An Integration connectors Connection.
To get more information about Connection, see:
data "google_project" "test_project" {
}
resource "google_integration_connectors_connection" "pubsubconnection" {
name = "test-pubsub"
location = "us-central1"
connector_version = "projects/${data.google_project.test_project.project_id}/locations/global/providers/gcp/connectors/pubsub/versions/1"
description = "tf created description"
config_variable {
key = "project_id"
string_value = "connectors-example"
}
config_variable {
key = "topic_id"
string_value = "test"
}
}
data "google_project" "test_project" {
}
resource "google_secret_manager_secret" "secret-basic" {
secret_id = "test-secret"
replication {
user_managed {
replicas {
location = "us-central1"
}
}
}
}
resource "google_secret_manager_secret_version" "secret-version-basic" {
secret = google_secret_manager_secret.secret-basic.id
secret_data = "dummypassword"
}
resource "google_secret_manager_secret_iam_member" "secret_iam" {
secret_id = google_secret_manager_secret.secret-basic.id
role = "roles/secretmanager.admin"
member = "serviceAccount:${data.google_project.test_project.number}-compute@developer.gserviceaccount.com"
depends_on = [google_secret_manager_secret_version.secret-version-basic]
}
resource "google_integration_connectors_connection" "zendeskconnection" {
name = "test-zendesk"
description = "tf updated description"
location = "us-central1"
service_account = "${data.google_project.test_project.number}-compute@developer.gserviceaccount.com"
connector_version = "projects/${data.google_project.test_project.project_id}/locations/global/providers/zendesk/connectors/zendesk/versions/1"
config_variable {
key = "proxy_enabled"
boolean_value = false
}
config_variable {
key = "sample_integer_value"
integer_value = 1
}
config_variable {
key = "sample_encryption_key_value"
encryption_key_value {
type = "GOOGLE_MANAGED"
kms_key_name = "sampleKMSKkey"
}
}
config_variable {
key = "sample_secret_value"
secret_value {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
suspended = false
auth_config {
additional_variable {
key = "sample_string"
string_value = "sampleString"
}
additional_variable {
key = "sample_boolean"
boolean_value = false
}
additional_variable {
key = "sample_integer"
integer_value = 1
}
additional_variable {
key = "sample_secret_value"
secret_value {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
additional_variable {
key = "sample_encryption_key_value"
encryption_key_value {
type = "GOOGLE_MANAGED"
kms_key_name = "sampleKMSKkey"
}
}
auth_type = "USER_PASSWORD"
auth_key = "sampleAuthKey"
user_password {
username = "user@xyz.com"
password {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
}
destination_config {
key = "url"
destination {
host = "https://test.zendesk.com"
port = 80
}
}
lock_config {
locked = false
reason = "Its not locked"
}
log_config {
enabled = true
}
node_config {
min_node_count = 2
max_node_count = 50
}
labels = {
foo = "bar"
}
ssl_config {
additional_variable {
key = "sample_string"
string_value = "sampleString"
}
additional_variable {
key = "sample_boolean"
boolean_value = false
}
additional_variable {
key = "sample_integer"
integer_value = 1
}
additional_variable {
key = "sample_secret_value"
secret_value {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
additional_variable {
key = "sample_encryption_key_value"
encryption_key_value {
type = "GOOGLE_MANAGED"
kms_key_name = "sampleKMSKkey"
}
}
client_cert_type = "PEM"
client_certificate {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
client_private_key {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
client_private_key_pass {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
private_server_certificate {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
server_cert_type = "PEM"
trust_model = "PRIVATE"
type = "TLS"
use_ssl = true
}
eventing_enablement_type = "EVENTING_AND_CONNECTION"
eventing_config {
additional_variable {
key = "sample_string"
string_value = "sampleString"
}
additional_variable {
key = "sample_boolean"
boolean_value = false
}
additional_variable {
