Improve db deletion protection

jochenehret · jochenehret · commit 20eabd8ecf73 · 2025-05-23T16:00:59.000+02:00
diff --git a/docs/concourse/README.md b/docs/concourse/README.md
@@ -111,10 +111,25 @@ terragrunt run-all apply
 ## Recommendations
 ### Cloud SQL Instance deletion protection
 
-Terraform hashicorp provider includes a deletion protection flag however in some cases it's misleading as it's not setting it on Google Cloud.
-To avoid confusion we do not set it in the code and recommend altering your production SQL Instance to protect from the deletion on the cloud side.
+The [database.tf](../../terraform-modules/concourse/infra/database.tf) configuration enables deletion protection on multiple levels. The Terraform hashicorp provider includes a deletion protection flag:
+```
+resource "google_sql_database_instance" "concourse" {
+
+  # This option prevents Terraform from deleting an instance
+  deletion_protection = true
+```
+
+In addition, we are setting a flag that enables the "Prevent instance deletion" option from the GCP console:
+```
+  settings {
+    deletion_protection_enabled = "true"
+  }
+```
+
+:warning: The option "Retain backups after instance deletion" should also be enabled. There is no Terraform configuration parameter,
+so you have to set it manually in the GCP console:
 
-https://console.cloud.google.com/sql/instances/ -> select instance name -> edit ->  Data Protection -> tick: Enable delete protection
+Cloud SQL -> Instances -> Edit configuration -> Data Protection -> Retain backups after instance deletion
 
 ### End-to-end testing
 
diff --git a/terraform-modules/concourse/infra/database.tf b/terraform-modules/concourse/infra/database.tf
@@ -4,10 +4,8 @@ resource "google_sql_database_instance" "concourse" {
   project          = var.project
   region           = var.region
 
-  # recommended protection via GCP SQL Instance settings
-  # https://console.cloud.google.com/sql/instances/ -> select instance name -> edit
-  # ->  Data Protection -> tick: Enable delete protection
-  deletion_protection = false
+  # This option prevents Terraform from deleting an instance
+  deletion_protection = true
 
   settings {
     activation_policy = "ALWAYS"
@@ -28,6 +26,8 @@ resource "google_sql_database_instance" "concourse" {
       transaction_log_retention_days = "7"
     }
 
+    deletion_protection_enabled = "true"
+
     disk_autoresize       = "true"
     disk_autoresize_limit = "0"
     disk_size             = var.sql_instance_disk_size
