From 59e80569caba6e4e772100bbc30d11201f5fee74 Mon Sep 17 00:00:00 2001 From: The Magician Date: Mon, 26 Aug 2024 14:25:40 -0700 Subject: [PATCH] Remove require_ssl (#11549) (#19263) [upstream:dd672815b06fa81f2baca8345570a6319e41393f] Signed-off-by: Modular Magician --- .changelog/11549.txt | 3 +++ .../services/sql/resource_sql_database_instance.go | 14 +------------- .../docs/guides/version_6_upgrade.html.markdown | 4 ++-- 3 files changed, 6 insertions(+), 15 deletions(-) create mode 100644 .changelog/11549.txt diff --git a/.changelog/11549.txt b/.changelog/11549.txt new file mode 100644 index 00000000000..bc2a680bf66 --- /dev/null +++ b/.changelog/11549.txt @@ -0,0 +1,3 @@ +```release-note:breaking-change +sql: removed `settings.ip_configuration.require_ssl` from `google_sql_database_instance` in favor of `settings.ip_configuration.ssl_mode`. This field was intended to be removed in 6.0.0. +``` \ No newline at end of file diff --git a/google/services/sql/resource_sql_database_instance.go b/google/services/sql/resource_sql_database_instance.go index 9e99c62cf9c..cadc4b7d06e 100644 --- a/google/services/sql/resource_sql_database_instance.go +++ b/google/services/sql/resource_sql_database_instance.go @@ -443,13 +443,6 @@ is set to true. Defaults to ZONAL.`, AtLeastOneOf: ipConfigurationKeys, Description: `Whether this Cloud SQL instance should be assigned a public IPV4 address. At least ipv4_enabled must be enabled or a private_network must be configured.`, }, - "require_ssl": { - Type: schema.TypeBool, - Optional: true, - AtLeastOneOf: ipConfigurationKeys, - Description: `Whether SSL connections over IP are enforced or not. To change this field, also set the corresponding value in ssl_mode if it has been set too.`, - Deprecated: "`require_ssl` will be fully deprecated in a future major release. For now, please use `ssl_mode` with a compatible `require_ssl` value instead.", - }, "private_network": { Type: schema.TypeString, Optional: true, @@ -498,7 +491,7 @@ is set to true. Defaults to ZONAL.`, Optional: true, Computed: true, ValidateFunc: validation.StringInSlice([]string{"ALLOW_UNENCRYPTED_AND_ENCRYPTED", "ENCRYPTED_ONLY", "TRUSTED_CLIENT_CERTIFICATE_REQUIRED"}, false), - Description: `Specify how SSL connection should be enforced in DB connections. This field provides more SSL enforcement options compared to require_ssl. To change this field, also set the correspoding value in require_ssl until next major release.`, + Description: `Specify how SSL connection should be enforced in DB connections.`, AtLeastOneOf: ipConfigurationKeys, }, "server_ca_mode": { @@ -2271,11 +2264,6 @@ func flattenIpConfiguration(ipConfiguration *sqladmin.IpConfiguration, d *schema data["psc_config"] = flattenPscConfigs(ipConfiguration.PscConfig) } - // We store the ssl_mode value only if the customer already uses `ssl_mode`. - if _, ok := d.GetOk("settings.0.ip_configuration.0.ssl_mode"); ok { - data["ssl_mode"] = ipConfiguration.SslMode - } - return []map[string]interface{}{data} } diff --git a/website/docs/guides/version_6_upgrade.html.markdown b/website/docs/guides/version_6_upgrade.html.markdown index 5739f98c358..791944f1e5a 100644 --- a/website/docs/guides/version_6_upgrade.html.markdown +++ b/website/docs/guides/version_6_upgrade.html.markdown @@ -369,9 +369,9 @@ Support for the deletionProtectionEnabled field has been added. Redis clusters w ## Resource: `google_sql_database_instance` -### `settings.ip_configuration.require_ssl` is now removed +### `settings.ip_configuration.require_ssl` is now removed (in 6.0.1) -Removed in favor of field `settings.ip_configuration.ssl_mode`. +Removed in favor of field `settings.ip_configuration.ssl_mode`. `settings.ip_configuration.require_ssl` was intended to be removed in 6.0.0, but is removed in 6.0.1 instead. ## Resource: `google_storage_bucket`