key = "sample_integer"
integer_value = 1
}
additional_variable {
key = "sample_secret_value"
secret_value {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
additional_variable {
key = "sample_encryption_key_value"
encryption_key_value {
type = "GOOGLE_MANAGED"
kms_key_name = "sampleKMSKkey"
}
}
registration_destination_config {
key = "registration_destination_config"
destination {
host = "https://test.zendesk.com"
port = 80
}
}
auth_config {
auth_type = "USER_PASSWORD"
auth_key = "sampleAuthKey"
user_password {
username = "user@xyz.com"
password {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
additional_variable {
key = "sample_string"
string_value = "sampleString"
}
additional_variable {
key = "sample_boolean"
boolean_value = false
}
additional_variable {
key = "sample_integer"
integer_value = 1
}
additional_variable {
key = "sample_secret_value"
secret_value {
secret_version = google_secret_manager_secret_version.secret-version-basic.name
}
}
additional_variable {
key = "sample_encryption_key_value"
encryption_key_value {
type = "GOOGLE_MANAGED"
kms_key_name = "sampleKMSKkey"
}
}
}
enrichment_enabled = true
}
}
The following arguments are supported:
connector_version
-
(Required)
connectorVersion of the Connector.
location
-
(Required)
Location in which Connection needs to be created.
name
-
(Required)
Name of Connection needs to be created.
description
-
(Optional)
An arbitrary description for the Conection.
labels
-
(Optional)
Resource labels to represent user provided metadata.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
config_variable
-
(Optional)
Config Variables for the connection.
Structure is documented below.
auth_config
-
(Optional)
authConfig for the connection.
Structure is documented below.
lock_config
-
(Optional)
Determines whether or no a connection is locked. If locked, a reason must be specified.
Structure is documented below.
destination_config
-
(Optional)
Define the Connectors target endpoint.
Structure is documented below.
service_account
-
(Optional)
Service account needed for runtime plane to access Google Cloud resources.
suspended
-
(Optional)
Suspended indicates if a user has suspended a connection or not.
node_config
-
(Optional)
Node configuration for the connection.
Structure is documented below.
log_config
-
(Optional)
Log configuration for the connection.
Structure is documented below.
ssl_config
-
(Optional)
SSL Configuration of a connection
Structure is documented below.
eventing_enablement_type
-
(Optional)
Eventing enablement type. Will be nil if eventing is not enabled.
Possible values are: EVENTING_AND_CONNECTION
, ONLY_EVENTING
.
eventing_config
-
(Optional)
Eventing Configuration of a connection
Structure is documented below.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
The config_variable
block supports:
key
-
(Required)
Key for the configVariable
integer_value
-
(Optional)
Integer Value of configVariable
string_value
-
(Optional)
String Value of configVariabley
boolean_value
-
(Optional)
Boolean Value of configVariable
secret_value
-
(Optional)
Secret value of configVariable.
Structure is documented below.
encryption_key_value
-
(Optional)
Encription key value of configVariable.
Structure is documented below.
The secret_value
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The encryption_key_value
block supports:
type
-
(Required)
Type of Encription Key
Possible values are: GOOGLE_MANAGED
, CUSTOMER_MANAGED
.
kms_key_name
-
(Optional)
The [KMS key name] with which the content of the Operation is encrypted. The expected
format: projects//locations//keyRings//cryptoKeys/.
Will be empty string if google managed.
The auth_config
block supports:
auth_type
-
(Required)
authType of the Connection
Possible values are: USER_PASSWORD
, OAUTH2_JWT_BEARER
, OAUTH2_CLIENT_CREDENTIALS
, SSH_PUBLIC_KEY
, OAUTH2_AUTH_CODE_FLOW
.
additional_variable
-
(Optional)
List containing additional auth configs.
Structure is documented below.
auth_key
-
(Optional)
The type of authentication configured.
user_password
-
(Optional)
User password for Authentication.
