gcp.container.Cluster
Explore with Pulumi AI
Manages a Google Kubernetes Engine (GKE) cluster.
To get more information about GKE clusters, see:
On version 5.0.0+ of the provider, you must explicitly set
deletion_protection = false
and runpulumi up
to write the field to state in order to destroy a cluster.
All arguments and attributes (including certificate outputs) will be stored in the raw state as plaintext. Read more about secrets in state.
Example Usage
With A Separately Managed Node Pool (Recommended)
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.serviceaccount.Account("default", {
accountId: "service-account-id",
displayName: "Service Account",
});
const primary = new gcp.container.Cluster("primary", {
name: "my-gke-cluster",
location: "us-central1",
removeDefaultNodePool: true,
initialNodeCount: 1,
});
const primaryPreemptibleNodes = new gcp.container.NodePool("primary_preemptible_nodes", {
name: "my-node-pool",
location: "us-central1",
cluster: primary.name,
nodeCount: 1,
nodeConfig: {
preemptible: true,
machineType: "e2-medium",
serviceAccount: _default.email,
oauthScopes: ["https://www.googleapis.com/auth/cloud-platform"],
},
});
import pulumi
import pulumi_gcp as gcp
default = gcp.serviceaccount.Account("default",
account_id="service-account-id",
display_name="Service Account")
primary = gcp.container.Cluster("primary",
name="my-gke-cluster",
location="us-central1",
remove_default_node_pool=True,
initial_node_count=1)
primary_preemptible_nodes = gcp.container.NodePool("primary_preemptible_nodes",
name="my-node-pool",
location="us-central1",
cluster=primary.name,
node_count=1,
node_config={
"preemptible": True,
"machine_type": "e2-medium",
"service_account": default.email,
"oauth_scopes": ["https://www.googleapis.com/auth/cloud-platform"],
})
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := serviceaccount.NewAccount(ctx, "default", &serviceaccount.AccountArgs{
AccountId: pulumi.String("service-account-id"),
DisplayName: pulumi.String("Service Account"),
})
if err != nil {
return err
}
primary, err := container.NewCluster(ctx, "primary", &container.ClusterArgs{
Name: pulumi.String("my-gke-cluster"),
Location: pulumi.String("us-central1"),
RemoveDefaultNodePool: pulumi.Bool(true),
InitialNodeCount: pulumi.Int(1),
})
if err != nil {
return err
}
_, err = container.NewNodePool(ctx, "primary_preemptible_nodes", &container.NodePoolArgs{
Name: pulumi.String("my-node-pool"),
Location: pulumi.String("us-central1"),
Cluster: primary.Name,
NodeCount: pulumi.Int(1),
NodeConfig: &container.NodePoolNodeConfigArgs{
Preemptible: pulumi.Bool(true),
MachineType: pulumi.String("e2-medium"),
ServiceAccount: _default.Email,
OauthScopes: pulumi.StringArray{
pulumi.String("https://www.googleapis.com/auth/cloud-platform"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.ServiceAccount.Account("default", new()
{
AccountId = "service-account-id",
DisplayName = "Service Account",
});
var primary = new Gcp.Container.Cluster("primary", new()
{
Name = "my-gke-cluster",
Location = "us-central1",
RemoveDefaultNodePool = true,
InitialNodeCount = 1,
});
var primaryPreemptibleNodes = new Gcp.Container.NodePool("primary_preemptible_nodes", new()
{
Name = "my-node-pool",
Location = "us-central1",
Cluster = primary.Name,
NodeCount = 1,
NodeConfig = new Gcp.Container.Inputs.NodePoolNodeConfigArgs
{
Preemptible = true,
MachineType = "e2-medium",
ServiceAccount = @default.Email,
OauthScopes = new[]
{
"https://www.googleapis.com/auth/cloud-platform",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.Account;
import com.pulumi.gcp.serviceaccount.AccountArgs;
import com.pulumi.gcp.container.Cluster;
import com.pulumi.gcp.container.ClusterArgs;
import com.pulumi.gcp.container.NodePool;
import com.pulumi.gcp.container.NodePoolArgs;
import com.pulumi.gcp.container.inputs.NodePoolNodeConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Account("default", AccountArgs.builder()
.accountId("service-account-id")
.displayName("Service Account")
.build());
var primary = new Cluster("primary", ClusterArgs.builder()
.name("my-gke-cluster")
.location("us-central1")
.removeDefaultNodePool(true)
.initialNodeCount(1)
.build());
var primaryPreemptibleNodes = new NodePool("primaryPreemptibleNodes", NodePoolArgs.builder()
.name("my-node-pool")
.location("us-central1")
.cluster(primary.name())
.nodeCount(1)
.nodeConfig(NodePoolNodeConfigArgs.builder()
.preemptible(true)
.machineType("e2-medium")
.serviceAccount(default_.email())
.oauthScopes("https://www.googleapis.com/auth/cloud-platform")
.build())
.build());
}
}
resources:
default:
type: gcp:serviceaccount:Account
properties:
accountId: service-account-id
displayName: Service Account
primary:
type: gcp:container:Cluster
properties:
name: my-gke-cluster
location: us-central1
removeDefaultNodePool: true
initialNodeCount: 1
primaryPreemptibleNodes:
type: gcp:container:NodePool
name: primary_preemptible_nodes
properties:
name: my-node-pool
location: us-central1
cluster: ${primary.name}
nodeCount: 1
nodeConfig:
preemptible: true
machineType: e2-medium
serviceAccount: ${default.email}
oauthScopes:
- https://www.googleapis.com/auth/cloud-platform
Note: It is recommended that node pools be created and managed as separate resources as in the example above. This allows node pools to be added and removed without recreating the cluster. Node pools defined directly in the
gcp.container.Cluster
resource cannot be removed without re-creating the cluster.
With The Default Node Pool
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.serviceaccount.Account("default", {
accountId: "service-account-id",
displayName: "Service Account",
});
const primary = new gcp.container.Cluster("primary", {
name: "marcellus-wallace",
location: "us-central1-a",
initialNodeCount: 3,
nodeConfig: {
serviceAccount: _default.email,
oauthScopes: ["https://www.googleapis.com/auth/cloud-platform"],
labels: {
foo: "bar",
},
tags: [
"foo",
"bar",
],
},
});
import pulumi
import pulumi_gcp as gcp
default = gcp.serviceaccount.Account("default",
account_id="service-account-id",
display_name="Service Account")
primary = gcp.container.Cluster("primary",
name="marcellus-wallace",
location="us-central1-a",
initial_node_count=3,
node_config={
"service_account": default.email,
"oauth_scopes": ["https://www.googleapis.com/auth/cloud-platform"],
"labels": {
"foo": "bar",
},
"tags": [
"foo",
"bar",
],
})
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_default, err := serviceaccount.NewAccount(ctx, "default", &serviceaccount.AccountArgs{
AccountId: pulumi.String("service-account-id"),
DisplayName: pulumi.String("Service Account"),
})
if err != nil {
return err
}
_, err = container.NewCluster(ctx, "primary", &container.ClusterArgs{
Name: pulumi.String("marcellus-wallace"),
Location: pulumi.String("us-central1-a"),
InitialNodeCount: pulumi.Int(3),
NodeConfig: &container.ClusterNodeConfigArgs{
ServiceAccount: _default.Email,
OauthScopes: pulumi.StringArray{
pulumi.String("https://www.googleapis.com/auth/cloud-platform"),
},
Labels: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
Tags: pulumi.StringArray{
pulumi.String("foo"),
pulumi.String("bar"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.ServiceAccount.Account("default", new()
{
AccountId = "service-account-id",
DisplayName = "Service Account",
});
var primary = new Gcp.Container.Cluster("primary", new()
{
Name = "marcellus-wallace",
Location = "us-central1-a",
InitialNodeCount = 3,
NodeConfig = new Gcp.Container.Inputs.ClusterNodeConfigArgs
{
ServiceAccount = @default.Email,
OauthScopes = new[]
{
"https://www.googleapis.com/auth/cloud-platform",
},
Labels =
{
{ "foo", "bar" },
},
Tags = new[]
{
"foo",
"bar",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.Account;
import com.pulumi.gcp.serviceaccount.AccountArgs;
import com.pulumi.gcp.container.Cluster;
import com.pulumi.gcp.container.ClusterArgs;
import com.pulumi.gcp.container.inputs.ClusterNodeConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Account("default", AccountArgs.builder()
.accountId("service-account-id")
.displayName("Service Account")
.build());
var primary = new Cluster("primary", ClusterArgs.builder()
.name("marcellus-wallace")
.location("us-central1-a")
.initialNodeCount(3)
.nodeConfig(ClusterNodeConfigArgs.builder()
.serviceAccount(default_.email())
.oauthScopes("https://www.googleapis.com/auth/cloud-platform")
.labels(Map.of("foo", "bar"))
.tags(
"foo",
"bar")
.build())
.build());
}
}
resources:
default:
type: gcp:serviceaccount:Account
properties:
accountId: service-account-id
displayName: Service Account
primary:
type: gcp:container:Cluster
properties:
name: marcellus-wallace
location: us-central1-a
initialNodeCount: 3
nodeConfig:
serviceAccount: ${default.email}
oauthScopes:
- https://www.googleapis.com/auth/cloud-platform
labels:
foo: bar
tags:
- foo
- bar
Autopilot
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
const _default = new gcp.serviceaccount.Account("default", {
accountId: "service-account-id",
displayName: "Service Account",
});
const primary = new gcp.container.Cluster("primary", {
name: "marcellus-wallace",
location: "us-central1-a",
enableAutopilot: true,
});
import pulumi
import pulumi_gcp as gcp
default = gcp.serviceaccount.Account("default",
account_id="service-account-id",
display_name="Service Account")
primary = gcp.container.Cluster("primary",
name="marcellus-wallace",
location="us-central1-a",
enable_autopilot=True)
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/container"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/serviceaccount"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := serviceaccount.NewAccount(ctx, "default", &serviceaccount.AccountArgs{
AccountId: pulumi.String("service-account-id"),
DisplayName: pulumi.String("Service Account"),
})
if err != nil {
return err
}
_, err = container.NewCluster(ctx, "primary", &container.ClusterArgs{
Name: pulumi.String("marcellus-wallace"),
Location: pulumi.String("us-central1-a"),
EnableAutopilot: pulumi.Bool(true),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.ServiceAccount.Account("default", new()
{
AccountId = "service-account-id",
DisplayName = "Service Account",
});
var primary = new Gcp.Container.Cluster("primary", new()
{
Name = "marcellus-wallace",
Location = "us-central1-a",
EnableAutopilot = true,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.serviceaccount.Account;
import com.pulumi.gcp.serviceaccount.AccountArgs;
import com.pulumi.gcp.container.Cluster;
import com.pulumi.gcp.container.ClusterArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new Account("default", AccountArgs.builder()
.accountId("service-account-id")
.displayName("Service Account")
.build());
var primary = new Cluster("primary", ClusterArgs.builder()
.name("marcellus-wallace")
.location("us-central1-a")
.enableAutopilot(true)
.build());
}
}
resources:
default:
type: gcp:serviceaccount:Account
properties:
accountId: service-account-id
displayName: Service Account
primary:
type: gcp:container:Cluster
properties:
name: marcellus-wallace
location: us-central1-a
enableAutopilot: true
Create Cluster Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Cluster(name: string, args?: ClusterArgs, opts?: CustomResourceOptions);
@overload
def Cluster(resource_name: str,
args: Optional[ClusterArgs] = None,
opts: Optional[ResourceOptions] = None)
@overload
def Cluster(resource_name: str,
opts: Optional[ResourceOptions] = None,
addons_config: Optional[ClusterAddonsConfigArgs] = None,
allow_net_admin: Optional[bool] = None,
authenticator_groups_config: Optional[ClusterAuthenticatorGroupsConfigArgs] = None,
binary_authorization: Optional[ClusterBinaryAuthorizationArgs] = None,
cluster_autoscaling: Optional[ClusterClusterAutoscalingArgs] = None,
cluster_ipv4_cidr: Optional[str] = None,
cluster_telemetry: Optional[ClusterClusterTelemetryArgs] = None,
confidential_nodes: Optional[ClusterConfidentialNodesArgs] = None,
control_plane_endpoints_config: Optional[ClusterControlPlaneEndpointsConfigArgs] = None,
cost_management_config: Optional[ClusterCostManagementConfigArgs] = None,
database_encryption: Optional[ClusterDatabaseEncryptionArgs] = None,
datapath_provider: Optional[str] = None,
default_max_pods_per_node: Optional[int] = None,
default_snat_status: Optional[ClusterDefaultSnatStatusArgs] = None,
deletion_protection: Optional[bool] = None,
description: Optional[str] = None,
dns_config: Optional[ClusterDnsConfigArgs] = None,
enable_autopilot: Optional[bool] = None,
enable_cilium_clusterwide_network_policy: Optional[bool] = None,
enable_fqdn_network_policy: Optional[bool] = None,
enable_intranode_visibility: Optional[bool] = None,
enable_k8s_beta_apis: Optional[ClusterEnableK8sBetaApisArgs] = None,
enable_kubernetes_alpha: Optional[bool] = None,
enable_l4_ilb_subsetting: Optional[bool] = None,
enable_legacy_abac: Optional[bool] = None,
enable_multi_networking: Optional[bool] = None,
enable_shielded_nodes: Optional[bool] = None,
enable_tpu: Optional[bool] = None,
enterprise_config: Optional[ClusterEnterpriseConfigArgs] = None,
fleet: Optional[ClusterFleetArgs] = None,
gateway_api_config: Optional[ClusterGatewayApiConfigArgs] = None,
identity_service_config: Optional[ClusterIdentityServiceConfigArgs] = None,
initial_node_count: Optional[int] = None,
ip_allocation_policy: Optional[ClusterIpAllocationPolicyArgs] = None,
location: Optional[str] = None,
logging_config: Optional[ClusterLoggingConfigArgs] = None,
logging_service: Optional[str] = None,
maintenance_policy: Optional[ClusterMaintenancePolicyArgs] = None,
master_auth: Optional[ClusterMasterAuthArgs] = None,
master_authorized_networks_config: Optional[ClusterMasterAuthorizedNetworksConfigArgs] = None,
mesh_certificates: Optional[ClusterMeshCertificatesArgs] = None,
min_master_version: Optional[str] = None,
monitoring_config: Optional[ClusterMonitoringConfigArgs] = None,
monitoring_service: Optional[str] = None,
name: Optional[str] = None,
network: Optional[str] = None,
network_policy: Optional[ClusterNetworkPolicyArgs] = None,
networking_mode: Optional[str] = None,
node_config: Optional[ClusterNodeConfigArgs] = None,
node_locations: Optional[Sequence[str]] = None,
node_pool_auto_config: Optional[ClusterNodePoolAutoConfigArgs] = None,
node_pool_defaults: Optional[ClusterNodePoolDefaultsArgs] = None,
node_pools: Optional[Sequence[ClusterNodePoolArgs]] = None,
node_version: Optional[str] = None,
notification_config: Optional[ClusterNotificationConfigArgs] = None,
pod_security_policy_config: Optional[ClusterPodSecurityPolicyConfigArgs] = None,
private_cluster_config: Optional[ClusterPrivateClusterConfigArgs] = None,
private_ipv6_google_access: Optional[str] = None,
project: Optional[str] = None,
protect_config: Optional[ClusterProtectConfigArgs] = None,
release_channel: Optional[ClusterReleaseChannelArgs] = None,
remove_default_node_pool: Optional[bool] = None,
resource_labels: Optional[Mapping[str, str]] = None,
resource_usage_export_config: Optional[ClusterResourceUsageExportConfigArgs] = None,
secret_manager_config: Optional[ClusterSecretManagerConfigArgs] = None,
security_posture_config: Optional[ClusterSecurityPostureConfigArgs] = None,
service_external_ips_config: Optional[ClusterServiceExternalIpsConfigArgs] = None,
subnetwork: Optional[str] = None,
tpu_config: Optional[ClusterTpuConfigArgs] = None,
user_managed_keys_config: Optional[ClusterUserManagedKeysConfigArgs] = None,
vertical_pod_autoscaling: Optional[ClusterVerticalPodAutoscalingArgs] = None,
workload_alts_config: Optional[ClusterWorkloadAltsConfigArgs] = None,
workload_identity_config: Optional[ClusterWorkloadIdentityConfigArgs] = None)
func NewCluster(ctx *Context, name string, args *ClusterArgs, opts ...ResourceOption) (*Cluster, error)
public Cluster(string name, ClusterArgs? args = null, CustomResourceOptions? opts = null)
public Cluster(String name, ClusterArgs args)
public Cluster(String name, ClusterArgs args, CustomResourceOptions options)
type: gcp:container:Cluster
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ClusterArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var gcpClusterResource = new Gcp.Container.Cluster("gcpClusterResource", new()
{
AddonsConfig = new Gcp.Container.Inputs.ClusterAddonsConfigArgs
{
CloudrunConfig = new Gcp.Container.Inputs.ClusterAddonsConfigCloudrunConfigArgs
{
Disabled = false,
LoadBalancerType = "string",
},
ConfigConnectorConfig = new Gcp.Container.Inputs.ClusterAddonsConfigConfigConnectorConfigArgs
{
Enabled = false,
},
DnsCacheConfig = new Gcp.Container.Inputs.ClusterAddonsConfigDnsCacheConfigArgs
{
Enabled = false,
},
GcePersistentDiskCsiDriverConfig = new Gcp.Container.Inputs.ClusterAddonsConfigGcePersistentDiskCsiDriverConfigArgs
{
Enabled = false,
},
GcpFilestoreCsiDriverConfig = new Gcp.Container.Inputs.ClusterAddonsConfigGcpFilestoreCsiDriverConfigArgs
{
Enabled = false,
},
GcsFuseCsiDriverConfig = new Gcp.Container.Inputs.ClusterAddonsConfigGcsFuseCsiDriverConfigArgs
{
Enabled = false,
},
GkeBackupAgentConfig = new Gcp.Container.Inputs.ClusterAddonsConfigGkeBackupAgentConfigArgs
{
Enabled = false,
},
HorizontalPodAutoscaling = new Gcp.Container.Inputs.ClusterAddonsConfigHorizontalPodAutoscalingArgs
{
Disabled = false,
},
HttpLoadBalancing = new Gcp.Container.Inputs.ClusterAddonsConfigHttpLoadBalancingArgs
{
Disabled = false,
},
IstioConfig = new Gcp.Container.Inputs.ClusterAddonsConfigIstioConfigArgs
{
Disabled = false,
Auth = "string",
},
KalmConfig = new Gcp.Container.Inputs.ClusterAddonsConfigKalmConfigArgs
{
Enabled = false,
},
NetworkPolicyConfig = new Gcp.Container.Inputs.ClusterAddonsConfigNetworkPolicyConfigArgs
{
Disabled = false,
},
ParallelstoreCsiDriverConfig = new Gcp.Container.Inputs.ClusterAddonsConfigParallelstoreCsiDriverConfigArgs
{
Enabled = false,
},
RayOperatorConfigs = new[]
{
new Gcp.Container.Inputs.ClusterAddonsConfigRayOperatorConfigArgs
{
Enabled = false,
RayClusterLoggingConfig = new Gcp.Container.Inputs.ClusterAddonsConfigRayOperatorConfigRayClusterLoggingConfigArgs
{
Enabled = false,
},
RayClusterMonitoringConfig = new Gcp.Container.Inputs.ClusterAddonsConfigRayOperatorConfigRayClusterMonitoringConfigArgs
{
Enabled = false,
},
},
},
StatefulHaConfig = new Gcp.Container.Inputs.ClusterAddonsConfigStatefulHaConfigArgs
{
Enabled = false,
},
},
AllowNetAdmin = false,
AuthenticatorGroupsConfig = new Gcp.Container.Inputs.ClusterAuthenticatorGroupsConfigArgs
{
SecurityGroup = "string",
},
BinaryAuthorization = new Gcp.Container.Inputs.ClusterBinaryAuthorizationArgs
{
EvaluationMode = "string",
},
ClusterAutoscaling = new Gcp.Container.Inputs.ClusterClusterAutoscalingArgs
{
AutoProvisioningDefaults = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsArgs
{
BootDiskKmsKey = "string",
DiskSize = 0,
DiskType = "string",
ImageType = "string",
Management = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsManagementArgs
{
AutoRepair = false,
AutoUpgrade = false,
UpgradeOptions = new[]
{
new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsManagementUpgradeOptionArgs
{
AutoUpgradeStartTime = "string",
Description = "string",
},
},
},
MinCpuPlatform = "string",
OauthScopes = new[]
{
"string",
},
ServiceAccount = "string",
ShieldedInstanceConfig = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsShieldedInstanceConfigArgs
{
EnableIntegrityMonitoring = false,
EnableSecureBoot = false,
},
UpgradeSettings = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsArgs
{
BlueGreenSettings = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsArgs
{
NodePoolSoakDuration = "string",
StandardRolloutPolicy = new Gcp.Container.Inputs.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs
{
BatchNodeCount = 0,
BatchPercentage = 0,
BatchSoakDuration = "string",
},
},
MaxSurge = 0,
MaxUnavailable = 0,
Strategy = "string",
},
},
AutoProvisioningLocations = new[]
{
"string",
},
AutoscalingProfile = "string",
Enabled = false,
ResourceLimits = new[]
{
new Gcp.Container.Inputs.ClusterClusterAutoscalingResourceLimitArgs
{
Maximum = 0,
ResourceType = "string",
Minimum = 0,
},
},
},
ClusterIpv4Cidr = "string",
ClusterTelemetry = new Gcp.Container.Inputs.ClusterClusterTelemetryArgs
{
Type = "string",
},
ConfidentialNodes = new Gcp.Container.Inputs.ClusterConfidentialNodesArgs
{
Enabled = false,
},
ControlPlaneEndpointsConfig = new Gcp.Container.Inputs.ClusterControlPlaneEndpointsConfigArgs
{
DnsEndpointConfig = new Gcp.Container.Inputs.ClusterControlPlaneEndpointsConfigDnsEndpointConfigArgs
{
AllowExternalTraffic = false,
Endpoint = "string",
},
},
CostManagementConfig = new Gcp.Container.Inputs.ClusterCostManagementConfigArgs
{
Enabled = false,
},
DatabaseEncryption = new Gcp.Container.Inputs.ClusterDatabaseEncryptionArgs
{
State = "string",
KeyName = "string",
},
DatapathProvider = "string",
DefaultMaxPodsPerNode = 0,
DefaultSnatStatus = new Gcp.Container.Inputs.ClusterDefaultSnatStatusArgs
{
Disabled = false,
},
DeletionProtection = false,
Description = "string",
DnsConfig = new Gcp.Container.Inputs.ClusterDnsConfigArgs
{
AdditiveVpcScopeDnsDomain = "string",
ClusterDns = "string",
ClusterDnsDomain = "string",
ClusterDnsScope = "string",
},
EnableAutopilot = false,
EnableCiliumClusterwideNetworkPolicy = false,
EnableFqdnNetworkPolicy = false,
EnableIntranodeVisibility = false,
EnableK8sBetaApis = new Gcp.Container.Inputs.ClusterEnableK8sBetaApisArgs
{
EnabledApis = new[]
{
"string",
},
},
EnableKubernetesAlpha = false,
EnableL4IlbSubsetting = false,
EnableLegacyAbac = false,
EnableMultiNetworking = false,
EnableShieldedNodes = false,
EnableTpu = false,
EnterpriseConfig = new Gcp.Container.Inputs.ClusterEnterpriseConfigArgs
{
ClusterTier = "string",
DesiredTier = "string",
},
Fleet = new Gcp.Container.Inputs.ClusterFleetArgs
{
Membership = "string",
MembershipId = "string",
MembershipLocation = "string",
PreRegistered = false,
Project = "string",
},
GatewayApiConfig = new Gcp.Container.Inputs.ClusterGatewayApiConfigArgs
{
Channel = "string",
},
IdentityServiceConfig = new Gcp.Container.Inputs.ClusterIdentityServiceConfigArgs
{
Enabled = false,
},
InitialNodeCount = 0,
IpAllocationPolicy = new Gcp.Container.Inputs.ClusterIpAllocationPolicyArgs
{
AdditionalPodRangesConfig = new Gcp.Container.Inputs.ClusterIpAllocationPolicyAdditionalPodRangesConfigArgs
{
PodRangeNames = new[]
{
"string",
},
},
ClusterIpv4CidrBlock = "string",
ClusterSecondaryRangeName = "string",
PodCidrOverprovisionConfig = new Gcp.Container.Inputs.ClusterIpAllocationPolicyPodCidrOverprovisionConfigArgs
{
Disabled = false,
},
ServicesIpv4CidrBlock = "string",
ServicesSecondaryRangeName = "string",
StackType = "string",
},
Location = "string",
LoggingConfig = new Gcp.Container.Inputs.ClusterLoggingConfigArgs
{
EnableComponents = new[]
{
"string",
},
},
LoggingService = "string",
MaintenancePolicy = new Gcp.Container.Inputs.ClusterMaintenancePolicyArgs
{
DailyMaintenanceWindow = new Gcp.Container.Inputs.ClusterMaintenancePolicyDailyMaintenanceWindowArgs
{
StartTime = "string",
Duration = "string",
},
MaintenanceExclusions = new[]
{
new Gcp.Container.Inputs.ClusterMaintenancePolicyMaintenanceExclusionArgs
{
EndTime = "string",
ExclusionName = "string",
StartTime = "string",
ExclusionOptions = new Gcp.Container.Inputs.ClusterMaintenancePolicyMaintenanceExclusionExclusionOptionsArgs
{
Scope = "string",
},
},
},
RecurringWindow = new Gcp.Container.Inputs.ClusterMaintenancePolicyRecurringWindowArgs
{
EndTime = "string",
Recurrence = "string",
StartTime = "string",
},
},
MasterAuth = new Gcp.Container.Inputs.ClusterMasterAuthArgs
{
ClientCertificateConfig = new Gcp.Container.Inputs.ClusterMasterAuthClientCertificateConfigArgs
{
IssueClientCertificate = false,
},
ClientCertificate = "string",
ClientKey = "string",
ClusterCaCertificate = "string",
},
MasterAuthorizedNetworksConfig = new Gcp.Container.Inputs.ClusterMasterAuthorizedNetworksConfigArgs
{
CidrBlocks = new[]
{
new Gcp.Container.Inputs.ClusterMasterAuthorizedNetworksConfigCidrBlockArgs
{
CidrBlock = "string",
DisplayName = "string",
},
},
GcpPublicCidrsAccessEnabled = false,
PrivateEndpointEnforcementEnabled = false,
},
MeshCertificates = new Gcp.Container.Inputs.ClusterMeshCertificatesArgs
{
EnableCertificates = false,
},
MinMasterVersion = "string",
MonitoringConfig = new Gcp.Container.Inputs.ClusterMonitoringConfigArgs
{
AdvancedDatapathObservabilityConfig = new Gcp.Container.Inputs.ClusterMonitoringConfigAdvancedDatapathObservabilityConfigArgs
{
EnableMetrics = false,
EnableRelay = false,
},
EnableComponents = new[]
{
"string",
},
ManagedPrometheus = new Gcp.Container.Inputs.ClusterMonitoringConfigManagedPrometheusArgs
{
Enabled = false,
AutoMonitoringConfig = new Gcp.Container.Inputs.ClusterMonitoringConfigManagedPrometheusAutoMonitoringConfigArgs
{
Scope = "string",
},
},
},
MonitoringService = "string",
Name = "string",
Network = "string",
NetworkPolicy = new Gcp.Container.Inputs.ClusterNetworkPolicyArgs
{
Enabled = false,
Provider = "string",
},
NetworkingMode = "string",
NodeConfig = new Gcp.Container.Inputs.ClusterNodeConfigArgs
{
AdvancedMachineFeatures = new Gcp.Container.Inputs.ClusterNodeConfigAdvancedMachineFeaturesArgs
{
ThreadsPerCore = 0,
EnableNestedVirtualization = false,
},
BootDiskKmsKey = "string",
ConfidentialNodes = new Gcp.Container.Inputs.ClusterNodeConfigConfidentialNodesArgs
{
Enabled = false,
},
ContainerdConfig = new Gcp.Container.Inputs.ClusterNodeConfigContainerdConfigArgs
{
PrivateRegistryAccessConfig = new Gcp.Container.Inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs
{
Enabled = false,
CertificateAuthorityDomainConfigs = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs
{
Fqdns = new[]
{
"string",
},
GcpSecretManagerCertificateConfig = new Gcp.Container.Inputs.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs
{
SecretUri = "string",
},
},
},
},
},
DiskSizeGb = 0,
DiskType = "string",
EffectiveTaints = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigEffectiveTaintArgs
{
Effect = "string",
Key = "string",
Value = "string",
},
},
EnableConfidentialStorage = false,
EphemeralStorageConfig = new Gcp.Container.Inputs.ClusterNodeConfigEphemeralStorageConfigArgs
{
LocalSsdCount = 0,
},
EphemeralStorageLocalSsdConfig = new Gcp.Container.Inputs.ClusterNodeConfigEphemeralStorageLocalSsdConfigArgs
{
LocalSsdCount = 0,
},
FastSocket = new Gcp.Container.Inputs.ClusterNodeConfigFastSocketArgs
{
Enabled = false,
},
GcfsConfig = new Gcp.Container.Inputs.ClusterNodeConfigGcfsConfigArgs
{
Enabled = false,
},
GuestAccelerators = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigGuestAcceleratorArgs
{
Count = 0,
Type = "string",
GpuDriverInstallationConfig = new Gcp.Container.Inputs.ClusterNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs
{
GpuDriverVersion = "string",
},
GpuPartitionSize = "string",
GpuSharingConfig = new Gcp.Container.Inputs.ClusterNodeConfigGuestAcceleratorGpuSharingConfigArgs
{
GpuSharingStrategy = "string",
MaxSharedClientsPerGpu = 0,
},
},
},
Gvnic = new Gcp.Container.Inputs.ClusterNodeConfigGvnicArgs
{
Enabled = false,
},
HostMaintenancePolicy = new Gcp.Container.Inputs.ClusterNodeConfigHostMaintenancePolicyArgs
{
MaintenanceInterval = "string",
},
ImageType = "string",
KubeletConfig = new Gcp.Container.Inputs.ClusterNodeConfigKubeletConfigArgs
{
CpuCfsQuota = false,
CpuCfsQuotaPeriod = "string",
CpuManagerPolicy = "string",
InsecureKubeletReadonlyPortEnabled = "string",
PodPidsLimit = 0,
},
Labels =
{
{ "string", "string" },
},
LinuxNodeConfig = new Gcp.Container.Inputs.ClusterNodeConfigLinuxNodeConfigArgs
{
CgroupMode = "string",
HugepagesConfig = new Gcp.Container.Inputs.ClusterNodeConfigLinuxNodeConfigHugepagesConfigArgs
{
HugepageSize1g = 0,
HugepageSize2m = 0,
},
Sysctls =
{
{ "string", "string" },
},
},
LocalNvmeSsdBlockConfig = new Gcp.Container.Inputs.ClusterNodeConfigLocalNvmeSsdBlockConfigArgs
{
LocalSsdCount = 0,
},
LocalSsdCount = 0,
LocalSsdEncryptionMode = "string",
LoggingVariant = "string",
MachineType = "string",
MaxRunDuration = "string",
Metadata =
{
{ "string", "string" },
},
MinCpuPlatform = "string",
NodeGroup = "string",
OauthScopes = new[]
{
"string",
},
Preemptible = false,
ReservationAffinity = new Gcp.Container.Inputs.ClusterNodeConfigReservationAffinityArgs
{
ConsumeReservationType = "string",
Key = "string",
Values = new[]
{
"string",
},
},
ResourceLabels =
{
{ "string", "string" },
},
ResourceManagerTags =
{
{ "string", "string" },
},
SandboxConfig = new Gcp.Container.Inputs.ClusterNodeConfigSandboxConfigArgs
{
SandboxType = "string",
},
SecondaryBootDisks = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigSecondaryBootDiskArgs
{
DiskImage = "string",
Mode = "string",
},
},
ServiceAccount = "string",
ShieldedInstanceConfig = new Gcp.Container.Inputs.ClusterNodeConfigShieldedInstanceConfigArgs
{
EnableIntegrityMonitoring = false,
EnableSecureBoot = false,
},
SoleTenantConfig = new Gcp.Container.Inputs.ClusterNodeConfigSoleTenantConfigArgs
{
NodeAffinities = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigSoleTenantConfigNodeAffinityArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Spot = false,
StoragePools = new[]
{
"string",
},
Tags = new[]
{
"string",
},
Taints = new[]
{
new Gcp.Container.Inputs.ClusterNodeConfigTaintArgs
{
Effect = "string",
Key = "string",
Value = "string",
},
},
WorkloadMetadataConfig = new Gcp.Container.Inputs.ClusterNodeConfigWorkloadMetadataConfigArgs
{
Mode = "string",
},
},
NodeLocations = new[]
{
"string",
},
NodePoolAutoConfig = new Gcp.Container.Inputs.ClusterNodePoolAutoConfigArgs
{
LinuxNodeConfig = new Gcp.Container.Inputs.ClusterNodePoolAutoConfigLinuxNodeConfigArgs
{
CgroupMode = "string",
},
NetworkTags = new Gcp.Container.Inputs.ClusterNodePoolAutoConfigNetworkTagsArgs
{
Tags = new[]
{
"string",
},
},
NodeKubeletConfig = new Gcp.Container.Inputs.ClusterNodePoolAutoConfigNodeKubeletConfigArgs
{
InsecureKubeletReadonlyPortEnabled = "string",
},
ResourceManagerTags =
{
{ "string", "string" },
},
},
NodePoolDefaults = new Gcp.Container.Inputs.ClusterNodePoolDefaultsArgs
{
NodeConfigDefaults = new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsArgs
{
ContainerdConfig = new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs
{
PrivateRegistryAccessConfig = new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs
{
Enabled = false,
CertificateAuthorityDomainConfigs = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs
{
Fqdns = new[]
{
"string",
},
GcpSecretManagerCertificateConfig = new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs
{
SecretUri = "string",
},
},
},
},
},
GcfsConfig = new Gcp.Container.Inputs.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs
{
Enabled = false,
},
InsecureKubeletReadonlyPortEnabled = "string",
LoggingVariant = "string",
},
},
NodePools = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolArgs
{
Autoscaling = new Gcp.Container.Inputs.ClusterNodePoolAutoscalingArgs
{
LocationPolicy = "string",
MaxNodeCount = 0,
MinNodeCount = 0,
TotalMaxNodeCount = 0,
TotalMinNodeCount = 0,
},
InitialNodeCount = 0,
InstanceGroupUrls = new[]
{
"string",
},
ManagedInstanceGroupUrls = new[]
{
"string",
},
Management = new Gcp.Container.Inputs.ClusterNodePoolManagementArgs
{
AutoRepair = false,
AutoUpgrade = false,
},
MaxPodsPerNode = 0,
Name = "string",
NamePrefix = "string",
NetworkConfig = new Gcp.Container.Inputs.ClusterNodePoolNetworkConfigArgs
{
AdditionalNodeNetworkConfigs = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNetworkConfigAdditionalNodeNetworkConfigArgs
{
Network = "string",
Subnetwork = "string",
},
},
AdditionalPodNetworkConfigs = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNetworkConfigAdditionalPodNetworkConfigArgs
{
MaxPodsPerNode = 0,
SecondaryPodRange = "string",
Subnetwork = "string",
},
},
CreatePodRange = false,
EnablePrivateNodes = false,
NetworkPerformanceConfig = new Gcp.Container.Inputs.ClusterNodePoolNetworkConfigNetworkPerformanceConfigArgs
{
TotalEgressBandwidthTier = "string",
},
PodCidrOverprovisionConfig = new Gcp.Container.Inputs.ClusterNodePoolNetworkConfigPodCidrOverprovisionConfigArgs
{
Disabled = false,
},
PodIpv4CidrBlock = "string",
PodRange = "string",
},
NodeConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigArgs
{
AdvancedMachineFeatures = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs
{
ThreadsPerCore = 0,
EnableNestedVirtualization = false,
},
BootDiskKmsKey = "string",
ConfidentialNodes = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigConfidentialNodesArgs
{
Enabled = false,
},
ContainerdConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigContainerdConfigArgs
{
PrivateRegistryAccessConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs
{
Enabled = false,
CertificateAuthorityDomainConfigs = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs
{
Fqdns = new[]
{
"string",
},
GcpSecretManagerCertificateConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs
{
SecretUri = "string",
},
},
},
},
},
DiskSizeGb = 0,
DiskType = "string",
EffectiveTaints = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigEffectiveTaintArgs
{
Effect = "string",
Key = "string",
Value = "string",
},
},
EnableConfidentialStorage = false,
EphemeralStorageConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigEphemeralStorageConfigArgs
{
LocalSsdCount = 0,
},
EphemeralStorageLocalSsdConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs
{
LocalSsdCount = 0,
},
FastSocket = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigFastSocketArgs
{
Enabled = false,
},
GcfsConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigGcfsConfigArgs
{
Enabled = false,
},
GuestAccelerators = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigGuestAcceleratorArgs
{
Count = 0,
Type = "string",
GpuDriverInstallationConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs
{
GpuDriverVersion = "string",
},
GpuPartitionSize = "string",
GpuSharingConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigGuestAcceleratorGpuSharingConfigArgs
{
GpuSharingStrategy = "string",
MaxSharedClientsPerGpu = 0,
},
},
},
Gvnic = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigGvnicArgs
{
Enabled = false,
},
HostMaintenancePolicy = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigHostMaintenancePolicyArgs
{
MaintenanceInterval = "string",
},
ImageType = "string",
KubeletConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigKubeletConfigArgs
{
CpuCfsQuota = false,
CpuCfsQuotaPeriod = "string",
CpuManagerPolicy = "string",
InsecureKubeletReadonlyPortEnabled = "string",
PodPidsLimit = 0,
},
Labels =
{
{ "string", "string" },
},
LinuxNodeConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigLinuxNodeConfigArgs
{
CgroupMode = "string",
HugepagesConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigLinuxNodeConfigHugepagesConfigArgs
{
HugepageSize1g = 0,
HugepageSize2m = 0,
},
Sysctls =
{
{ "string", "string" },
},
},
LocalNvmeSsdBlockConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigLocalNvmeSsdBlockConfigArgs
{
LocalSsdCount = 0,
},
LocalSsdCount = 0,
LocalSsdEncryptionMode = "string",
LoggingVariant = "string",
MachineType = "string",
MaxRunDuration = "string",
Metadata =
{
{ "string", "string" },
},
MinCpuPlatform = "string",
NodeGroup = "string",
OauthScopes = new[]
{
"string",
},
Preemptible = false,
ReservationAffinity = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigReservationAffinityArgs
{
ConsumeReservationType = "string",
Key = "string",
Values = new[]
{
"string",
},
},
ResourceLabels =
{
{ "string", "string" },
},
ResourceManagerTags =
{
{ "string", "string" },
},
SandboxConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigSandboxConfigArgs
{
SandboxType = "string",
},
SecondaryBootDisks = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigSecondaryBootDiskArgs
{
DiskImage = "string",
Mode = "string",
},
},
ServiceAccount = "string",
ShieldedInstanceConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigShieldedInstanceConfigArgs
{
EnableIntegrityMonitoring = false,
EnableSecureBoot = false,
},
SoleTenantConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigSoleTenantConfigArgs
{
NodeAffinities = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigSoleTenantConfigNodeAffinityArgs
{
Key = "string",
Operator = "string",
Values = new[]
{
"string",
},
},
},
},
Spot = false,
StoragePools = new[]
{
"string",
},
Tags = new[]
{
"string",
},
Taints = new[]
{
new Gcp.Container.Inputs.ClusterNodePoolNodeConfigTaintArgs
{
Effect = "string",
Key = "string",
Value = "string",
},
},
WorkloadMetadataConfig = new Gcp.Container.Inputs.ClusterNodePoolNodeConfigWorkloadMetadataConfigArgs
{
Mode = "string",
},
},
NodeCount = 0,
NodeLocations = new[]
{
"string",
},
PlacementPolicy = new Gcp.Container.Inputs.ClusterNodePoolPlacementPolicyArgs
{
Type = "string",
PolicyName = "string",
TpuTopology = "string",
},
QueuedProvisioning = new Gcp.Container.Inputs.ClusterNodePoolQueuedProvisioningArgs
{
Enabled = false,
},
UpgradeSettings = new Gcp.Container.Inputs.ClusterNodePoolUpgradeSettingsArgs
{
BlueGreenSettings = new Gcp.Container.Inputs.ClusterNodePoolUpgradeSettingsBlueGreenSettingsArgs
{
StandardRolloutPolicy = new Gcp.Container.Inputs.ClusterNodePoolUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs
{
BatchNodeCount = 0,
BatchPercentage = 0,
BatchSoakDuration = "string",
},
NodePoolSoakDuration = "string",
},
MaxSurge = 0,
MaxUnavailable = 0,
Strategy = "string",
},
Version = "string",
},
},
NodeVersion = "string",
NotificationConfig = new Gcp.Container.Inputs.ClusterNotificationConfigArgs
{
Pubsub = new Gcp.Container.Inputs.ClusterNotificationConfigPubsubArgs
{
Enabled = false,
Filter = new Gcp.Container.Inputs.ClusterNotificationConfigPubsubFilterArgs
{
EventTypes = new[]
{
"string",
},
},
Topic = "string",
},
},
PodSecurityPolicyConfig = new Gcp.Container.Inputs.ClusterPodSecurityPolicyConfigArgs
{
Enabled = false,
},
PrivateClusterConfig = new Gcp.Container.Inputs.ClusterPrivateClusterConfigArgs
{
EnablePrivateEndpoint = false,
EnablePrivateNodes = false,
MasterGlobalAccessConfig = new Gcp.Container.Inputs.ClusterPrivateClusterConfigMasterGlobalAccessConfigArgs
{
Enabled = false,
},
MasterIpv4CidrBlock = "string",
PeeringName = "string",
PrivateEndpoint = "string",
PrivateEndpointSubnetwork = "string",
PublicEndpoint = "string",
},
PrivateIpv6GoogleAccess = "string",
Project = "string",
ProtectConfig = new Gcp.Container.Inputs.ClusterProtectConfigArgs
{
WorkloadConfig = new Gcp.Container.Inputs.ClusterProtectConfigWorkloadConfigArgs
{
AuditMode = "string",
},
WorkloadVulnerabilityMode = "string",
},
ReleaseChannel = new Gcp.Container.Inputs.ClusterReleaseChannelArgs
{
Channel = "string",
},
RemoveDefaultNodePool = false,
ResourceLabels =
{
{ "string", "string" },
},
ResourceUsageExportConfig = new Gcp.Container.Inputs.ClusterResourceUsageExportConfigArgs
{
BigqueryDestination = new Gcp.Container.Inputs.ClusterResourceUsageExportConfigBigqueryDestinationArgs
{
DatasetId = "string",
},
EnableNetworkEgressMetering = false,
EnableResourceConsumptionMetering = false,
},
SecretManagerConfig = new Gcp.Container.Inputs.ClusterSecretManagerConfigArgs
{
Enabled = false,
},
SecurityPostureConfig = new Gcp.Container.Inputs.ClusterSecurityPostureConfigArgs
{
Mode = "string",
VulnerabilityMode = "string",
},
ServiceExternalIpsConfig = new Gcp.Container.Inputs.ClusterServiceExternalIpsConfigArgs
{
Enabled = false,
},
Subnetwork = "string",
TpuConfig = new Gcp.Container.Inputs.ClusterTpuConfigArgs
{
Enabled = false,
Ipv4CidrBlock = "string",
UseServiceNetworking = false,
},
UserManagedKeysConfig = new Gcp.Container.Inputs.ClusterUserManagedKeysConfigArgs
{
AggregationCa = "string",
ClusterCa = "string",
ControlPlaneDiskEncryptionKey = "string",
EtcdApiCa = "string",
EtcdPeerCa = "string",
GkeopsEtcdBackupEncryptionKey = "string",
ServiceAccountSigningKeys = new[]
{
"string",
},
ServiceAccountVerificationKeys = new[]
{
"string",
},
},
VerticalPodAutoscaling = new Gcp.Container.Inputs.ClusterVerticalPodAutoscalingArgs
{
Enabled = false,
},
WorkloadAltsConfig = new Gcp.Container.Inputs.ClusterWorkloadAltsConfigArgs
{
EnableAlts = false,
},
WorkloadIdentityConfig = new Gcp.Container.Inputs.ClusterWorkloadIdentityConfigArgs
{
WorkloadPool = "string",
},
});
example, err := container.NewCluster(ctx, "gcpClusterResource", &container.ClusterArgs{
AddonsConfig: &container.ClusterAddonsConfigArgs{
CloudrunConfig: &container.ClusterAddonsConfigCloudrunConfigArgs{
Disabled: pulumi.Bool(false),
LoadBalancerType: pulumi.String("string"),
},
ConfigConnectorConfig: &container.ClusterAddonsConfigConfigConnectorConfigArgs{
Enabled: pulumi.Bool(false),
},
DnsCacheConfig: &container.ClusterAddonsConfigDnsCacheConfigArgs{
Enabled: pulumi.Bool(false),
},
GcePersistentDiskCsiDriverConfig: &container.ClusterAddonsConfigGcePersistentDiskCsiDriverConfigArgs{
Enabled: pulumi.Bool(false),
},
GcpFilestoreCsiDriverConfig: &container.ClusterAddonsConfigGcpFilestoreCsiDriverConfigArgs{
Enabled: pulumi.Bool(false),
},
GcsFuseCsiDriverConfig: &container.ClusterAddonsConfigGcsFuseCsiDriverConfigArgs{
Enabled: pulumi.Bool(false),
},
GkeBackupAgentConfig: &container.ClusterAddonsConfigGkeBackupAgentConfigArgs{
Enabled: pulumi.Bool(false),
},
HorizontalPodAutoscaling: &container.ClusterAddonsConfigHorizontalPodAutoscalingArgs{
Disabled: pulumi.Bool(false),
},
HttpLoadBalancing: &container.ClusterAddonsConfigHttpLoadBalancingArgs{
Disabled: pulumi.Bool(false),
},
IstioConfig: &container.ClusterAddonsConfigIstioConfigArgs{
Disabled: pulumi.Bool(false),
Auth: pulumi.String("string"),
},
KalmConfig: &container.ClusterAddonsConfigKalmConfigArgs{
Enabled: pulumi.Bool(false),
},
NetworkPolicyConfig: &container.ClusterAddonsConfigNetworkPolicyConfigArgs{
Disabled: pulumi.Bool(false),
},
ParallelstoreCsiDriverConfig: &container.ClusterAddonsConfigParallelstoreCsiDriverConfigArgs{
Enabled: pulumi.Bool(false),
},
RayOperatorConfigs: container.ClusterAddonsConfigRayOperatorConfigArray{
&container.ClusterAddonsConfigRayOperatorConfigArgs{
Enabled: pulumi.Bool(false),
RayClusterLoggingConfig: &container.ClusterAddonsConfigRayOperatorConfigRayClusterLoggingConfigArgs{
Enabled: pulumi.Bool(false),
},
RayClusterMonitoringConfig: &container.ClusterAddonsConfigRayOperatorConfigRayClusterMonitoringConfigArgs{
Enabled: pulumi.Bool(false),
},
},
},
StatefulHaConfig: &container.ClusterAddonsConfigStatefulHaConfigArgs{
Enabled: pulumi.Bool(false),
},
},
AllowNetAdmin: pulumi.Bool(false),
AuthenticatorGroupsConfig: &container.ClusterAuthenticatorGroupsConfigArgs{
SecurityGroup: pulumi.String("string"),
},
BinaryAuthorization: &container.ClusterBinaryAuthorizationArgs{
EvaluationMode: pulumi.String("string"),
},
ClusterAutoscaling: &container.ClusterClusterAutoscalingArgs{
AutoProvisioningDefaults: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsArgs{
BootDiskKmsKey: pulumi.String("string"),
DiskSize: pulumi.Int(0),
DiskType: pulumi.String("string"),
ImageType: pulumi.String("string"),
Management: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsManagementArgs{
AutoRepair: pulumi.Bool(false),
AutoUpgrade: pulumi.Bool(false),
UpgradeOptions: container.ClusterClusterAutoscalingAutoProvisioningDefaultsManagementUpgradeOptionArray{
&container.ClusterClusterAutoscalingAutoProvisioningDefaultsManagementUpgradeOptionArgs{
AutoUpgradeStartTime: pulumi.String("string"),
Description: pulumi.String("string"),
},
},
},
MinCpuPlatform: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
ServiceAccount: pulumi.String("string"),
ShieldedInstanceConfig: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsShieldedInstanceConfigArgs{
EnableIntegrityMonitoring: pulumi.Bool(false),
EnableSecureBoot: pulumi.Bool(false),
},
UpgradeSettings: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsArgs{
BlueGreenSettings: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsArgs{
NodePoolSoakDuration: pulumi.String("string"),
StandardRolloutPolicy: &container.ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs{
BatchNodeCount: pulumi.Int(0),
BatchPercentage: pulumi.Float64(0),
BatchSoakDuration: pulumi.String("string"),
},
},
MaxSurge: pulumi.Int(0),
MaxUnavailable: pulumi.Int(0),
Strategy: pulumi.String("string"),
},
},
AutoProvisioningLocations: pulumi.StringArray{
pulumi.String("string"),
},
AutoscalingProfile: pulumi.String("string"),
Enabled: pulumi.Bool(false),
ResourceLimits: container.ClusterClusterAutoscalingResourceLimitArray{
&container.ClusterClusterAutoscalingResourceLimitArgs{
Maximum: pulumi.Int(0),
ResourceType: pulumi.String("string"),
Minimum: pulumi.Int(0),
},
},
},
ClusterIpv4Cidr: pulumi.String("string"),
ClusterTelemetry: &container.ClusterClusterTelemetryArgs{
Type: pulumi.String("string"),
},
ConfidentialNodes: &container.ClusterConfidentialNodesArgs{
Enabled: pulumi.Bool(false),
},
ControlPlaneEndpointsConfig: &container.ClusterControlPlaneEndpointsConfigArgs{
DnsEndpointConfig: &container.ClusterControlPlaneEndpointsConfigDnsEndpointConfigArgs{
AllowExternalTraffic: pulumi.Bool(false),
Endpoint: pulumi.String("string"),
},
},
CostManagementConfig: &container.ClusterCostManagementConfigArgs{
Enabled: pulumi.Bool(false),
},
DatabaseEncryption: &container.ClusterDatabaseEncryptionArgs{
State: pulumi.String("string"),
KeyName: pulumi.String("string"),
},
DatapathProvider: pulumi.String("string"),
DefaultMaxPodsPerNode: pulumi.Int(0),
DefaultSnatStatus: &container.ClusterDefaultSnatStatusArgs{
Disabled: pulumi.Bool(false),
},
DeletionProtection: pulumi.Bool(false),
Description: pulumi.String("string"),
DnsConfig: &container.ClusterDnsConfigArgs{
AdditiveVpcScopeDnsDomain: pulumi.String("string"),
ClusterDns: pulumi.String("string"),
ClusterDnsDomain: pulumi.String("string"),
ClusterDnsScope: pulumi.String("string"),
},
EnableAutopilot: pulumi.Bool(false),
EnableCiliumClusterwideNetworkPolicy: pulumi.Bool(false),
EnableFqdnNetworkPolicy: pulumi.Bool(false),
EnableIntranodeVisibility: pulumi.Bool(false),
EnableK8sBetaApis: &container.ClusterEnableK8sBetaApisArgs{
EnabledApis: pulumi.StringArray{
pulumi.String("string"),
},
},
EnableKubernetesAlpha: pulumi.Bool(false),
EnableL4IlbSubsetting: pulumi.Bool(false),
EnableLegacyAbac: pulumi.Bool(false),
EnableMultiNetworking: pulumi.Bool(false),
EnableShieldedNodes: pulumi.Bool(false),
EnableTpu: pulumi.Bool(false),
EnterpriseConfig: &container.ClusterEnterpriseConfigArgs{
ClusterTier: pulumi.String("string"),
DesiredTier: pulumi.String("string"),
},
Fleet: &container.ClusterFleetArgs{
Membership: pulumi.String("string"),
MembershipId: pulumi.String("string"),
MembershipLocation: pulumi.String("string"),
PreRegistered: pulumi.Bool(false),
Project: pulumi.String("string"),
},
GatewayApiConfig: &container.ClusterGatewayApiConfigArgs{
Channel: pulumi.String("string"),
},
IdentityServiceConfig: &container.ClusterIdentityServiceConfigArgs{
Enabled: pulumi.Bool(false),
},
InitialNodeCount: pulumi.Int(0),
IpAllocationPolicy: &container.ClusterIpAllocationPolicyArgs{
AdditionalPodRangesConfig: &container.ClusterIpAllocationPolicyAdditionalPodRangesConfigArgs{
PodRangeNames: pulumi.StringArray{
pulumi.String("string"),
},
},
ClusterIpv4CidrBlock: pulumi.String("string"),
ClusterSecondaryRangeName: pulumi.String("string"),
PodCidrOverprovisionConfig: &container.ClusterIpAllocationPolicyPodCidrOverprovisionConfigArgs{
Disabled: pulumi.Bool(false),
},
ServicesIpv4CidrBlock: pulumi.String("string"),
ServicesSecondaryRangeName: pulumi.String("string"),
StackType: pulumi.String("string"),
},
Location: pulumi.String("string"),
LoggingConfig: &container.ClusterLoggingConfigArgs{
EnableComponents: pulumi.StringArray{
pulumi.String("string"),
},
},
LoggingService: pulumi.String("string"),
MaintenancePolicy: &container.ClusterMaintenancePolicyArgs{
DailyMaintenanceWindow: &container.ClusterMaintenancePolicyDailyMaintenanceWindowArgs{
StartTime: pulumi.String("string"),
Duration: pulumi.String("string"),
},
MaintenanceExclusions: container.ClusterMaintenancePolicyMaintenanceExclusionArray{
&container.ClusterMaintenancePolicyMaintenanceExclusionArgs{
EndTime: pulumi.String("string"),
ExclusionName: pulumi.String("string"),
StartTime: pulumi.String("string"),
ExclusionOptions: &container.ClusterMaintenancePolicyMaintenanceExclusionExclusionOptionsArgs{
Scope: pulumi.String("string"),
},
},
},
RecurringWindow: &container.ClusterMaintenancePolicyRecurringWindowArgs{
EndTime: pulumi.String("string"),
Recurrence: pulumi.String("string"),
StartTime: pulumi.String("string"),
},
},
MasterAuth: &container.ClusterMasterAuthArgs{
ClientCertificateConfig: &container.ClusterMasterAuthClientCertificateConfigArgs{
IssueClientCertificate: pulumi.Bool(false),
},
ClientCertificate: pulumi.String("string"),
ClientKey: pulumi.String("string"),
ClusterCaCertificate: pulumi.String("string"),
},
MasterAuthorizedNetworksConfig: &container.ClusterMasterAuthorizedNetworksConfigArgs{
CidrBlocks: container.ClusterMasterAuthorizedNetworksConfigCidrBlockArray{
&container.ClusterMasterAuthorizedNetworksConfigCidrBlockArgs{
CidrBlock: pulumi.String("string"),
DisplayName: pulumi.String("string"),
},
},
GcpPublicCidrsAccessEnabled: pulumi.Bool(false),
PrivateEndpointEnforcementEnabled: pulumi.Bool(false),
},
MeshCertificates: &container.ClusterMeshCertificatesArgs{
EnableCertificates: pulumi.Bool(false),
},
MinMasterVersion: pulumi.String("string"),
MonitoringConfig: &container.ClusterMonitoringConfigArgs{
AdvancedDatapathObservabilityConfig: &container.ClusterMonitoringConfigAdvancedDatapathObservabilityConfigArgs{
EnableMetrics: pulumi.Bool(false),
EnableRelay: pulumi.Bool(false),
},
EnableComponents: pulumi.StringArray{
pulumi.String("string"),
},
ManagedPrometheus: &container.ClusterMonitoringConfigManagedPrometheusArgs{
Enabled: pulumi.Bool(false),
AutoMonitoringConfig: &container.ClusterMonitoringConfigManagedPrometheusAutoMonitoringConfigArgs{
Scope: pulumi.String("string"),
},
},
},
MonitoringService: pulumi.String("string"),
Name: pulumi.String("string"),
Network: pulumi.String("string"),
NetworkPolicy: &container.ClusterNetworkPolicyArgs{
Enabled: pulumi.Bool(false),
Provider: pulumi.String("string"),
},
NetworkingMode: pulumi.String("string"),
NodeConfig: &container.ClusterNodeConfigArgs{
AdvancedMachineFeatures: &container.ClusterNodeConfigAdvancedMachineFeaturesArgs{
ThreadsPerCore: pulumi.Int(0),
EnableNestedVirtualization: pulumi.Bool(false),
},
BootDiskKmsKey: pulumi.String("string"),
ConfidentialNodes: &container.ClusterNodeConfigConfidentialNodesArgs{
Enabled: pulumi.Bool(false),
},
ContainerdConfig: &container.ClusterNodeConfigContainerdConfigArgs{
PrivateRegistryAccessConfig: &container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{
Enabled: pulumi.Bool(false),
CertificateAuthorityDomainConfigs: container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{
&container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{
Fqdns: pulumi.StringArray{
pulumi.String("string"),
},
GcpSecretManagerCertificateConfig: &container.ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{
SecretUri: pulumi.String("string"),
},
},
},
},
},
DiskSizeGb: pulumi.Int(0),
DiskType: pulumi.String("string"),
EffectiveTaints: container.ClusterNodeConfigEffectiveTaintArray{
&container.ClusterNodeConfigEffectiveTaintArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
EnableConfidentialStorage: pulumi.Bool(false),
EphemeralStorageConfig: &container.ClusterNodeConfigEphemeralStorageConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
EphemeralStorageLocalSsdConfig: &container.ClusterNodeConfigEphemeralStorageLocalSsdConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
FastSocket: &container.ClusterNodeConfigFastSocketArgs{
Enabled: pulumi.Bool(false),
},
GcfsConfig: &container.ClusterNodeConfigGcfsConfigArgs{
Enabled: pulumi.Bool(false),
},
GuestAccelerators: container.ClusterNodeConfigGuestAcceleratorArray{
&container.ClusterNodeConfigGuestAcceleratorArgs{
Count: pulumi.Int(0),
Type: pulumi.String("string"),
GpuDriverInstallationConfig: &container.ClusterNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs{
GpuDriverVersion: pulumi.String("string"),
},
GpuPartitionSize: pulumi.String("string"),
GpuSharingConfig: &container.ClusterNodeConfigGuestAcceleratorGpuSharingConfigArgs{
GpuSharingStrategy: pulumi.String("string"),
MaxSharedClientsPerGpu: pulumi.Int(0),
},
},
},
Gvnic: &container.ClusterNodeConfigGvnicArgs{
Enabled: pulumi.Bool(false),
},
HostMaintenancePolicy: &container.ClusterNodeConfigHostMaintenancePolicyArgs{
MaintenanceInterval: pulumi.String("string"),
},
ImageType: pulumi.String("string"),
KubeletConfig: &container.ClusterNodeConfigKubeletConfigArgs{
CpuCfsQuota: pulumi.Bool(false),
CpuCfsQuotaPeriod: pulumi.String("string"),
CpuManagerPolicy: pulumi.String("string"),
InsecureKubeletReadonlyPortEnabled: pulumi.String("string"),
PodPidsLimit: pulumi.Int(0),
},
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
LinuxNodeConfig: &container.ClusterNodeConfigLinuxNodeConfigArgs{
CgroupMode: pulumi.String("string"),
HugepagesConfig: &container.ClusterNodeConfigLinuxNodeConfigHugepagesConfigArgs{
HugepageSize1g: pulumi.Int(0),
HugepageSize2m: pulumi.Int(0),
},
Sysctls: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
LocalNvmeSsdBlockConfig: &container.ClusterNodeConfigLocalNvmeSsdBlockConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
LocalSsdCount: pulumi.Int(0),
LocalSsdEncryptionMode: pulumi.String("string"),
LoggingVariant: pulumi.String("string"),
MachineType: pulumi.String("string"),
MaxRunDuration: pulumi.String("string"),
Metadata: pulumi.StringMap{
"string": pulumi.String("string"),
},
MinCpuPlatform: pulumi.String("string"),
NodeGroup: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
Preemptible: pulumi.Bool(false),
ReservationAffinity: &container.ClusterNodeConfigReservationAffinityArgs{
ConsumeReservationType: pulumi.String("string"),
Key: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
ResourceLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ResourceManagerTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
SandboxConfig: &container.ClusterNodeConfigSandboxConfigArgs{
SandboxType: pulumi.String("string"),
},
SecondaryBootDisks: container.ClusterNodeConfigSecondaryBootDiskArray{
&container.ClusterNodeConfigSecondaryBootDiskArgs{
DiskImage: pulumi.String("string"),
Mode: pulumi.String("string"),
},
},
ServiceAccount: pulumi.String("string"),
ShieldedInstanceConfig: &container.ClusterNodeConfigShieldedInstanceConfigArgs{
EnableIntegrityMonitoring: pulumi.Bool(false),
EnableSecureBoot: pulumi.Bool(false),
},
SoleTenantConfig: &container.ClusterNodeConfigSoleTenantConfigArgs{
NodeAffinities: container.ClusterNodeConfigSoleTenantConfigNodeAffinityArray{
&container.ClusterNodeConfigSoleTenantConfigNodeAffinityArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Spot: pulumi.Bool(false),
StoragePools: pulumi.StringArray{
pulumi.String("string"),
},
Tags: pulumi.StringArray{
pulumi.String("string"),
},
Taints: container.ClusterNodeConfigTaintArray{
&container.ClusterNodeConfigTaintArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WorkloadMetadataConfig: &container.ClusterNodeConfigWorkloadMetadataConfigArgs{
Mode: pulumi.String("string"),
},
},
NodeLocations: pulumi.StringArray{
pulumi.String("string"),
},
NodePoolAutoConfig: &container.ClusterNodePoolAutoConfigArgs{
LinuxNodeConfig: &container.ClusterNodePoolAutoConfigLinuxNodeConfigArgs{
CgroupMode: pulumi.String("string"),
},
NetworkTags: &container.ClusterNodePoolAutoConfigNetworkTagsArgs{
Tags: pulumi.StringArray{
pulumi.String("string"),
},
},
NodeKubeletConfig: &container.ClusterNodePoolAutoConfigNodeKubeletConfigArgs{
InsecureKubeletReadonlyPortEnabled: pulumi.String("string"),
},
ResourceManagerTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
NodePoolDefaults: &container.ClusterNodePoolDefaultsArgs{
NodeConfigDefaults: &container.ClusterNodePoolDefaultsNodeConfigDefaultsArgs{
ContainerdConfig: &container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs{
PrivateRegistryAccessConfig: &container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs{
Enabled: pulumi.Bool(false),
CertificateAuthorityDomainConfigs: container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{
&container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{
Fqdns: pulumi.StringArray{
pulumi.String("string"),
},
GcpSecretManagerCertificateConfig: &container.ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{
SecretUri: pulumi.String("string"),
},
},
},
},
},
GcfsConfig: &container.ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs{
Enabled: pulumi.Bool(false),
},
InsecureKubeletReadonlyPortEnabled: pulumi.String("string"),
LoggingVariant: pulumi.String("string"),
},
},
NodePools: container.ClusterNodePoolArray{
&container.ClusterNodePoolArgs{
Autoscaling: &container.ClusterNodePoolAutoscalingArgs{
LocationPolicy: pulumi.String("string"),
MaxNodeCount: pulumi.Int(0),
MinNodeCount: pulumi.Int(0),
TotalMaxNodeCount: pulumi.Int(0),
TotalMinNodeCount: pulumi.Int(0),
},
InitialNodeCount: pulumi.Int(0),
InstanceGroupUrls: pulumi.StringArray{
pulumi.String("string"),
},
ManagedInstanceGroupUrls: pulumi.StringArray{
pulumi.String("string"),
},
Management: &container.ClusterNodePoolManagementArgs{
AutoRepair: pulumi.Bool(false),
AutoUpgrade: pulumi.Bool(false),
},
MaxPodsPerNode: pulumi.Int(0),
Name: pulumi.String("string"),
NamePrefix: pulumi.String("string"),
NetworkConfig: &container.ClusterNodePoolNetworkConfigArgs{
AdditionalNodeNetworkConfigs: container.ClusterNodePoolNetworkConfigAdditionalNodeNetworkConfigArray{
&container.ClusterNodePoolNetworkConfigAdditionalNodeNetworkConfigArgs{
Network: pulumi.String("string"),
Subnetwork: pulumi.String("string"),
},
},
AdditionalPodNetworkConfigs: container.ClusterNodePoolNetworkConfigAdditionalPodNetworkConfigArray{
&container.ClusterNodePoolNetworkConfigAdditionalPodNetworkConfigArgs{
MaxPodsPerNode: pulumi.Int(0),
SecondaryPodRange: pulumi.String("string"),
