stackoom
  简体   繁体   中英

Pulumi SDK SQL deletion protection not working

 原文  2022-08-13 17:23:07       go/ pulumi

Question

I have provisioned SQL (PostrgresSQL) on GCP cloud using Pulumi SDK (Go). I have set deletionProtection as true - but checking GCP console I can see the SQL is not protected. I was able to delete the instance using console by that breaking Pulumi state.

+ gcp:sql/databaseInstance:DatabaseInstance: (create)
            [urn=urn:pulumi:us-east4-dev-google-cloud-sql-example::google-cloud-sql-example::gcp:myproject/sql:Database$gcp:sql/databaseInstance:DatabaseInstance::google-cloud-sql]
            databaseVersion   : "POSTGRES_12"
            deletionProtection: true
            name              : "google-cloud-sql-0b96b6d"
            project           : "my-project"
            region            : "us-east4"
            settings          : {
                availabilityType   : "REGIONAL"
                backupConfiguration: {
                    enabled                   : false
                    pointInTimeRecoveryEnabled: false
                }
                databaseFlags      : [
                    [0]: {
                        name      : "auto_explain.log_analyze"
                        value     : "on"
                    }
                    [1]: {
                        name      : "max_connections"
                        value     : "800"
                    }
                ]
                diskAutoresize     : true
                diskAutoresizeLimit: 0
                diskSize           : 200
                diskType           : "PD_SSD"
                insightsConfig     : {
                    queryInsightsEnabled: false
                    queryStringLength   : 1024
                }
                ipConfiguration    : {
                    ipv4Enabled   : false
                    privateNetwork: "projects/my-project/global/networks/dev-vpc"
                }
                pricingPlan        : "PER_USE"
                tier               : "db-custom-32-122880"
                userLabels         : {
                    compliance : "cisl1"
                    criticality: "2"
                    environment: "dev"
                    monitored  : "true"
                    name       : "myusername"
                    owner      : "devops_backend"
                    persistence: "persistent"
                    purpose    : "pulumi-common-google-cloud-sql-example"
                }
            }

1 answers

solution1
 0  2022-08-13 18:00:10

Google cloud doesn't have an API mechanism to prevent deletion of SQL database, only for virtual machines.

If you look at the description of the deletionProtection property is says the following:

Whether or not to allow the provider to destroy the instance. Unless this field is set to false in state, a destroy or update command that deletes the instance will fail.

Deletion protection is a Pulumi state only operation. It isn't actually modifying the Database in Google cloud at all, because Google doesn't support it.

You will not be able to prevent deletion of a Google Cloud SQL instance outside of Pulumi

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question GCP Dataproc Deletion Protection GCP Cloud SQL failed to delete instance because `deletion_protection` is set to true - gcloud toggle? Protection against deletion of S3 server access logs How do I enable deletion protection for load balancer using ApplicationLoadBalancedFargateService cdk construct Google Cloud SQL Database Delete Protection Advanced Threat Protection REST API Not Working Pulumi GKE Ingress with SSL Is exposing Pulumi ecnryptedKey safe? Deletion of Node is not working in Firebase Realtime Database in Android Java Is there a way to trigger a Logic App on a deletion of a record in an Azure SQL table?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM