SQLUser

Property	Value
Google Cloud Service Name	Cloud SQL
Google Cloud Service Documentation	/sql/docs/
Google Cloud REST Resource Name	v1beta4.users
Google Cloud REST Resource Documentation	/sql/docs/postgres/admin-api/v1beta4/users
Config Connector Resource Short Names	gcpsqluser gcpsqlusers sqluser
Config Connector Service Name	sqladmin.googleapis.com
Config Connector Resource Fully Qualified Name	sqlusers.sql.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember	No

Custom Resource Definition Properties

Annotations

Fields
`cnrm.cloud.google.com/project-id`

Spec

Schema

  host: string
  instanceRef:
    external: string
    name: string
    namespace: string
  password:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  resourceID: string
  type: string

Fields

Fields
`host` Optional	`string` Immutable. The host the user can connect from. This is only supported for MySQL instances. Don't set this field for PostgreSQL instances. Can be an IP address. Changing this forces a new resource to be created.
`instanceRef` Required	`object`
`instanceRef.external` Optional	`string` The name of a SQLInstance.
`instanceRef.name` Optional	`string` Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
`instanceRef.namespace` Optional	`string` Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
`password` Optional	`object` The password for the user. Can be updated. For Postgres instances this is a Required field, unless type is set to either CLOUD_IAM_USER or CLOUD_IAM_SERVICE_ACCOUNT.
`password.value` Optional	`string` Value of the field. Cannot be used if 'valueFrom' is specified.
`password.valueFrom` Optional	`object` Source for the field's value. Cannot be used if 'value' is specified.
`password.valueFrom.secretKeyRef` Optional	`object` Reference to a value with the given key in the given Secret in the resource's namespace.
`password.valueFrom.secretKeyRef.key` Required*	`string` Key that identifies the value to be extracted.
`password.valueFrom.secretKeyRef.name` Required*	`string` Name of the Secret to extract a value from.
`resourceID` Optional	`string` Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.
`type` Optional	`string` Immutable. The user type. It determines the method to authenticate the user during login. The default is the database's built-in user type. Flags include "BUILT_IN", "CLOUD_IAM_USER", or "CLOUD_IAM_SERVICE_ACCOUNT".

host

Optional

string

Immutable. The host the user can connect from. This is only supported for MySQL instances. Don't set this field for PostgreSQL instances. Can be an IP address. Changing this forces a new resource to be created.

instanceRef

Required

object

instanceRef.external

Optional

string

The name of a SQLInstance.

instanceRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

instanceRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

password

Optional

object

The password for the user. Can be updated. For Postgres instances this is a Required field, unless type is set to either CLOUD_IAM_USER or CLOUD_IAM_SERVICE_ACCOUNT.

password.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

password.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

password.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

password.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

password.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

resourceID

Optional

string

Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default.

type

Optional

string

Immutable. The user type. It determines the method to authenticate the user during login. The default is the database's built-in user type. Flags include "BUILT_IN", "CLOUD_IAM_USER", or "CLOUD_IAM_SERVICE_ACCOUNT".

* Field is required when parent field is specified

Status

Schema

  conditions:
  - lastTransitionTime: string
    message: string
    reason: string
    status: string
    type: string

Fields
`conditions`	`list (object)` Conditions represents the latest available observation of the resource's current state.
`conditions.[]`	`object`
`conditions.[].lastTransitionTime`	`string` Last time the condition transitioned from one status to another.
`conditions.[].message`	`string` Human-readable message indicating details about last transition.
`conditions.[].reason`	`string` Unique, one-word, CamelCase reason for the condition's last transition.
`conditions.[].status`	`string` Status is the status of the condition. Can be True, False, Unknown.
`conditions.[].type`	`string` Type is the type of the condition.

Sample YAML(s)

Typical Use Case

  # Copyright 2020 Google LLC
  #
  # Licensed under the Apache License, Version 2.0 (the "License");
  # you may not use this file except in compliance with the License.
  # You may obtain a copy of the License at
  #
  #     http://www.apache.org/licenses/LICENSE-2.0
  #
  # Unless required by applicable law or agreed to in writing, software
  # distributed under the License is distributed on an "AS IS" BASIS,
  # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  # See the License for the specific language governing permissions and
  # limitations under the License.
  
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLUser
  metadata:
    name: sqluser-sample
  spec:
    instanceRef:
      name: sqluser-dep
    host: "%"
    password:
      valueFrom:
        secretKeyRef:
          name: sqluser-dep
          key: password
  ---
  apiVersion: v1
  kind: Secret
  metadata:
    name: sqluser-dep
  data:
    password: cGFzc3dvcmQ=
  ---
  apiVersion: sql.cnrm.cloud.google.com/v1beta1
  kind: SQLInstance
  metadata:
    labels:
      label-one: "value-one"
    name: sqluser-dep
  spec:
    region: us-central1
    databaseVersion: MYSQL_5_7
    settings:
      tier: db-n1-standard-1