diff --git a/README.md b/README.md index 7fc4457bed..c737e8c7fd 100644 --- a/README.md +++ b/README.md @@ -225,6 +225,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl index 0dd5a4aec2..02d05f1099 100644 --- a/autogen/main/cluster.tf.tmpl +++ b/autogen/main/cluster.tf.tmpl @@ -132,6 +132,12 @@ resource "google_container_cluster" "primary" { {% if autopilot_cluster != true %} managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl index e0bb56bd16..b52f0cfe28 100644 --- a/autogen/main/variables.tf.tmpl +++ b/autogen/main/variables.tf.tmpl @@ -1029,6 +1029,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/cluster.tf b/cluster.tf index e9f0765be3..a8eae8772e 100644 --- a/cluster.tf +++ b/cluster.tf @@ -109,6 +109,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/metadata.yaml b/metadata.yaml index 2baca7aed2..b58f00b38f 100644 --- a/metadata.yaml +++ b/metadata.yaml @@ -726,6 +726,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md index 353a3cd865..476d7a7b15 100644 --- a/modules/beta-private-cluster-update-variant/README.md +++ b/modules/beta-private-cluster-update-variant/README.md @@ -269,6 +269,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Optional) The IP range in CIDR notation to use for the hosted master network. | `string` | `null` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf index 010851c0cc..eb6edb28ad 100644 --- a/modules/beta-private-cluster-update-variant/cluster.tf +++ b/modules/beta-private-cluster-update-variant/cluster.tf @@ -115,6 +115,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster-update-variant/metadata.yaml b/modules/beta-private-cluster-update-variant/metadata.yaml index 3325f34feb..70097fc1fa 100644 --- a/modules/beta-private-cluster-update-variant/metadata.yaml +++ b/modules/beta-private-cluster-update-variant/metadata.yaml @@ -719,6 +719,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf index 2e1bc5b5ac..d0486f2d60 100644 --- a/modules/beta-private-cluster-update-variant/variables.tf +++ b/modules/beta-private-cluster-update-variant/variables.tf @@ -973,6 +973,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md index f305f18ec8..0eaeb808ab 100644 --- a/modules/beta-private-cluster/README.md +++ b/modules/beta-private-cluster/README.md @@ -247,6 +247,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Optional) The IP range in CIDR notation to use for the hosted master network. | `string` | `null` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf index 4a7c30bbbf..ba9ce1b137 100644 --- a/modules/beta-private-cluster/cluster.tf +++ b/modules/beta-private-cluster/cluster.tf @@ -115,6 +115,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-private-cluster/metadata.yaml b/modules/beta-private-cluster/metadata.yaml index 1b449bcf6f..f66baa8968 100644 --- a/modules/beta-private-cluster/metadata.yaml +++ b/modules/beta-private-cluster/metadata.yaml @@ -719,6 +719,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf index 2e1bc5b5ac..d0486f2d60 100644 --- a/modules/beta-private-cluster/variables.tf +++ b/modules/beta-private-cluster/variables.tf @@ -973,6 +973,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md index e671233cd7..fa8c66b7fd 100644 --- a/modules/beta-public-cluster-update-variant/README.md +++ b/modules/beta-public-cluster-update-variant/README.md @@ -258,6 +258,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf index 1a8912df2d..d83ad5ee9b 100644 --- a/modules/beta-public-cluster-update-variant/cluster.tf +++ b/modules/beta-public-cluster-update-variant/cluster.tf @@ -115,6 +115,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster-update-variant/metadata.yaml b/modules/beta-public-cluster-update-variant/metadata.yaml index 71357c3592..2ee261437b 100644 --- a/modules/beta-public-cluster-update-variant/metadata.yaml +++ b/modules/beta-public-cluster-update-variant/metadata.yaml @@ -697,6 +697,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf index 690529e16e..a6bf470c89 100644 --- a/modules/beta-public-cluster-update-variant/variables.tf +++ b/modules/beta-public-cluster-update-variant/variables.tf @@ -937,6 +937,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md index 45d5fddb63..dea625e031 100644 --- a/modules/beta-public-cluster/README.md +++ b/modules/beta-public-cluster/README.md @@ -236,6 +236,7 @@ Then perform the following commands on the root folder: | maintenance\_recurrence | Frequency of the recurring maintenance window in RFC5545 format. | `string` | `""` | no | | maintenance\_start\_time | Time window specified for daily or recurring maintenance operations in RFC3339 format | `string` | `"05:00"` | no | | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf index b95f83f356..94f99012c7 100644 --- a/modules/beta-public-cluster/cluster.tf +++ b/modules/beta-public-cluster/cluster.tf @@ -115,6 +115,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/beta-public-cluster/metadata.yaml b/modules/beta-public-cluster/metadata.yaml index fd380d3dc0..7d3aefc0be 100644 --- a/modules/beta-public-cluster/metadata.yaml +++ b/modules/beta-public-cluster/metadata.yaml @@ -697,6 +697,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf index 690529e16e..a6bf470c89 100644 --- a/modules/beta-public-cluster/variables.tf +++ b/modules/beta-public-cluster/variables.tf @@ -937,6 +937,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md index 2e164137d2..81dbbaa55d 100644 --- a/modules/private-cluster-update-variant/README.md +++ b/modules/private-cluster-update-variant/README.md @@ -258,6 +258,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Optional) The IP range in CIDR notation to use for the hosted master network. | `string` | `null` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf index 8700f849e0..b8918fef79 100644 --- a/modules/private-cluster-update-variant/cluster.tf +++ b/modules/private-cluster-update-variant/cluster.tf @@ -109,6 +109,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster-update-variant/metadata.yaml b/modules/private-cluster-update-variant/metadata.yaml index 7323a3f42e..b9b0911dd1 100644 --- a/modules/private-cluster-update-variant/metadata.yaml +++ b/modules/private-cluster-update-variant/metadata.yaml @@ -708,6 +708,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf index 3497aed147..aad193c175 100644 --- a/modules/private-cluster-update-variant/variables.tf +++ b/modules/private-cluster-update-variant/variables.tf @@ -955,6 +955,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md index c23ea693e5..d2082e617a 100644 --- a/modules/private-cluster/README.md +++ b/modules/private-cluster/README.md @@ -236,6 +236,7 @@ Then perform the following commands on the root folder: | master\_authorized\_networks | List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists). | `list(object({ cidr_block = string, display_name = string }))` | `[]` | no | | master\_global\_access\_enabled | Whether the cluster master is accessible globally (from any region) or only within the same region as the private endpoint. | `bool` | `true` | no | | master\_ipv4\_cidr\_block | (Optional) The IP range in CIDR notation to use for the hosted master network. | `string` | `null` | no | +| monitoring\_auto\_monitoring\_config\_scope | Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE | `string` | `"NONE"` | no | | monitoring\_enable\_managed\_prometheus | Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. | `bool` | `null` | no | | monitoring\_enable\_observability\_metrics | Whether or not the advanced datapath metrics are enabled. | `bool` | `false` | no | | monitoring\_enable\_observability\_relay | Whether or not the advanced datapath relay is enabled. | `bool` | `false` | no | diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf index d48a2f9836..9c8ae142fc 100644 --- a/modules/private-cluster/cluster.tf +++ b/modules/private-cluster/cluster.tf @@ -109,6 +109,12 @@ resource "google_container_cluster" "primary" { enable_components = var.monitoring_enabled_components managed_prometheus { enabled = var.monitoring_enable_managed_prometheus == null ? false : var.monitoring_enable_managed_prometheus + dynamic "auto_monitoring_config" { + for_each = var.monitoring_enable_managed_prometheus == true && var.monitoring_auto_monitoring_config_scope != null ? [1] : [] + content { + scope = var.monitoring_auto_monitoring_config_scope + } + } } advanced_datapath_observability_config { enable_metrics = var.monitoring_enable_observability_metrics diff --git a/modules/private-cluster/metadata.yaml b/modules/private-cluster/metadata.yaml index 752fa0c1d7..23a65d3bd5 100644 --- a/modules/private-cluster/metadata.yaml +++ b/modules/private-cluster/metadata.yaml @@ -708,6 +708,10 @@ spec: - name: monitoring_enable_managed_prometheus description: Configuration for Managed Service for Prometheus. Whether or not the managed collection is enabled. varType: bool + - name: monitoring_auto_monitoring_config_scope + description: "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + varType: string + defaultValue: NONE - name: monitoring_enable_observability_metrics description: Whether or not the advanced datapath metrics are enabled. varType: bool diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf index 3497aed147..aad193c175 100644 --- a/modules/private-cluster/variables.tf +++ b/modules/private-cluster/variables.tf @@ -955,6 +955,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled." diff --git a/variables.tf b/variables.tf index 101ad7ee59..1321cc28f4 100644 --- a/variables.tf +++ b/variables.tf @@ -919,6 +919,23 @@ variable "monitoring_enable_managed_prometheus" { default = null } +variable "monitoring_auto_monitoring_config_scope" { + default = "NONE" + description = "Whether or not to enable GKE Auto-Monitoring. Supported values include: ALL, NONE" + type = string + + validation { + condition = contains( + [ + "ALL", + "NONE", + ], + var.monitoring_auto_monitoring_config_scope + ) + error_message = "'monitoring_auto_monitoring_config_scope' value is invalid" + } +} + variable "monitoring_enable_observability_metrics" { type = bool description = "Whether or not the advanced datapath metrics are enabled."