Open zculek-fb opened 1 year ago
Note: This field does have https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database#deletion_policy as a mitigation, although ABANDON is the other possible state.
From my understanding, deletion_policy = ABANDON
is actually meant for Postgres and to resolve the issue of not being able to delete the database from the API if there are non-superusers with access to the database.
So, if deletion_policy = ABANDON
is set for mysql database, does that mean that if someone removes the database resource from Terraform config, database wouldn't be deleted? I will try to test this out, maybe it would be enough of a solution after all. But, I'd rather like for that someone that removed the config and possibly wasn't aware that it will destroy/delete the database, to be informed that they would have caused database deletion, but it failed. :)
BTW, is there any issue of implementing deletion_protection
for the google_sql_database resource, or it was never implemented because deletion_policy = ABANDON
is a good enough workaround? I couldn't find an answer to that.
@zculek-fb
So, if
deletion_policy = ABANDON
is set for mysql database, does that mean that if someone removes the database resource from Terraform config, database wouldn't be deleted? I will try to test this out, maybe it would be enough of a solution after all.
The check in the deletion logic is independent of the database type, so deletion_policy = ABANDON
works the same for mysql.
But, I'd rather like for that someone that removed the config and possibly wasn't aware that it will destroy/delete the database, to be informed that they would have caused database deletion, but it failed. :)
Fair point, this is a silent state drop instead of an error. This is the first difference from a true deletion_protection
. The second difference is deletion_protection
should be true
by default, where deletion_policy
is DELETE
by default.
Community Note
Description
At the moment, it is only possible to set
deletion_protection
for Cloud SQL instance (google_sql_database_instance), but not for the database itself. Even whendeletion_protection
is set for the instance, database still gets destroyed prior to Terraform trying and failing to destroy the instance itself; e.g.:I think the database itself is much more worth to be protected from deletion than the instance - the instance can easily be recreated, in a matter of minutes, but if the database is deleted and it's hundreds of GBs big, restoring from a backup could take quite some time. It would be great if we would be able to protect our databases from being destroyed/deleted.
I know that there is a possibility of using
prevent_destroy
lifecycle option, but it requires literal values:meaning there's no possibility to use a variable for
prevent_destroy
, and no way to protect the database if using a template or a module:Adding an option to set deletion_protection for the google_sql_database would make a lot of lives easier. :)
New or Affected Resource(s)
Potential Terraform Configuration
Add a new boolean argument deletion_protection for google_sql_database:
References