Subnetwork: pulumi.String("string"),
},
},
CreatePodRange: pulumi.Bool(false),
EnablePrivateNodes: pulumi.Bool(false),
NetworkPerformanceConfig: &container.ClusterNodePoolNetworkConfigNetworkPerformanceConfigArgs{
TotalEgressBandwidthTier: pulumi.String("string"),
},
PodCidrOverprovisionConfig: &container.ClusterNodePoolNetworkConfigPodCidrOverprovisionConfigArgs{
Disabled: pulumi.Bool(false),
},
PodIpv4CidrBlock: pulumi.String("string"),
PodRange: pulumi.String("string"),
},
NodeConfig: &container.ClusterNodePoolNodeConfigArgs{
AdvancedMachineFeatures: &container.ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs{
ThreadsPerCore: pulumi.Int(0),
EnableNestedVirtualization: pulumi.Bool(false),
},
BootDiskKmsKey: pulumi.String("string"),
ConfidentialNodes: &container.ClusterNodePoolNodeConfigConfidentialNodesArgs{
Enabled: pulumi.Bool(false),
},
ContainerdConfig: &container.ClusterNodePoolNodeConfigContainerdConfigArgs{
PrivateRegistryAccessConfig: &container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs{
Enabled: pulumi.Bool(false),
CertificateAuthorityDomainConfigs: container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArray{
&container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs{
Fqdns: pulumi.StringArray{
pulumi.String("string"),
},
GcpSecretManagerCertificateConfig: &container.ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs{
SecretUri: pulumi.String("string"),
},
},
},
},
},
DiskSizeGb: pulumi.Int(0),
DiskType: pulumi.String("string"),
EffectiveTaints: container.ClusterNodePoolNodeConfigEffectiveTaintArray{
&container.ClusterNodePoolNodeConfigEffectiveTaintArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
EnableConfidentialStorage: pulumi.Bool(false),
EphemeralStorageConfig: &container.ClusterNodePoolNodeConfigEphemeralStorageConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
EphemeralStorageLocalSsdConfig: &container.ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
FastSocket: &container.ClusterNodePoolNodeConfigFastSocketArgs{
Enabled: pulumi.Bool(false),
},
GcfsConfig: &container.ClusterNodePoolNodeConfigGcfsConfigArgs{
Enabled: pulumi.Bool(false),
},
GuestAccelerators: container.ClusterNodePoolNodeConfigGuestAcceleratorArray{
&container.ClusterNodePoolNodeConfigGuestAcceleratorArgs{
Count: pulumi.Int(0),
Type: pulumi.String("string"),
GpuDriverInstallationConfig: &container.ClusterNodePoolNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs{
GpuDriverVersion: pulumi.String("string"),
},
GpuPartitionSize: pulumi.String("string"),
GpuSharingConfig: &container.ClusterNodePoolNodeConfigGuestAcceleratorGpuSharingConfigArgs{
GpuSharingStrategy: pulumi.String("string"),
MaxSharedClientsPerGpu: pulumi.Int(0),
},
},
},
Gvnic: &container.ClusterNodePoolNodeConfigGvnicArgs{
Enabled: pulumi.Bool(false),
},
HostMaintenancePolicy: &container.ClusterNodePoolNodeConfigHostMaintenancePolicyArgs{
MaintenanceInterval: pulumi.String("string"),
},
ImageType: pulumi.String("string"),
KubeletConfig: &container.ClusterNodePoolNodeConfigKubeletConfigArgs{
CpuCfsQuota: pulumi.Bool(false),
CpuCfsQuotaPeriod: pulumi.String("string"),
CpuManagerPolicy: pulumi.String("string"),
InsecureKubeletReadonlyPortEnabled: pulumi.String("string"),
PodPidsLimit: pulumi.Int(0),
},
Labels: pulumi.StringMap{
"string": pulumi.String("string"),
},
LinuxNodeConfig: &container.ClusterNodePoolNodeConfigLinuxNodeConfigArgs{
CgroupMode: pulumi.String("string"),
HugepagesConfig: &container.ClusterNodePoolNodeConfigLinuxNodeConfigHugepagesConfigArgs{
HugepageSize1g: pulumi.Int(0),
HugepageSize2m: pulumi.Int(0),
},
Sysctls: pulumi.StringMap{
"string": pulumi.String("string"),
},
},
LocalNvmeSsdBlockConfig: &container.ClusterNodePoolNodeConfigLocalNvmeSsdBlockConfigArgs{
LocalSsdCount: pulumi.Int(0),
},
LocalSsdCount: pulumi.Int(0),
LocalSsdEncryptionMode: pulumi.String("string"),
LoggingVariant: pulumi.String("string"),
MachineType: pulumi.String("string"),
MaxRunDuration: pulumi.String("string"),
Metadata: pulumi.StringMap{
"string": pulumi.String("string"),
},
MinCpuPlatform: pulumi.String("string"),
NodeGroup: pulumi.String("string"),
OauthScopes: pulumi.StringArray{
pulumi.String("string"),
},
Preemptible: pulumi.Bool(false),
ReservationAffinity: &container.ClusterNodePoolNodeConfigReservationAffinityArgs{
ConsumeReservationType: pulumi.String("string"),
Key: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
ResourceLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ResourceManagerTags: pulumi.StringMap{
"string": pulumi.String("string"),
},
SandboxConfig: &container.ClusterNodePoolNodeConfigSandboxConfigArgs{
SandboxType: pulumi.String("string"),
},
SecondaryBootDisks: container.ClusterNodePoolNodeConfigSecondaryBootDiskArray{
&container.ClusterNodePoolNodeConfigSecondaryBootDiskArgs{
DiskImage: pulumi.String("string"),
Mode: pulumi.String("string"),
},
},
ServiceAccount: pulumi.String("string"),
ShieldedInstanceConfig: &container.ClusterNodePoolNodeConfigShieldedInstanceConfigArgs{
EnableIntegrityMonitoring: pulumi.Bool(false),
EnableSecureBoot: pulumi.Bool(false),
},
SoleTenantConfig: &container.ClusterNodePoolNodeConfigSoleTenantConfigArgs{
NodeAffinities: container.ClusterNodePoolNodeConfigSoleTenantConfigNodeAffinityArray{
&container.ClusterNodePoolNodeConfigSoleTenantConfigNodeAffinityArgs{
Key: pulumi.String("string"),
Operator: pulumi.String("string"),
Values: pulumi.StringArray{
pulumi.String("string"),
},
},
},
},
Spot: pulumi.Bool(false),
StoragePools: pulumi.StringArray{
pulumi.String("string"),
},
Tags: pulumi.StringArray{
pulumi.String("string"),
},
Taints: container.ClusterNodePoolNodeConfigTaintArray{
&container.ClusterNodePoolNodeConfigTaintArgs{
Effect: pulumi.String("string"),
Key: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
WorkloadMetadataConfig: &container.ClusterNodePoolNodeConfigWorkloadMetadataConfigArgs{
Mode: pulumi.String("string"),
},
},
NodeCount: pulumi.Int(0),
NodeLocations: pulumi.StringArray{
pulumi.String("string"),
},
PlacementPolicy: &container.ClusterNodePoolPlacementPolicyArgs{
Type: pulumi.String("string"),
PolicyName: pulumi.String("string"),
TpuTopology: pulumi.String("string"),
},
QueuedProvisioning: &container.ClusterNodePoolQueuedProvisioningArgs{
Enabled: pulumi.Bool(false),
},
UpgradeSettings: &container.ClusterNodePoolUpgradeSettingsArgs{
BlueGreenSettings: &container.ClusterNodePoolUpgradeSettingsBlueGreenSettingsArgs{
StandardRolloutPolicy: &container.ClusterNodePoolUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs{
BatchNodeCount: pulumi.Int(0),
BatchPercentage: pulumi.Float64(0),
BatchSoakDuration: pulumi.String("string"),
},
NodePoolSoakDuration: pulumi.String("string"),
},
MaxSurge: pulumi.Int(0),
MaxUnavailable: pulumi.Int(0),
Strategy: pulumi.String("string"),
},
Version: pulumi.String("string"),
},
},
NodeVersion: pulumi.String("string"),
NotificationConfig: &container.ClusterNotificationConfigArgs{
Pubsub: &container.ClusterNotificationConfigPubsubArgs{
Enabled: pulumi.Bool(false),
Filter: &container.ClusterNotificationConfigPubsubFilterArgs{
EventTypes: pulumi.StringArray{
pulumi.String("string"),
},
},
Topic: pulumi.String("string"),
},
},
PodSecurityPolicyConfig: &container.ClusterPodSecurityPolicyConfigArgs{
Enabled: pulumi.Bool(false),
},
PrivateClusterConfig: &container.ClusterPrivateClusterConfigArgs{
EnablePrivateEndpoint: pulumi.Bool(false),
EnablePrivateNodes: pulumi.Bool(false),
MasterGlobalAccessConfig: &container.ClusterPrivateClusterConfigMasterGlobalAccessConfigArgs{
Enabled: pulumi.Bool(false),
},
MasterIpv4CidrBlock: pulumi.String("string"),
PeeringName: pulumi.String("string"),
PrivateEndpoint: pulumi.String("string"),
PrivateEndpointSubnetwork: pulumi.String("string"),
PublicEndpoint: pulumi.String("string"),
},
PrivateIpv6GoogleAccess: pulumi.String("string"),
Project: pulumi.String("string"),
ProtectConfig: &container.ClusterProtectConfigArgs{
WorkloadConfig: &container.ClusterProtectConfigWorkloadConfigArgs{
AuditMode: pulumi.String("string"),
},
WorkloadVulnerabilityMode: pulumi.String("string"),
},
ReleaseChannel: &container.ClusterReleaseChannelArgs{
Channel: pulumi.String("string"),
},
RemoveDefaultNodePool: pulumi.Bool(false),
ResourceLabels: pulumi.StringMap{
"string": pulumi.String("string"),
},
ResourceUsageExportConfig: &container.ClusterResourceUsageExportConfigArgs{
BigqueryDestination: &container.ClusterResourceUsageExportConfigBigqueryDestinationArgs{
DatasetId: pulumi.String("string"),
},
EnableNetworkEgressMetering: pulumi.Bool(false),
EnableResourceConsumptionMetering: pulumi.Bool(false),
},
SecretManagerConfig: &container.ClusterSecretManagerConfigArgs{
Enabled: pulumi.Bool(false),
},
SecurityPostureConfig: &container.ClusterSecurityPostureConfigArgs{
Mode: pulumi.String("string"),
VulnerabilityMode: pulumi.String("string"),
},
ServiceExternalIpsConfig: &container.ClusterServiceExternalIpsConfigArgs{
Enabled: pulumi.Bool(false),
},
Subnetwork: pulumi.String("string"),
TpuConfig: &container.ClusterTpuConfigArgs{
Enabled: pulumi.Bool(false),
Ipv4CidrBlock: pulumi.String("string"),
UseServiceNetworking: pulumi.Bool(false),
},
UserManagedKeysConfig: &container.ClusterUserManagedKeysConfigArgs{
AggregationCa: pulumi.String("string"),
ClusterCa: pulumi.String("string"),
ControlPlaneDiskEncryptionKey: pulumi.String("string"),
EtcdApiCa: pulumi.String("string"),
EtcdPeerCa: pulumi.String("string"),
GkeopsEtcdBackupEncryptionKey: pulumi.String("string"),
ServiceAccountSigningKeys: pulumi.StringArray{
pulumi.String("string"),
},
ServiceAccountVerificationKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
VerticalPodAutoscaling: &container.ClusterVerticalPodAutoscalingArgs{
Enabled: pulumi.Bool(false),
},
WorkloadAltsConfig: &container.ClusterWorkloadAltsConfigArgs{
EnableAlts: pulumi.Bool(false),
},
WorkloadIdentityConfig: &container.ClusterWorkloadIdentityConfigArgs{
WorkloadPool: pulumi.String("string"),
},
})
var gcpClusterResource = new Cluster("gcpClusterResource", ClusterArgs.builder()
.addonsConfig(ClusterAddonsConfigArgs.builder()
.cloudrunConfig(ClusterAddonsConfigCloudrunConfigArgs.builder()
.disabled(false)
.loadBalancerType("string")
.build())
.configConnectorConfig(ClusterAddonsConfigConfigConnectorConfigArgs.builder()
.enabled(false)
.build())
.dnsCacheConfig(ClusterAddonsConfigDnsCacheConfigArgs.builder()
.enabled(false)
.build())
.gcePersistentDiskCsiDriverConfig(ClusterAddonsConfigGcePersistentDiskCsiDriverConfigArgs.builder()
.enabled(false)
.build())
.gcpFilestoreCsiDriverConfig(ClusterAddonsConfigGcpFilestoreCsiDriverConfigArgs.builder()
.enabled(false)
.build())
.gcsFuseCsiDriverConfig(ClusterAddonsConfigGcsFuseCsiDriverConfigArgs.builder()
.enabled(false)
.build())
.gkeBackupAgentConfig(ClusterAddonsConfigGkeBackupAgentConfigArgs.builder()
.enabled(false)
.build())
.horizontalPodAutoscaling(ClusterAddonsConfigHorizontalPodAutoscalingArgs.builder()
.disabled(false)
.build())
.httpLoadBalancing(ClusterAddonsConfigHttpLoadBalancingArgs.builder()
.disabled(false)
.build())
.istioConfig(ClusterAddonsConfigIstioConfigArgs.builder()
.disabled(false)
.auth("string")
.build())
.kalmConfig(ClusterAddonsConfigKalmConfigArgs.builder()
.enabled(false)
.build())
.networkPolicyConfig(ClusterAddonsConfigNetworkPolicyConfigArgs.builder()
.disabled(false)
.build())
.parallelstoreCsiDriverConfig(ClusterAddonsConfigParallelstoreCsiDriverConfigArgs.builder()
.enabled(false)
.build())
.rayOperatorConfigs(ClusterAddonsConfigRayOperatorConfigArgs.builder()
.enabled(false)
.rayClusterLoggingConfig(ClusterAddonsConfigRayOperatorConfigRayClusterLoggingConfigArgs.builder()
.enabled(false)
.build())
.rayClusterMonitoringConfig(ClusterAddonsConfigRayOperatorConfigRayClusterMonitoringConfigArgs.builder()
.enabled(false)
.build())
.build())
.statefulHaConfig(ClusterAddonsConfigStatefulHaConfigArgs.builder()
.enabled(false)
.build())
.build())
.allowNetAdmin(false)
.authenticatorGroupsConfig(ClusterAuthenticatorGroupsConfigArgs.builder()
.securityGroup("string")
.build())
.binaryAuthorization(ClusterBinaryAuthorizationArgs.builder()
.evaluationMode("string")
.build())
.clusterAutoscaling(ClusterClusterAutoscalingArgs.builder()
.autoProvisioningDefaults(ClusterClusterAutoscalingAutoProvisioningDefaultsArgs.builder()
.bootDiskKmsKey("string")
.diskSize(0)
.diskType("string")
.imageType("string")
.management(ClusterClusterAutoscalingAutoProvisioningDefaultsManagementArgs.builder()
.autoRepair(false)
.autoUpgrade(false)
.upgradeOptions(ClusterClusterAutoscalingAutoProvisioningDefaultsManagementUpgradeOptionArgs.builder()
.autoUpgradeStartTime("string")
.description("string")
.build())
.build())
.minCpuPlatform("string")
.oauthScopes("string")
.serviceAccount("string")
.shieldedInstanceConfig(ClusterClusterAutoscalingAutoProvisioningDefaultsShieldedInstanceConfigArgs.builder()
.enableIntegrityMonitoring(false)
.enableSecureBoot(false)
.build())
.upgradeSettings(ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsArgs.builder()
.blueGreenSettings(ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsArgs.builder()
.nodePoolSoakDuration("string")
.standardRolloutPolicy(ClusterClusterAutoscalingAutoProvisioningDefaultsUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs.builder()
.batchNodeCount(0)
.batchPercentage(0)
.batchSoakDuration("string")
.build())
.build())
.maxSurge(0)
.maxUnavailable(0)
.strategy("string")
.build())
.build())
.autoProvisioningLocations("string")
.autoscalingProfile("string")
.enabled(false)
.resourceLimits(ClusterClusterAutoscalingResourceLimitArgs.builder()
.maximum(0)
.resourceType("string")
.minimum(0)
.build())
.build())
.clusterIpv4Cidr("string")
.clusterTelemetry(ClusterClusterTelemetryArgs.builder()
.type("string")
.build())
.confidentialNodes(ClusterConfidentialNodesArgs.builder()
.enabled(false)
.build())
.controlPlaneEndpointsConfig(ClusterControlPlaneEndpointsConfigArgs.builder()
.dnsEndpointConfig(ClusterControlPlaneEndpointsConfigDnsEndpointConfigArgs.builder()
.allowExternalTraffic(false)
.endpoint("string")
.build())
.build())
.costManagementConfig(ClusterCostManagementConfigArgs.builder()
.enabled(false)
.build())
.databaseEncryption(ClusterDatabaseEncryptionArgs.builder()
.state("string")
.keyName("string")
.build())
.datapathProvider("string")
.defaultMaxPodsPerNode(0)
.defaultSnatStatus(ClusterDefaultSnatStatusArgs.builder()
.disabled(false)
.build())
.deletionProtection(false)
.description("string")
.dnsConfig(ClusterDnsConfigArgs.builder()
.additiveVpcScopeDnsDomain("string")
.clusterDns("string")
.clusterDnsDomain("string")
.clusterDnsScope("string")
.build())
.enableAutopilot(false)
.enableCiliumClusterwideNetworkPolicy(false)
.enableFqdnNetworkPolicy(false)
.enableIntranodeVisibility(false)
.enableK8sBetaApis(ClusterEnableK8sBetaApisArgs.builder()
.enabledApis("string")
.build())
.enableKubernetesAlpha(false)
.enableL4IlbSubsetting(false)
.enableLegacyAbac(false)
.enableMultiNetworking(false)
.enableShieldedNodes(false)
.enableTpu(false)
.enterpriseConfig(ClusterEnterpriseConfigArgs.builder()
.clusterTier("string")
.desiredTier("string")
.build())
.fleet(ClusterFleetArgs.builder()
.membership("string")
.membershipId("string")
.membershipLocation("string")
.preRegistered(false)
.project("string")
.build())
.gatewayApiConfig(ClusterGatewayApiConfigArgs.builder()
.channel("string")
.build())
.identityServiceConfig(ClusterIdentityServiceConfigArgs.builder()
.enabled(false)
.build())
.initialNodeCount(0)
.ipAllocationPolicy(ClusterIpAllocationPolicyArgs.builder()
.additionalPodRangesConfig(ClusterIpAllocationPolicyAdditionalPodRangesConfigArgs.builder()
.podRangeNames("string")
.build())
.clusterIpv4CidrBlock("string")
.clusterSecondaryRangeName("string")
.podCidrOverprovisionConfig(ClusterIpAllocationPolicyPodCidrOverprovisionConfigArgs.builder()
.disabled(false)
.build())
.servicesIpv4CidrBlock("string")
.servicesSecondaryRangeName("string")
.stackType("string")
.build())
.location("string")
.loggingConfig(ClusterLoggingConfigArgs.builder()
.enableComponents("string")
.build())
.loggingService("string")
.maintenancePolicy(ClusterMaintenancePolicyArgs.builder()
.dailyMaintenanceWindow(ClusterMaintenancePolicyDailyMaintenanceWindowArgs.builder()
.startTime("string")
.duration("string")
.build())
.maintenanceExclusions(ClusterMaintenancePolicyMaintenanceExclusionArgs.builder()
.endTime("string")
.exclusionName("string")
.startTime("string")
.exclusionOptions(ClusterMaintenancePolicyMaintenanceExclusionExclusionOptionsArgs.builder()
.scope("string")
.build())
.build())
.recurringWindow(ClusterMaintenancePolicyRecurringWindowArgs.builder()
.endTime("string")
.recurrence("string")
.startTime("string")
.build())
.build())
.masterAuth(ClusterMasterAuthArgs.builder()
.clientCertificateConfig(ClusterMasterAuthClientCertificateConfigArgs.builder()
.issueClientCertificate(false)
.build())
.clientCertificate("string")
.clientKey("string")
.clusterCaCertificate("string")
.build())
.masterAuthorizedNetworksConfig(ClusterMasterAuthorizedNetworksConfigArgs.builder()
.cidrBlocks(ClusterMasterAuthorizedNetworksConfigCidrBlockArgs.builder()
.cidrBlock("string")
.displayName("string")
.build())
.gcpPublicCidrsAccessEnabled(false)
.privateEndpointEnforcementEnabled(false)
.build())
.meshCertificates(ClusterMeshCertificatesArgs.builder()
.enableCertificates(false)
.build())
.minMasterVersion("string")
.monitoringConfig(ClusterMonitoringConfigArgs.builder()
.advancedDatapathObservabilityConfig(ClusterMonitoringConfigAdvancedDatapathObservabilityConfigArgs.builder()
.enableMetrics(false)
.enableRelay(false)
.build())
.enableComponents("string")
.managedPrometheus(ClusterMonitoringConfigManagedPrometheusArgs.builder()
.enabled(false)
.autoMonitoringConfig(ClusterMonitoringConfigManagedPrometheusAutoMonitoringConfigArgs.builder()
.scope("string")
.build())
.build())
.build())
.monitoringService("string")
.name("string")
.network("string")
.networkPolicy(ClusterNetworkPolicyArgs.builder()
.enabled(false)
.provider("string")
.build())
.networkingMode("string")
.nodeConfig(ClusterNodeConfigArgs.builder()
.advancedMachineFeatures(ClusterNodeConfigAdvancedMachineFeaturesArgs.builder()
.threadsPerCore(0)
.enableNestedVirtualization(false)
.build())
.bootDiskKmsKey("string")
.confidentialNodes(ClusterNodeConfigConfidentialNodesArgs.builder()
.enabled(false)
.build())
.containerdConfig(ClusterNodeConfigContainerdConfigArgs.builder()
.privateRegistryAccessConfig(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.builder()
.enabled(false)
.certificateAuthorityDomainConfigs(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.builder()
.fqdns("string")
.gcpSecretManagerCertificateConfig(ClusterNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.builder()
.secretUri("string")
.build())
.build())
.build())
.build())
.diskSizeGb(0)
.diskType("string")
.effectiveTaints(ClusterNodeConfigEffectiveTaintArgs.builder()
.effect("string")
.key("string")
.value("string")
.build())
.enableConfidentialStorage(false)
.ephemeralStorageConfig(ClusterNodeConfigEphemeralStorageConfigArgs.builder()
.localSsdCount(0)
.build())
.ephemeralStorageLocalSsdConfig(ClusterNodeConfigEphemeralStorageLocalSsdConfigArgs.builder()
.localSsdCount(0)
.build())
.fastSocket(ClusterNodeConfigFastSocketArgs.builder()
