Skip to content

Commit

Permalink
Remove require_ssl (#11549) (#19263)
Browse files Browse the repository at this point in the history
[upstream:dd672815b06fa81f2baca8345570a6319e41393f]

Signed-off-by: Modular Magician <[email protected]>
  • Loading branch information
modular-magician authored and c2thorn committed Aug 26, 2024
1 parent 1f38e4d commit 59e8056
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 15 deletions.
3 changes: 3 additions & 0 deletions .changelog/11549.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:breaking-change
sql: removed `settings.ip_configuration.require_ssl` from `google_sql_database_instance` in favor of `settings.ip_configuration.ssl_mode`. This field was intended to be removed in 6.0.0.
```
14 changes: 1 addition & 13 deletions google/services/sql/resource_sql_database_instance.go
Original file line number Diff line number Diff line change
Expand Up @@ -443,13 +443,6 @@ is set to true. Defaults to ZONAL.`,
AtLeastOneOf: ipConfigurationKeys,
Description: `Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4_enabled must be enabled or a private_network must be configured.`,
},
"require_ssl": {
Type: schema.TypeBool,
Optional: true,
AtLeastOneOf: ipConfigurationKeys,
Description: `Whether SSL connections over IP are enforced or not. To change this field, also set the corresponding value in ssl_mode if it has been set too.`,
Deprecated: "`require_ssl` will be fully deprecated in a future major release. For now, please use `ssl_mode` with a compatible `require_ssl` value instead.",
},
"private_network": {
Type: schema.TypeString,
Optional: true,
Expand Down Expand Up @@ -498,7 +491,7 @@ is set to true. Defaults to ZONAL.`,
Optional: true,
Computed: true,
ValidateFunc: validation.StringInSlice([]string{"ALLOW_UNENCRYPTED_AND_ENCRYPTED", "ENCRYPTED_ONLY", "TRUSTED_CLIENT_CERTIFICATE_REQUIRED"}, false),
Description: `Specify how SSL connection should be enforced in DB connections. This field provides more SSL enforcement options compared to require_ssl. To change this field, also set the correspoding value in require_ssl until next major release.`,
Description: `Specify how SSL connection should be enforced in DB connections.`,
AtLeastOneOf: ipConfigurationKeys,
},
"server_ca_mode": {
Expand Down Expand Up @@ -2271,11 +2264,6 @@ func flattenIpConfiguration(ipConfiguration *sqladmin.IpConfiguration, d *schema
data["psc_config"] = flattenPscConfigs(ipConfiguration.PscConfig)
}

// We store the ssl_mode value only if the customer already uses `ssl_mode`.
if _, ok := d.GetOk("settings.0.ip_configuration.0.ssl_mode"); ok {
data["ssl_mode"] = ipConfiguration.SslMode
}

return []map[string]interface{}{data}
}

Expand Down
4 changes: 2 additions & 2 deletions website/docs/guides/version_6_upgrade.html.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -369,9 +369,9 @@ Support for the deletionProtectionEnabled field has been added. Redis clusters w

## Resource: `google_sql_database_instance`

### `settings.ip_configuration.require_ssl` is now removed
### `settings.ip_configuration.require_ssl` is now removed (in 6.0.1)

Removed in favor of field `settings.ip_configuration.ssl_mode`.
Removed in favor of field `settings.ip_configuration.ssl_mode`. `settings.ip_configuration.require_ssl` was intended to be removed in 6.0.0, but is removed in 6.0.1 instead.

## Resource: `google_storage_bucket`

Expand Down

0 comments on commit 59e8056

Please sign in to comment.