diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md
index 4617cae0..33fb2ffd 100644
--- a/modules/gke-cluster/README.md
+++ b/modules/gke-cluster/README.md
@@ -68,44 +68,44 @@ module "cluster-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
-| [location](variables.tf#L159) | Cluster zone or region. | string | ✓ | |
-| [name](variables.tf#L226) | Cluster name. | string | ✓ | |
-| [network](variables.tf#L231) | Name or self link of the VPC used for the cluster. Use the self link for Shared VPC. | string | ✓ | |
-| [project_id](variables.tf#L275) | Cluster project id. | string | ✓ | |
-| [secondary_range_pods](variables.tf#L298) | Subnet secondary range name used for pods. | string | ✓ | |
-| [secondary_range_services](variables.tf#L303) | Subnet secondary range name used for services. | string | ✓ | |
-| [subnetwork](variables.tf#L308) | VPC subnetwork name or self link. | string | ✓ | |
-| [addons](variables.tf#L17) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} |
-| [authenticator_security_group](variables.tf#L51) | RBAC security group for Google Groups for GKE, format is gke-security-groups@yourdomain.com. | string | | null |
-| [cluster_autoscaling](variables.tf#L57) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | {…} |
-| [database_encryption](variables.tf#L75) | Enable and configure GKE application-layer secrets encryption. | object({…}) | | {…} |
-| [default_max_pods_per_node](variables.tf#L89) | Maximum number of pods per node in this cluster. | number | | 110 |
-| [description](variables.tf#L95) | Cluster description. | string | | null |
-| [dns_config](variables.tf#L101) | Configuration for Using Cloud DNS for GKE. | object({…}) | | null |
-| [enable_autopilot](variables.tf#L111) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node). | bool | | false |
-| [enable_binary_authorization](variables.tf#L117) | Enable Google Binary Authorization. | bool | | null |
-| [enable_dataplane_v2](variables.tf#L123) | Enable Dataplane V2 on the cluster, will disable network_policy addons config. | bool | | false |
-| [enable_intranode_visibility](variables.tf#L129) | Enable intra-node visibility to make same node pod to pod traffic visible. | bool | | null |
-| [enable_l4_ilb_subsetting](variables.tf#L135) | Enable L4ILB Subsetting. | bool | | null |
-| [enable_shielded_nodes](variables.tf#L141) | Enable Shielded Nodes features on all nodes in this cluster. | bool | | null |
-| [enable_tpu](variables.tf#L147) | Enable Cloud TPU resources in this cluster. | bool | | null |
-| [labels](variables.tf#L153) | Cluster resource labels. | map(string) | | null |
-| [logging_config](variables.tf#L164) | Logging configuration (enabled components). | list(string) | | null |
-| [logging_service](variables.tf#L170) | Logging service (disable with an empty string). | string | | "logging.googleapis.com/kubernetes" |
-| [maintenance_config](variables.tf#L176) | Maintenance window configuration. | object({…}) | | {…} |
-| [master_authorized_ranges](variables.tf#L202) | External Ip address ranges that can access the Kubernetes cluster master through HTTPS. | map(string) | | {} |
-| [min_master_version](variables.tf#L208) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null |
-| [monitoring_config](variables.tf#L214) | Monitoring configuration (enabled components). | list(string) | | null |
-| [monitoring_service](variables.tf#L220) | Monitoring service (disable with an empty string). | string | | "monitoring.googleapis.com/kubernetes" |
-| [node_locations](variables.tf#L236) | Zones in which the cluster's nodes are located. | list(string) | | [] |
-| [notification_config](variables.tf#L242) | GKE Cluster upgrade notifications via PubSub. | bool | | false |
-| [peering_config](variables.tf#L248) | Configure peering with the master VPC for private clusters. | object({…}) | | null |
-| [pod_security_policy](variables.tf#L258) | Enable the PodSecurityPolicy feature. | bool | | null |
-| [private_cluster_config](variables.tf#L264) | Enable and configure private cluster, private nodes must be true if used. | object({…}) | | null |
-| [release_channel](variables.tf#L280) | Release channel for GKE upgrades. | string | | null |
-| [resource_usage_export_config](variables.tf#L286) | Configure the ResourceUsageExportConfig feature. | object({…}) | | {…} |
-| [vertical_pod_autoscaling](variables.tf#L313) | Enable the Vertical Pod Autoscaling feature. | bool | | null |
-| [workload_identity](variables.tf#L319) | Enable the Workload Identity feature. | bool | | true |
+| [location](variables.tf#L161) | Cluster zone or region. | string | ✓ | |
+| [name](variables.tf#L228) | Cluster name. | string | ✓ | |
+| [network](variables.tf#L233) | Name or self link of the VPC used for the cluster. Use the self link for Shared VPC. | string | ✓ | |
+| [project_id](variables.tf#L277) | Cluster project id. | string | ✓ | |
+| [secondary_range_pods](variables.tf#L300) | Subnet secondary range name used for pods. | string | ✓ | |
