feat(cloud_sql): add disabling psc on PSA+PSC instances examples

Author: loeng2023

cloud_sql/mysql_instance_psa_psc/main.tf

@@ -89,5 +89,30 @@ resource "google_compute_forwarding_rule" "default" {
   target                = data.google_sql_database_instance.default.psc_service_attachment_link
 }
 
+# [START cloud_sql_mysql_instance_disable_psc_instance]
+resource "google_sql_database_instance" "disable_psc_example" {
+  name             = "mysql-disable-psc-example"
+  region           = "us-central1"
+  database_version = "MYSQL_8_0"
+
+  depends_on = [google_service_networking_connection.default]
+
+  settings {
+    tier = "db-f1-micro"
+    ip_configuration {
+      psc_config {
+        psc_enabled               = false
+        allowed_consumer_projects = [] # clear consumer projects
+      }
+      ipv4_enabled    = false
+      private_network = google_compute_network.peering_network.id
+    }
+  }
+  # set `deletion_protection` to true, will ensure that one cannot accidentally delete this instance by
+  # use of Terraform whereas `deletion_protection_enabled` flag protects this instance at the GCP level.
+  deletion_protection = false
+}
+# [END cloud_sql_mysql_instance_disable_psc_instance]
+
 # [END cloud_sql_mysql_instance_psa_psc_parent_tag]
 

cloud_sql/postgres_instance_psa_psc/main.tf

@@ -93,4 +93,34 @@ resource "google_compute_forwarding_rule" "default" {
   target                = data.google_sql_database_instance.default.psc_service_attachment_link
 }
 
+
+# [START cloud_sql_postgres_instance_disable_psc_instance]
+resource "google_sql_database_instance" "disable_psc_example" {
+  name             = "postgres-disable-psc-example"
+  region           = "us-central1"
+  database_version = "POSTGRES_17"
+
+  depends_on = [google_service_networking_connection.default]
+
+  settings {
+    tier              = "db-custom-2-7680"
+    availability_type = "REGIONAL"
+    backup_configuration {
+      enabled = true
+    }
+    ip_configuration {
+      psc_config {
+        psc_enabled               = false
+        allowed_consumer_projects = [] # clear consumer projects
+      }
+      ipv4_enabled    = false
+      private_network = google_compute_network.peering_network.id
+    }
+  }
+  # set `deletion_protection` to true, will ensure that one cannot accidentally delete this instance by
+  # use of Terraform whereas `deletion_protection_enabled` flag protects this instance at the GCP level.
+  deletion_protection = false # Set to "true" to prevent destruction of the resource
+}
+# [END cloud_sql_postgres_instance_disable_psc_instance]
+
 # [END cloud_sql_postgres_instance_psa_psc_parent_tag]

cloud_sql/sqlserver_instance_psa_psc/main.tf

@@ -90,5 +90,31 @@ resource "google_compute_forwarding_rule" "default" {
   target                = data.google_sql_database_instance.default.psc_service_attachment_link
 }
 
+# [START cloud_sql_sqlserver_instance_disable_psc_instance]
+resource "google_sql_database_instance" "disable_psc_example" {
+  name             = "sqlserver-disable-psc-example"
+  region           = "us-central1"
+  database_version = "SQLSERVER_2019_STANDARD"
+  root_password    = "INSERT-PASSWORD-HERE"
+
+  depends_on = [google_service_networking_connection.default]
+
+  settings {
+    tier = "db-custom-2-7680"
+    ip_configuration {
+      psc_config {
+        psc_enabled               = false
+        allowed_consumer_projects = [] # clear consumer projects
+      }
+      ipv4_enabled    = false
+      private_network = google_compute_network.peering_network.id
+    }
+  }
+  # set `deletion_protection` to true, will ensure that one cannot accidentally delete this instance by
+  # use of Terraform whereas `deletion_protection_enabled` flag protects this instance at the GCP level.
+  deletion_protection = false
+}
+# [END cloud_sql_sqlserver_instance_disable_psc_instance]
+
 # [END cloud_sql_sqlserver_instance_psa_psc_parent_tag]