Name	Name	Last commit message	Last commit date
parent directory ..
manifests/gke-ip-masq	manifests/gke-ip-masq
templates	templates
.terraform-docs.yml	.terraform-docs.yml
README.md	README.md
admiralty.tf	admiralty.tf
cert-manager-csi-driver.tf	cert-manager-csi-driver.tf
cert-manager.tf	cert-manager.tf
data.tf	data.tf
external-dns.tf	external-dns.tf
flux2.tf	flux2.tf
helm-dependencies.yaml	helm-dependencies.yaml
ingress-nginx.tf	ingress-nginx.tf
ip-masq-agent.tf	ip-masq-agent.tf
k8gb.tf	k8gb.tf
karma.tf	karma.tf
keda.tf	keda.tf
kube-prometheus-crd.tf	kube-prometheus-crd.tf
kube-prometheus.tf	kube-prometheus.tf
linkerd-viz.tf	linkerd-viz.tf
linkerd.tf	linkerd.tf
linkerd2-cni.tf	linkerd2-cni.tf
locals.tf	locals.tf
loki-stack.tf	loki-stack.tf
node-problem-detector.tf	node-problem-detector.tf
priority-class.tf	priority-class.tf
prometheus-adapter.tf	prometheus-adapter.tf
promtail.tf	promtail.tf
reloader.tf	reloader.tf
sealed-secrets.tf	sealed-secrets.tf
secrets-store-csi-driver.tf	secrets-store-csi-driver.tf
thanos-memcached.tf	thanos-memcached.tf
thanos-receive.tf	thanos-receive.tf
thanos-storegateway.tf	thanos-storegateway.tf
thanos-tls-querier.tf	thanos-tls-querier.tf
thanos.tf	thanos.tf
traefik.tf	traefik.tf
variables-google.tf	variables-google.tf
variables.tf	variables.tf
velero.tf	velero.tf
versions.tf	versions.tf
victoria-metrics-k8s-stack.tf	victoria-metrics-k8s-stack.tf

terraform-kubernetes-addons:google

About

Provides various addons that are often used on Kubernetes with Google and GKE.

Terraform docs

Provides various Kubernetes addons that are often used on Kubernetes with GCP

Requirements

Name	Version
terraform	>= 1.3
flux	~> 1.0
github	~> 6.0
google	>= 4.69
google-beta	>= 4.69
helm	~> 2.0
http	>= 3
jinja	~> 2.0
kubectl	~> 2.0
kubernetes	~> 2.0, != 2.12
tls	~> 4.0

Providers

Name	Version
flux	~> 1.0
github	~> 6.0
google	>= 4.69
helm	~> 2.0
http	>= 3
jinja	~> 2.0
kubectl	~> 2.0
kubernetes	~> 2.0, != 2.12
random	n/a
time	n/a
tls	~> 4.0

Modules

Name	Source	Version
cert_manager_workload_identity	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0.0
external_dns_workload_identity	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0.0
iam_assumable_sa_kube-prometheus-stack_grafana	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_kube-prometheus-stack_thanos	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_loki-stack	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-compactor	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-receive	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-receive-compactor	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-receive-receive	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-receive-sg	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-sg	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_thanos-storegateway	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
iam_assumable_sa_velero	terraform-google-modules/kubernetes-engine/google//modules/workload-identity	~> 35.0
kube-prometheus-stack_grafana-iam-member	terraform-google-modules/iam/google//modules/member_iam	~> 8.0
kube-prometheus-stack_kube-prometheus-stack_bucket	terraform-google-modules/cloud-storage/google//modules/simple_bucket	~> 9.0
kube-prometheus-stack_thanos_kms_bucket	terraform-google-modules/kms/google	~> 3.0
loki-stack_bucket	terraform-google-modules/cloud-storage/google//modules/simple_bucket	~> 9.0
loki-stack_kms_bucket	terraform-google-modules/kms/google	~> 3.0
thanos-receive_bucket	terraform-google-modules/cloud-storage/google	~> 9.0
thanos-receive_kms_bucket	terraform-google-modules/kms/google	~> 3.0
thanos-storegateway_bucket_iam	terraform-google-modules/iam/google//modules/storage_buckets_iam	~> 8.0
thanos_bucket	terraform-google-modules/cloud-storage/google//modules/simple_bucket	~> 9.0
thanos_kms_bucket	terraform-google-modules/kms/google	~> 3.0
velero_bucket	github.com/terraform-google-modules/terraform-google-cloud-storage//modules/simple_bucket	v9.0.0

