» google_sql_ca_certs

Get all of the trusted Certificate Authorities (CAs) for the specified SQL database instance. For more information see the official documentation and API.

» Example Usage

data "google_sql_ca_certs" "ca_certs" {
  instance = "primary-database-server"
}

locals {
  furthest_expiration_time = reverse(sort([for k, v in data.google_sql_ca_certs.ca_certs.certs : v.expiration_time]))[0]
  latest_ca_cert           = [for v in data.google_sql_ca_certs.ca_certs.certs : v.cert if v.expiration_time == local.furthest_expiration_time]
}

output "db_latest_ca_cert" {
  description = "Latest CA cert used by the primary database server"
  value       = local.latest_ca_cert
  sensitive   = true
}

» Argument Reference

The following arguments are supported:

  • instance - (Required) The name or self link of the instance.

  • project - (Optional) The ID of the project in which the resource belongs. If project is not provided, the provider project is used.

» Attributes Reference

The following attributes are exported:

  • active_version - SHA1 fingerprint of the currently active CA certificate.

  • certs - A list of server CA certificates for the instance. Each contains: