Merge branch 'main' into feat/support-http-status-lb

CHANGELOG.md

@@ -5,9 +5,16 @@ See updating [Changelog example here](https://keepachangelog.com/en/1.0.0/)
 
 ## [Unreleased]
 
+## [5.17.0] - 2025-01-28
+
+### Added
+
+- upcloud_managed_database_postgresql: support for Postgres 17
+
 ### Changed
 
 - upcloud_server: make template storage tier configurable.
+- upcloud_managed_database_\*: Update available properties to match listing provided by the API, see #687 for details.
 
 ### Fixed
 
@@ -860,7 +867,8 @@ Updated upcloud-go-api, added build/CI scripts, and repackaged 0.1.0 as 1.0.0.
 - resource_upcloud_firewall_rule removed and replaced by resource_upcloud_firewall_rules
 - resource_upcloud_zone removed and replaced by zone and zones datasources
 
-[Unreleased]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.16.0...HEAD
+[Unreleased]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.17.0...HEAD
+[5.17.0]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.16.0...v5.17.0
 [5.16.0]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.15.0...v5.16.0
 [5.15.0]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.14.0...v5.15.0
 [5.14.0]: https://github.com/UpCloudLtd/terraform-provider-upcloud/compare/v5.13.2...v5.14.0

docs/resources/firewall_rules.md

@@ -83,7 +83,7 @@ resource "upcloud_firewall_rules" "example" {
 
 Required Attributes:
 
-- `action` (String) Action to take if the rule conditions are met
+- `action` (String) Action to take if the rule conditions are met. Valid values `accept | drop`
 - `direction` (String) The direction of network traffic this rule will be applied to
 
 Optional Attributes:

docs/resources/managed_database_opensearch.md

@@ -94,11 +94,14 @@ Optional Attributes:
 - `action_destructive_requires_name` (Boolean) Require explicit index names when deleting.
 - `automatic_utility_network_ip_filter` (Boolean) Automatic utility network IP Filter. Automatically allow connections from servers in the utility network within the same zone.
 - `cluster_max_shards_per_node` (Number) Controls the number of shards allowed in the cluster per data node.
+- `cluster_routing_allocation_balance_prefer_primary` (Boolean) When set to true, OpenSearch attempts to evenly distribute the primary shards between the cluster nodes. Enabling this setting does not always guarantee an equal number of primary shards on each node, especially in the event of a failover. Changing this setting to false after it was set to true does not invoke redistribution of primary shards. Default is false.
 - `cluster_routing_allocation_node_concurrent_recoveries` (Number) Concurrent incoming/outgoing shard recoveries per node. How many concurrent incoming/outgoing shard recoveries (normally replicas) are allowed to happen on a node. Defaults to node cpu count * 2.
 - `custom_domain` (String) Custom domain. Serve the web frontend using a custom CNAME pointing to the Aiven DNS name.
+- `elasticsearch_version` (String) Elasticsearch major version.
 - `email_sender_name` (String) Sender name placeholder to be used in Opensearch Dashboards and Opensearch keystore. This should be identical to the Sender name defined in Opensearch dashboards.
 - `email_sender_password` (String, Sensitive) Sender password for Opensearch alerts to authenticate with SMTP server. Sender password for Opensearch alerts to authenticate with SMTP server.
 - `email_sender_username` (String) Sender username for Opensearch alerts.
+- `enable_remote_backed_storage` (Boolean) Enable remote-backed storage.
 - `enable_security_audit` (Boolean) Enable/Disable security audit.
 - `http_max_content_length` (Number) Maximum content length for HTTP requests to the OpenSearch HTTP API, in bytes.
 - `http_max_header_size` (Number) The max size of allowed headers, in bytes.
@@ -145,15 +148,15 @@ Optional Attributes:
 Blocks:
 
 - `auth_failure_listeners` (Block List, Max: 1) Opensearch Security Plugin Settings. (see [below for nested schema](#nestedblock--properties--auth_failure_listeners))
-- `azure_migration` (Block List, Max: 1) Azure migration settings. (see [below for nested schema](#nestedblock--properties--azure_migration))
-- `gcs_migration` (Block List, Max: 1) Google Cloud Storage migration settings. (see [below for nested schema](#nestedblock--properties--gcs_migration))
+- `cluster_search_request_slowlog` (Block List, Max: 1) (see [below for nested schema](#nestedblock--properties--cluster_search_request_slowlog))
 - `index_rollup` (Block List, Max: 1) Index rollup settings. (see [below for nested schema](#nestedblock--properties--index_rollup))
 - `index_template` (Block List, Max: 1) Template settings for all new indexes. (see [below for nested schema](#nestedblock--properties--index_template))
 - `openid` (Block List, Max: 1) OpenSearch OpenID Connect Configuration. (see [below for nested schema](#nestedblock--properties--openid))
 - `opensearch_dashboards` (Block List, Max: 1) OpenSearch Dashboards settings. (see [below for nested schema](#nestedblock--properties--opensearch_dashboards))
-- `s3_migration` (Block List, Max: 1) AWS S3 / AWS S3 compatible migration settings. (see [below for nested schema](#nestedblock--properties--s3_migration))
 - `saml` (Block List, Max: 1) OpenSearch SAML configuration. (see [below for nested schema](#nestedblock--properties--saml))
 - `search_backpressure` (Block List, Max: 1) Search Backpressure Settings. (see [below for nested schema](#nestedblock--properties--search_backpressure))
+- `search_insights_top_queries` (Block List, Max: 1) (see [below for nested schema](#nestedblock--properties--search_insights_top_queries))
+- `segrep` (Block List, Max: 1) Segment Replication Backpressure Settings. (see [below for nested schema](#nestedblock--properties--segrep))
 - `shard_indexing_pressure` (Block List, Max: 1) Shard indexing back pressure settings. (see [below for nested schema](#nestedblock--properties--shard_indexing_pressure))
 
 <a id="nestedblock--properties--auth_failure_listeners"></a>
@@ -192,39 +195,27 @@ Optional Attributes:
 
 
 
-<a id="nestedblock--properties--azure_migration"></a>
-### Nested Schema for `properties.azure_migration`
+<a id="nestedblock--properties--cluster_search_request_slowlog"></a>
+### Nested Schema for `properties.cluster_search_request_slowlog`
 
 Optional Attributes:
 
-- `account` (String) Account name. Azure account name.
-- `base_path` (String) The path to the repository data within its container. The path to the repository data within its container. The value of this setting should not start or end with a /.
-- `chunk_size` (String) Chunk size. Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository.
-- `compress` (Boolean) Metadata files are stored in compressed format. when set to true metadata files are stored in compressed format.
-- `container` (String) Azure container name. Azure container name.
-- `endpoint_suffix` (String) Endpoint suffix. Defines the DNS suffix for Azure Storage endpoints.
-- `include_aliases` (Boolean) Include aliases. Whether to restore aliases alongside their associated indexes. Default is true.
-- `indices` (String) Indices to restore. A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
-- `key` (String) Account secret key. Azure account secret key. One of key or sas_token should be specified.
-- `restore_global_state` (Boolean) Restore the cluster state or not. If true, restore the cluster state. Defaults to false.
-- `sas_token` (String) SAS token. A shared access signatures (SAS) token. One of key or sas_token should be specified.
-- `snapshot_name` (String) The snapshot name to restore from. The snapshot name to restore from.
+- `level` (String) Log level.
 
+Blocks:
+
+- `threshold` (Block List, Max: 1) (see [below for nested schema](#nestedblock--properties--cluster_search_request_slowlog--threshold))
 
-<a id="nestedblock--properties--gcs_migration"></a>
-### Nested Schema for `properties.gcs_migration`
+<a id="nestedblock--properties--cluster_search_request_slowlog--threshold"></a>
+### Nested Schema for `properties.cluster_search_request_slowlog.threshold`
 
 Optional Attributes:
 