Resources

Name	Type
flux_bootstrap_git.flux	resource
github_branch_default.main	resource
github_repository.main	resource
github_repository_deploy_key.main	resource
google_dns_managed_zone_iam_member.cert_manager_cloud_dns_iam_permissions	resource
google_dns_managed_zone_iam_member.external_dns_cloud_dns_iam_permissions	resource
google_project_iam_custom_role.velero	resource
google_project_iam_member.velero	resource
google_storage_bucket_iam_member.kube_prometheus_stack_thanos_bucket_objectAdmin_iam_permission	resource
google_storage_bucket_iam_member.kube_prometheus_stack_thanos_bucket_objectViewer_iam_permission	resource
google_storage_bucket_iam_member.loki-stack_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.loki-stack_gcs_iam_objectUser_permissions	resource
google_storage_bucket_iam_member.thanos-receive-receive_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.thanos-receive_compactor_gcs_iam_legacyBucketWriter_permissions	resource
google_storage_bucket_iam_member.thanos-receive_compactor_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos-receive_compactor_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.thanos-receive_receive_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos-receive_sg_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos-receive_sg_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.thanos_compactor_gcs_iam_legacyBucketWriter_permissions	resource
google_storage_bucket_iam_member.thanos_compactor_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos_compactor_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.thanos_receive_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos_receive_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.thanos_sg_gcs_iam_objectCreator_permissions	resource
google_storage_bucket_iam_member.thanos_sg_gcs_iam_objectViewer_permissions	resource
google_storage_bucket_iam_member.velero_gcs_iam_objectUser_permissions	resource
google_storage_bucket_iam_member.velero_gcs_iam_objectViewer_permissions	resource
helm_release.admiralty	resource
helm_release.cert-manager	resource
helm_release.cert-manager-csi-driver	resource
helm_release.external-dns	resource
helm_release.ingress-nginx	resource
helm_release.k8gb	resource
helm_release.karma	resource
helm_release.keda	resource
helm_release.kube-prometheus-stack	resource
helm_release.linkerd-control-plane	resource
helm_release.linkerd-crds	resource
helm_release.linkerd-viz	resource
helm_release.linkerd2-cni	resource
helm_release.loki-stack	resource
helm_release.node-problem-detector	resource
helm_release.prometheus-adapter	resource
helm_release.promtail	resource
helm_release.reloader	resource
helm_release.sealed-secrets	resource
helm_release.secrets-store-csi-driver	resource
helm_release.thanos	resource
helm_release.thanos-memcached	resource
helm_release.thanos-receive	resource
helm_release.thanos-storegateway	resource
helm_release.thanos-tls-querier	resource
helm_release.traefik	resource
helm_release.velero	resource
helm_release.victoria-metrics-k8s-stack	resource
kubectl_manifest.cert-manager_cluster_issuers	resource
kubectl_manifest.ip_masq_agent	resource
kubectl_manifest.linkerd	resource
kubectl_manifest.linkerd-viz	resource
