diff --git a/blueprints/gke/multitenant-fleet/README.md b/blueprints/gke/multitenant-fleet/README.md
index ab8c6247d..bd6df9451 100644
--- a/blueprints/gke/multitenant-fleet/README.md
+++ b/blueprints/gke/multitenant-fleet/README.md
@@ -246,20 +246,20 @@ module "gke" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [billing_account_id](variables.tf#L17) | Billing account id. | string | ✓ | |
-| [folder_id](variables.tf#L129) | Folder used for the GKE project in folders/nnnnnnnnnnn format. | string | ✓ | |
-| [prefix](variables.tf#L176) | Prefix used for resources that need unique names. | string | ✓ | |
-| [project_id](variables.tf#L181) | ID of the project that will contain all the clusters. | string | ✓ | |
-| [vpc_config](variables.tf#L193) | Shared VPC project and VPC details. | object({…}) | ✓ | |
-| [clusters](variables.tf#L22) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} |
-| [fleet_configmanagement_clusters](variables.tf#L67) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} |
-| [fleet_configmanagement_templates](variables.tf#L74) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} |
-| [fleet_features](variables.tf#L109) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null |
-| [fleet_workload_identity](variables.tf#L122) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false |
-| [group_iam](variables.tf#L134) | Project-level IAM bindings for groups. Use group emails as keys, list of roles as values. | map(list(string)) | | {} |
-| [iam](variables.tf#L141) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
-| [labels](variables.tf#L148) | Project-level labels. | map(string) | | {} |
-| [nodepools](variables.tf#L154) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} |
-| [project_services](variables.tf#L186) | Additional project services to enable. | list(string) | | [] |
+| [folder_id](variables.tf#L132) | Folder used for the GKE project in folders/nnnnnnnnnnn format. | string | ✓ | |
+| [prefix](variables.tf#L179) | Prefix used for resources that need unique names. | string | ✓ | |
+| [project_id](variables.tf#L184) | ID of the project that will contain all the clusters. | string | ✓ | |
+| [vpc_config](variables.tf#L196) | Shared VPC project and VPC details. | object({…}) | ✓ | |
+| [clusters](variables.tf#L22) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} |
+| [fleet_configmanagement_clusters](variables.tf#L70) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} |
+| [fleet_configmanagement_templates](variables.tf#L77) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} |
+| [fleet_features](variables.tf#L112) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null |
+| [fleet_workload_identity](variables.tf#L125) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false |
+| [group_iam](variables.tf#L137) | Project-level IAM bindings for groups. Use group emails as keys, list of roles as values. | map(list(string)) | | {} |
+| [iam](variables.tf#L144) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} |
+| [labels](variables.tf#L151) | Project-level labels. | map(string) | | {} |
+| [nodepools](variables.tf#L157) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} |
+| [project_services](variables.tf#L189) | Additional project services to enable. | list(string) | | [] |
## Outputs
diff --git a/blueprints/gke/multitenant-fleet/variables.tf b/blueprints/gke/multitenant-fleet/variables.tf
index d04642986..8d6c69ae1 100644
--- a/blueprints/gke/multitenant-fleet/variables.tf
+++ b/blueprints/gke/multitenant-fleet/variables.tf
@@ -39,9 +39,12 @@ variable "clusters" {
recurring_window = null
maintenance_exclusion = []
})
- max_pods_per_node = optional(number, 110)
- min_master_version = optional(string)
- monitoring_config = optional(list(string), ["SYSTEM_COMPONENTS"])
+ max_pods_per_node = optional(number, 110)
+ min_master_version = optional(string)
+ monitoring_config = optional(object({
+ enable_components = optional(list(string), ["SYSTEM_COMPONENTS"])
+ managed_prometheus = optional(bool)
+ }))
node_locations = optional(list(string))
private_cluster_config = optional(any)
release_channel = optional(string)
diff --git a/fast/stages/03-gke-multitenant/dev/README.md b/fast/stages/03-gke-multitenant/dev/README.md
index ac4e03d39..f3abf494e 100644
--- a/fast/stages/03-gke-multitenant/dev/README.md
+++ b/fast/stages/03-gke-multitenant/dev/README.md
@@ -142,21 +142,21 @@ terraform apply
|---|---|:---:|:---:|:---:|:---:|