-- `base_path` (String) The path to the repository data within its container. The path to the repository data within its container. The value of this setting should not start or end with a /.
-- `bucket` (String) The path to the repository data within its container. Google Cloud Storage bucket name.
-- `chunk_size` (String) Chunk size. Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository.
-- `compress` (Boolean) Metadata files are stored in compressed format. when set to true metadata files are stored in compressed format.
-- `credentials` (String) Credentials. Google Cloud Storage credentials file content.
-- `include_aliases` (Boolean) Include aliases. Whether to restore aliases alongside their associated indexes. Default is true.
-- `indices` (String) Indices to restore. A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
-- `restore_global_state` (Boolean) Restore the cluster state or not. If true, restore the cluster state. Defaults to false.
-- `snapshot_name` (String) The snapshot name to restore from. The snapshot name to restore from.
+- `debug` (String) Debug threshold for total request took time. The value should be in the form count and unit, where unit one of (s,m,h,d,nanos,ms,micros) or -1. Default is -1.
+- `info` (String) Info threshold for total request took time. The value should be in the form count and unit, where unit one of (s,m,h,d,nanos,ms,micros) or -1. Default is -1.
+- `trace` (String) Trace threshold for total request took time. The value should be in the form count and unit, where unit one of (s,m,h,d,nanos,ms,micros) or -1. Default is -1.
+- `warn` (String) Warning threshold for total request took time. The value should be in the form count and unit, where unit one of (s,m,h,d,nanos,ms,micros) or -1. Default is -1.
+
 
 
 <a id="nestedblock--properties--index_rollup"></a>
@@ -275,29 +266,10 @@ Optional Attributes:
 
 - `enabled` (Boolean) Enable or disable OpenSearch Dashboards.
 - `max_old_space_size` (Number) Limits the maximum amount of memory (in MiB) the OpenSearch Dashboards process can use. This sets the max_old_space_size option of the nodejs running the OpenSearch Dashboards. Note: the memory reserved by OpenSearch Dashboards is not available for OpenSearch.
+- `multiple_data_source_enabled` (Boolean) Enable or disable multiple data sources in OpenSearch Dashboards.
 - `opensearch_request_timeout` (Number) Timeout in milliseconds for requests made by OpenSearch Dashboards towards OpenSearch.
 
 
-<a id="nestedblock--properties--s3_migration"></a>
-### Nested Schema for `properties.s3_migration`
-
-Optional Attributes:
-
-- `access_key` (String) AWS Access key. AWS Access key.
-- `base_path` (String) The path to the repository data within its container. The path to the repository data within its container. The value of this setting should not start or end with a /.
-- `bucket` (String) S3 bucket name. S3 bucket name.
-- `chunk_size` (String) Chunk size. Big files can be broken down into chunks during snapshotting if needed. Should be the same as for the 3rd party repository.
-- `compress` (Boolean) Metadata files are stored in compressed format. when set to true metadata files are stored in compressed format.
-- `endpoint` (String) The S3 service endpoint to connect. The S3 service endpoint to connect to. If you are using an S3-compatible service then you should set this to the service’s endpoint.
-- `include_aliases` (Boolean) Include aliases. Whether to restore aliases alongside their associated indexes. Default is true.
-- `indices` (String) Indices to restore. A comma-delimited list of indices to restore from the snapshot. Multi-index syntax is supported.
-- `region` (String) S3 region. S3 region.
-- `restore_global_state` (Boolean) Restore the cluster state or not. If true, restore the cluster state. Defaults to false.
-- `secret_key` (String) AWS secret key. AWS secret key.
-- `server_side_encryption` (Boolean) Server side encryption. When set to true files are encrypted on server side.
-- `snapshot_name` (String) The snapshot name to restore from. The snapshot name to restore from.
-
-
 <a id="nestedblock--properties--saml"></a>
 ### Nested Schema for `properties.saml`
 
@@ -368,6 +340,57 @@ Optional Attributes:
 
 
 
