Add google_alloydb_user resouce w/ support for creating IAM users

[franklinlindemberg]

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment. If the issue is assigned to the "modular-magician" user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If the issue is assigned to a user, that user is claiming responsibility for the issue. If the issue is assigned to "hashibot", a community member has claimed the issue already.

Description

Add a new resource that allows creating alloydb users using terraform. We currently have a similar feature for cloudsql resource .

This new provider would make possible creation of IAM users, allowing instances to be created without passing any password.

New or Affected Resource(s)

• google_alloydb_user

Potential Terraform Configuration

resource "google_alloydb_user" "users" {
  name     = "me@example.com"
  instance = google_sql_database_instance.main.name
  type     = "CLOUD_IAM_USER"
}

References

[rileykarson]

User management appears to be done in PSQL directly per https://cloud.google.com/alloydb/docs/database-users/about#manage-users. We'd need this to be exposed in the API to interact with it in Terraform. It shouldn't break through from the control plane to the data plane of the resource.

We'd expect users to use a database management tool instead of an infrastructure management tool to interact with the database, or at least a dedicated provider such as the community one here: https://registry.terraform.io/providers/cyrilgdn/postgresql/latest/docs

[trodge]

b/280326208

[mwarkentin]

https://cloud.google.com/alloydb/docs/reference/rest/v1/projects.locations.clusters.users

[mohoromitch]

Leaving a note here, but anyone looking for a workaround can look at this in the meantime:

https://registry.terraform.io/modules/terraform-google-modules/gcloud/google/latest

It will let you use the gcloud command to create the users by directly using the API that @mwarkentin linked.

[DanielRieske]

I'd like to pick this issue up, did some work on it and will add the PR shortly.

[GauravJain21]

PR: https://github.com/GoogleCloudPlatform/magic-modules/pull/8920

[franklinlindemberg]

Thanks folks, really appreciate it!

Does anyone know when this will be available on terraform registry?

[GauravJain21]

Hey Franklin, It should be available by 17th or max 24th of Oct.

[franklinlindemberg]

@GauravJain21 Thank you!

Im closing this issue given it was already resolved

[github-actions[bot]]

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.