.enabled(false)
.build())
.gcfsConfig(ClusterNodeConfigGcfsConfigArgs.builder()
.enabled(false)
.build())
.guestAccelerators(ClusterNodeConfigGuestAcceleratorArgs.builder()
.count(0)
.type("string")
.gpuDriverInstallationConfig(ClusterNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs.builder()
.gpuDriverVersion("string")
.build())
.gpuPartitionSize("string")
.gpuSharingConfig(ClusterNodeConfigGuestAcceleratorGpuSharingConfigArgs.builder()
.gpuSharingStrategy("string")
.maxSharedClientsPerGpu(0)
.build())
.build())
.gvnic(ClusterNodeConfigGvnicArgs.builder()
.enabled(false)
.build())
.hostMaintenancePolicy(ClusterNodeConfigHostMaintenancePolicyArgs.builder()
.maintenanceInterval("string")
.build())
.imageType("string")
.kubeletConfig(ClusterNodeConfigKubeletConfigArgs.builder()
.cpuCfsQuota(false)
.cpuCfsQuotaPeriod("string")
.cpuManagerPolicy("string")
.insecureKubeletReadonlyPortEnabled("string")
.podPidsLimit(0)
.build())
.labels(Map.of("string", "string"))
.linuxNodeConfig(ClusterNodeConfigLinuxNodeConfigArgs.builder()
.cgroupMode("string")
.hugepagesConfig(ClusterNodeConfigLinuxNodeConfigHugepagesConfigArgs.builder()
.hugepageSize1g(0)
.hugepageSize2m(0)
.build())
.sysctls(Map.of("string", "string"))
.build())
.localNvmeSsdBlockConfig(ClusterNodeConfigLocalNvmeSsdBlockConfigArgs.builder()
.localSsdCount(0)
.build())
.localSsdCount(0)
.localSsdEncryptionMode("string")
.loggingVariant("string")
.machineType("string")
.maxRunDuration("string")
.metadata(Map.of("string", "string"))
.minCpuPlatform("string")
.nodeGroup("string")
.oauthScopes("string")
.preemptible(false)
.reservationAffinity(ClusterNodeConfigReservationAffinityArgs.builder()
.consumeReservationType("string")
.key("string")
.values("string")
.build())
.resourceLabels(Map.of("string", "string"))
.resourceManagerTags(Map.of("string", "string"))
.sandboxConfig(ClusterNodeConfigSandboxConfigArgs.builder()
.sandboxType("string")
.build())
.secondaryBootDisks(ClusterNodeConfigSecondaryBootDiskArgs.builder()
.diskImage("string")
.mode("string")
.build())
.serviceAccount("string")
.shieldedInstanceConfig(ClusterNodeConfigShieldedInstanceConfigArgs.builder()
.enableIntegrityMonitoring(false)
.enableSecureBoot(false)
.build())
.soleTenantConfig(ClusterNodeConfigSoleTenantConfigArgs.builder()
.nodeAffinities(ClusterNodeConfigSoleTenantConfigNodeAffinityArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.spot(false)
.storagePools("string")
.tags("string")
.taints(ClusterNodeConfigTaintArgs.builder()
.effect("string")
.key("string")
.value("string")
.build())
.workloadMetadataConfig(ClusterNodeConfigWorkloadMetadataConfigArgs.builder()
.mode("string")
.build())
.build())
.nodeLocations("string")
.nodePoolAutoConfig(ClusterNodePoolAutoConfigArgs.builder()
.linuxNodeConfig(ClusterNodePoolAutoConfigLinuxNodeConfigArgs.builder()
.cgroupMode("string")
.build())
.networkTags(ClusterNodePoolAutoConfigNetworkTagsArgs.builder()
.tags("string")
.build())
.nodeKubeletConfig(ClusterNodePoolAutoConfigNodeKubeletConfigArgs.builder()
.insecureKubeletReadonlyPortEnabled("string")
.build())
.resourceManagerTags(Map.of("string", "string"))
.build())
.nodePoolDefaults(ClusterNodePoolDefaultsArgs.builder()
.nodeConfigDefaults(ClusterNodePoolDefaultsNodeConfigDefaultsArgs.builder()
.containerdConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigArgs.builder()
.privateRegistryAccessConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigArgs.builder()
.enabled(false)
.certificateAuthorityDomainConfigs(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.builder()
.fqdns("string")
.gcpSecretManagerCertificateConfig(ClusterNodePoolDefaultsNodeConfigDefaultsContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.builder()
.secretUri("string")
.build())
.build())
.build())
.build())
.gcfsConfig(ClusterNodePoolDefaultsNodeConfigDefaultsGcfsConfigArgs.builder()
.enabled(false)
.build())
.insecureKubeletReadonlyPortEnabled("string")
.loggingVariant("string")
.build())
.build())
.nodePools(ClusterNodePoolArgs.builder()
.autoscaling(ClusterNodePoolAutoscalingArgs.builder()
.locationPolicy("string")
.maxNodeCount(0)
.minNodeCount(0)
.totalMaxNodeCount(0)
.totalMinNodeCount(0)
.build())
.initialNodeCount(0)
.instanceGroupUrls("string")
.managedInstanceGroupUrls("string")
.management(ClusterNodePoolManagementArgs.builder()
.autoRepair(false)
.autoUpgrade(false)
.build())
.maxPodsPerNode(0)
.name("string")
.namePrefix("string")
.networkConfig(ClusterNodePoolNetworkConfigArgs.builder()
.additionalNodeNetworkConfigs(ClusterNodePoolNetworkConfigAdditionalNodeNetworkConfigArgs.builder()
.network("string")
.subnetwork("string")
.build())
.additionalPodNetworkConfigs(ClusterNodePoolNetworkConfigAdditionalPodNetworkConfigArgs.builder()
.maxPodsPerNode(0)
.secondaryPodRange("string")
.subnetwork("string")
.build())
.createPodRange(false)
.enablePrivateNodes(false)
.networkPerformanceConfig(ClusterNodePoolNetworkConfigNetworkPerformanceConfigArgs.builder()
.totalEgressBandwidthTier("string")
.build())
.podCidrOverprovisionConfig(ClusterNodePoolNetworkConfigPodCidrOverprovisionConfigArgs.builder()
.disabled(false)
.build())
.podIpv4CidrBlock("string")
.podRange("string")
.build())
.nodeConfig(ClusterNodePoolNodeConfigArgs.builder()
.advancedMachineFeatures(ClusterNodePoolNodeConfigAdvancedMachineFeaturesArgs.builder()
.threadsPerCore(0)
.enableNestedVirtualization(false)
.build())
.bootDiskKmsKey("string")
.confidentialNodes(ClusterNodePoolNodeConfigConfidentialNodesArgs.builder()
.enabled(false)
.build())
.containerdConfig(ClusterNodePoolNodeConfigContainerdConfigArgs.builder()
.privateRegistryAccessConfig(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigArgs.builder()
.enabled(false)
.certificateAuthorityDomainConfigs(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigArgs.builder()
.fqdns("string")
.gcpSecretManagerCertificateConfig(ClusterNodePoolNodeConfigContainerdConfigPrivateRegistryAccessConfigCertificateAuthorityDomainConfigGcpSecretManagerCertificateConfigArgs.builder()
.secretUri("string")
.build())
.build())
.build())
.build())
.diskSizeGb(0)
.diskType("string")
.effectiveTaints(ClusterNodePoolNodeConfigEffectiveTaintArgs.builder()
.effect("string")
.key("string")
.value("string")
.build())
.enableConfidentialStorage(false)
.ephemeralStorageConfig(ClusterNodePoolNodeConfigEphemeralStorageConfigArgs.builder()
.localSsdCount(0)
.build())
.ephemeralStorageLocalSsdConfig(ClusterNodePoolNodeConfigEphemeralStorageLocalSsdConfigArgs.builder()
.localSsdCount(0)
.build())
.fastSocket(ClusterNodePoolNodeConfigFastSocketArgs.builder()
.enabled(false)
.build())
.gcfsConfig(ClusterNodePoolNodeConfigGcfsConfigArgs.builder()
.enabled(false)
.build())
.guestAccelerators(ClusterNodePoolNodeConfigGuestAcceleratorArgs.builder()
.count(0)
.type("string")
.gpuDriverInstallationConfig(ClusterNodePoolNodeConfigGuestAcceleratorGpuDriverInstallationConfigArgs.builder()
.gpuDriverVersion("string")
.build())
.gpuPartitionSize("string")
.gpuSharingConfig(ClusterNodePoolNodeConfigGuestAcceleratorGpuSharingConfigArgs.builder()
.gpuSharingStrategy("string")
.maxSharedClientsPerGpu(0)
.build())
.build())
.gvnic(ClusterNodePoolNodeConfigGvnicArgs.builder()
.enabled(false)
.build())
.hostMaintenancePolicy(ClusterNodePoolNodeConfigHostMaintenancePolicyArgs.builder()
.maintenanceInterval("string")
.build())
.imageType("string")
.kubeletConfig(ClusterNodePoolNodeConfigKubeletConfigArgs.builder()
.cpuCfsQuota(false)
.cpuCfsQuotaPeriod("string")
.cpuManagerPolicy("string")
.insecureKubeletReadonlyPortEnabled("string")
.podPidsLimit(0)
.build())
.labels(Map.of("string", "string"))
.linuxNodeConfig(ClusterNodePoolNodeConfigLinuxNodeConfigArgs.builder()
.cgroupMode("string")
.hugepagesConfig(ClusterNodePoolNodeConfigLinuxNodeConfigHugepagesConfigArgs.builder()
.hugepageSize1g(0)
.hugepageSize2m(0)
.build())
.sysctls(Map.of("string", "string"))
.build())
.localNvmeSsdBlockConfig(ClusterNodePoolNodeConfigLocalNvmeSsdBlockConfigArgs.builder()
.localSsdCount(0)
.build())
.localSsdCount(0)
.localSsdEncryptionMode("string")
.loggingVariant("string")
.machineType("string")
.maxRunDuration("string")
.metadata(Map.of("string", "string"))
.minCpuPlatform("string")
.nodeGroup("string")
.oauthScopes("string")
.preemptible(false)
.reservationAffinity(ClusterNodePoolNodeConfigReservationAffinityArgs.builder()
.consumeReservationType("string")
.key("string")
.values("string")
.build())
.resourceLabels(Map.of("string", "string"))
.resourceManagerTags(Map.of("string", "string"))
.sandboxConfig(ClusterNodePoolNodeConfigSandboxConfigArgs.builder()
.sandboxType("string")
.build())
.secondaryBootDisks(ClusterNodePoolNodeConfigSecondaryBootDiskArgs.builder()
.diskImage("string")
.mode("string")
.build())
.serviceAccount("string")
.shieldedInstanceConfig(ClusterNodePoolNodeConfigShieldedInstanceConfigArgs.builder()
.enableIntegrityMonitoring(false)
.enableSecureBoot(false)
.build())
.soleTenantConfig(ClusterNodePoolNodeConfigSoleTenantConfigArgs.builder()
.nodeAffinities(ClusterNodePoolNodeConfigSoleTenantConfigNodeAffinityArgs.builder()
.key("string")
.operator("string")
.values("string")
.build())
.build())
.spot(false)
.storagePools("string")
.tags("string")
.taints(ClusterNodePoolNodeConfigTaintArgs.builder()
.effect("string")
.key("string")
.value("string")
.build())
.workloadMetadataConfig(ClusterNodePoolNodeConfigWorkloadMetadataConfigArgs.builder()
.mode("string")
.build())
.build())
.nodeCount(0)
.nodeLocations("string")
.placementPolicy(ClusterNodePoolPlacementPolicyArgs.builder()
.type("string")
.policyName("string")
.tpuTopology("string")
.build())
.queuedProvisioning(ClusterNodePoolQueuedProvisioningArgs.builder()
.enabled(false)
.build())
.upgradeSettings(ClusterNodePoolUpgradeSettingsArgs.builder()
.blueGreenSettings(ClusterNodePoolUpgradeSettingsBlueGreenSettingsArgs.builder()
.standardRolloutPolicy(ClusterNodePoolUpgradeSettingsBlueGreenSettingsStandardRolloutPolicyArgs.builder()
.batchNodeCount(0)
.batchPercentage(0)
.batchSoakDuration("string")
.build())
.nodePoolSoakDuration("string")
.build())
.maxSurge(0)
.maxUnavailable(0)
.strategy("string")
.build())
.version("string")
.build())
.nodeVersion("string")
.notificationConfig(ClusterNotificationConfigArgs.builder()
.pubsub(ClusterNotificationConfigPubsubArgs.builder()
.enabled(false)
.filter(ClusterNotificationConfigPubsubFilterArgs.builder()
.eventTypes("string")
.build())
.topic("string")
.build())
.build())
.podSecurityPolicyConfig(ClusterPodSecurityPolicyConfigArgs.builder()
.enabled(false)
.build())
.privateClusterConfig(ClusterPrivateClusterConfigArgs.builder()
.enablePrivateEndpoint(false)
.enablePrivateNodes(false)
.masterGlobalAccessConfig(ClusterPrivateClusterConfigMasterGlobalAccessConfigArgs.builder()
.enabled(false)
.build())
.masterIpv4CidrBlock("string")
.peeringName("string")
.privateEndpoint("string")
.privateEndpointSubnetwork("string")
.publicEndpoint("string")
.build())
.privateIpv6GoogleAccess("string")
.project("string")
.protectConfig(ClusterProtectConfigArgs.builder()
.workloadConfig(ClusterProtectConfigWorkloadConfigArgs.builder()
.auditMode("string")
.build())
.workloadVulnerabilityMode("string")
.build())
.releaseChannel(ClusterReleaseChannelArgs.builder()
.channel("string")
.build())
.removeDefaultNodePool(false)
.resourceLabels(Map.of("string", "string"))
.resourceUsageExportConfig(ClusterResourceUsageExportConfigArgs.builder()
.bigqueryDestination(ClusterResourceUsageExportConfigBigqueryDestinationArgs.builder()
.datasetId("string")
.build())
.enableNetworkEgressMetering(false)
.enableResourceConsumptionMetering(false)
.build())
.secretManagerConfig(ClusterSecretManagerConfigArgs.builder()
.enabled(false)
.build())
.securityPostureConfig(ClusterSecurityPostureConfigArgs.builder()
.mode("string")
.vulnerabilityMode("string")
.build())
.serviceExternalIpsConfig(ClusterServiceExternalIpsConfigArgs.builder()
.enabled(false)
.build())
.subnetwork("string")
.tpuConfig(ClusterTpuConfigArgs.builder()
.enabled(false)
.ipv4CidrBlock("string")
.useServiceNetworking(false)
.build())
.userManagedKeysConfig(ClusterUserManagedKeysConfigArgs.builder()
.aggregationCa("string")
.clusterCa("string")
.controlPlaneDiskEncryptionKey("string")
.etcdApiCa("string")
.etcdPeerCa("string")
.gkeopsEtcdBackupEncryptionKey("string")
.serviceAccountSigningKeys("string")
.serviceAccountVerificationKeys("string")
.build())
.verticalPodAutoscaling(ClusterVerticalPodAutoscalingArgs.builder()
.enabled(false)
.build())
.workloadAltsConfig(ClusterWorkloadAltsConfigArgs.builder()
.enableAlts(false)
.build())
.workloadIdentityConfig(ClusterWorkloadIdentityConfigArgs.builder()
.workloadPool("string")
.build())
.build());
gcp_cluster_resource = gcp.container.Cluster("gcpClusterResource",
addons_config={
"cloudrun_config": {
"disabled": False,
"load_balancer_type": "string",
},
"config_connector_config": {
"enabled": False,
},
"dns_cache_config": {
"enabled": False,
},
"gce_persistent_disk_csi_driver_config": {
"enabled": False,
},
"gcp_filestore_csi_driver_config": {
"enabled": False,
},
"gcs_fuse_csi_driver_config": {
"enabled": False,
},
"gke_backup_agent_config": {
"enabled": False,
},
"horizontal_pod_autoscaling": {
"disabled": False,
},
"http_load_balancing": {
"disabled": False,
},
"istio_config": {
"disabled": False,
"auth": "string",
},
"kalm_config": {
"enabled": False,
},
"network_policy_config": {
"disabled": False,
},
"parallelstore_csi_driver_config": {
"enabled": False,
},
"ray_operator_configs": [{
"enabled": False,
"ray_cluster_logging_config": {
"enabled": False,
},
"ray_cluster_monitoring_config": {
"enabled": False,
},
}],
"stateful_ha_config": {
"enabled": False,
},
},
allow_net_admin=False,
authenticator_groups_config={
"security_group": "string",
},
binary_authorization={
"evaluation_mode": "string",
},
cluster_autoscaling={
"auto_provisioning_defaults": {
"boot_disk_kms_key": "string",
"disk_size": 0,
"disk_type": "string",
"image_type": "string",
"management": {
"auto_repair": False,
"auto_upgrade": False,
"upgrade_options": [{
"auto_upgrade_start_time": "string",
"description": "string",
}],
},
"min_cpu_platform": "string",
"oauth_scopes": ["string"],
"service_account": "string",
"shielded_instance_config": {
"enable_integrity_monitoring": False,
"enable_secure_boot": False,
},
"upgrade_settings": {
"blue_green_settings": {
"node_pool_soak_duration": "string",
"standard_rollout_policy": {
"batch_node_count": 0,
"batch_percentage": 0,
"batch_soak_duration": "string",
},
},
"max_surge": 0,
"max_unavailable": 0,
"strategy": "string",
},
},
"auto_provisioning_locations": ["string"],
"autoscaling_profile": "string",
"enabled": False,
"resource_limits": [{
"maximum": 0,
"resource_type": "string",
"minimum": 0,
}],
},
cluster_ipv4_cidr="string",
cluster_telemetry={
"type": "string",
},
confidential_nodes={
"enabled": False,
},
control_plane_endpoints_config={
"dns_endpoint_config": {
"allow_external_traffic": False,
"endpoint": "string",
},
},
cost_management_config={
"enabled": False,
},
database_encryption={
"state": "string",
"key_name": "string",
},
datapath_provider="string",
default_max_pods_per_node=0,
default_snat_status={
"disabled": False,
},
deletion_protection=False,
description="string",
dns_config={
"additive_vpc_scope_dns_domain": "string",
"cluster_dns": "string",
"cluster_dns_domain": "string",
"cluster_dns_scope": "string",
},
enable_autopilot=False,
enable_cilium_clusterwide_network_policy=False,
enable_fqdn_network_policy=False,
enable_intranode_visibility=False,
enable_k8s_beta_apis={
"enabled_apis": ["string"],
},
enable_kubernetes_alpha=False,
enable_l4_ilb_subsetting=False,
enable_legacy_abac=False,
enable_multi_networking=False,
enable_shielded_nodes=False,
enable_tpu=False,
enterprise_config={
"cluster_tier": "string",
"desired_tier": "string",
},
fleet={
"membership": "string",
"membership_id": "string",
"membership_location": "string",
"pre_registered": False,
"project": "string",
},
gateway_api_config={
"channel": "string",
},
identity_service_config={
"enabled": False,
},
initial_node_count=0,
ip_allocation_policy={
"additional_pod_ranges_config": {
"pod_range_names": ["string"],
},
"cluster_ipv4_cidr_block": "string",
"cluster_secondary_range_name": "string",
"pod_cidr_overprovision_config": {
"disabled": False,
},
"services_ipv4_cidr_block": "string",
"services_secondary_range_name": "string",
"stack_type": "string",
},
location="string",
logging_config={
"enable_components": ["string"],
},
logging_service="string",
maintenance_policy={
"daily_maintenance_window": {
"start_time": "string",
"duration": "string",
},
"maintenance_exclusions": [{
"end_time": "string",
"exclusion_name": "string",
"start_time": "string",
"exclusion_options": {
"scope": "string",
},
}],
"recurring_window": {
"end_time": "string",
"recurrence": "string",
"start_time": "string",
},
},
master_auth={
"client_certificate_config": {
"issue_client_certificate": False,
},
"client_certificate": "string",
"client_key": "string",
"cluster_ca_certificate": "string",
},
master_authorized_networks_config={
"cidr_blocks": [{
"cidr_block": "string",
"display_name": "string",
}],
"gcp_public_cidrs_access_enabled": False,
"private_endpoint_enforcement_enabled": False,
},
mesh_certificates={
"enable_certificates": False,
},
min_master_version="string",
monitoring_config={
"advanced_datapath_observability_config": {
"enable_metrics": False,
"enable_relay": False,
},
"enable_components": ["string"],
"managed_prometheus": {
"enabled": False,
"auto_monitoring_config": {
"scope": "string",
},
},
},
monitoring_service="string",
name="string",
network="string",
network_policy={
"enabled": False,
"provider": "string",
},
networking_mode="string",
node_config={
"advanced_machine_features": {
"threads_per_core": 0,
"enable_nested_virtualization": False,
},
"boot_disk_kms_key": "string",
"confidential_nodes": {
"enabled": False,
},
"containerd_config": {
"private_registry_access_config": {
"enabled": False,
"certificate_authority_domain_configs": [{
"fqdns": ["string"],
"gcp_secret_manager_certificate_config": {
"secret_uri": "string",
},
}],
},
},
"disk_size_gb": 0,
"disk_type": "string",
"effective_taints": [{
"effect": "string",
"key": "string",
"value": "string",
}],
"enable_confidential_storage": False,
"ephemeral_storage_config": {
"local_ssd_count": 0,
},
"ephemeral_storage_local_ssd_config": {
"local_ssd_count": 0,
},
"fast_socket": {
"enabled": False,
},
"gcfs_config": {
"enabled": False,
},
"guest_accelerators": [{
"count": 0,
"type": "string",
"gpu_driver_installation_config": {
"gpu_driver_version": "string",
},
"gpu_partition_size": "string",
"gpu_sharing_config": {
"gpu_sharing_strategy": "string",
"max_shared_clients_per_gpu": 0,
},
}],
"gvnic": {
"enabled": False,
},
"host_maintenance_policy": {
"maintenance_interval": "string",
},
"image_type": "string",
"kubelet_config": {
"cpu_cfs_quota": False,
"cpu_cfs_quota_period": "string",
"cpu_manager_policy": "string",
"insecure_kubelet_readonly_port_enabled": "string",
"pod_pids_limit": 0,
},
"labels": {
"string": "string",
},
"linux_node_config": {
"cgroup_mode": "string",
"hugepages_config": {
"hugepage_size1g": 0,
"hugepage_size2m": 0,
},
"sysctls": {
"string": "string",
},
},
"local_nvme_ssd_block_config": {
"local_ssd_count": 0,
},
