Creates a new Google SQL SSL Cert on a Google SQL Instance. For more information, see the official documentation, or the JSON API.
Example creating a SQL Client Certificate.
resource "random_id" "db_name_suffix" {
byte_length = 4
}
resource "google_sql_database_instance" "main" {
name = "main-instance-${random_id.db_name_suffix.hex}"
database_version = "MYSQL_5_7"
settings {
tier = "db-f1-micro"
}
}
resource "google_sql_ssl_cert" "client_cert" {
common_name = "client-name"
instance = google_sql_database_instance.main.name
}
The following arguments are supported:
instance
- (Required) The name of the Cloud SQL instance. Changing this
forces a new resource to be created.
common_name
- (Required) The common name to be used in the certificate to identify the
client. Constrained to [a-zA-Z.-_ ]+. Changing this forces a new resource to be created.
project
- (Optional) The ID of the project in which the resource belongs. If it
is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
sha1_fingerprint
- The SHA1 Fingerprint of the certificate.private_key
- The private key associated with the client certificate.server_ca_cert
- The CA cert of the server this client cert was generated from.cert
- The actual certificate data for this client certificate.cert_serial_number
- The serial number extracted from the certificate data.create_time
- The time when the certificate was created in RFC 3339 format,
for example 2012-11-15T16:19:00.094Z.expiration_time
- The time when the certificate expires in RFC 3339 format,
for example 2012-11-15T16:19:00.094Z.This resource provides the following Timeouts configuration options: configuration options:
create
- Default is 10 minutes.delete
- Default is 10 minutes.Since the contents of the certificate cannot be accessed after its creation, this resource cannot be imported.