diff --git a/modules/cloudsql-instance/README.md b/modules/cloudsql-instance/README.md
index f6f3f0533..17d23186b 100644
--- a/modules/cloudsql-instance/README.md
+++ b/modules/cloudsql-instance/README.md
@@ -415,11 +415,11 @@ module "db" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [database_version](variables.tf#L96) | Database type and version to create. | string | ✓ | |
-| [name](variables.tf#L212) | Name of primary instance. | string | ✓ | |
-| [network_config](variables.tf#L217) | Network configuration for the instance. Only one between private_network and psc_config can be used. | object({…}) | ✓ | |
-| [project_id](variables.tf#L260) | The ID of the project where this instances will be created. | string | ✓ | |
-| [region](variables.tf#L265) | Region of the primary instance. | string | ✓ | |
-| [tier](variables.tf#L317) | The machine type to use for the instances. | string | ✓ | |
+| [name](variables.tf#L213) | Name of primary instance. | string | ✓ | |
+| [network_config](variables.tf#L218) | Network configuration for the instance. Only one between private_network and psc_config can be used. | object({…}) | ✓ | |
+| [project_id](variables.tf#L261) | The ID of the project where this instances will be created. | string | ✓ | |
+| [region](variables.tf#L266) | Region of the primary instance. | string | ✓ | |
+| [tier](variables.tf#L318) | The machine type to use for the instances. | string | ✓ | |
| [activation_policy](variables.tf#L17) | This variable specifies when the instance should be active. Can be either ALWAYS, NEVER or ON_DEMAND. Default is ALWAYS. | string | | "ALWAYS" |
| [availability_type](variables.tf#L28) | Availability type for the primary replica. Either `ZONAL` or `REGIONAL`. | string | | "ZONAL" |
| [backup_configuration](variables.tf#L34) | Backup settings for primary instance. Set to null to leave existing GCP backup settings unmanaged. When set, all fields are managed by Terraform including disabling backups when enabled=false. | object({…}) | | null |
@@ -437,17 +437,17 @@ module "db" {
| [flags](variables.tf#L137) | Map FLAG_NAME=>VALUE for database-specific tuning. | map(string) | | null |
| [gcp_deletion_protection](variables.tf#L143) | Set Google's deletion protection attribute which applies across all surfaces (UI, API, & Terraform). | bool | | true |
| [insights_config](variables.tf#L150) | Query Insights configuration. Defaults to null which disables Query Insights. | object({…}) | | null |
-| [labels](variables.tf#L161) | Labels to be attached to all instances. | map(string) | | null |
-| [maintenance_config](variables.tf#L167) | Set maintenance window configuration and maintenance deny period (up to 90 days). Date format: 'yyyy-mm-dd'. | object({…}) | | {} |
-| [managed_connection_pooling_config](variables.tf#L202) | Configuration for Managed Connection Pooling. NOTE: This feature is only available for PostgreSQL on Enterprise Plus edition instances. | object({…}) | | {} |
-| [password_validation_policy](variables.tf#L236) | Password validation policy configuration for instances. | object({…}) | | null |
-| [prefix](variables.tf#L250) | Optional prefix used to generate instance names. | string | | null |
-| [replicas](variables.tf#L270) | Map of NAME=> {REGION, KMS_KEY, AVAILABILITY_TYPE} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} |
-| [root_password](variables.tf#L281) | Root password of the Cloud SQL instance, or flag to create a random password. Required for MS SQL Server. | object({…}) | | {} |
-| [ssl](variables.tf#L295) | Setting to enable SSL, set config and certificates. | object({…}) | | {} |
-| [terraform_deletion_protection](variables.tf#L310) | Prevent terraform from deleting instances. | bool | | true |
-| [time_zone](variables.tf#L322) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string | | null |
-| [users](variables.tf#L328) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…})) | | {} |
+| [labels](variables.tf#L162) | Labels to be attached to all instances. | map(string) | | null |
+| [maintenance_config](variables.tf#L168) | Set maintenance window configuration and maintenance deny period (up to 90 days). Date format: 'yyyy-mm-dd'. | object({…}) | | {} |
+| [managed_connection_pooling_config](variables.tf#L203) | Configuration for Managed Connection Pooling. NOTE: This feature is only available for PostgreSQL on Enterprise Plus edition instances. | object({…}) | | {} |