"local_ssd_count": 0,
"local_ssd_encryption_mode": "string",
"logging_variant": "string",
"machine_type": "string",
"max_run_duration": "string",
"metadata": {
"string": "string",
},
"min_cpu_platform": "string",
"node_group": "string",
"oauth_scopes": ["string"],
"preemptible": False,
"reservation_affinity": {
"consume_reservation_type": "string",
"key": "string",
"values": ["string"],
},
"resource_labels": {
"string": "string",
},
"resource_manager_tags": {
"string": "string",
},
"sandbox_config": {
"sandbox_type": "string",
},
"secondary_boot_disks": [{
"disk_image": "string",
"mode": "string",
}],
"service_account": "string",
"shielded_instance_config": {
"enable_integrity_monitoring": False,
"enable_secure_boot": False,
},
"sole_tenant_config": {
"node_affinities": [{
"key": "string",
"operator": "string",
"values": ["string"],
}],
},
"spot": False,
"storage_pools": ["string"],
"tags": ["string"],
"taints": [{
"effect": "string",
"key": "string",
"value": "string",
}],
"workload_metadata_config": {
"mode": "string",
},
},
node_locations=["string"],
node_pool_auto_config={
"linux_node_config": {
"cgroup_mode": "string",
},
"network_tags": {
"tags": ["string"],
},
"node_kubelet_config": {
"insecure_kubelet_readonly_port_enabled": "string",
},
"resource_manager_tags": {
"string": "string",
},
},
node_pool_defaults={
"node_config_defaults": {
"containerd_config": {
"private_registry_access_config": {
"enabled": False,
"certificate_authority_domain_configs": [{
"fqdns": ["string"],
"gcp_secret_manager_certificate_config": {
"secret_uri": "string",
},
}],
},
},
"gcfs_config": {
"enabled": False,
},
"insecure_kubelet_readonly_port_enabled": "string",
"logging_variant": "string",
},
},
node_pools=[{
"autoscaling": {
"location_policy": "string",
"max_node_count": 0,
"min_node_count": 0,
"total_max_node_count": 0,
"total_min_node_count": 0,
},
"initial_node_count": 0,
"instance_group_urls": ["string"],
"managed_instance_group_urls": ["string"],
"management": {
"auto_repair": False,
"auto_upgrade": False,
},
"max_pods_per_node": 0,
"name": "string",
"name_prefix": "string",
"network_config": {
"additional_node_network_configs": [{
"network": "string",
"subnetwork": "string",
}],
"additional_pod_network_configs": [{
"max_pods_per_node": 0,
"secondary_pod_range": "string",
"subnetwork": "string",
}],
"create_pod_range": False,
"enable_private_nodes": False,
"network_performance_config": {
"total_egress_bandwidth_tier": "string",
},
"pod_cidr_overprovision_config": {
"disabled": False,
},
"pod_ipv4_cidr_block": "string",
"pod_range": "string",
},
"node_config": {
"advanced_machine_features": {
"threads_per_core": 0,
"enable_nested_virtualization": False,
},
"boot_disk_kms_key": "string",
"confidential_nodes": {
"enabled": False,
},
"containerd_config": {
"private_registry_access_config": {
"enabled": False,
"certificate_authority_domain_configs": [{
"fqdns": ["string"],
"gcp_secret_manager_certificate_config": {
"secret_uri": "string",
},
}],
},
},
"disk_size_gb": 0,
"disk_type": "string",
"effective_taints": [{
"effect": "string",
"key": "string",
"value": "string",
}],
"enable_confidential_storage": False,
"ephemeral_storage_config": {
"local_ssd_count": 0,
},
"ephemeral_storage_local_ssd_config": {
"local_ssd_count": 0,
},
"fast_socket": {
"enabled": False,
},
"gcfs_config": {
"enabled": False,
},
"guest_accelerators": [{
"count": 0,
"type": "string",
"gpu_driver_installation_config": {
"gpu_driver_version": "string",
},
"gpu_partition_size": "string",
"gpu_sharing_config": {
"gpu_sharing_strategy": "string",
"max_shared_clients_per_gpu": 0,
},
}],
"gvnic": {
"enabled": False,
},
"host_maintenance_policy": {
"maintenance_interval": "string",
},
"image_type": "string",
"kubelet_config": {
"cpu_cfs_quota": False,
"cpu_cfs_quota_period": "string",
"cpu_manager_policy": "string",
"insecure_kubelet_readonly_port_enabled": "string",
"pod_pids_limit": 0,
},
"labels": {
"string": "string",
},
"linux_node_config": {
"cgroup_mode": "string",
"hugepages_config": {
"hugepage_size1g": 0,
"hugepage_size2m": 0,
},
"sysctls": {
"string": "string",
},
},
"local_nvme_ssd_block_config": {
"local_ssd_count": 0,
},
"local_ssd_count": 0,
"local_ssd_encryption_mode": "string",
"logging_variant": "string",
"machine_type": "string",
"max_run_duration": "string",
"metadata": {
"string": "string",
},
"min_cpu_platform": "string",
"node_group": "string",
"oauth_scopes": ["string"],
"preemptible": False,
"reservation_affinity": {
"consume_reservation_type": "string",
"key": "string",
"values": ["string"],
},
"resource_labels": {
"string": "string",
},
"resource_manager_tags": {
"string": "string",
},
"sandbox_config": {
"sandbox_type": "string",
},
"secondary_boot_disks": [{
"disk_image": "string",
"mode": "string",
}],
"service_account": "string",
"shielded_instance_config": {
"enable_integrity_monitoring": False,
"enable_secure_boot": False,
},
"sole_tenant_config": {
"node_affinities": [{
"key": "string",
"operator": "string",
"values": ["string"],
}],
},
"spot": False,
"storage_pools": ["string"],
"tags": ["string"],
"taints": [{
"effect": "string",
"key": "string",
"value": "string",
}],
"workload_metadata_config": {
"mode": "string",
},
},
"node_count": 0,
"node_locations": ["string"],
"placement_policy": {
"type": "string",
"policy_name": "string",
"tpu_topology": "string",
},
"queued_provisioning": {
"enabled": False,
},
"upgrade_settings": {
"blue_green_settings": {
"standard_rollout_policy": {
"batch_node_count": 0,
"batch_percentage": 0,
"batch_soak_duration": "string",
},
"node_pool_soak_duration": "string",
},
"max_surge": 0,
"max_unavailable": 0,
"strategy": "string",
},
"version": "string",
}],
node_version="string",
notification_config={
"pubsub": {
"enabled": False,
"filter": {
"event_types": ["string"],
},
"topic": "string",
},
},
pod_security_policy_config={
"enabled": False,
},
private_cluster_config={
"enable_private_endpoint": False,
"enable_private_nodes": False,
"master_global_access_config": {
"enabled": False,
},
"master_ipv4_cidr_block": "string",
"peering_name": "string",
"private_endpoint": "string",
"private_endpoint_subnetwork": "string",
"public_endpoint": "string",
},
private_ipv6_google_access="string",
project="string",
protect_config={
"workload_config": {
"audit_mode": "string",
},
"workload_vulnerability_mode": "string",
},
release_channel={
"channel": "string",
},
remove_default_node_pool=False,
resource_labels={
"string": "string",
},
resource_usage_export_config={
"bigquery_destination": {
"dataset_id": "string",
},
"enable_network_egress_metering": False,
"enable_resource_consumption_metering": False,
},
secret_manager_config={
"enabled": False,
},
security_posture_config={
"mode": "string",
"vulnerability_mode": "string",
},
service_external_ips_config={
"enabled": False,
},
subnetwork="string",
tpu_config={
"enabled": False,
"ipv4_cidr_block": "string",
"use_service_networking": False,
},
user_managed_keys_config={
"aggregation_ca": "string",
"cluster_ca": "string",
"control_plane_disk_encryption_key": "string",
"etcd_api_ca": "string",
"etcd_peer_ca": "string",
"gkeops_etcd_backup_encryption_key": "string",
"service_account_signing_keys": ["string"],
"service_account_verification_keys": ["string"],
},
vertical_pod_autoscaling={
"enabled": False,
},
workload_alts_config={
"enable_alts": False,
},
workload_identity_config={
"workload_pool": "string",
})
const gcpClusterResource = new gcp.container.Cluster("gcpClusterResource", {
addonsConfig: {
cloudrunConfig: {
disabled: false,
loadBalancerType: "string",
},
configConnectorConfig: {
enabled: false,
},
dnsCacheConfig: {
enabled: false,
},
gcePersistentDiskCsiDriverConfig: {
enabled: false,
},
gcpFilestoreCsiDriverConfig: {
enabled: false,
},
gcsFuseCsiDriverConfig: {
enabled: false,
},
gkeBackupAgentConfig: {
enabled: false,
},
horizontalPodAutoscaling: {
disabled: false,
},
httpLoadBalancing: {
disabled: false,
},
istioConfig: {
disabled: false,
auth: "string",
},
kalmConfig: {
enabled: false,
},
networkPolicyConfig: {
disabled: false,
},
parallelstoreCsiDriverConfig: {
enabled: false,
},
rayOperatorConfigs: [{
enabled: false,
rayClusterLoggingConfig: {
enabled: false,
},
rayClusterMonitoringConfig: {
enabled: false,
},
}],
statefulHaConfig: {
enabled: false,
},
},
allowNetAdmin: false,
authenticatorGroupsConfig: {
securityGroup: "string",
},
binaryAuthorization: {
evaluationMode: "string",
},
clusterAutoscaling: {
autoProvisioningDefaults: {
bootDiskKmsKey: "string",
diskSize: 0,
diskType: "string",
imageType: "string",
management: {
autoRepair: false,
autoUpgrade: false,
upgradeOptions: [{
autoUpgradeStartTime: "string",
description: "string",
}],
},
minCpuPlatform: "string",
oauthScopes: ["string"],
serviceAccount: "string",
shieldedInstanceConfig: {
enableIntegrityMonitoring: false,
enableSecureBoot: false,
},
upgradeSettings: {
blueGreenSettings: {
nodePoolSoakDuration: "string",
standardRolloutPolicy: {
batchNodeCount: 0,
batchPercentage: 0,
batchSoakDuration: "string",
},
},
maxSurge: 0,
maxUnavailable: 0,
strategy: "string",
},
},
autoProvisioningLocations: ["string"],
autoscalingProfile: "string",
enabled: false,
resourceLimits: [{
maximum: 0,
resourceType: "string",
minimum: 0,
}],
},
clusterIpv4Cidr: "string",
clusterTelemetry: {
type: "string",
},
confidentialNodes: {
enabled: false,
},
controlPlaneEndpointsConfig: {
dnsEndpointConfig: {
allowExternalTraffic: false,
endpoint: "string",
},
},
costManagementConfig: {
enabled: false,
},
databaseEncryption: {
state: "string",
keyName: "string",
},
datapathProvider: "string",
defaultMaxPodsPerNode: 0,
defaultSnatStatus: {
disabled: false,
},
deletionProtection: false,
description: "string",
dnsConfig: {
additiveVpcScopeDnsDomain: "string",
clusterDns: "string",
clusterDnsDomain: "string",
clusterDnsScope: "string",
},
enableAutopilot: false,
enableCiliumClusterwideNetworkPolicy: false,
enableFqdnNetworkPolicy: false,
enableIntranodeVisibility: false,
enableK8sBetaApis: {
enabledApis: ["string"],
},
enableKubernetesAlpha: false,
enableL4IlbSubsetting: false,
enableLegacyAbac: false,
enableMultiNetworking: false,
enableShieldedNodes: false,
enableTpu: false,
enterpriseConfig: {
clusterTier: "string",
desiredTier: "string",
},
fleet: {
membership: "string",
membershipId: "string",
membershipLocation: "string",
preRegistered: false,
project: "string",
},
gatewayApiConfig: {
channel: "string",
},
identityServiceConfig: {
enabled: false,
},
initialNodeCount: 0,
ipAllocationPolicy: {
additionalPodRangesConfig: {
podRangeNames: ["string"],
},
clusterIpv4CidrBlock: "string",
clusterSecondaryRangeName: "string",
podCidrOverprovisionConfig: {
disabled: false,
},
servicesIpv4CidrBlock: "string",
servicesSecondaryRangeName: "string",
stackType: "string",
},
location: "string",
loggingConfig: {
enableComponents: ["string"],
},
loggingService: "string",
maintenancePolicy: {
dailyMaintenanceWindow: {
startTime: "string",
duration: "string",
},
maintenanceExclusions: [{
endTime: "string",
exclusionName: "string",
startTime: "string",
exclusionOptions: {
scope: "string",
},
}],
recurringWindow: {
endTime: "string",
recurrence: "string",
startTime: "string",
},
},
masterAuth: {
clientCertificateConfig: {
issueClientCertificate: false,
},
clientCertificate: "string",
clientKey: "string",
clusterCaCertificate: "string",
},
masterAuthorizedNetworksConfig: {
cidrBlocks: [{
cidrBlock: "string",
displayName: "string",
}],
gcpPublicCidrsAccessEnabled: false,
privateEndpointEnforcementEnabled: false,
},
meshCertificates: {
enableCertificates: false,
},
minMasterVersion: "string",
monitoringConfig: {
advancedDatapathObservabilityConfig: {
enableMetrics: false,
enableRelay: false,
},
enableComponents: ["string"],
managedPrometheus: {
enabled: false,
autoMonitoringConfig: {
scope: "string",
},
},
},
monitoringService: "string",
name: "string",
network: "string",
networkPolicy: {
enabled: false,
provider: "string",
},
networkingMode: "string",
nodeConfig: {
advancedMachineFeatures: {
threadsPerCore: 0,
enableNestedVirtualization: false,
},
bootDiskKmsKey: "string",
confidentialNodes: {
enabled: false,
},
containerdConfig: {
privateRegistryAccessConfig: {
enabled: false,
certificateAuthorityDomainConfigs: [{
fqdns: ["string"],
gcpSecretManagerCertificateConfig: {
secretUri: "string",
},
}],
},
},
diskSizeGb: 0,
diskType: "string",
effectiveTaints: [{
effect: "string",
key: "string",
value: "string",
}],
enableConfidentialStorage: false,
ephemeralStorageConfig: {
localSsdCount: 0,
},
ephemeralStorageLocalSsdConfig: {
localSsdCount: 0,
},
fastSocket: {
enabled: false,
},
gcfsConfig: {
enabled: false,
},
guestAccelerators: [{
count: 0,
type: "string",
gpuDriverInstallationConfig: {
gpuDriverVersion: "string",
},
gpuPartitionSize: "string",
gpuSharingConfig: {
gpuSharingStrategy: "string",
maxSharedClientsPerGpu: 0,
},
}],
gvnic: {
enabled: false,
},
hostMaintenancePolicy: {
maintenanceInterval: "string",
},
imageType: "string",
kubeletConfig: {
cpuCfsQuota: false,
cpuCfsQuotaPeriod: "string",
cpuManagerPolicy: "string",
insecureKubeletReadonlyPortEnabled: "string",
podPidsLimit: 0,
},
labels: {
string: "string",
},
linuxNodeConfig: {
cgroupMode: "string",
hugepagesConfig: {
hugepageSize1g: 0,
hugepageSize2m: 0,
},
sysctls: {
string: "string",
},
},
localNvmeSsdBlockConfig: {
localSsdCount: 0,
},
localSsdCount: 0,
localSsdEncryptionMode: "string",
loggingVariant: "string",
machineType: "string",
maxRunDuration: "string",
metadata: {
string: "string",
},
minCpuPlatform: "string",
nodeGroup: "string",
oauthScopes: ["string"],
preemptible: false,
reservationAffinity: {
consumeReservationType: "string",
key: "string",
values: ["string"],
},
resourceLabels: {
string: "string",
},
resourceManagerTags: {
string: "string",
},
sandboxConfig: {
sandboxType: "string",
},
secondaryBootDisks: [{
diskImage: "string",
mode: "string",
}],
serviceAccount: "string",
shieldedInstanceConfig: {
enableIntegrityMonitoring: false,
enableSecureBoot: false,
},
soleTenantConfig: {
nodeAffinities: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
spot: false,
storagePools: ["string"],
tags: ["string"],
taints: [{
effect: "string",
key: "string",
value: "string",
}],
workloadMetadataConfig: {
mode: "string",
},
},
nodeLocations: ["string"],
nodePoolAutoConfig: {
linuxNodeConfig: {
cgroupMode: "string",
},
networkTags: {
tags: ["string"],
},
nodeKubeletConfig: {
insecureKubeletReadonlyPortEnabled: "string",
},
resourceManagerTags: {
string: "string",
},
},
nodePoolDefaults: {
nodeConfigDefaults: {
containerdConfig: {
privateRegistryAccessConfig: {
enabled: false,
certificateAuthorityDomainConfigs: [{
fqdns: ["string"],
gcpSecretManagerCertificateConfig: {
secretUri: "string",
},
}],
},
},
gcfsConfig: {
enabled: false,
},
insecureKubeletReadonlyPortEnabled: "string",
loggingVariant: "string",
},
},
nodePools: [{
autoscaling: {
locationPolicy: "string",
maxNodeCount: 0,
minNodeCount: 0,
totalMaxNodeCount: 0,
totalMinNodeCount: 0,
},
initialNodeCount: 0,
instanceGroupUrls: ["string"],
managedInstanceGroupUrls: ["string"],
management: {
autoRepair: false,
autoUpgrade: false,
},
maxPodsPerNode: 0,
name: "string",
namePrefix: "string",
networkConfig: {
additionalNodeNetworkConfigs: [{
network: "string",
subnetwork: "string",
}],
additionalPodNetworkConfigs: [{
maxPodsPerNode: 0,
secondaryPodRange: "string",
subnetwork: "string",
}],
createPodRange: false,
enablePrivateNodes: false,
networkPerformanceConfig: {
totalEgressBandwidthTier: "string",
},
podCidrOverprovisionConfig: {
disabled: false,
},
podIpv4CidrBlock: "string",
podRange: "string",
},
nodeConfig: {
advancedMachineFeatures: {
threadsPerCore: 0,
enableNestedVirtualization: false,
},
bootDiskKmsKey: "string",
confidentialNodes: {
enabled: false,
},
containerdConfig: {
privateRegistryAccessConfig: {
enabled: false,
certificateAuthorityDomainConfigs: [{
fqdns: ["string"],
gcpSecretManagerCertificateConfig: {
secretUri: "string",
},
}],
},
},
diskSizeGb: 0,
diskType: "string",
effectiveTaints: [{
effect: "string",
key: "string",
value: "string",
}],
enableConfidentialStorage: false,
ephemeralStorageConfig: {
localSsdCount: 0,
},
ephemeralStorageLocalSsdConfig: {
localSsdCount: 0,
},
fastSocket: {
enabled: false,
},
gcfsConfig: {
enabled: false,
},
guestAccelerators: [{
count: 0,
type: "string",
gpuDriverInstallationConfig: {
gpuDriverVersion: "string",
},
gpuPartitionSize: "string",
gpuSharingConfig: {
gpuSharingStrategy: "string",
maxSharedClientsPerGpu: 0,
},
}],
gvnic: {
enabled: false,
},
hostMaintenancePolicy: {
maintenanceInterval: "string",
},
imageType: "string",
kubeletConfig: {
cpuCfsQuota: false,
cpuCfsQuotaPeriod: "string",
cpuManagerPolicy: "string",
insecureKubeletReadonlyPortEnabled: "string",
podPidsLimit: 0,
},
labels: {
string: "string",
},
linuxNodeConfig: {
cgroupMode: "string",
hugepagesConfig: {
hugepageSize1g: 0,
hugepageSize2m: 0,
},
sysctls: {
string: "string",
},
},
localNvmeSsdBlockConfig: {
localSsdCount: 0,
},
localSsdCount: 0,
localSsdEncryptionMode: "string",
loggingVariant: "string",
machineType: "string",
maxRunDuration: "string",
metadata: {
string: "string",
},
minCpuPlatform: "string",
nodeGroup: "string",
oauthScopes: ["string"],
preemptible: false,
reservationAffinity: {
consumeReservationType: "string",
key: "string",
values: ["string"],
},
resourceLabels: {
string: "string",
},
resourceManagerTags: {
string: "string",
},
sandboxConfig: {
sandboxType: "string",
},
secondaryBootDisks: [{
diskImage: "string",
mode: "string",
}],
serviceAccount: "string",
shieldedInstanceConfig: {
enableIntegrityMonitoring: false,
enableSecureBoot: false,
},
soleTenantConfig: {
nodeAffinities: [{
key: "string",
operator: "string",
values: ["string"],
}],
},
spot: false,
storagePools: ["string"],
tags: ["string"],
taints: [{
effect: "string",
key: "string",
value: "string",
}],
workloadMetadataConfig: {
mode: "string",
},
},
nodeCount: 0,
nodeLocations: ["string"],
placementPolicy: {
type: "string",
policyName: "string",
tpuTopology: "string",
},
queuedProvisioning: {
enabled: false,
},
upgradeSettings: {
blueGreenSettings: {
standardRolloutPolicy: {
batchNodeCount: 0,
batchPercentage: 0,
batchSoakDuration: "string",
},
nodePoolSoakDuration: "string",
},
maxSurge: 0,
maxUnavailable: 0,
strategy: "string",
},
version: "string",
}],
nodeVersion: "string",
notificationConfig: {
pubsub: {
enabled: false,
filter: {
eventTypes: ["string"],
},
topic: "string",
},
},
podSecurityPolicyConfig: {
enabled: false,
},
privateClusterConfig: {
enablePrivateEndpoint: false,
enablePrivateNodes: false,
masterGlobalAccessConfig: {
enabled: false,
},
masterIpv4CidrBlock: "string",
peeringName: "string",
privateEndpoint: "string",
privateEndpointSubnetwork: "string",
publicEndpoint: "string",
},
privateIpv6GoogleAccess: "string",
project: "string",
protectConfig: {
workloadConfig: {
auditMode: "string",
},
workloadVulnerabilityMode: "string",
},
releaseChannel: {
channel: "string",
},
removeDefaultNodePool: false,
resourceLabels: {
string: "string",
},
resourceUsageExportConfig: {
bigqueryDestination: {
datasetId: "string",
},
enableNetworkEgressMetering: false,
enableResourceConsumptionMetering: false,
},
secretManagerConfig: {
enabled: false,
},
securityPostureConfig: {
mode: "string",
vulnerabilityMode: "string",
},