Structure is documented below.
oauth2_jwt_bearer
-
(Optional)
OAuth2 JWT Bearer for Authentication.
Structure is documented below.
oauth2_client_credentials
-
(Optional)
OAuth3 Client Credentials for Authentication.
Structure is documented below.
ssh_public_key
-
(Optional)
SSH Public Key for Authentication.
Structure is documented below.
oauth2_auth_code_flow
-
(Optional)
Parameters to support Oauth 2.0 Auth Code Grant Authentication.
Structure is documented below.
The additional_variable
block supports:
key
-
(Required)
Key for the configVariable
integer_value
-
(Optional)
Integer Value of configVariable.
string_value
-
(Optional)
String Value of configVariabley.
boolean_value
-
(Optional)
Boolean Value of configVariable.
secret_value
-
(Optional)
Secret value of configVariable.
Structure is documented below.
encryption_key_value
-
(Optional)
Encription key value of configVariable.
Structure is documented below.
The secret_value
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The encryption_key_value
block supports:
type
-
(Required)
Type of Encription Key
Possible values are: GOOGLE_MANAGED
, CUSTOMER_MANAGED
.
kms_key_name
-
(Optional)
The [KMS key name] with which the content of the Operation is encrypted. The expected
format: projects//locations//keyRings//cryptoKeys/.
Will be empty string if google managed.
The user_password
block supports:
username
-
(Required)
Username for Authentication.
password
-
(Optional)
Password for Authentication.
Structure is documented below.
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The oauth2_jwt_bearer
block supports:
client_key
-
(Optional)
Secret version reference containing a PKCS#8 PEM-encoded private key associated with the Client Certificate.
This private key will be used to sign JWTs used for the jwt-bearer authorization grant.
Specified in the form as: projects//secrets//versions/*.
Structure is documented below.
jwt_claims
-
(Optional)
JwtClaims providers fields to generate the token.
Structure is documented below.
The client_key
block supports:
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The jwt_claims
block supports:
issuer
-
(Optional)
Value for the "iss" claim.
subject
-
(Optional)
Value for the "sub" claim.
audience
-
(Optional)
Value for the "aud" claim.
The oauth2_client_credentials
block supports:
client_id
-
(Required)
Secret version of Password for Authentication.
client_secret
-
(Optional)
Secret version reference containing the client secret.
Structure is documented below.
The client_secret
block supports:
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The ssh_public_key
block supports:
username
-
(Required)
The user account used to authenticate.
ssh_client_cert
-
(Optional)
SSH Client Cert. It should contain both public and private key.
Structure is documented below.
cert_type
-
(Optional)
Format of SSH Client cert.
ssh_client_cert_pass
-
(Optional)
Password (passphrase) for ssh client certificate if it has one.
Structure is documented below.
The ssh_client_cert
block supports:
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The ssh_client_cert_pass
block supports:
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The oauth2_auth_code_flow
block supports:
client_id
-
(Optional)
Client ID for user-provided OAuth app.
client_secret
-
(Optional)
Client secret for user-provided OAuth app.
Structure is documented below.
scopes
-
(Optional)
Scopes the connection will request when the user performs the auth code flow.
enable_pkce
-
(Optional)
Whether to enable PKCE when the user performs the auth code flow.
auth_uri
-
(Optional)
Auth URL for Authorization Code Flow.
The client_secret
block supports:
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The lock_config
block supports:
locked
-
(Required)
Indicates whether or not the connection is locked.
reason
-
(Optional)
Describes why a connection is locked.
The destination_config
block supports:
key
-
(Required)
The key is the destination identifier that is supported by the Connector.
destination
-
(Optional)
The destinations for the key.
Structure is documented below.
The destination
block supports:
port
-
(Optional)
The port is the target port number that is accepted by the destination.
service_attachment
-
(Optional)
PSC service attachments. Format: projects//regions//serviceAttachments/*
host
-
(Optional)
For publicly routable host.