| [automation](variables.tf#L21) | Automation resources created by the bootstrap stage. | object({…}) | ✓ | | 00-bootstrap |
| [billing_account](variables.tf#L29) | Billing account id and organization id ('nnnnnnnn' or null). | object({…}) | ✓ | | 00-bootstrap |
-| [folder_ids](variables.tf#L146) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. | object({…}) | ✓ | | 01-resman |
-| [host_project_ids](variables.tf#L168) | Host project for the shared VPC. | object({…}) | ✓ | | 02-networking |
-| [prefix](variables.tf#L210) | Prefix used for resources that need unique names. | string | ✓ | | |
-| [vpc_self_links](variables.tf#L222) | Self link for the shared VPC. | object({…}) | ✓ | | 02-networking |
-| [clusters](variables.tf#L38) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | |
-| [fleet_configmanagement_clusters](variables.tf#L83) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | |
-| [fleet_configmanagement_templates](variables.tf#L91) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | |
-| [fleet_features](variables.tf#L126) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | |
-| [fleet_workload_identity](variables.tf#L139) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | |
-| [group_iam](variables.tf#L154) | Project-level authoritative IAM bindings for groups in {GROUP_EMAIL => [ROLES]} format. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | |
-| [iam](variables.tf#L161) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | |
-| [labels](variables.tf#L176) | Project-level labels. | map(string) | | {} | |
-| [nodepools](variables.tf#L182) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | |
-| [outputs_location](variables.tf#L204) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | |
-| [project_services](variables.tf#L215) | Additional project services to enable. | list(string) | | [] | |
+| [folder_ids](variables.tf#L149) | Folders to be used for the networking resources in folders/nnnnnnnnnnn format. If null, folder will be created. | object({…}) | ✓ | | 01-resman |
+| [host_project_ids](variables.tf#L171) | Host project for the shared VPC. | object({…}) | ✓ | | 02-networking |
+| [prefix](variables.tf#L213) | Prefix used for resources that need unique names. | string | ✓ | | |
+| [vpc_self_links](variables.tf#L225) | Self link for the shared VPC. | object({…}) | ✓ | | 02-networking |
+| [clusters](variables.tf#L38) | Clusters configuration. Refer to the gke-cluster module for type details. | map(object({…})) | | {} | |
+| [fleet_configmanagement_clusters](variables.tf#L86) | Config management features enabled on specific sets of member clusters, in config name => [cluster name] format. | map(list(string)) | | {} | |
+| [fleet_configmanagement_templates](variables.tf#L94) | Sets of config management configurations that can be applied to member clusters, in config name => {options} format. | map(object({…})) | | {} | |
+| [fleet_features](variables.tf#L129) | Enable and configue fleet features. Set to null to disable GKE Hub if fleet workload identity is not used. | object({…}) | | null | |
+| [fleet_workload_identity](variables.tf#L142) | Use Fleet Workload Identity for clusters. Enables GKE Hub if set to true. | bool | | false | |
+| [group_iam](variables.tf#L157) | Project-level authoritative IAM bindings for groups in {GROUP_EMAIL => [ROLES]} format. Use group emails as keys, list of roles as values. | map(list(string)) | | {} | |
+| [iam](variables.tf#L164) | Project-level authoritative IAM bindings for users and service accounts in {ROLE => [MEMBERS]} format. | map(list(string)) | | {} | |
+| [labels](variables.tf#L179) | Project-level labels. | map(string) | | {} | |
+| [nodepools](variables.tf#L185) | Nodepools configuration. Refer to the gke-nodepool module for type details. | map(map(object({…}))) | | {} | |
+| [outputs_location](variables.tf#L207) | Path where providers, tfvars files, and lists for the following stages are written. Leave empty to disable. | string | | null | |
+| [project_services](variables.tf#L218) | Additional project services to enable. | list(string) | | [] | |
## Outputs
diff --git a/fast/stages/03-gke-multitenant/dev/variables.tf b/fast/stages/03-gke-multitenant/dev/variables.tf
index 1a17da4b5..9c5a1d388 100644
--- a/fast/stages/03-gke-multitenant/dev/variables.tf
+++ b/fast/stages/03-gke-multitenant/dev/variables.tf
@@ -55,9 +55,12 @@ variable "clusters" {
recurring_window = null
maintenance_exclusion = []
})
- max_pods_per_node = optional(number, 110)