+| [secondary_range_services](variables.tf#L305) | Subnet secondary range name used for services. | string | ✓ | |
+| [subnetwork](variables.tf#L310) | VPC subnetwork name or self link. | string | ✓ | |
+| [addons](variables.tf#L17) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} |
+| [authenticator_security_group](variables.tf#L53) | RBAC security group for Google Groups for GKE, format is gke-security-groups@yourdomain.com. | string | | null |
+| [cluster_autoscaling](variables.tf#L59) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | {…} |
+| [database_encryption](variables.tf#L77) | Enable and configure GKE application-layer secrets encryption. | object({…}) | | {…} |
+| [default_max_pods_per_node](variables.tf#L91) | Maximum number of pods per node in this cluster. | number | | 110 |
+| [description](variables.tf#L97) | Cluster description. | string | | null |
+| [dns_config](variables.tf#L103) | Configuration for Using Cloud DNS for GKE. | object({…}) | | null |
+| [enable_autopilot](variables.tf#L113) | Create cluster in autopilot mode. With autopilot there's no need to create node-pools and some features are not supported (e.g. setting default_max_pods_per_node). | bool | | false |
+| [enable_binary_authorization](variables.tf#L119) | Enable Google Binary Authorization. | bool | | null |
+| [enable_dataplane_v2](variables.tf#L125) | Enable Dataplane V2 on the cluster, will disable network_policy addons config. | bool | | false |
+| [enable_intranode_visibility](variables.tf#L131) | Enable intra-node visibility to make same node pod to pod traffic visible. | bool | | null |
+| [enable_l4_ilb_subsetting](variables.tf#L137) | Enable L4ILB Subsetting. | bool | | null |
+| [enable_shielded_nodes](variables.tf#L143) | Enable Shielded Nodes features on all nodes in this cluster. | bool | | null |
+| [enable_tpu](variables.tf#L149) | Enable Cloud TPU resources in this cluster. | bool | | null |
+| [labels](variables.tf#L155) | Cluster resource labels. | map(string) | | null |
+| [logging_config](variables.tf#L166) | Logging configuration (enabled components). | list(string) | | null |
+| [logging_service](variables.tf#L172) | Logging service (disable with an empty string). | string | | "logging.googleapis.com/kubernetes" |
+| [maintenance_config](variables.tf#L178) | Maintenance window configuration. | object({…}) | | {…} |
+| [master_authorized_ranges](variables.tf#L204) | External Ip address ranges that can access the Kubernetes cluster master through HTTPS. | map(string) | | {} |
+| [min_master_version](variables.tf#L210) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null |
+| [monitoring_config](variables.tf#L216) | Monitoring configuration (enabled components). | list(string) | | null |
+| [monitoring_service](variables.tf#L222) | Monitoring service (disable with an empty string). | string | | "monitoring.googleapis.com/kubernetes" |
+| [node_locations](variables.tf#L238) | Zones in which the cluster's nodes are located. | list(string) | | [] |
+| [notification_config](variables.tf#L244) | GKE Cluster upgrade notifications via PubSub. | bool | | false |
+| [peering_config](variables.tf#L250) | Configure peering with the master VPC for private clusters. | object({…}) | | null |
+| [pod_security_policy](variables.tf#L260) | Enable the PodSecurityPolicy feature. | bool | | null |
+| [private_cluster_config](variables.tf#L266) | Enable and configure private cluster, private nodes must be true if used. | object({…}) | | null |
+| [release_channel](variables.tf#L282) | Release channel for GKE upgrades. | string | | null |
+| [resource_usage_export_config](variables.tf#L288) | Configure the ResourceUsageExportConfig feature. | object({…}) | | {…} |
+| [vertical_pod_autoscaling](variables.tf#L315) | Enable the Vertical Pod Autoscaling feature. | bool | | null |
+| [workload_identity](variables.tf#L321) | Enable the Workload Identity feature. | bool | | true |
## Outputs
diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf
index f82279bf..64762b67 100644
--- a/modules/gke-cluster/main.tf
+++ b/modules/gke-cluster/main.tf
@@ -96,6 +96,9 @@ resource "google_container_cluster" "cluster" {
config_connector_config {
enabled = var.addons.config_connector_config
}
+ gke_backup_agent_config {
+ enabled = var.addons.gke_backup_agent_config
+ }
}
# TODO(ludomagno): support setting address ranges instead of range names
diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf
index 487aff53..67939020 100644
--- a/modules/gke-cluster/variables.tf
+++ b/modules/gke-cluster/variables.tf
@@ -30,6 +30,7 @@ variable "addons" {
gcp_filestore_csi_driver_config = bool
config_connector_config = bool
kalm_config = bool
+ gke_backup_agent_config = bool
})
default = {
cloudrun_config = false
@@ -45,6 +46,7 @@ variable "addons" {
gcp_filestore_csi_driver_config = false
config_connector_config = false
kalm_config = false
+ gke_backup_agent_config = false
}
}