The node_config
block supports:
min_node_count
-
(Required)
Minimum number of nodes in the runtime nodes.
max_node_count
-
(Required)
Minimum number of nodes in the runtime nodes.
The log_config
block supports:
enabled
-
(Required)
Enabled represents whether logging is enabled or not for a connection.The ssl_config
block supports:
type
-
(Required)
Enum for controlling the SSL Type (TLS/MTLS)
Possible values are: TLS
, MTLS
.
trust_model
-
(Optional)
Enum for Trust Model
Possible values are: PUBLIC
, PRIVATE
, INSECURE
.
private_server_certificate
-
(Optional)
Private Server Certificate. Needs to be specified if trust model is PRIVATE.
Structure is documented below.
client_certificate
-
(Optional)
Client Certificate
Structure is documented below.
client_private_key
-
(Optional)
Client Private Key
Structure is documented below.
client_private_key_pass
-
(Optional)
Secret containing the passphrase protecting the Client Private Key
Structure is documented below.
server_cert_type
-
(Optional)
Type of Server Cert (PEM/JKS/.. etc.)
Possible values are: PEM
.
client_cert_type
-
(Optional)
Type of Client Cert (PEM/JKS/.. etc.)
Possible values are: PEM
.
use_ssl
-
(Optional)
Bool for enabling SSL
additional_variable
-
(Optional)
Additional SSL related field values.
Structure is documented below.
The private_server_certificate
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The client_certificate
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The client_private_key
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The client_private_key_pass
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The additional_variable
block supports:
key
-
(Required)
Key for the configVariable
integer_value
-
(Optional)
Integer Value of configVariable.
string_value
-
(Optional)
String Value of configVariabley.
boolean_value
-
(Optional)
Boolean Value of configVariable.
secret_value
-
(Optional)
Secret value of configVariable
Structure is documented below.
encryption_key_value
-
(Optional)
Encription key value of configVariable
Structure is documented below.
The secret_value
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The encryption_key_value
block supports:
type
-
(Optional)
Type of Encription Key
Possible values are: GOOGLE_MANAGED
, CUSTOMER_MANAGED
.
kms_key_name
-
(Optional)
The [KMS key name] with which the content of the Operation is encrypted. The expected
format: projects//locations//keyRings//cryptoKeys/.
Will be empty string if google managed.
The eventing_config
block supports:
registration_destination_config
-
(Required)
registrationDestinationConfig
Structure is documented below.
auth_config
-
(Optional)
authConfig for Eventing Configuration.
Structure is documented below.
additional_variable
-
(Optional)
List containing additional auth configs.
Structure is documented below.
enrichment_enabled
-
(Optional)
Enrichment Enabled.
The registration_destination_config
block supports:
key
-
(Optional)
Key for the connection
destination
-
(Optional)
destinations for the connection
Structure is documented below.
The destination
block supports:
port
-
(Optional)
port number
service_attachment
-
(Optional)
Service Attachment
host
-
(Optional)
Host
The auth_config
block supports:
auth_type
-
(Required)
authType of the Connection
Possible values are: USER_PASSWORD
.
additional_variable
-
(Optional)
List containing additional auth configs.
Structure is documented below.
auth_key
-
(Optional)
The type of authentication configured.
user_password
-
(Required)
User password for Authentication.
Structure is documented below.
The additional_variable
block supports:
key
-
(Required)
Key for the configVariable
integer_value
-
(Optional)
Integer Value of configVariable.
string_value
-
(Optional)
String Value of configVariabley.
boolean_value
-
(Optional)
Boolean Value of configVariable.
secret_value
-
(Optional)
Secret value of configVariable
Structure is documented below.
encryption_key_value
-
(Optional)
Encription key value of configVariable
Structure is documented below.