- min_master_version = optional(string)
- monitoring_config = optional(list(string), ["SYSTEM_COMPONENTS"])
+ max_pods_per_node = optional(number, 110)
+ min_master_version = optional(string)
+ monitoring_config = optional(object({
+ enable_components = optional(list(string), ["SYSTEM_COMPONENTS"])
+ managed_prometheus = optional(bool)
+ }))
node_locations = optional(list(string))
private_cluster_config = optional(any)
release_channel = optional(string)
diff --git a/modules/gke-cluster/README.md b/modules/gke-cluster/README.md
index be0a9f62f..55b594c69 100644
--- a/modules/gke-cluster/README.md
+++ b/modules/gke-cluster/README.md
@@ -77,9 +77,9 @@ module "cluster-1" {
| name | description | type | required | default |
|---|---|:---:|:---:|:---:|
| [location](variables.tf#L117) | Cluster zone or region. | string | ✓ | |
-| [name](variables.tf#L169) | Cluster name. | string | ✓ | |
-| [project_id](variables.tf#L195) | Cluster project id. | string | ✓ | |
-| [vpc_config](variables.tf#L206) | VPC-level configuration. | object({…}) | ✓ | |
+| [name](variables.tf#L174) | Cluster name. | string | ✓ | |
+| [project_id](variables.tf#L200) | Cluster project id. | string | ✓ | |
+| [vpc_config](variables.tf#L211) | VPC-level configuration. | object({…}) | ✓ | |
| [cluster_autoscaling](variables.tf#L17) | Enable and configure limits for Node Auto-Provisioning with Cluster Autoscaler. | object({…}) | | null |
| [description](variables.tf#L38) | Cluster description. | string | | null |
| [enable_addons](variables.tf#L44) | Addons enabled in the cluster (true means enabled). | object({…}) | | {…} |
@@ -90,10 +90,10 @@ module "cluster-1" {
| [maintenance_config](variables.tf#L128) | Maintenance window configuration. | object({…}) | | {…} |
| [max_pods_per_node](variables.tf#L151) | Maximum number of pods per node in this cluster. | number | | 110 |
| [min_master_version](variables.tf#L157) | Minimum version of the master, defaults to the version of the most recent official release. | string | | null |
-| [monitoring_config](variables.tf#L163) | Monitoring components. | list(string) | | ["SYSTEM_COMPONENTS"] |
-| [node_locations](variables.tf#L174) | Zones in which the cluster's nodes are located. | list(string) | | [] |
-| [private_cluster_config](variables.tf#L181) | Private cluster configuration. | object({…}) | | null |
-| [release_channel](variables.tf#L200) | Release channel for GKE upgrades. | string | | null |
+| [monitoring_config](variables.tf#L163) | Monitoring components. | object({…}) | | {…} |
+| [node_locations](variables.tf#L179) | Zones in which the cluster's nodes are located. | list(string) | | [] |
+| [private_cluster_config](variables.tf#L186) | Private cluster configuration. | object({…}) | | null |
+| [release_channel](variables.tf#L205) | Release channel for GKE upgrades. | string | | null |
## Outputs
diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf
index 9981d9b4e..c6b179ffa 100644
--- a/modules/gke-cluster/main.tf
+++ b/modules/gke-cluster/main.tf
@@ -240,7 +240,15 @@ resource "google_container_cluster" "cluster" {
dynamic "monitoring_config" {
for_each = var.monitoring_config != null && !var.enable_features.autopilot ? [""] : []
content {
- enable_components = var.monitoring_config
+ enable_components = var.monitoring_config.enable_components
+ dynamic "managed_prometheus" {
+ for_each = (
+ try(var.monitoring_config.managed_prometheus, null) == true ? [""] : []
+ )
+ content {
+ enabled = true
+ }
+ }
}
}
diff --git a/modules/gke-cluster/variables.tf b/modules/gke-cluster/variables.tf
index a227d5c73..f9a3b69e3 100644
--- a/modules/gke-cluster/variables.tf
+++ b/modules/gke-cluster/variables.tf
@@ -162,8 +162,13 @@ variable "min_master_version" {
variable "monitoring_config" {
description = "Monitoring components."
- type = list(string)
- default = ["SYSTEM_COMPONENTS"]
+ type = object({
+ enable_components = optional(list(string))
+ managed_prometheus = optional(bool)
+ })
+ default = {
+ enable_components = ["SYSTEM_COMPONENTS"]
+ }
}
variable "name" {
diff --git a/tests/modules/gke_cluster/fixture/variables.tf b/tests/modules/gke_cluster/fixture/variables.tf
index 1b539d20b..97fc6a635 100644
--- a/tests/modules/gke_cluster/fixture/variables.tf
+++ b/tests/modules/gke_cluster/fixture/variables.tf
@@ -28,3 +28,10 @@ variable "enable_features" {
workload_identity = true
}
}
+
+variable "monitoring_config" {
+ type = any
+ default = {
+ managed_prometheus = true
+ }
+}