From 0a91a717bb571619fc7930a3ada477b945cab86f Mon Sep 17 00:00:00 2001 From: Pratik Mallya Date: Tue, 18 Sep 2018 23:15:02 -0700 Subject: [PATCH 1/2] Enable specifying master_authorized_networks_config --- cluster_regional.tf | 2 ++ cluster_zonal.tf | 2 ++ outputs.tf | 5 +++++ variables.tf | 6 ++++++ 4 files changed, 15 insertions(+) diff --git a/cluster_regional.tf b/cluster_regional.tf index 61c2df6b4e..8b6eeb4d1f 100644 --- a/cluster_regional.tf +++ b/cluster_regional.tf @@ -33,6 +33,8 @@ resource "google_container_cluster" "primary" { logging_service = "${var.logging_service}" monitoring_service = "${var.monitoring_service}" + master_authorized_networks_config = "${var.master_authorized_networks_config}" + addons_config { http_load_balancing { disabled = "${var.http_load_balancing ? 0 : 1}" diff --git a/cluster_zonal.tf b/cluster_zonal.tf index 053fcde549..c506558da4 100644 --- a/cluster_zonal.tf +++ b/cluster_zonal.tf @@ -33,6 +33,8 @@ resource "google_container_cluster" "zonal_primary" { logging_service = "${var.logging_service}" monitoring_service = "${var.monitoring_service}" + master_authorized_networks_config = "${var.master_authorized_networks_config}" + addons_config { http_load_balancing { disabled = "${var.http_load_balancing ? 0 : 1}" diff --git a/outputs.tf b/outputs.tf index d74cdbcb31..98f8fa8754 100644 --- a/outputs.tf +++ b/outputs.tf @@ -60,6 +60,11 @@ output "monitoring_service" { value = "${local.cluster_monitoring_service}" } +output "master_authorized_networks_config" { + description = "Networks from which access to master is permitted" + value = "${var.master_authorized_networks_config}" +} + output "master_version" { description = "Current master kubernetes version" value = "${local.cluster_master_version}" diff --git a/variables.tf b/variables.tf index 643fcbf0e9..6dc411e644 100644 --- a/variables.tf +++ b/variables.tf @@ -65,6 +65,12 @@ variable "node_version" { default = "" } +variable "master_authorized_networks_config" { + description = "The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists)." + type = "list" + default = [] +} + variable "horizontal_pod_autoscaling" { description = "Enable horizontal pod autoscaling addon" default = false From 0214634ff39a789098f23258b5b0c8ae96fade94 Mon Sep 17 00:00:00 2001 From: Pratik Mallya Date: Fri, 21 Sep 2018 18:39:10 -0700 Subject: [PATCH 2/2] Use a more helpful variable description Many thanks to @qvallance for this tip! --- variables.tf | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/variables.tf b/variables.tf index 6dc411e644..e70e557369 100644 --- a/variables.tf +++ b/variables.tf @@ -66,9 +66,22 @@ variable "node_version" { } variable "master_authorized_networks_config" { - description = "The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists)." - type = "list" - default = [] + type = "list" + + description = <