serviceExternalIpsConfig: {
enabled: false,
},
subnetwork: "string",
tpuConfig: {
enabled: false,
ipv4CidrBlock: "string",
useServiceNetworking: false,
},
userManagedKeysConfig: {
aggregationCa: "string",
clusterCa: "string",
controlPlaneDiskEncryptionKey: "string",
etcdApiCa: "string",
etcdPeerCa: "string",
gkeopsEtcdBackupEncryptionKey: "string",
serviceAccountSigningKeys: ["string"],
serviceAccountVerificationKeys: ["string"],
},
verticalPodAutoscaling: {
enabled: false,
},
workloadAltsConfig: {
enableAlts: false,
},
workloadIdentityConfig: {
workloadPool: "string",
},
});
type: gcp:container:Cluster
properties:
addonsConfig:
cloudrunConfig:
disabled: false
loadBalancerType: string
configConnectorConfig:
enabled: false
dnsCacheConfig:
enabled: false
gcePersistentDiskCsiDriverConfig:
enabled: false
gcpFilestoreCsiDriverConfig:
enabled: false
gcsFuseCsiDriverConfig:
enabled: false
gkeBackupAgentConfig:
enabled: false
horizontalPodAutoscaling:
disabled: false
httpLoadBalancing:
disabled: false
istioConfig:
auth: string
disabled: false
kalmConfig:
enabled: false
networkPolicyConfig:
disabled: false
parallelstoreCsiDriverConfig:
enabled: false
rayOperatorConfigs:
- enabled: false
rayClusterLoggingConfig:
enabled: false
rayClusterMonitoringConfig:
enabled: false
statefulHaConfig:
enabled: false
allowNetAdmin: false
authenticatorGroupsConfig:
securityGroup: string
binaryAuthorization:
evaluationMode: string
clusterAutoscaling:
autoProvisioningDefaults:
bootDiskKmsKey: string
diskSize: 0
diskType: string
imageType: string
management:
autoRepair: false
autoUpgrade: false
upgradeOptions:
- autoUpgradeStartTime: string
description: string
minCpuPlatform: string
oauthScopes:
- string
serviceAccount: string
shieldedInstanceConfig:
enableIntegrityMonitoring: false
enableSecureBoot: false
upgradeSettings:
blueGreenSettings:
nodePoolSoakDuration: string
standardRolloutPolicy:
batchNodeCount: 0
batchPercentage: 0
batchSoakDuration: string
maxSurge: 0
maxUnavailable: 0
strategy: string
autoProvisioningLocations:
- string
autoscalingProfile: string
enabled: false
resourceLimits:
- maximum: 0
minimum: 0
resourceType: string
clusterIpv4Cidr: string
clusterTelemetry:
type: string
confidentialNodes:
enabled: false
controlPlaneEndpointsConfig:
dnsEndpointConfig:
allowExternalTraffic: false
endpoint: string
costManagementConfig:
enabled: false
databaseEncryption:
keyName: string
state: string
datapathProvider: string
defaultMaxPodsPerNode: 0
defaultSnatStatus:
disabled: false
deletionProtection: false
description: string
dnsConfig:
additiveVpcScopeDnsDomain: string
clusterDns: string
clusterDnsDomain: string
clusterDnsScope: string
enableAutopilot: false
enableCiliumClusterwideNetworkPolicy: false
enableFqdnNetworkPolicy: false
enableIntranodeVisibility: false
enableK8sBetaApis:
enabledApis:
- string
enableKubernetesAlpha: false
enableL4IlbSubsetting: false
enableLegacyAbac: false
enableMultiNetworking: false
enableShieldedNodes: false
enableTpu: false
enterpriseConfig:
clusterTier: string
desiredTier: string
fleet:
membership: string
membershipId: string
membershipLocation: string
preRegistered: false
project: string
gatewayApiConfig:
channel: string
identityServiceConfig:
enabled: false
initialNodeCount: 0
ipAllocationPolicy:
additionalPodRangesConfig:
podRangeNames:
- string
clusterIpv4CidrBlock: string
clusterSecondaryRangeName: string
podCidrOverprovisionConfig:
disabled: false
servicesIpv4CidrBlock: string
servicesSecondaryRangeName: string
stackType: string
location: string
loggingConfig:
enableComponents:
- string
loggingService: string
maintenancePolicy:
dailyMaintenanceWindow:
duration: string
startTime: string
maintenanceExclusions:
- endTime: string
exclusionName: string
exclusionOptions:
scope: string
startTime: string
recurringWindow:
endTime: string
recurrence: string
startTime: string
masterAuth:
clientCertificate: string
clientCertificateConfig:
issueClientCertificate: false
clientKey: string
clusterCaCertificate: string
masterAuthorizedNetworksConfig:
cidrBlocks:
- cidrBlock: string
displayName: string
gcpPublicCidrsAccessEnabled: false
privateEndpointEnforcementEnabled: false
meshCertificates:
enableCertificates: false
minMasterVersion: string
monitoringConfig:
advancedDatapathObservabilityConfig:
enableMetrics: false
enableRelay: false
enableComponents:
- string
managedPrometheus:
autoMonitoringConfig:
scope: string
enabled: false
monitoringService: string
name: string
network: string
networkPolicy:
enabled: false
provider: string
networkingMode: string
nodeConfig:
advancedMachineFeatures:
enableNestedVirtualization: false
threadsPerCore: 0
bootDiskKmsKey: string
confidentialNodes:
enabled: false
containerdConfig:
privateRegistryAccessConfig:
certificateAuthorityDomainConfigs:
- fqdns:
- string
gcpSecretManagerCertificateConfig:
secretUri: string
enabled: false
diskSizeGb: 0
diskType: string
effectiveTaints:
- effect: string
key: string
value: string
enableConfidentialStorage: false
ephemeralStorageConfig:
localSsdCount: 0
ephemeralStorageLocalSsdConfig:
localSsdCount: 0
fastSocket:
enabled: false
gcfsConfig:
enabled: false
guestAccelerators:
- count: 0
gpuDriverInstallationConfig:
gpuDriverVersion: string
gpuPartitionSize: string
gpuSharingConfig:
gpuSharingStrategy: string
maxSharedClientsPerGpu: 0
type: string
gvnic:
enabled: false
hostMaintenancePolicy:
maintenanceInterval: string
imageType: string
kubeletConfig:
cpuCfsQuota: false
cpuCfsQuotaPeriod: string
cpuManagerPolicy: string
insecureKubeletReadonlyPortEnabled: string
podPidsLimit: 0
labels:
string: string
linuxNodeConfig:
cgroupMode: string
hugepagesConfig:
hugepageSize1g: 0
hugepageSize2m: 0
sysctls:
string: string
localNvmeSsdBlockConfig:
localSsdCount: 0
localSsdCount: 0
localSsdEncryptionMode: string
loggingVariant: string
machineType: string
maxRunDuration: string
metadata:
string: string
minCpuPlatform: string
nodeGroup: string
oauthScopes:
- string
preemptible: false
reservationAffinity:
consumeReservationType: string
key: string
values:
- string
resourceLabels:
string: string
resourceManagerTags:
string: string
sandboxConfig:
sandboxType: string
secondaryBootDisks:
- diskImage: string
mode: string
serviceAccount: string
shieldedInstanceConfig:
enableIntegrityMonitoring: false
enableSecureBoot: false
soleTenantConfig:
nodeAffinities:
- key: string
operator: string
values:
- string
spot: false
storagePools:
- string
tags:
- string
taints:
- effect: string
key: string
value: string
workloadMetadataConfig:
mode: string
nodeLocations:
- string
nodePoolAutoConfig:
linuxNodeConfig:
cgroupMode: string
networkTags:
tags:
- string
nodeKubeletConfig:
insecureKubeletReadonlyPortEnabled: string
resourceManagerTags:
string: string
nodePoolDefaults:
nodeConfigDefaults:
containerdConfig:
privateRegistryAccessConfig:
certificateAuthorityDomainConfigs:
- fqdns:
- string
gcpSecretManagerCertificateConfig:
secretUri: string
enabled: false
gcfsConfig:
enabled: false
insecureKubeletReadonlyPortEnabled: string
loggingVariant: string
nodePools:
- autoscaling:
locationPolicy: string
maxNodeCount: 0
minNodeCount: 0
totalMaxNodeCount: 0
totalMinNodeCount: 0
initialNodeCount: 0
instanceGroupUrls:
- string
managedInstanceGroupUrls:
- string
management:
autoRepair: false
autoUpgrade: false
maxPodsPerNode: 0
name: string
namePrefix: string
networkConfig:
additionalNodeNetworkConfigs:
- network: string
subnetwork: string
additionalPodNetworkConfigs:
- maxPodsPerNode: 0
secondaryPodRange: string
subnetwork: string
createPodRange: false
enablePrivateNodes: false
networkPerformanceConfig:
totalEgressBandwidthTier: string
podCidrOverprovisionConfig:
disabled: false
podIpv4CidrBlock: string
podRange: string
nodeConfig:
advancedMachineFeatures:
enableNestedVirtualization: false
threadsPerCore: 0
bootDiskKmsKey: string
confidentialNodes:
enabled: false
containerdConfig:
privateRegistryAccessConfig:
certificateAuthorityDomainConfigs:
- fqdns:
- string
gcpSecretManagerCertificateConfig:
secretUri: string
enabled: false
diskSizeGb: 0
diskType: string
effectiveTaints:
- effect: string
key: string
value: string
enableConfidentialStorage: false
ephemeralStorageConfig:
localSsdCount: 0
ephemeralStorageLocalSsdConfig:
localSsdCount: 0
fastSocket:
enabled: false
gcfsConfig:
enabled: false
guestAccelerators:
- count: 0
gpuDriverInstallationConfig:
gpuDriverVersion: string
gpuPartitionSize: string
gpuSharingConfig:
gpuSharingStrategy: string
maxSharedClientsPerGpu: 0
type: string
gvnic:
enabled: false
hostMaintenancePolicy:
maintenanceInterval: string
imageType: string
kubeletConfig:
cpuCfsQuota: false
cpuCfsQuotaPeriod: string
cpuManagerPolicy: string
insecureKubeletReadonlyPortEnabled: string
podPidsLimit: 0
labels:
string: string
linuxNodeConfig:
cgroupMode: string
hugepagesConfig:
hugepageSize1g: 0
hugepageSize2m: 0
sysctls:
string: string
localNvmeSsdBlockConfig:
localSsdCount: 0
localSsdCount: 0
localSsdEncryptionMode: string
loggingVariant: string
machineType: string
maxRunDuration: string
metadata:
string: string
minCpuPlatform: string
nodeGroup: string
oauthScopes:
- string
preemptible: false
reservationAffinity:
consumeReservationType: string
key: string
values:
- string
resourceLabels:
string: string
resourceManagerTags:
string: string
sandboxConfig:
sandboxType: string
secondaryBootDisks:
- diskImage: string
mode: string
serviceAccount: string
shieldedInstanceConfig:
enableIntegrityMonitoring: false
enableSecureBoot: false
soleTenantConfig:
nodeAffinities:
- key: string
operator: string
values:
- string
spot: false
storagePools:
- string
tags:
- string
taints:
- effect: string
key: string
value: string
workloadMetadataConfig:
mode: string
nodeCount: 0
nodeLocations:
- string
placementPolicy:
policyName: string
tpuTopology: string
type: string
queuedProvisioning:
enabled: false
upgradeSettings:
blueGreenSettings:
nodePoolSoakDuration: string
standardRolloutPolicy:
batchNodeCount: 0
batchPercentage: 0
batchSoakDuration: string
maxSurge: 0
maxUnavailable: 0
strategy: string
version: string
nodeVersion: string
notificationConfig:
pubsub:
enabled: false
filter:
eventTypes:
- string
topic: string
podSecurityPolicyConfig:
enabled: false
privateClusterConfig:
enablePrivateEndpoint: false
enablePrivateNodes: false
masterGlobalAccessConfig:
enabled: false
masterIpv4CidrBlock: string
peeringName: string
privateEndpoint: string
privateEndpointSubnetwork: string
publicEndpoint: string
privateIpv6GoogleAccess: string
project: string
protectConfig:
workloadConfig:
auditMode: string
workloadVulnerabilityMode: string
releaseChannel:
channel: string
removeDefaultNodePool: false
resourceLabels:
string: string
resourceUsageExportConfig:
bigqueryDestination:
datasetId: string
enableNetworkEgressMetering: false
enableResourceConsumptionMetering: false
secretManagerConfig:
enabled: false
securityPostureConfig:
mode: string
vulnerabilityMode: string
serviceExternalIpsConfig:
enabled: false
subnetwork: string
tpuConfig:
enabled: false
ipv4CidrBlock: string
useServiceNetworking: false
userManagedKeysConfig:
aggregationCa: string
clusterCa: string
controlPlaneDiskEncryptionKey: string
etcdApiCa: string
etcdPeerCa: string
gkeopsEtcdBackupEncryptionKey: string
serviceAccountSigningKeys:
- string
serviceAccountVerificationKeys:
- string
verticalPodAutoscaling:
enabled: false
workloadAltsConfig:
enableAlts: false
workloadIdentityConfig:
workloadPool: string
Cluster Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Cluster resource accepts the following input properties:
- Addons
Config ClusterAddons Config - The configuration for addons supported by GKE. Structure is documented below.
- Allow
Net boolAdmin - Enable NET_ADMIN for the cluster. Defaults to
false
. This field should only be enabled for Autopilot clusters (enable_autopilot
set totrue
). - Authenticator
Groups ClusterConfig Authenticator Groups Config - Configuration for the Google Groups for GKE feature. Structure is documented below.
- Cluster
Binary Authorization - Configuration options for the Binary Authorization feature. Structure is documented below.
- Cluster
Autoscaling ClusterCluster Autoscaling - Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster's workload. See the guide to using Node Auto-Provisioning for more details. Structure is documented below.
- Cluster
Ipv4Cidr string - The IP address range of the Kubernetes pods
in this cluster in CIDR notation (e.g.
10.96.0.0/14
). Leave blank to have one automatically chosen or specify a/14
block in10.0.0.0/8
. This field will default a new cluster to routes-based, whereip_allocation_policy
is not defined. - Cluster
Telemetry ClusterCluster Telemetry - Configuration for ClusterTelemetry feature, Structure is documented below.
- Confidential
Nodes ClusterConfidential Nodes - Configuration for Confidential Nodes feature. Structure is documented below documented below.
- Control
Plane ClusterEndpoints Config Control Plane Endpoints Config - Configuration for all of the cluster's control plane endpoints. Structure is documented below.
- Cost
Management ClusterConfig Cost Management Config - Configuration for the Cost Allocation feature. Structure is documented below.
- Database
Encryption ClusterDatabase Encryption - Structure is documented below.
- Datapath
Provider string - The desired datapath provider for this cluster. This is set to
LEGACY_DATAPATH
by default, which uses the IPTables-based kube-proxy implementation. Set toADVANCED_DATAPATH
to enable Dataplane v2. - Default
Max intPods Per Node - The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled. See the official documentation for more information.
- Default
Snat ClusterStatus Default Snat Status - GKE SNAT DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster, API doc. Structure is documented below
- Deletion
Protection bool - Description string
- Description of the cluster.
- Dns
Config ClusterDns Config - Configuration for Using Cloud DNS for GKE. Structure is documented below.
- Enable
Autopilot bool - Enable Autopilot for this cluster. Defaults to
false
. Note that when this option is enabled, certain features of Standard GKE are not available. See the official documentation for available features. - Enable
Cilium boolClusterwide Network Policy - Whether CiliumClusterWideNetworkPolicy is enabled on this cluster. Defaults to false.
- Enable
Fqdn boolNetwork Policy - Whether FQDN Network Policy is enabled on this cluster. Users who enable this feature for existing Standard clusters must restart the GKE Dataplane V2
anetd
DaemonSet after enabling it. See the Enable FQDN Network Policy in an existing cluster for more information. - Enable
Intranode boolVisibility - Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.
- Enable
K8s ClusterBeta Apis Enable K8s Beta Apis - Configuration for Kubernetes Beta APIs. Structure is documented below.
- Enable
Kubernetes boolAlpha - Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.
- Enable
L4Ilb boolSubsetting - Whether L4ILB Subsetting is enabled for this cluster.
- Enable
Legacy boolAbac - Whether the ABAC authorizer is enabled for this cluster.
When enabled, identities in the system, including service accounts, nodes, and controllers,
will have statically granted permissions beyond those provided by the RBAC configuration or IAM.
Defaults to
false
- Enable
Multi boolNetworking - Whether multi-networking is enabled for this cluster.
- Enable
Shielded boolNodes - Enable Shielded Nodes features on all nodes in this cluster. Defaults to
true
. - Enable
Tpu bool - Whether to enable Cloud TPU resources in this cluster. See the official documentation.
- Enterprise
Config ClusterEnterprise Config Configuration for [Enterprise edition].(https://cloud.google.com/kubernetes-engine/enterprise/docs/concepts/gke-editions). Structure is documented below.
The
default_snat_status
block supports- Fleet
Cluster
Fleet - Fleet configuration for the cluster. Structure is documented below.
- Gateway
Api ClusterConfig Gateway Api Config - Configuration for GKE Gateway API controller. Structure is documented below.
- Identity
Service ClusterConfig Identity Service Config - . Structure is documented below.
- Initial
Node intCount - The number of nodes to create in this
cluster's default node pool. In regional or multi-zonal clusters, this is the
number of nodes per zone. Must be set if
node_pool
is not set. If you're usinggcp.container.NodePool
objects with no default node pool, you'll need to set this to a value of at least1
, alongside settingremove_default_node_pool
totrue
. - Ip
Allocation ClusterPolicy Ip Allocation Policy - Configuration of cluster IP allocation for VPC-native clusters. If this block is unset during creation, it will be set by the GKE backend. Structure is documented below.
- Location string
- The location (region or zone) in which the cluster
master will be created, as well as the default node location. If you specify a
zone (such as
us-central1-a
), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such asus-west1
), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well - Logging
Config ClusterLogging Config - Logging configuration for the cluster. Structure is documented below.
- Logging
Service string - The logging service that the cluster should
write logs to. Available options include
logging.googleapis.com
(Legacy Stackdriver),logging.googleapis.com/kubernetes
(Stackdriver Kubernetes Engine Logging), andnone
. Defaults tologging.googleapis.com/kubernetes
- Maintenance
Policy ClusterMaintenance Policy - The maintenance policy to use for the cluster. Structure is documented below.
- Master
Auth ClusterMaster Auth - The authentication information for accessing the
Kubernetes master. Some values in this block are only returned by the API if
your service account has permission to get credentials for your GKE cluster. If
you see an unexpected diff unsetting your client cert, ensure you have the
container.clusters.getCredentials
permission. Structure is documented below. - Cluster
Master Authorized Networks Config - The desired
configuration options for master authorized networks. Omit the
nested
cidr_blocks
attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists). Structure is documented below. - Mesh
Certificates ClusterMesh Certificates - Structure is documented below.
- Min
Master stringVersion The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version--use the read-only
master_version
field to obtain that. If unset, the cluster's version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version). Most users will find thegcp.container.getEngineVersions
data source useful - it indicates which versions are available. If you intend to specify versions manually, the docs describe the various acceptable formats for this field.If you are using the
gcp.container.getEngineVersions
datasource with a regional cluster, ensure that you have provided alocation
to the datasource. A region can have a different set of supported versions than its corresponding zones, and not all zones in a region are guaranteed to support the same version.- Monitoring
Config ClusterMonitoring Config - Monitoring configuration for the cluster. Structure is documented below.
- Monitoring
Service string - The monitoring service that the cluster
should write metrics to.
Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API.
