DMS Create connection_profile with private only CloudSQL

[florenp]

We want to create a private CloudSQL with DMS Connection profile.

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request.
• Please do not leave +1 or me too comments, they generate extra noise for issue followers and do not help prioritize the request.
• If you are interested in working on this issue or have submitted a pull request, please leave a comment.
• If an issue is assigned to the modular-magician user, it is either in the process of being autogenerated, or is planned to be autogenerated soon. If an issue is assigned to a user, that user is claiming responsibility for the issue. If an issue is assigned to hashibot, a community member has claimed the issue already.

Terraform Version

terraform --version Terraform v1.6.4 on linux_amd64

• provider registry.terraform.io/hashicorp/external v2.3.2
• provider registry.terraform.io/hashicorp/google v5.7.0
• provider registry.terraform.io/hashicorp/random v3.5.1
• provider registry.terraform.io/hashicorp/time v0.9.1

Affected Resource(s)

google_database_migration_service_connection_profile

Terraform Configuration Files

resource "google_database_migration_service_connection_profile" "cloudsqlprofile_destination" {
  location              = "europe-west9"
  connection_profile_id = "myinstanceid"
  display_name          = "myinstance"
  labels                = {}
  cloudsql {
    settings {
      database_version = "MYSQL_8_0"
      user_labels      = {}
      tier             = "db-custom-1-4096"
      edition          = "ENTERPRISE"

      activation_policy = "ALWAYS"
      ip_config {
        enable_ipv4     = false
        private_network = google_compute_network.this[terraform.workspace].id
        require_ssl     = false
      }
      storage_auto_resize_limit = 1000
      auto_storage_increase     = true
      data_disk_type            = "PD_SSD"
      data_disk_size_gb         = 50
      source_id                 = google_database_migration_service_connection_profile.cloudsqlprofile_source.id
      root_password             = "my_password"
    }
  }
  depends_on = [google_database_migration_service_connection_profile.cloudsqlprofile_source]
}

resource "google_database_migration_service_connection_profile" "cloudsqlprofile_source" {
  location              = var.region
  connection_profile_id = "myinstance-sourceid"
  display_name          = "myinstance-source"
  labels                = {}
  mysql {
      host     = "192.168.0.1"
      port     = 3306
      username = "dms"
      password = "my_password"
  }
}

Debug Output

Apply Step: https://gist.github.com/florenp/7f3672dfa1ad32fd5643e653bc9524bf

The state show the enable_ipv4 = false but that's not the case in GCP Console. The instance got only a public_ip instead of a private one. The instance also got a private ip but the attribute is not visible in terraform.

terraform state show google_database_migration_service_connection_profile.cloudsqlprofile_destination
# google_database_migration_service_connection_profile.cloudsqlprofile_destination:
resource "google_database_migration_service_connection_profile" "cloudsqlprofile_destination" {
    connection_profile_id = "myinstanceid"
    create_time           = "2023-11-23T16:29:33.311102479Z"
    dbprovider            = "CLOUDSQL"
    display_name          = "myinstance"
    effective_labels      = {}
    error                 = []
    id                    = "projects/my-project/locations/europe-west9/connectionProfiles/myinstanceid"
    location              = "europe-west9"
    name                  = "projects/my-project/locations/europe-west9/connectionProfiles/myinstanceid"
    project               = "my-project"
    state                 = "READY"
    terraform_labels      = {}

    cloudsql {
        cloud_sql_id = "myinstanceid"
        public_ip    = "xxx.xxx.xxx.xxx"

        settings {
            activation_policy         = "ALWAYS"
            auto_storage_increase     = true
            data_disk_size_gb         = "50"
            data_disk_type            = "PD_SSD"
            database_version          = "MYSQL_8_0"
            edition                   = "ENTERPRISE"
            root_password             = (sensitive value)
            root_password_set         = true
            source_id                 = "projects/my-project/locations/europe-west9/connectionProfiles/myinstance-sourceid"
            storage_auto_resize_limit = "1000"
            tier                      = "db-custom-1-4096"
            zone                      = "europe-west9-c"

            ip_config {
                enable_ipv4     = false
                private_network = "projects/my-project/global/networks/my-vpc"
                require_ssl     = false
            }
        }
    }
}

Expected Behavior

CloudSQL Instance create by DMS should only a private ip.\ google_database_migration_service_connection_profile should have private_ip attribute.

Actual Behavior

CloudSQL Instance create by DMS got a public ip.\ google_database_migration_service_connection_profile doesn't got any private_ip attribute.

Steps to Reproduce

No special steps. Just plan/apply the change

b/313181869

[edwardmedia]

same as https://github.com/hashicorp/terraform-provider-google/issues/15755?

[RomainBre]

Hello,

"The state show the enable_ipv4 = false but that's not the case in GCP Console. The instance also got a private ip but the attribute is not visible in terraform."

Partially, still have the issue related to public BUT ALSO missing private IP in terraform output. Even in the terraform state show whereas the instance has private IP in GCP HMI.

[florenp]

Hello @edwardmedia,

Yes that's the same issue. Didn't see it as it was closed, but closed without any fix.