The secret_value
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The encryption_key_value
block supports:
type
-
(Optional)
Type of Encription Key
Possible values are: GOOGLE_MANAGED
, CUSTOMER_MANAGED
.
kms_key_name
-
(Optional)
The [KMS key name] with which the content of the Operation is encrypted. The expected
format: projects//locations//keyRings//cryptoKeys/.
Will be empty string if google managed.
The user_password
block supports:
username
-
(Optional)
Username for Authentication.
password
-
(Optional)
Password for Authentication.
Structure is documented below.
secret_version
-
(Required)
The resource name of the secret version in the format,
format as: projects//secrets//versions/*.The additional_variable
block supports:
key
-
(Required)
Key for the configVariable
integer_value
-
(Optional)
Integer Value of configVariable.
string_value
-
(Optional)
String Value of configVariabley.
boolean_value
-
(Optional)
Boolean Value of configVariable.
secret_value
-
(Optional)
Secret value of configVariable
Structure is documented below.
encryption_key_value
-
(Optional)
Encription key value of configVariable.
Structure is documented below.
The secret_value
block supports:
secret_version
-
(Required)
Secret version of Secret Value for Config variable.The encryption_key_value
block supports:
type
-
(Optional)
Type of Encryption Key
Possible values are: GOOGLE_MANAGED
, CUSTOMER_MANAGED
.
kms_key_name
-
(Optional)
The [KMS key name] with which the content of the Operation is encrypted. The expected
format: projects//locations//keyRings//cryptoKeys/.
Will be empty string if google managed.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/{{location}}/connections/{{name}}
create_time
-
Time the Namespace was created in UTC.
update_time
-
Time the Namespace was updated in UTC.
status
-
Status of the Integration Connector.
Structure is documented below.
service_directory
-
The name of the Service Directory service name. Used for Private Harpoon to resolve the ILB address.
e.g. "projects/cloud-connectors-e2e-testing/locations/us-central1/namespaces/istio-system/services/istio-ingressgateway-connectors"
subscription_type
-
This subscription type enum states the subscription type of the project.
connection_revision
-
Connection revision. This field is only updated when the connection is created or updated by User.
connector_version_launch_stage
-
Flag to mark the version indicating the launch stage.
eventing_runtime_data
-
Eventing Runtime Data.
Structure is documented below.
connector_version_infra_config
-
This configuration provides infra configs like rate limit threshold which need to be configurable for every connector version.
Structure is documented below.
terraform_labels
-
The combination of labels configured directly on the resource
and default labels configured on the provider.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
state
-
(Output)
State of the Integration Connector
description
-
(Output)
Description of Status of Connection.
status
-
(Output)
Status of the Connection.
The eventing_runtime_data
block contains:
status
-
(Output)
Current status of eventing.
Structure is documented below.
events_listener_endpoint
-
(Optional)
Events listener endpoint. The value will populated after provisioning the events listener.
state
-
(Output)
State of the Eventing
description
-
(Output)
Description of error if State is set to "ERROR".
The connector_version_infra_config
block contains:
ratelimit_threshold
-
(Output)
Max QPS supported by the connector version before throttling of requests.This resource provides the following Timeouts configuration options:
create
- Default is 30 minutes.update
- Default is 30 minutes.delete
- Default is 30 minutes.Connection can be imported using any of these accepted formats:
projects/{{project}}/locations/{{location}}/connections/{{name}}
{{project}}/{{location}}/{{name}}
{{location}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import Connection using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/{{location}}/connections/{{name}}"
to = google_integration_connectors_connection.default
}
When using the terraform import
command, Connection can be imported using one of the formats above. For example:
$ terraform import google_integration_connectors_connection.default projects/{{project}}/locations/{{location}}/connections/{{name}}
$ terraform import google_integration_connectors_connection.default {{project}}/{{location}}/{{name}}
$ terraform import google_integration_connectors_connection.default {{location}}/{{name}}
This resource supports User Project Overrides.