diff --git a/main.tf b/main.tf index e41cd1f..415711c 100644 --- a/main.tf +++ b/main.tf @@ -32,6 +32,7 @@ resource "google_kms_crypto_key" "gke_encryption_key" { name = "sn-gke-key-${var.cluster_name}" key_ring = google_kms_key_ring.keyring[0].id rotation_period = "12960000s" #150 days + labels = var.additional_tags } # Required for GKE to use the encryption key @@ -105,10 +106,10 @@ locals { ) node_pools = var.enable_func_pool ? [local.default_node_pool, local.func_pool] : [local.default_node_pool] node_pools_labels = { - all = { + all = merge({ cluster_name = var.cluster_name managed_by = "terraform" - } + }, var.additional_tags) } node_pools_metadata = { all = {} @@ -191,6 +192,7 @@ module "gke" { database_encryption = local.database_encryption deletion_protection = var.deletion_protection enable_l4_ilb_subsetting = var.enable_l4_ilb_subsetting + cluster_resource_labels = var.additional_tags cluster_dns_provider = var.cluster_dns_provider cluster_dns_scope = var.cluster_dns_scope @@ -246,6 +248,7 @@ module "gke_private" { database_encryption = local.database_encryption deletion_protection = var.deletion_protection enable_l4_ilb_subsetting = var.enable_l4_ilb_subsetting + cluster_resource_labels = var.additional_tags cluster_dns_provider = var.cluster_dns_provider cluster_dns_scope = var.cluster_dns_scope diff --git a/modules/dns-bucket/bucket.tf b/modules/dns-bucket/bucket.tf index 558c3b4..d7829f3 100644 --- a/modules/dns-bucket/bucket.tf +++ b/modules/dns-bucket/bucket.tf @@ -20,6 +20,7 @@ resource "google_storage_bucket" "velero" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags encryption { default_kms_key_name = var.bucket_encryption_kms_key_id } @@ -39,6 +40,7 @@ resource "google_storage_bucket" "tiered_storage" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags encryption { default_kms_key_name = var.bucket_encryption_kms_key_id } @@ -60,6 +62,7 @@ resource "google_storage_bucket" "loki" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags dynamic "soft_delete_policy" { for_each = !var.bucket_cluster_backup_soft_delete ? ["apply"] : [] diff --git a/modules/dns-bucket/dns.tf b/modules/dns-bucket/dns.tf index fcaf570..bcadb30 100644 --- a/modules/dns-bucket/dns.tf +++ b/modules/dns-bucket/dns.tf @@ -27,6 +27,7 @@ resource "google_dns_managed_zone" "zone" { name = local.new_zone_id dns_name = local.new_zone_name force_destroy = true + labels = var.additional_tags cloud_logging_config { enable_logging = false diff --git a/modules/dns-bucket/variables.tf b/modules/dns-bucket/variables.tf index a2cc6aa..f0a20db 100644 --- a/modules/dns-bucket/variables.tf +++ b/modules/dns-bucket/variables.tf @@ -78,4 +78,10 @@ variable "enable_velero" { type = bool default = false description = "Enable velero for backups. If set to false, no velero resources will be created." +} + +variable "additional_tags" { + default = {} + description = "Additional labels to apply to GCS bucket resources." + type = map(string) } \ No newline at end of file diff --git a/variables.tf b/variables.tf index 6a6dd4a..d22f1a4 100644 --- a/variables.tf +++ b/variables.tf @@ -92,6 +92,12 @@ variable "cluster_http_load_balancing" { type = bool } +variable "additional_tags" { + default = {} + description = "Additional labels to apply to GKE node pool resources." + type = map(string) +} + variable "cluster_name" { description = "The name of your GKE cluster." type = string