IP Management configuration.

Attributes

• allocatedIpRange (type: String.t, default: nil) - The name of the allocated ip range for the private ip Cloud SQL instance. For example: "google-managed-services-default". If set, the instance ip will be created in the allocated range. The range name must comply with RFC 1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?.
• authorizedNetworks (type: list(GoogleApi.SQLAdmin.V1beta4.Model.AclEntry.t), default: nil) - The list of external networks that are allowed to connect to the instance using the IP. In 'CIDR' notation, also known as 'slash' notation (for example: 157.197.200.0/24).
• customSubjectAlternativeNames (type: list(String.t), default: nil) - Optional. Custom Subject Alternative Name(SAN)s for a Cloud SQL instance.
• enablePrivatePathForGoogleCloudServices (type: boolean(), default: nil) - Controls connectivity to private IP instances from Google services, such as BigQuery.
• ipv4Enabled (type: boolean(), default: nil) - Whether the instance is assigned a public IP address or not.
• privateNetwork (type: String.t, default: nil) - The resource link for the VPC network from which the Cloud SQL instance is accessible for private IP. For example, /projects/myProject/global/networks/default. This setting can be updated, but it cannot be removed after it is set.
• pscConfig (type: GoogleApi.SQLAdmin.V1beta4.Model.PscConfig.t, default: nil) - PSC settings for this instance.
• requireSsl (type: boolean(), default: nil) - Use ssl_mode instead. Whether SSL/TLS connections over IP are enforced. If set to false, then allow both non-SSL/non-TLS and SSL/TLS connections. For SSL/TLS connections, the client certificate won't be verified. If set to true, then only allow connections encrypted with SSL/TLS and with valid client certificates. If you want to enforce SSL/TLS without enforcing the requirement for valid client certificates, then use the ssl_mode flag instead of the legacy require_ssl flag.
• serverCaMode (type: String.t, default: nil) - Specify what type of CA is used for the server certificate.
• serverCaPool (type: String.t, default: nil) - Optional. The resource name of the server CA pool for an instance with CUSTOMER_MANAGED_CAS_CA as the server_ca_mode. Format: projects/{PROJECT}/locations/{REGION}/caPools/{CA_POOL_ID}
• sslMode (type: String.t, default: nil) - Specify how SSL/TLS is enforced in database connections. If you must use the require_ssl flag for backward compatibility, then only the following value pairs are valid: For PostgreSQL and MySQL: ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED and require_ssl=false ssl_mode=ENCRYPTED_ONLY and require_ssl=false ssl_mode=TRUSTED_CLIENT_CERTIFICATE_REQUIRED and require_ssl=true For SQL Server: ssl_mode=ALLOW_UNENCRYPTED_AND_ENCRYPTED and require_ssl=false * ssl_mode=ENCRYPTED_ONLY and require_ssl=true The value of ssl_mode has priority over the value of require_ssl. For example, for the pair ssl_mode=ENCRYPTED_ONLY and require_ssl=false, ssl_mode=ENCRYPTED_ONLY means accept only SSL connections, while require_ssl=false means accept both non-SSL and SSL connections. In this case, MySQL and PostgreSQL databases respect ssl_mode and accepts only SSL connections.