kubectl_manifest.prometheus-operator_crds	resource
kubernetes_config_map.loki-stack_grafana_ds	resource
kubernetes_manifest.velero_snapshot_class	resource
kubernetes_namespace.admiralty	resource
kubernetes_namespace.cert-manager	resource
kubernetes_namespace.external-dns	resource
kubernetes_namespace.flux2	resource
kubernetes_namespace.ingress-nginx	resource
kubernetes_namespace.k8gb	resource
kubernetes_namespace.karma	resource
kubernetes_namespace.keda	resource
kubernetes_namespace.kube-prometheus-stack	resource
kubernetes_namespace.linkerd	resource
kubernetes_namespace.linkerd-viz	resource
kubernetes_namespace.linkerd2-cni	resource
kubernetes_namespace.loki-stack	resource
kubernetes_namespace.node-problem-detector	resource
kubernetes_namespace.prometheus-adapter	resource
kubernetes_namespace.promtail	resource
kubernetes_namespace.reloader	resource
kubernetes_namespace.sealed-secrets	resource
kubernetes_namespace.secrets-store-csi-driver	resource
kubernetes_namespace.thanos	resource
kubernetes_namespace.thanos-receive	resource
kubernetes_namespace.traefik	resource
kubernetes_namespace.velero	resource
kubernetes_namespace.victoria-metrics-k8s-stack	resource
kubernetes_network_policy.admiralty_allow_namespace	resource
kubernetes_network_policy.admiralty_default_deny	resource
kubernetes_network_policy.cert-manager_allow_control_plane	resource
kubernetes_network_policy.cert-manager_allow_monitoring	resource
kubernetes_network_policy.cert-manager_allow_namespace	resource
kubernetes_network_policy.cert-manager_default_deny	resource
kubernetes_network_policy.external-dns_allow_monitoring	resource
kubernetes_network_policy.external-dns_allow_namespace	resource
kubernetes_network_policy.external-dns_default_deny	resource
kubernetes_network_policy.flux2_allow_monitoring	resource
kubernetes_network_policy.flux2_allow_namespace	resource
kubernetes_network_policy.ingress-nginx_allow_control_plane	resource
kubernetes_network_policy.ingress-nginx_allow_ingress	resource
kubernetes_network_policy.ingress-nginx_allow_monitoring	resource
kubernetes_network_policy.ingress-nginx_allow_namespace	resource
kubernetes_network_policy.ingress-nginx_default_deny	resource
kubernetes_network_policy.k8gb_allow_namespace	resource
kubernetes_network_policy.k8gb_default_deny	resource
kubernetes_network_policy.karma_allow_ingress	resource
kubernetes_network_policy.karma_allow_namespace	resource
kubernetes_network_policy.karma_default_deny	resource
kubernetes_network_policy.keda_allow_namespace	resource
kubernetes_network_policy.keda_default_deny	resource
kubernetes_network_policy.kube-prometheus-stack_allow_control_plane	resource
kubernetes_network_policy.kube-prometheus-stack_allow_ingress	resource
kubernetes_network_policy.kube-prometheus-stack_allow_namespace	resource
kubernetes_network_policy.kube-prometheus-stack_default_deny	resource
kubernetes_network_policy.linkerd-viz_allow_control_plane	resource
kubernetes_network_policy.linkerd-viz_allow_monitoring	resource
kubernetes_network_policy.linkerd-viz_allow_namespace	resource
kubernetes_network_policy.linkerd-viz_default_deny	resource
kubernetes_network_policy.linkerd2-cni_allow_namespace	resource
kubernetes_network_policy.linkerd2-cni_default_deny	resource