+<a id="nestedblock--properties--search_insights_top_queries"></a>
+### Nested Schema for `properties.search_insights_top_queries`
+
+Blocks:
+
+- `cpu` (Block List, Max: 1) Top N queries monitoring by CPU. (see [below for nested schema](#nestedblock--properties--search_insights_top_queries--cpu))
+- `latency` (Block List, Max: 1) Top N queries monitoring by latency. (see [below for nested schema](#nestedblock--properties--search_insights_top_queries--latency))
+- `memory` (Block List, Max: 1) Top N queries monitoring by memory. (see [below for nested schema](#nestedblock--properties--search_insights_top_queries--memory))
+
+<a id="nestedblock--properties--search_insights_top_queries--cpu"></a>
+### Nested Schema for `properties.search_insights_top_queries.cpu`
+
+Optional Attributes:
+
+- `enabled` (Boolean) Enable or disable top N query monitoring by the metric. Enable or disable top N query monitoring by the metric.
+- `top_n_size` (Number) Specify the value of N for the top N queries by the metric.
+- `window_size` (String) The window size of the top N queries by the metric. Configure the window size of the top N queries.
+
+
+<a id="nestedblock--properties--search_insights_top_queries--latency"></a>
+### Nested Schema for `properties.search_insights_top_queries.latency`
+
+Optional Attributes:
+
+- `enabled` (Boolean) Enable or disable top N query monitoring by the metric. Enable or disable top N query monitoring by the metric.
+- `top_n_size` (Number) Specify the value of N for the top N queries by the metric.
+- `window_size` (String) The window size of the top N queries by the metric. Configure the window size of the top N queries.
+
+
+<a id="nestedblock--properties--search_insights_top_queries--memory"></a>
+### Nested Schema for `properties.search_insights_top_queries.memory`
+
+Optional Attributes:
+
+- `enabled` (Boolean) Enable or disable top N query monitoring by the metric. Enable or disable top N query monitoring by the metric.
+- `top_n_size` (Number) Specify the value of N for the top N queries by the metric.
+- `window_size` (String) The window size of the top N queries by the metric. Configure the window size of the top N queries.
+
+
+
+<a id="nestedblock--properties--segrep"></a>
+### Nested Schema for `properties.segrep`
+
+Optional Attributes:
+
+- `pressure_checkpoint_limit` (Number) The maximum number of indexing checkpoints that a replica shard can fall behind when copying from primary. Once `segrep.pressure.checkpoint.limit` is breached along with `segrep.pressure.time.limit`, the segment replication backpressure mechanism is initiated. Default is 4 checkpoints.
+- `pressure_enabled` (Boolean) Enables the segment replication backpressure mechanism. Default is false.
+- `pressure_replica_stale_limit` (Number) The maximum number of stale replica shards that can exist in a replication group. Once `segrep.pressure.replica.stale.limit` is breached, the segment replication backpressure mechanism is initiated. Default is .5, which is 50% of a replication group.
+- `pressure_time_limit` (String) The maximum amount of time that a replica shard can take to copy from the primary shard. Once segrep.pressure.time.limit is breached along with segrep.pressure.checkpoint.limit, the segment replication backpressure mechanism is initiated. Default is 5 minutes.
+
+
 <a id="nestedblock--properties--shard_indexing_pressure"></a>
 ### Nested Schema for `properties.shard_indexing_pressure`
 

docs/resources/managed_database_postgresql.md

@@ -131,6 +131,7 @@ Optional Attributes:
 - `max_standby_streaming_delay` (Number) Max standby streaming delay in milliseconds.
 - `max_wal_senders` (Number) PostgreSQL maximum WAL senders.
 - `max_worker_processes` (Number) Sets the maximum number of background processes that the system can support.
+- `password_encryption` (String, Sensitive) Chooses the algorithm for encrypting passwords.
 - `pg_partman_bgw_interval` (Number) Sets the time interval to run pg_partman's scheduled tasks.
 - `pg_partman_bgw_role` (String) Controls which role to use for pg_partman's scheduled background tasks.
 - `pg_stat_monitor_enable` (Boolean) Enable pg_stat_monitor extension if available for the current cluster. Enable the pg_stat_monitor extension. Enabling this extension will cause the cluster to be restarted.When this extension is enabled, pg_stat_statements results for utility commands are unreliable.

internal/service/database/database.go

@@ -241,7 +241,8 @@ func buildManagedDatabasePropertiesRequestFromResourceData(d *schema.ResourceDat
 
 	for field := range resourceProps {
 		// skip properties that are not present in the propsInfo
-		if _, ok := propsInfo[field]; !ok {
+		prop, ok := propsInfo[field]
+		if !ok {
 			continue
 		}
 
