Fleet contains information about a group of clusters.
To get more information about Fleet, see:
resource "google_gke_hub_fleet" "default" {
display_name = "my production fleet"
default_cluster_config {
security_posture_config {
mode = "DISABLED"
vulnerability_mode = "VULNERABILITY_DISABLED"
}
}
}
The following arguments are supported:
display_name
-
(Optional)
A user-assigned display name of the Fleet. When present, it must be between 4 to 30 characters.
Allowed characters are: lowercase and uppercase letters, numbers, hyphen, single-quote, double-quote, space, and exclamation point.
default_cluster_config
-
(Optional)
The default cluster configurations to apply across the fleet.
Structure is documented below.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
The default_cluster_config
block supports:
binary_authorization_config
-
(Optional)
Enable/Disable binary authorization features for the cluster.
Structure is documented below.
security_posture_config
-
(Optional)
Enable/Disable Security Posture features for the cluster.
Structure is documented below.
The binary_authorization_config
block supports:
evaluation_mode
-
(Optional)
Mode of operation for binauthz policy evaluation.
Possible values are: DISABLED
, POLICY_BINDINGS
.
policy_bindings
-
(Optional)
Binauthz policies that apply to this cluster.
Structure is documented below.
The policy_bindings
block supports:
name
-
(Optional)
The relative resource name of the binauthz platform policy to audit. GKE
platform policies have the following format:
projects/{project_number}/platforms/gke/policies/{policy_id}
.The security_posture_config
block supports:
mode
-
(Optional)
Sets which mode to use for Security Posture features.
Possible values are: DISABLED
, BASIC
.
vulnerability_mode
-
(Optional)
Sets which mode to use for vulnerability scanning.
Possible values are: VULNERABILITY_DISABLED
, VULNERABILITY_BASIC
, VULNERABILITY_ENTERPRISE
.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/global/fleets/default
create_time
-
The time the fleet was created, in RFC3339 text format.
update_time
-
The time the fleet was last updated, in RFC3339 text format.
delete_time
-
The time the fleet was deleted, in RFC3339 text format.
uid
-
Google-generated UUID for this resource. This is unique across all
Fleet resources. If a Fleet resource is deleted and another
resource with the same name is created, it gets a different uid.
state
-
The state of the fleet resource.
Structure is documented below.
code
-
(Output)
Describes the state of a Fleet resource.This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.Fleet can be imported using any of these accepted formats:
projects/{{project}}/locations/global/fleets/default
{{project}}
In Terraform v1.5.0 and later, use an import
block to import Fleet using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/global/fleets/default"
to = google_gke_hub_fleet.default
}
When using the terraform import
command, Fleet can be imported using one of the formats above. For example:
$ terraform import google_gke_hub_fleet.default projects/{{project}}/locations/global/fleets/default
$ terraform import google_gke_hub_fleet.default {{project}}
This resource supports User Project Overrides.