kubernetes_network_policy.loki-stack_allow_ingress	resource
kubernetes_network_policy.loki-stack_allow_namespace	resource
kubernetes_network_policy.loki-stack_default_deny	resource
kubernetes_network_policy.npd_allow_namespace	resource
kubernetes_network_policy.npd_default_deny	resource
kubernetes_network_policy.prometheus-adapter_allow_namespace	resource
kubernetes_network_policy.prometheus-adapter_default_deny	resource
kubernetes_network_policy.promtail_allow_ingress	resource
kubernetes_network_policy.promtail_allow_namespace	resource
kubernetes_network_policy.promtail_default_deny	resource
kubernetes_network_policy.reloader_allow_namespace	resource
kubernetes_network_policy.reloader_default_deny	resource
kubernetes_network_policy.sealed-secrets_allow_namespace	resource
kubernetes_network_policy.sealed-secrets_default_deny	resource
kubernetes_network_policy.secrets-store-csi-driver_allow_namespace	resource
kubernetes_network_policy.secrets-store-csi-driver_default_deny	resource
kubernetes_network_policy.traefik_allow_ingress	resource
kubernetes_network_policy.traefik_allow_monitoring	resource
kubernetes_network_policy.traefik_allow_namespace	resource
kubernetes_network_policy.traefik_default_deny	resource
kubernetes_network_policy.velero_allow_monitoring	resource
kubernetes_network_policy.velero_allow_namespace	resource
kubernetes_network_policy.velero_default_deny	resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_control_plane	resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_ingress	resource
kubernetes_network_policy.victoria-metrics-k8s-stack_allow_namespace	resource
kubernetes_network_policy.victoria-metrics-k8s-stack_default_deny	resource
kubernetes_priority_class.kubernetes_addons	resource
kubernetes_priority_class.kubernetes_addons_ds	resource
kubernetes_secret.kube-prometheus-stack_thanos	resource
kubernetes_secret.linkerd_trust_anchor	resource
kubernetes_secret.loki-stack-ca	resource
kubernetes_secret.promtail-tls	resource
kubernetes_secret.thanos-ca	resource
kubernetes_secret.webhook_issuer_tls	resource
random_string.grafana_password	resource
time_sleep.cert-manager_sleep	resource
tls_cert_request.promtail-csr	resource
tls_cert_request.thanos-tls-querier-cert-csr	resource
tls_locally_signed_cert.promtail-cert	resource
tls_locally_signed_cert.thanos-tls-querier-cert	resource
tls_private_key.identity	resource
tls_private_key.linkerd_trust_anchor	resource
tls_private_key.loki-stack-ca-key	resource
tls_private_key.promtail-key	resource
tls_private_key.thanos-tls-querier-ca-key	resource
tls_private_key.thanos-tls-querier-cert-key	resource
tls_private_key.webhook_issuer_tls	resource
tls_self_signed_cert.linkerd_trust_anchor	resource
tls_self_signed_cert.loki-stack-ca-cert	resource
tls_self_signed_cert.thanos-tls-querier-ca-cert	resource
tls_self_signed_cert.webhook_issuer_tls	resource
github_repository.main	data source
google_client_config.current	data source
google_project.current	data source
http_http.prometheus-operator_crds	data source
http_http.prometheus-operator_version	data source
jinja_template.cert-manager_cluster_issuers	data source
kubectl_file_documents.cert-manager_cluster_issuers	data source
kubectl_filename_list.ip_masq_agent_manifests	data source