@@ -252,21 +253,22 @@ func buildManagedDatabasePropertiesRequestFromResourceData(d *schema.ResourceDat
 		if shouldOmit {
 			continue
 		}
-		if propsInfo[field].CreateOnly {
+		if prop.CreateOnly {
 			if !hasChange {
 				continue
 			}
 		}
-		if properties.GetType(propsInfo[field]) == "object" {
+		if properties.GetType(prop) == "object" {
 			// convert resource data list of objects into API objects
 			if listValue, ok := value.([]interface{}); ok && len(listValue) == 1 {
 				// Do similar filtering for nested properties as is done for main level properties.
 				stateObj := listValue[0].(map[string]interface{})
 				reqObj := make(map[string]interface{})
 				for k := range stateObj {
 					value, _, shouldOmit := getPropertiesValue(d, fmt.Sprintf("%s.0.%s", key, k))
-					if !shouldOmit {
-						reqObj[k] = value
+					reqKey := properties.GetKey(prop.Properties, k)
+					if !shouldOmit && reqKey != "" {
+						reqObj[reqKey] = value
 					}
 				}
 				r[upcloud.ManagedDatabasePropertyKey(field)] = reqObj
@@ -293,17 +295,22 @@ func buildManagedDatabaseResourceDataProperties(d *schema.ResourceData, db *upcl
 		if properties.GetType(propsInfo[key]) == "object" {
 			// convert API objects into list of objects
 			if m, ok := value.(map[string]interface{}); ok {
-				resourceProps[key] = []map[string]interface{}{m}
+				// Convert API keys to schema keys
+				sMap := make(map[string]interface{})
+				for k, v := range m {
+					sMap[properties.SchemaKey(k)] = v
+				}
+				resourceProps[properties.SchemaKey(key)] = []map[string]interface{}{sMap}
 			}
 		} else {
-			resourceProps[key] = value
+			resourceProps[properties.SchemaKey(key)] = value
 		}
 	}
 
 	// clean up removed properties that are not present in the propsInfo
 	for key := range resourceProps {
 		if _, ok := propsInfo[key]; !ok {
-			delete(resourceProps, key)
+			delete(resourceProps, properties.SchemaKey(key))
 		}
 	}
 

internal/service/database/properties/schema.go

@@ -63,6 +63,23 @@ func GetType(prop upcloud.ManagedDatabaseServiceProperty) string {
 	return ""
 }
 
+func GetKey(props map[string]upcloud.ManagedDatabaseServiceProperty, field string) string {
+	if _, ok := props[field]; ok {
+		return field
+	}
+
+	withDots := strings.ReplaceAll(field, "_", ".")
+	if _, ok := props[withDots]; ok {
+		return withDots
+	}
+
+	return ""
+}
+
+func SchemaKey(key string) string {
+	return strings.ReplaceAll(key, ".", "_")
+}
+
 func diffSuppressCreateOnlyProperty(_, _, _ string, d *schema.ResourceData) bool {
 	return d.Id() != ""
 }
@@ -211,7 +228,7 @@ func getSchemaMap(props map[string]upcloud.ManagedDatabaseServiceProperty) (map[
 		if err != nil {
 			return nil, err
 		}
-		sMap[key] = s
+		sMap[SchemaKey(key)] = s
 	}
 	return sMap, nil
 }

upcloud/resource_upcloud_managed_database_opensearch_test.go

@@ -41,7 +41,7 @@ func TestAccUpcloudManagedDatabaseOpenSearchProperties(t *testing.T) {
 					resource.TestCheckResourceAttr(name, "extended_access_control", "true"),
 					resource.TestCheckResourceAttr(name, prop("public_access"), "true"),
 					resource.TestCheckResourceAttr(name, prop("automatic_utility_network_ip_filter"), "true"),
-					resource.TestCheckResourceAttr(name, prop("version"), "2"),
+					resource.TestCheckResourceAttr(name, prop("version"), "1"),
 				),
 			},
 		},