Menu
I am using terraform to create my infrastucture on google cloud. I use tfvars file to hold my variables such as database password. I deploy my app to cloud run and create a database in sql. Problem is i need to add this database to cloud run's Cloud SQL connections. Because otherwise this app can't connect to database. How can i do this with terraform ?
My tf file:
variable "database_password" {
type = string
}
variable "database_user" {
type = string
}
variable "project_name" {
type=string
}
variable "jwt_key" {
type = string
}
provider "google"{
credentials=file("credentials.json")
project=var.project_name
region="us-west1"
}
resource "google_sql_database_instance" "instance" {
name="socialmediadatabase"
region="us-central1"
database_version="POSTGRES_13"
deletion_protection = false
settings{
tier="db-f1-micro"
}
}
resource "google_sql_database" "database"{
name="socialmedia"
instance=google_sql_database_instance.instance.name
}
resource "google_sql_user" "database-user" {
name = var.database_user
instance = google_sql_database_instance.instance.name
password = var.database_password
}
resource "google_cloud_run_service" "run" {
name="socialmedia"
location = "us-central1"
template {
spec {
containers {
image = "gcr.io/${var.project_name}/socialmedia:latest"
ports {
container_port = 5000
}
env {
name="ENV"
value = "production"
}
env {
name="JWT_KEY"
value = var.jwt_key
}
env {
name="DB_URL"
value = "postgresql://${var.database_user}:${var.database_password}@/socialmedia?host=/cloudsql/${google_sql_database_instance.instance.connection_name}"
}
}
}
}
metadata {
annotations = {
"run.googleapis.com/cloudsql-instances"=google_sql_database_instance.instance.connection_name
}
}
}
#?
resource "google_cloud_run_service_iam_member" "member" {
service = google_cloud_run_service.run.name
location = google_cloud_run_service.run.location
role = "roles/run.invoker"
member = "allUsers"
}
662
asked Oct 19 '25 03:10
I solved it. I was supposed to add metadata under template. This is the correct one:
variable "database_password" {
type = string
}
variable "database_user" {
type = string
}
variable "project_name" {
type=string
}
variable "jwt_key" {
type = string
}
provider "google"{
credentials=file("credentials.json")
project=var.project_name
region="us-west1"
}
resource "google_sql_database_instance" "instance" {
name="socialmediadatabase"
region="us-central1"
database_version="POSTGRES_13"
deletion_protection = false
settings{
tier="db-f1-micro"
}
}
resource "google_sql_database" "database"{
name="socialmedia"
instance=google_sql_database_instance.instance.name
}
resource "google_sql_user" "database-user" {
name = var.database_user
instance = google_sql_database_instance.instance.name
password = var.database_password
}
resource "google_cloud_run_service" "run" {
name="socialmedia"
location = "us-central1"
template {
spec {
containers {
image = "gcr.io/${var.project_name}/socialmedia:latest"
ports {
container_port = 5000
}
env {
name="ENV"
value = "production"
}
env {
name="JWT_KEY"
value = var.jwt_key
}
env {
name="DB_URL"
value = "postgresql://${var.database_user}:${var.database_password}@/socialmedia?host=/cloudsql/${google_sql_database_instance.instance.connection_name}"
}
}
}
metadata {
annotations = {
"run.googleapis.com/cloudsql-instances"=google_sql_database_instance.instance.connection_name
}
}
}
}
#?
resource "google_cloud_run_service_iam_member" "member" {
service = google_cloud_run_service.run.name
location = google_cloud_run_service.run.location
role = "roles/run.invoker"
member = "allUsers"
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With