Inputs

Name	Description	Type	Default	Required
admiralty	Customize admiralty chart, see `admiralty.tf` for supported values	`any`	`{}`	no
cert-manager	Customize cert-manager chart, see `cert-manager.tf` for supported values	`any`	`{}`	no
cert-manager-csi-driver	Customize cert-manager-csi-driver chart, see `cert-manager.tf` for supported values	`any`	`{}`	no
cluster-autoscaler	Customize cluster-autoscaler chart, see `cluster-autoscaler.tf` for supported values	`any`	`{}`	no
cluster-name	Name of the Kubernetes cluster	`string`	`"sample-cluster"`	no
cni-metrics-helper	Customize cni-metrics-helper deployment, see `cni-metrics-helper.tf` for supported values	`any`	`{}`	no
csi-external-snapshotter	Customize csi-external-snapshotter, see `csi-external-snapshotter.tf` for supported values	`any`	`{}`	no
external-dns	Map of map for external-dns configuration: see `external_dns.tf` for supported values	`any`	`{}`	no
flux2	Customize Flux chart, see `flux2.tf` for supported values	`any`	`{}`	no
gke	GKE cluster inputs	`any`	`{}`	no
google	GCP provider customization	`any`	`{}`	no
helm_defaults	Customize default Helm behavior	`any`	`{}`	no
ingress-nginx	Customize ingress-nginx chart, see `nginx-ingress.tf` for supported values	`any`	`{}`	no
ip-masq-agent	Configure ip masq agent chart, see `ip-masq-agent.tf` for supported values. This addon works only on GCP.	`any`	`{}`	no
k8gb	Customize k8gb chart, see `k8gb.tf` for supported values	`any`	`{}`	no
karma	Customize karma chart, see `karma.tf` for supported values	`any`	`{}`	no
keda	Customize keda chart, see `keda.tf` for supported values	`any`	`{}`	no
kong	Customize kong-ingress chart, see `kong.tf` for supported values	`any`	`{}`	no
kube-prometheus-stack	Customize kube-prometheus-stack chart, see `kube-prometheus-stack.tf` for supported values	`any`	`{}`	no
labels_prefix	Custom label prefix used for network policy namespace matching	`string`	`"particule.io"`	no
linkerd	Customize linkerd chart, see `linkerd.tf` for supported values	`any`	`{}`	no
linkerd-viz	Customize linkerd-viz chart, see `linkerd-viz.tf` for supported values	`any`	`{}`	no
linkerd2	Customize linkerd2 chart, see `linkerd2.tf` for supported values	`any`	`{}`	no
linkerd2-cni	Customize linkerd2-cni chart, see `linkerd2-cni.tf` for supported values	`any`	`{}`	no
loki-stack	Customize loki-stack chart, see `loki-stack.tf` for supported values	`any`	`{}`	no
metrics-server	Customize metrics-server chart, see `metrics_server.tf` for supported values	`any`	`{}`	no
npd	Customize node-problem-detector chart, see `npd.tf` for supported values	`any`	`{}`	no
priority-class	Customize a priority class for addons	`any`	`{}`	no
priority-class-ds	Customize a priority class for addons daemonsets	`any`	`{}`	no
project_id	GCP project id	`string`	`""`	no
prometheus-adapter	Customize prometheus-adapter chart, see `prometheus-adapter.tf` for supported values	`any`	`{}`	no
prometheus-blackbox-exporter	Customize prometheus-blackbox-exporter chart, see `prometheus-blackbox-exporter.tf` for supported values	`any`	`{}`	no
prometheus-cloudwatch-exporter	Customize prometheus-cloudwatch-exporter chart, see `prometheus-cloudwatch-exporter.tf` for supported values	`any`	`{}`	no
promtail	Customize promtail chart, see `loki-stack.tf` for supported values	`any`	`{}`	no
reloader	Customize reloader chart, see `reloader.tf` for supported values	`any`	`{}`	no
sealed-secrets	Customize sealed-secrets chart, see `sealed-secrets.tf` for supported values	`any`	`{}`	no
secrets-store-csi-driver	Customize secrets-store-csi-driver chart, see `secrets-store-csi-driver.tf` for supported values	`any`	`{}`	no
tags	Map of tags for Google resources	`map(any)`	`{}`	no
thanos	Customize thanos chart, see `thanos.tf` for supported values	`any`	`{}`	no
thanos-memcached	Customize thanos chart, see `thanos.tf` for supported values	`any`	`{}`	no
thanos-receive	Customize thanos chart, see `thanos-receive.tf` for supported values	`any`	`{}`	no
thanos-storegateway	Customize thanos chart, see `thanos.tf` for supported values	`any`	`{}`	no
thanos-tls-querier	Customize thanos chart, see `thanos.tf` for supported values	`any`	`{}`	no
tigera-operator	Customize tigera-operator chart, see `tigera-operator.tf` for supported values	`any`	`{}`	no
traefik	Customize traefik chart, see `traefik.tf` for supported values	`any`	`{}`	no
velero	Customize velero chart, see `velero.tf` for supported values	`any`	`{}`	no
victoria-metrics-k8s-stack	Customize Victoria Metrics chart, see `victoria-metrics-k8s-stack.tf` for supported values	`any`	`{}`	no

Outputs

Name	Description
kube-prometheus-stack	n/a
kube-prometheus-stack_sensitive	n/a
loki-stack-ca	n/a
promtail-cert	n/a
promtail-key	n/a
thanos_ca	n/a

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

google

google

README.md

terraform-kubernetes-addons:google

About

Terraform docs

Requirements

Providers

Modules

Resources

Inputs

Outputs

Files

google

Directory actions

More options

Directory actions

More options

Latest commit

History

google

Folders and files

parent directory

README.md

terraform-kubernetes-addons:google

About

Terraform docs

Requirements

Providers

Modules

Resources

Inputs

Outputs