GCP private Cloud SQL minimal broken config

main.tf

terraform {
  required_version = ">= 0.11.13"
}

provider "google" {
  project = "${local.project}"
  region  = "${local.region}"
}

provider "google-beta" {
  project = "${local.project}"
  region  = "${local.region}"
}

locals {
  project = "thescore-william-villeneuve"
  region  = "us-central1"
}

locals {
  vpc_name = "v${random_uuid.vpc_name.result}"
}

# network
resource "google_compute_network" "network" {
  name = "${local.vpc_name}"

  auto_create_subnetworks = false
}

# subnetwork
resource "google_compute_subnetwork" "subnetwork" {
  name    = "${local.vpc_name}"
  network = "${google_compute_network.network.self_link}"

  ip_cidr_range            = "10.6.0.0/16"
  region                   = "${local.region}"
  private_ip_google_access = true
}

# private service peering ips
resource "google_compute_global_address" "private_service_addresses" {
  provider = "google-beta"

  # name = "${local.vpc_name}-service-ips"
  # name = "google-managed-services-${local.vpc_name}"
  name = "address-${random_uuid.address_name.result}"

  purpose       = "VPC_PEERING"
  address_type  = "INTERNAL"
  address       = "10.5.0.0"
  prefix_length = "16"
  network       = "${google_compute_network.network.name}"
}

# private service peering
resource "google_service_networking_connection" "private_vpc_connection" {
  provider = "google-beta"

  network                 = "${google_compute_network.network.name}"
  service                 = "servicenetworking.googleapis.com"
  reserved_peering_ranges = ["${google_compute_global_address.private_service_addresses.name}"]
}

resource "random_uuid" "vpc_name" {}
resource "random_uuid" "address_name" {}

locals {
  public_ipv4_enabled = true
  machine_type        = "db-custom-1-3840"
  database_version    = "POSTGRES_9_6"
}

resource "google_sql_database_instance" "database_1" {
  provider = "google-beta"

  # name
  name = "db-${random_uuid.database_name_1.result}"

  # location
  region = "${local.region}"

  # version
  database_version = "${local.database_version}"

  settings {
    # machine
    tier = "${local.machine_type}"

    # network
    ip_configuration {
      ipv4_enabled = "${local.public_ipv4_enabled}"

      private_network = "projects/${local.project}/global/networks/${local.vpc_name}"
    }
  }

  depends_on = [
    # we must depend on the private connection to ensure it uses the reserved ips
    "google_service_networking_connection.private_vpc_connection",
  ]
}

resource "google_sql_database_instance" "database_2" {
  provider = "google-beta"

  # name
  name = "db-${random_uuid.database_name_2.result}"

  # location
  region = "${local.region}"

  # version
  database_version = "${local.database_version}"

  settings {
    # machine
    tier = "${local.machine_type}"

    # network
    ip_configuration {
      ipv4_enabled = "${local.public_ipv4_enabled}"

      private_network = "projects/${local.project}/global/networks/${local.vpc_name}"
    }
  }

  depends_on = [
    # we must depend on the private connection to ensure it uses the reserved ips
    "google_service_networking_connection.private_vpc_connection",
  ]
}

resource "random_uuid" "database_name_1" {}
resource "random_uuid" "database_name_2" {}