From a37ad21e26c37ffe7153990dbd7f455bfb9ca88a Mon Sep 17 00:00:00 2001 From: mitch-hamm Date: Mon, 27 Apr 2026 17:03:48 -0700 Subject: [PATCH 1/4] Add tags to missing resources --- main.tf | 4 ++-- modules/dns-bucket/bucket.tf | 3 +++ modules/dns-bucket/dns.tf | 1 + modules/dns-bucket/variables.tf | 6 ++++++ modules/vpc/variables.tf | 6 ++++++ variables.tf | 6 ++++++ 6 files changed, 24 insertions(+), 2 deletions(-) diff --git a/main.tf b/main.tf index e41cd1f..5690351 100644 --- a/main.tf +++ b/main.tf @@ -105,10 +105,10 @@ locals { ) node_pools = var.enable_func_pool ? [local.default_node_pool, local.func_pool] : [local.default_node_pool] node_pools_labels = { - all = { + all = merge({ cluster_name = var.cluster_name managed_by = "terraform" - } + }, var.additional_tags) } node_pools_metadata = { all = {} diff --git a/modules/dns-bucket/bucket.tf b/modules/dns-bucket/bucket.tf index 558c3b4..d7829f3 100644 --- a/modules/dns-bucket/bucket.tf +++ b/modules/dns-bucket/bucket.tf @@ -20,6 +20,7 @@ resource "google_storage_bucket" "velero" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags encryption { default_kms_key_name = var.bucket_encryption_kms_key_id } @@ -39,6 +40,7 @@ resource "google_storage_bucket" "tiered_storage" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags encryption { default_kms_key_name = var.bucket_encryption_kms_key_id } @@ -60,6 +62,7 @@ resource "google_storage_bucket" "loki" { location = var.bucket_location uniform_bucket_level_access = var.bucket_uniform_bucket_level_access force_destroy = true + labels = var.additional_tags dynamic "soft_delete_policy" { for_each = !var.bucket_cluster_backup_soft_delete ? ["apply"] : [] diff --git a/modules/dns-bucket/dns.tf b/modules/dns-bucket/dns.tf index fcaf570..bcadb30 100644 --- a/modules/dns-bucket/dns.tf +++ b/modules/dns-bucket/dns.tf @@ -27,6 +27,7 @@ resource "google_dns_managed_zone" "zone" { name = local.new_zone_id dns_name = local.new_zone_name force_destroy = true + labels = var.additional_tags cloud_logging_config { enable_logging = false diff --git a/modules/dns-bucket/variables.tf b/modules/dns-bucket/variables.tf index a2cc6aa..f0a20db 100644 --- a/modules/dns-bucket/variables.tf +++ b/modules/dns-bucket/variables.tf @@ -78,4 +78,10 @@ variable "enable_velero" { type = bool default = false description = "Enable velero for backups. If set to false, no velero resources will be created." +} + +variable "additional_tags" { + default = {} + description = "Additional labels to apply to GCS bucket resources." + type = map(string) } \ No newline at end of file diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf index 3e02609..43b0a9a 100644 --- a/modules/vpc/variables.tf +++ b/modules/vpc/variables.tf @@ -80,3 +80,9 @@ variable "nat_gateway_name" { default = "sn-nat-gateway" description = "The name of Cloud NAT Gateway" } + +variable "additional_tags" { + default = {} + description = "Additional labels to apply to GCP resources." + type = map(string) +} diff --git a/variables.tf b/variables.tf index 6a6dd4a..d22f1a4 100644 --- a/variables.tf +++ b/variables.tf @@ -92,6 +92,12 @@ variable "cluster_http_load_balancing" { type = bool } +variable "additional_tags" { + default = {} + description = "Additional labels to apply to GKE node pool resources." + type = map(string) +} + variable "cluster_name" { description = "The name of your GKE cluster." type = string From 5ee8aba72316d1bebd06f749549165aa7b689723 Mon Sep 17 00:00:00 2001 From: mitch-hamm Date: Mon, 27 Apr 2026 17:11:49 -0700 Subject: [PATCH 2/4] Update main.tf --- main.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/main.tf b/main.tf index 5690351..415711c 100644 --- a/main.tf +++ b/main.tf @@ -32,6 +32,7 @@ resource "google_kms_crypto_key" "gke_encryption_key" { name = "sn-gke-key-${var.cluster_name}" key_ring = google_kms_key_ring.keyring[0].id rotation_period = "12960000s" #150 days + labels = var.additional_tags } # Required for GKE to use the encryption key @@ -191,6 +192,7 @@ module "gke" { database_encryption = local.database_encryption deletion_protection = var.deletion_protection enable_l4_ilb_subsetting = var.enable_l4_ilb_subsetting + cluster_resource_labels = var.additional_tags cluster_dns_provider = var.cluster_dns_provider cluster_dns_scope = var.cluster_dns_scope @@ -246,6 +248,7 @@ module "gke_private" { database_encryption = local.database_encryption deletion_protection = var.deletion_protection enable_l4_ilb_subsetting = var.enable_l4_ilb_subsetting + cluster_resource_labels = var.additional_tags cluster_dns_provider = var.cluster_dns_provider cluster_dns_scope = var.cluster_dns_scope From 61e9f4a86e01f09045b037004533e4e95aca7e12 Mon Sep 17 00:00:00 2001 From: mitch-hamm Date: Mon, 27 Apr 2026 17:16:37 -0700 Subject: [PATCH 3/4] Update variables.tf --- modules/vpc/variables.tf | 5 ----- 1 file changed, 5 deletions(-) diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf index 43b0a9a..5b55d4b 100644 --- a/modules/vpc/variables.tf +++ b/modules/vpc/variables.tf @@ -81,8 +81,3 @@ variable "nat_gateway_name" { description = "The name of Cloud NAT Gateway" } -variable "additional_tags" { - default = {} - description = "Additional labels to apply to GCP resources." - type = map(string) -} From 7b69d65af687857a2c696b62cb08faec35a7785a Mon Sep 17 00:00:00 2001 From: mitch-hamm Date: Mon, 27 Apr 2026 17:16:52 -0700 Subject: [PATCH 4/4] Update variables.tf --- modules/vpc/variables.tf | 1 - 1 file changed, 1 deletion(-) diff --git a/modules/vpc/variables.tf b/modules/vpc/variables.tf index 5b55d4b..3e02609 100644 --- a/modules/vpc/variables.tf +++ b/modules/vpc/variables.tf @@ -80,4 +80,3 @@ variable "nat_gateway_name" { default = "sn-nat-gateway" description = "The name of Cloud NAT Gateway" } -