+| [password_validation_policy](variables.tf#L237) | Password validation policy configuration for instances. | object({…}) | | null |
+| [prefix](variables.tf#L251) | Optional prefix used to generate instance names. | string | | null |
+| [replicas](variables.tf#L271) | Map of NAME=> {REGION, KMS_KEY, AVAILABILITY_TYPE} for additional read replicas. Set to null to disable replica creation. | map(object({…})) | | {} |
+| [root_password](variables.tf#L282) | Root password of the Cloud SQL instance, or flag to create a random password. Required for MS SQL Server. | object({…}) | | {} |
+| [ssl](variables.tf#L296) | Setting to enable SSL, set config and certificates. | object({…}) | | {} |
+| [terraform_deletion_protection](variables.tf#L311) | Prevent terraform from deleting instances. | bool | | true |
+| [time_zone](variables.tf#L323) | The time_zone to be used by the database engine (supported only for SQL Server), in SQL Server timezone format. | string | | null |
+| [users](variables.tf#L329) | Map of users to create in the primary instance (and replicated to other replicas). For MySQL, anything after the first `@` (if present) will be used as the user's host. Set PASSWORD to null if you want to get an autogenerated password. The user types available are: 'BUILT_IN', 'CLOUD_IAM_USER' or 'CLOUD_IAM_SERVICE_ACCOUNT'. | map(object({…})) | | {} |
## Outputs
diff --git a/modules/cloudsql-instance/main.tf b/modules/cloudsql-instance/main.tf
index ab18814bc..ee8f79eb5 100644
--- a/modules/cloudsql-instance/main.tf
+++ b/modules/cloudsql-instance/main.tf
@@ -213,11 +213,12 @@ resource "google_sql_database_instance" "primary" {
dynamic "insights_config" {
for_each = var.insights_config != null ? [1] : []
content {
- query_insights_enabled = true
- query_string_length = var.insights_config.query_string_length
- record_application_tags = var.insights_config.record_application_tags
- record_client_address = var.insights_config.record_client_address
- query_plans_per_minute = var.insights_config.query_plans_per_minute
+ query_insights_enabled = true
+ query_string_length = var.insights_config.query_string_length
+ record_application_tags = var.insights_config.record_application_tags
+ record_client_address = var.insights_config.record_client_address
+ query_plans_per_minute = var.insights_config.query_plans_per_minute
+ enhanced_query_insights_enabled = var.insights_config.enhanced_query_insights_enabled
}
}
diff --git a/modules/cloudsql-instance/variables.tf b/modules/cloudsql-instance/variables.tf
index e7d7cea14..118351574 100644
--- a/modules/cloudsql-instance/variables.tf
+++ b/modules/cloudsql-instance/variables.tf
@@ -150,10 +150,11 @@ variable "gcp_deletion_protection" {
variable "insights_config" {
description = "Query Insights configuration. Defaults to null which disables Query Insights."
type = object({
- query_string_length = optional(number, 1024)
- record_application_tags = optional(bool, false)
- record_client_address = optional(bool, false)
- query_plans_per_minute = optional(number, 5)
+ query_string_length = optional(number, 1024)
+ record_application_tags = optional(bool, false)
+ record_client_address = optional(bool, false)
+ query_plans_per_minute = optional(number, 5)
+ enhanced_query_insights_enabled = optional(bool, false)
})
default = null
}
diff --git a/tests/modules/cloudsql_instance/context.tfvars b/tests/modules/cloudsql_instance/context.tfvars
index e310ec4d2..fb6bd14a2 100644
--- a/tests/modules/cloudsql_instance/context.tfvars
+++ b/tests/modules/cloudsql_instance/context.tfvars
@@ -20,3 +20,11 @@ network_config = {
encryption_key_name = "$kms_keys:mykey"
gcp_deletion_protection = false
terraform_deletion_protection = false
+insights_config = {
+ query_string_length = 2048
+ record_application_tags = true
+ record_client_address = true
+ query_plans_per_minute = 10
+ enhanced_query_insights_enabled = true
+}
+
diff --git a/tests/modules/cloudsql_instance/context.yaml b/tests/modules/cloudsql_instance/context.yaml
index ff95c496e..9d6fa69fb 100644
--- a/tests/modules/cloudsql_instance/context.yaml
+++ b/tests/modules/cloudsql_instance/context.yaml
@@ -20,7 +20,14 @@ values:
project: my-project
region: europe-west8
settings:
- - ip_configuration:
+ - insights_config:
+ - enhanced_query_insights_enabled: true
+ query_insights_enabled: true
+ query_plans_per_minute: 10
+ query_string_length: 2048
+ record_application_tags: true
+ record_client_address: true
+ ip_configuration:
- ipv4_enabled: false
private_network: projects/myprj/global/networks/myvpc
psc_config: