kind: SQLSSLCert
   100      skipImport: true
   101      serverGeneratedIDField: "sha1_fingerprint"
   102      resourceID:
   103        targetField: sha1_fingerprint
   104      idTemplate: "projects/{{project}}/instances/{{instance}}/sslCerts/{{sha1_fingerprint}}"
   105      # not setup for importing, uses the server generated id of the sha1_fingerprint, should work though because gcloud is able to get them by 'name'
   106      idTemplateCanBeUsedToMatchResourceName: false
   107      resourceReferences:
   108      - key: instanceRef
   109        tfField: instance
   110        gvk:
   111          kind: SQLInstance
   112          version: v1beta1
   113          group: sql.cnrm.cloud.google.com
   114        parent: true
   115        description: |-
   116          The Cloud SQL instance.
   117      containers:
   118      - type: project
   119        tfField: project
   120    - name: google_sql_user
   121      kind: SQLUser
   122      idTemplate: "{{project}}/{{instance}}/{{host?}}/{{name}}"
   123      # doesn't have a URL
   124      idTemplateCanBeUsedToMatchResourceName: false
   125      metadataMapping:
   126        name: name
   127      resourceID:
   128        targetField: name
   129      resourceReferences:
   130        - key: instanceRef
   131          tfField: instance
   132          gvk:
   133            kind: SQLInstance
   134            version: v1beta1
   135            group: sql.cnrm.cloud.google.com
   136          parent: true
   137      containers:
   138        - type: project
   139          tfField: project
   140      mutableButUnreadableFields:
   141        - password
   142      ignoredFields:
   143        - deletion_policy

View as plain text