VM metrics will be collected by Google Compute Engine regardless of this setting
Available options include
monitoring.googleapis.com
(Legacy Stackdriver),monitoring.googleapis.com/kubernetes
(Stackdriver Kubernetes Engine Monitoring), andnone
. Defaults tomonitoring.googleapis.com/kubernetes
- Name string
- The name of the cluster, unique within the project and
location.
- Network string
- The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.
- Network
Policy ClusterNetwork Policy - Configuration options for the NetworkPolicy feature. Structure is documented below.
- Networking
Mode string - Determines whether alias IPs or routes will be used for pod IPs in the cluster.
Options are
VPC_NATIVE
orROUTES
.VPC_NATIVE
enables IP aliasing. Newly created clusters will default toVPC_NATIVE
. - Node
Config ClusterNode Config - Parameters used in creating the default node pool.
Generally, this field should not be used at the same time as a
gcp.container.NodePool
or anode_pool
block; this configuration manages the default node pool, which isn't recommended to be used. Structure is documented below. - Node
Locations List<string> The list of zones in which the cluster's nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If this is specified for a zonal cluster, omit the cluster's zone.
A "multi-zonal" cluster is a zonal cluster with at least one additional zone defined; in a multi-zonal cluster, the cluster master is only present in a single zone while nodes are present in each of the primary zone and the node locations. In contrast, in a regional cluster, cluster master nodes are present in multiple zones in the region. For that reason, regional clusters should be preferred.
- Node
Pool ClusterAuto Config Node Pool Auto Config - Node pool configs that apply to auto-provisioned node pools in autopilot clusters and node auto-provisioning-enabled clusters. Structure is documented below.
- Node
Pool ClusterDefaults Node Pool Defaults - Default NodePool settings for the entire cluster. These settings are overridden if specified on the specific NodePool object. Structure is documented below.
- Node
Pools List<ClusterNode Pool> - List of node pools associated with this cluster. See gcp.container.NodePool for schema. Warning: node pools defined inside a cluster can't be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say "these are the only node pools associated with this cluster", use the gcp.container.NodePool resource instead of this property.
- Node
Version string - The Kubernetes version on the nodes. Must either be unset
or set to the same value as
min_master_version
on create. Defaults to the default version set by GKE which is not necessarily the latest version. This only affects nodes in the default node pool. While a fuzzy version can be specified, it's recommended that you specify explicit versions as the provider will see spurious diffs when fuzzy versions are used. See thegcp.container.getEngineVersions
data source'sversion_prefix
field to approximate fuzzy versions. To update nodes in other node pools, use theversion
attribute on the node pool. - Notification
Config ClusterNotification Config - Configuration for the cluster upgrade notifications feature. Structure is documented below.
- Pod
Security ClusterPolicy Config Pod Security Policy Config - Configuration for the PodSecurityPolicy feature. Structure is documented below.
- Private
Cluster ClusterConfig Private Cluster Config - Configuration for private clusters, clusters with private nodes. Structure is documented below.
- Private
Ipv6Google stringAccess - The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4).
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Protect
Config ClusterProtect Config - Enable/Disable Protect API features for the cluster. Structure is documented below.
- Release
Channel ClusterRelease Channel - Configuration options for the Release channel
feature, which provide more control over automatic upgrades of your GKE clusters.
When updating this field, GKE imposes specific version requirements. See
Selecting a new release channel
for more details; the
gcp.container.getEngineVersions
datasource can provide the default version for a channel. Note that removing therelease_channel
field from your config will cause the provider to stop managing your cluster's release channel, but will not unenroll it. Instead, use the"UNSPECIFIED"
channel. Structure is documented below. - Remove
Default boolNode Pool - If
true
, deletes the default node pool upon cluster creation. If you're usinggcp.container.NodePool
resources with no default node pool, this should be set totrue
, alongside settinginitial_node_count
to at least1
. - Resource
Labels Dictionary<string, string> The GCE resource labels (a map of key/value pairs) to be applied to the cluster.
Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Resource
Usage ClusterExport Config Resource Usage Export Config - Configuration for the ResourceUsageExportConfig feature. Structure is documented below.
- Secret
Manager ClusterConfig Secret Manager Config - Configuration for the SecretManagerConfig feature. Structure is documented below.
- Security
Posture ClusterConfig Security Posture Config - Enable/Disable Security Posture API features for the cluster. Structure is documented below.
- Service
External ClusterIps Config Service External Ips Config - Structure is documented below.
- Subnetwork string
- The name or self_link of the Google Compute Engine subnetwork in which the cluster's instances are launched.
- Tpu
Config ClusterTpu Config - TPU configuration for the cluster.
- User
Managed ClusterKeys Config User Managed Keys Config - The custom keys configuration of the cluster.
- Vertical
Pod ClusterAutoscaling Vertical Pod Autoscaling - Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.
- Workload
Alts ClusterConfig Workload Alts Config - Configuration for direct-path (via ALTS) with workload identity.. Structure is documented below.
- Workload
Identity ClusterConfig Workload Identity Config - Workload Identity allows Kubernetes service accounts to act as a user-managed Google IAM Service Account. Structure is documented below.
- Addons
Config ClusterAddons Config Args - The configuration for addons supported by GKE. Structure is documented below.
- Allow
Net boolAdmin - Enable NET_ADMIN for the cluster. Defaults to
false
. This field should only be enabled for Autopilot clusters (enable_autopilot
set totrue
). - Authenticator
Groups ClusterConfig Authenticator Groups Config Args - Configuration for the Google Groups for GKE feature. Structure is documented below.
- Cluster
Binary Authorization Args - Configuration options for the Binary Authorization feature. Structure is documented below.
- Cluster
Autoscaling ClusterCluster Autoscaling Args - Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster's workload. See the guide to using Node Auto-Provisioning for more details. Structure is documented below.
- Cluster
Ipv4Cidr string - The IP address range of the Kubernetes pods
in this cluster in CIDR notation (e.g.
10.96.0.0/14
). Leave blank to have one automatically chosen or specify a/14
block in10.0.0.0/8
. This field will default a new cluster to routes-based, whereip_allocation_policy
is not defined. - Cluster
Telemetry ClusterCluster Telemetry Args - Configuration for ClusterTelemetry feature, Structure is documented below.
- Confidential
Nodes ClusterConfidential Nodes Args - Configuration for Confidential Nodes feature. Structure is documented below documented below.
- Control
Plane ClusterEndpoints Config Control Plane Endpoints Config Args - Configuration for all of the cluster's control plane endpoints. Structure is documented below.
- Cost
Management ClusterConfig Cost Management Config Args - Configuration for the Cost Allocation feature. Structure is documented below.
- Database
Encryption ClusterDatabase Encryption Args - Structure is documented below.
- Datapath
Provider string - The desired datapath provider for this cluster. This is set to
LEGACY_DATAPATH
by default, which uses the IPTables-based kube-proxy implementation. Set toADVANCED_DATAPATH
to enable Dataplane v2. - Default
Max intPods Per Node - The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled. See the official documentation for more information.
- Default
Snat ClusterStatus Default Snat Status Args - GKE SNAT DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster, API doc. Structure is documented below
- Deletion
Protection bool - Description string
- Description of the cluster.
- Dns
Config ClusterDns Config Args - Configuration for Using Cloud DNS for GKE. Structure is documented below.
- Enable
Autopilot bool - Enable Autopilot for this cluster. Defaults to
false
. Note that when this option is enabled, certain features of Standard GKE are not available. See the official documentation for available features. - Enable
Cilium boolClusterwide Network Policy - Whether CiliumClusterWideNetworkPolicy is enabled on this cluster. Defaults to false.
- Enable
Fqdn boolNetwork Policy - Whether FQDN Network Policy is enabled on this cluster. Users who enable this feature for existing Standard clusters must restart the GKE Dataplane V2
anetd
DaemonSet after enabling it. See the Enable FQDN Network Policy in an existing cluster for more information. - Enable
Intranode boolVisibility - Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.
- Enable
K8s ClusterBeta Apis Enable K8s Beta Apis Args - Configuration for Kubernetes Beta APIs. Structure is documented below.
- Enable
Kubernetes boolAlpha - Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.
- Enable
L4Ilb boolSubsetting - Whether L4ILB Subsetting is enabled for this cluster.
- Enable
Legacy boolAbac - Whether the ABAC authorizer is enabled for this cluster.
When enabled, identities in the system, including service accounts, nodes, and controllers,
will have statically granted permissions beyond those provided by the RBAC configuration or IAM.
Defaults to
false
- Enable
Multi boolNetworking - Whether multi-networking is enabled for this cluster.
- Enable
Shielded boolNodes - Enable Shielded Nodes features on all nodes in this cluster. Defaults to
true
. - Enable
Tpu bool - Whether to enable Cloud TPU resources in this cluster. See the official documentation.
- Enterprise
Config ClusterEnterprise Config Args Configuration for [Enterprise edition].(https://cloud.google.com/kubernetes-engine/enterprise/docs/concepts/gke-editions). Structure is documented below.
The
default_snat_status
block supports- Fleet
Cluster
Fleet Args - Fleet configuration for the cluster. Structure is documented below.
- Gateway
Api ClusterConfig Gateway Api Config Args - Configuration for GKE Gateway API controller. Structure is documented below.
- Identity
Service ClusterConfig Identity Service Config Args - . Structure is documented below.
- Initial
Node intCount - The number of nodes to create in this
cluster's default node pool. In regional or multi-zonal clusters, this is the
number of nodes per zone. Must be set if
node_pool
is not set. If you're usinggcp.container.NodePool
objects with no default node pool, you'll need to set this to a value of at least1
, alongside settingremove_default_node_pool
totrue
. - Ip
Allocation ClusterPolicy Ip Allocation Policy Args - Configuration of cluster IP allocation for VPC-native clusters. If this block is unset during creation, it will be set by the GKE backend. Structure is documented below.
- Location string
- The location (region or zone) in which the cluster
master will be created, as well as the default node location. If you specify a
zone (such as
us-central1-a
), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such asus-west1
), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well - Logging
Config ClusterLogging Config Args - Logging configuration for the cluster. Structure is documented below.
- Logging
Service string - The logging service that the cluster should
write logs to. Available options include
logging.googleapis.com
(Legacy Stackdriver),logging.googleapis.com/kubernetes
(Stackdriver Kubernetes Engine Logging), andnone
. Defaults tologging.googleapis.com/kubernetes
- Maintenance
Policy ClusterMaintenance Policy Args - The maintenance policy to use for the cluster. Structure is documented below.
- Master
Auth ClusterMaster Auth Args - The authentication information for accessing the
Kubernetes master. Some values in this block are only returned by the API if
your service account has permission to get credentials for your GKE cluster. If
you see an unexpected diff unsetting your client cert, ensure you have the
container.clusters.getCredentials
permission. Structure is documented below. - Cluster
Master Authorized Networks Config Args - The desired
configuration options for master authorized networks. Omit the
nested
cidr_blocks
attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists). Structure is documented below. - Mesh
Certificates ClusterMesh Certificates Args - Structure is documented below.
- Min
Master stringVersion The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version--use the read-only
master_version
field to obtain that. If unset, the cluster's version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version). Most users will find thegcp.container.getEngineVersions
data source useful - it indicates which versions are available. If you intend to specify versions manually, the docs describe the various acceptable formats for this field.If you are using the
gcp.container.getEngineVersions
datasource with a regional cluster, ensure that you have provided alocation
to the datasource. A region can have a different set of supported versions than its corresponding zones, and not all zones in a region are guaranteed to support the same version.- Monitoring
Config ClusterMonitoring Config Args - Monitoring configuration for the cluster. Structure is documented below.
- Monitoring
Service string - The monitoring service that the cluster
should write metrics to.
Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API.
VM metrics will be collected by Google Compute Engine regardless of this setting
Available options include
monitoring.googleapis.com
(Legacy Stackdriver),monitoring.googleapis.com/kubernetes
(Stackdriver Kubernetes Engine Monitoring), andnone
. Defaults tomonitoring.googleapis.com/kubernetes
- Name string
- The name of the cluster, unique within the project and
location.
- Network string
- The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.
- Network
Policy ClusterNetwork Policy Args - Configuration options for the NetworkPolicy feature. Structure is documented below.
- Networking
Mode string - Determines whether alias IPs or routes will be used for pod IPs in the cluster.
Options are
VPC_NATIVE
orROUTES
.VPC_NATIVE
enables IP aliasing. Newly created clusters will default toVPC_NATIVE
. - Node
Config ClusterNode Config Args - Parameters used in creating the default node pool.
Generally, this field should not be used at the same time as a
gcp.container.NodePool
or anode_pool
block; this configuration manages the default node pool, which isn't recommended to be used. Structure is documented below. - Node
Locations []string The list of zones in which the cluster's nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If this is specified for a zonal cluster, omit the cluster's zone.
A "multi-zonal" cluster is a zonal cluster with at least one additional zone defined; in a multi-zonal cluster, the cluster master is only present in a single zone while nodes are present in each of the primary zone and the node locations. In contrast, in a regional cluster, cluster master nodes are present in multiple zones in the region. For that reason, regional clusters should be preferred.
- Node
Pool ClusterAuto Config Node Pool Auto Config Args - Node pool configs that apply to auto-provisioned node pools in autopilot clusters and node auto-provisioning-enabled clusters. Structure is documented below.
- Node
Pool ClusterDefaults Node Pool Defaults Args - Default NodePool settings for the entire cluster. These settings are overridden if specified on the specific NodePool object. Structure is documented below.
- Node
Pools []ClusterNode Pool Args - List of node pools associated with this cluster. See gcp.container.NodePool for schema. Warning: node pools defined inside a cluster can't be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say "these are the only node pools associated with this cluster", use the gcp.container.NodePool resource instead of this property.
- Node
Version string - The Kubernetes version on the nodes. Must either be unset
or set to the same value as
min_master_version
on create. Defaults to the default version set by GKE which is not necessarily the latest version. This only affects nodes in the default node pool. While a fuzzy version can be specified, it's recommended that you specify explicit versions as the provider will see spurious diffs when fuzzy versions are used. See thegcp.container.getEngineVersions
data source'sversion_prefix
field to approximate fuzzy versions. To update nodes in other node pools, use theversion
attribute on the node pool. - Notification
Config ClusterNotification Config Args - Configuration for the cluster upgrade notifications feature. Structure is documented below.
- Pod
Security ClusterPolicy Config Pod Security Policy Config Args - Configuration for the PodSecurityPolicy feature. Structure is documented below.
- Private
Cluster ClusterConfig Private Cluster Config Args - Configuration for private clusters, clusters with private nodes. Structure is documented below.
- Private
Ipv6Google stringAccess - The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4).
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Protect
Config ClusterProtect Config Args - Enable/Disable Protect API features for the cluster. Structure is documented below.
- Release
Channel ClusterRelease Channel Args - Configuration options for the Release channel
feature, which provide more control over automatic upgrades of your GKE clusters.
When updating this field, GKE imposes specific version requirements. See
Selecting a new release channel
for more details; the
gcp.container.getEngineVersions
datasource can provide the default version for a channel. Note that removing therelease_channel
field from your config will cause the provider to stop managing your cluster's release channel, but will not unenroll it. Instead, use the"UNSPECIFIED"
channel. Structure is documented below. - Remove
Default boolNode Pool - If
true
, deletes the default node pool upon cluster creation. If you're usinggcp.container.NodePool
resources with no default node pool, this should be set totrue
, alongside settinginitial_node_count
to at least1
. - Resource
Labels map[string]string The GCE resource labels (a map of key/value pairs) to be applied to the cluster.
Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
- Resource
Usage ClusterExport Config Resource Usage Export Config Args - Configuration for the ResourceUsageExportConfig feature. Structure is documented below.
- Secret
Manager ClusterConfig Secret Manager Config Args - Configuration for the SecretManagerConfig feature. Structure is documented below.
- Security
Posture ClusterConfig Security Posture Config Args - Enable/Disable Security Posture API features for the cluster. Structure is documented below.
- Service
External ClusterIps Config Service External Ips Config Args - Structure is documented below.
- Subnetwork string
- The name or self_link of the Google Compute Engine subnetwork in which the cluster's instances are launched.
- Tpu
Config ClusterTpu Config Args - TPU configuration for the cluster.
- User
Managed ClusterKeys Config User Managed Keys Config Args - The custom keys configuration of the cluster.
- Vertical
Pod ClusterAutoscaling Vertical Pod Autoscaling Args - Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.
- Workload
Alts ClusterConfig Workload Alts Config Args - Configuration for direct-path (via ALTS) with workload identity.. Structure is documented below.
- Workload
Identity ClusterConfig Workload Identity Config Args - Workload Identity allows Kubernetes service accounts to act as a user-managed Google IAM Service Account. Structure is documented below.
- addons
Config ClusterAddons Config - The configuration for addons supported by GKE. Structure is documented below.
- allow
Net BooleanAdmin - Enable NET_ADMIN for the cluster. Defaults to
false
. This field should only be enabled for Autopilot clusters (enable_autopilot
set totrue
). - authenticator
Groups ClusterConfig Authenticator Groups Config - Configuration for the Google Groups for GKE feature. Structure is documented below.
- Cluster
Binary Authorization - Configuration options for the Binary Authorization feature. Structure is documented below.
- cluster
Autoscaling ClusterCluster Autoscaling - Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster's workload. See the guide to using Node Auto-Provisioning for more details. Structure is documented below.
- cluster
Ipv4Cidr String - The IP address range of the Kubernetes pods
in this cluster in CIDR notation (e.g.
10.96.0.0/14
). Leave blank to have one automatically chosen or specify a/14
block in10.0.0.0/8
. This field will default a new cluster to routes-based, whereip_allocation_policy
is not defined. - cluster
Telemetry ClusterCluster Telemetry - Configuration for ClusterTelemetry feature, Structure is documented below.
- confidential
Nodes ClusterConfidential Nodes - Configuration for Confidential Nodes feature. Structure is documented below documented below.
- control
Plane ClusterEndpoints Config Control Plane Endpoints Config - Configuration for all of the cluster's control plane endpoints. Structure is documented below.
- cost
Management ClusterConfig Cost Management Config - Configuration for the Cost Allocation feature. Structure is documented below.
- database
Encryption ClusterDatabase Encryption - Structure is documented below.
- datapath
Provider String - The desired datapath provider for this cluster. This is set to
LEGACY_DATAPATH
by default, which uses the IPTables-based kube-proxy implementation. Set toADVANCED_DATAPATH
to enable Dataplane v2. - default
Max IntegerPods Per Node - The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled. See the official documentation for more information.
- default
Snat ClusterStatus Default Snat Status - GKE SNAT DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster, API doc. Structure is documented below
- deletion
Protection Boolean - description String
- Description of the cluster.
- dns
Config ClusterDns Config - Configuration for Using Cloud DNS for GKE. Structure is documented below.
- enable
Autopilot Boolean - Enable Autopilot for this cluster. Defaults to
false
. Note that when this option is enabled, certain features of Standard GKE are not available. See the official documentation for available features. - enable
Cilium BooleanClusterwide Network Policy - Whether CiliumClusterWideNetworkPolicy is enabled on this cluster. Defaults to false.
- enable
Fqdn BooleanNetwork Policy - Whether FQDN Network Policy is enabled on this cluster. Users who enable this feature for existing Standard clusters must restart the GKE Dataplane V2
anetd
DaemonSet after enabling it. See the Enable FQDN Network Policy in an existing cluster for more information. - enable
Intranode BooleanVisibility - Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.
- enable
K8s ClusterBeta Apis Enable K8s Beta Apis - Configuration for Kubernetes Beta APIs. Structure is documented below.
- enable
Kubernetes BooleanAlpha - Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.
- enable
L4Ilb BooleanSubsetting - Whether L4ILB Subsetting is enabled for this cluster.
- enable
Legacy BooleanAbac - Whether the ABAC authorizer is enabled for this cluster.
When enabled, identities in the system, including service accounts, nodes, and controllers,
will have statically granted permissions beyond those provided by the RBAC configuration or IAM.
Defaults to
false
- enable
Multi BooleanNetworking - Whether multi-networking is enabled for this cluster.
- enable
Shielded BooleanNodes - Enable Shielded Nodes features on all nodes in this cluster. Defaults to
true
. - enable
Tpu Boolean - Whether to enable Cloud TPU resources in this cluster. See the official documentation.
- enterprise
Config ClusterEnterprise Config Configuration for [Enterprise edition].(https://cloud.google.com/kubernetes-engine/enterprise/docs/concepts/gke-editions). Structure is documented below.
The
default_snat_status
block supports- fleet
Cluster
Fleet - Fleet configuration for the cluster. Structure is documented below.
- gateway
Api ClusterConfig Gateway Api Config - Configuration for GKE Gateway API controller. Structure is documented below.
- identity
Service ClusterConfig Identity Service Config - . Structure is documented below.
- initial
Node IntegerCount - The number of nodes to create in this
cluster's default node pool. In regional or multi-zonal clusters, this is the
number of nodes per zone. Must be set if
node_pool
is not set. If you're usinggcp.container.NodePool
objects with no default node pool, you'll need to set this to a value of at least1
, alongside settingremove_default_node_pool
totrue
. - ip
Allocation ClusterPolicy Ip Allocation Policy - Configuration of cluster IP allocation for VPC-native clusters. If this block is unset during creation, it will be set by the GKE backend. Structure is documented below.
- location String
- The location (region or zone) in which the cluster
master will be created, as well as the default node location. If you specify a
zone (such as
us-central1-a
), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such asus-west1
), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well - logging
Config ClusterLogging Config - Logging configuration for the cluster. Structure is documented below.
- logging
Service String - The logging service that the cluster should
write logs to. Available options include
logging.googleapis.com
(Legacy Stackdriver),logging.googleapis.com/kubernetes
(Stackdriver Kubernetes Engine Logging), andnone
. Defaults tologging.googleapis.com/kubernetes
- maintenance
Policy Cluster