Add boot_disk_kms_key to node_config (#166)
* Add support for CMEK to encrypt boot disks * Fix typo in variable name Co-authored-by: Niccolo Raspa <niccolo@sighup.io>
This commit is contained in:
parent
42a865b8fa
commit
5bfba15acf
|
@ -48,6 +48,7 @@ module "cluster-1-nodepool-1" {
|
||||||
| *management_config* | Optional node management configuration. | <code title="object({ auto_repair = bool auto_upgrade = bool })">object({...})</code> | | <code title="">null</code> |
|
| *management_config* | Optional node management configuration. | <code title="object({ auto_repair = bool auto_upgrade = bool })">object({...})</code> | | <code title="">null</code> |
|
||||||
| *max_pods_per_node* | Maximum number of pods per node. | <code title="">number</code> | | <code title="">null</code> |
|
| *max_pods_per_node* | Maximum number of pods per node. | <code title="">number</code> | | <code title="">null</code> |
|
||||||
| *name* | Optional nodepool name. | <code title="">string</code> | | <code title="">null</code> |
|
| *name* | Optional nodepool name. | <code title="">string</code> | | <code title="">null</code> |
|
||||||
|
| *node_boot_disk_kms_key* | Customer Managed Encryption Key used to encrypt the boot disk attached to each node | <code title="">string</code> | | <code title="">null</code> |
|
||||||
| *node_count* | Number of nodes per instance group, can be updated after creation. Ignored when autoscaling is set. | <code title="">number</code> | | <code title="">null</code> |
|
| *node_count* | Number of nodes per instance group, can be updated after creation. Ignored when autoscaling is set. | <code title="">number</code> | | <code title="">null</code> |
|
||||||
| *node_disk_size* | Node disk size, defaults to 100GB. | <code title="">number</code> | | <code title="">100</code> |
|
| *node_disk_size* | Node disk size, defaults to 100GB. | <code title="">number</code> | | <code title="">100</code> |
|
||||||
| *node_disk_type* | Node disk type, defaults to pd-standard. | <code title="">string</code> | | <code title="">pd-standard</code> |
|
| *node_disk_type* | Node disk type, defaults to pd-standard. | <code title="">string</code> | | <code title="">pd-standard</code> |
|
||||||
|
|
|
@ -88,6 +88,7 @@ resource "google_container_node_pool" "nodepool" {
|
||||||
preemptible = var.node_preemptible
|
preemptible = var.node_preemptible
|
||||||
service_account = local.service_account_email
|
service_account = local.service_account_email
|
||||||
tags = var.node_tags
|
tags = var.node_tags
|
||||||
|
boot_disk_kms_key = var.node_boot_disk_kms_key
|
||||||
|
|
||||||
dynamic guest_accelerator {
|
dynamic guest_accelerator {
|
||||||
for_each = var.node_guest_accelerator
|
for_each = var.node_guest_accelerator
|
||||||
|
|
|
@ -66,6 +66,12 @@ variable "name" {
|
||||||
default = null
|
default = null
|
||||||
}
|
}
|
||||||
|
|
||||||
|
variable "node_boot_disk_kms_key" {
|
||||||
|
description = "Customer Managed Encryption Key used to encrypt the boot disk attached to each node"
|
||||||
|
type = string
|
||||||
|
default = null
|
||||||
|
}
|
||||||
|
|
||||||
variable "node_disk_size" {
|
variable "node_disk_size" {
|
||||||
description = "Node disk size, defaults to 100GB."
|
description = "Node disk size, defaults to 100GB."
|
||||||
type = number
|
type = number
|
||||||
|
|
Loading…
Reference in New Issue