Module container

This page documents the language specification for the gcp package. If you're looking for help working with the inputs, outputs, or functions of gcp resources in a Pulumi program, please see the resource documentation for examples and API reference.

Resources

Resource Cluster

class Cluster extends CustomResource

Manages a Google Kubernetes Engine (GKE) cluster. For more information see the official documentation and the API reference.

Note: All arguments and attributes, including basic auth username and passwords as well as certificate outputs will be stored in the raw state as plaintext. Read more about secrets in state.

Example Usage - with a separately managed node pool (recommended)

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.container.Cluster("primary", {
    location: "us-central1",
    removeDefaultNodePool: true,
    initialNodeCount: 1,
    master_auth: {
        username: "",
        password: "",
        client_certificate_config: {
            issueClientCertificate: false,
        },
    },
});
const primaryPreemptibleNodes = new gcp.container.NodePool("primaryPreemptibleNodes", {
    location: "us-central1",
    cluster: primary.name,
    nodeCount: 1,
    node_config: {
        preemptible: true,
        machineType: "n1-standard-1",
        metadata: {
            "disable-legacy-endpoints": "true",
        },
        oauthScopes: [
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

Example Usage - with the default node pool

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.container.Cluster("primary", {
    initialNodeCount: 3,
    location: "us-central1-a",
    masterAuth: {
        clientCertificateConfig: {
            issueClientCertificate: false,
        },
        password: "",
        username: "",
    },
    nodeConfig: {
        labels: {
            foo: "bar",
        },
        metadata: {
            "disable-legacy-endpoints": "true",
        },
        oauthScopes: [
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
        tags: [
            "foo",
            "bar",
        ],
    },
}, { timeouts: {
    create: "30m",
    update: "40m",
} });

constructor

new Cluster(name: string, args?: ClusterArgs, opts?: pulumi.CustomResourceOptions)

Create a Cluster resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ClusterState, opts?: pulumi.CustomResourceOptions): Cluster

Get an existing Cluster resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Cluster

Returns true if the given object is an instance of Cluster. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property addonsConfig

public addonsConfig: pulumi.Output<ClusterAddonsConfig>;

The configuration for addons supported by GKE. Structure is documented below.

property authenticatorGroupsConfig

public authenticatorGroupsConfig: pulumi.Output<ClusterAuthenticatorGroupsConfig>;

Configuration for the Google Groups for GKE feature. Structure is documented below.

property clusterAutoscaling

public clusterAutoscaling: pulumi.Output<ClusterClusterAutoscaling>;

Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster’s workload. See the guide to using Node Auto-Provisioning for more details. Structure is documented below.

property clusterIpv4Cidr

public clusterIpv4Cidr: pulumi.Output<string>;

The IP address range of the Kubernetes pods in this cluster in CIDR notation (e.g. 10.96.0.0/14). Leave blank to have one automatically chosen or specify a /14 block in 10.0.0.0/8. This field will only work for routes-based clusters, where ipAllocationPolicy is not defined.

property databaseEncryption

public databaseEncryption: pulumi.Output<ClusterDatabaseEncryption>;

. Structure is documented below.

property defaultMaxPodsPerNode

public defaultMaxPodsPerNode: pulumi.Output<number>;

The default maximum number of pods per node in this cluster. This doesn’t work on “routes-based” clusters, clusters that don’t have IP Aliasing enabled. See the official documentation for more information.

property description

public description: pulumi.Output<string | undefined>;

Description of the cluster.

property enableBinaryAuthorization

public enableBinaryAuthorization: pulumi.Output<boolean | undefined>;

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization.

property enableIntranodeVisibility

public enableIntranodeVisibility: pulumi.Output<boolean | undefined>;

Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

property enableKubernetesAlpha

public enableKubernetesAlpha: pulumi.Output<boolean | undefined>;

Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

property enableLegacyAbac

public enableLegacyAbac: pulumi.Output<boolean | undefined>;

Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. Defaults to false

property enableShieldedNodes

public enableShieldedNodes: pulumi.Output<boolean | undefined>;

Enable Shielded Nodes features on all nodes in this cluster. Defaults to false.

property enableTpu

public enableTpu: pulumi.Output<boolean | undefined>;

Whether to enable Cloud TPU resources in this cluster. See the official documentation.

property endpoint

public endpoint: pulumi.Output<string>;

The IP address of this cluster’s Kubernetes master.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property initialNodeCount

public initialNodeCount: pulumi.Output<number | undefined>;

The number of nodes to create in this cluster’s default node pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Must be set if nodePool is not set. If you’re using gcp.container.NodePool objects with no default node pool, you’ll need to set this to a value of at least 1, alongside setting removeDefaultNodePool to true.

property instanceGroupUrls

public instanceGroupUrls: pulumi.Output<string[]>;

List of instance group URLs which have been assigned to the cluster.

property ipAllocationPolicy

public ipAllocationPolicy: pulumi.Output<ClusterIpAllocationPolicy | undefined>;

Configuration of cluster IP allocation for VPC-native clusters. Adding this block enables IP aliasing, making the cluster VPC-native instead of routes-based. Structure is documented below.

property labelFingerprint

public labelFingerprint: pulumi.Output<string>;

The fingerprint of the set of labels for this cluster.

property location

public location: pulumi.Output<string>;

The location (region or zone) in which the cluster master will be created, as well as the default node location. If you specify a zone (such as us-central1-a), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such as us-west1), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well

property loggingService

public loggingService: pulumi.Output<string | undefined>;

The logging service that the cluster should write logs to. Available options include logging.googleapis.com(Legacy Stackdriver), logging.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Logging), and none. Defaults to logging.googleapis.com/kubernetes

property maintenancePolicy

public maintenancePolicy: pulumi.Output<ClusterMaintenancePolicy | undefined>;

The maintenance policy to use for the cluster. Structure is documented below.

property masterAuth

public masterAuth: pulumi.Output<ClusterMasterAuth>;

The authentication information for accessing the Kubernetes master. Some values in this block are only returned by the API if your service account has permission to get credentials for your GKE cluster. If you see an unexpected diff removing a username/password or unsetting your client cert, ensure you have the container.clusters.getCredentials permission. Structure is documented below.

property masterAuthorizedNetworksConfig

public masterAuthorizedNetworksConfig: pulumi.Output<ClusterMasterAuthorizedNetworksConfig | undefined>;

The desired configuration options for master authorized networks. Omit the nested cidrBlocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).

property masterVersion

public masterVersion: pulumi.Output<string>;

The current version of the master in the cluster. This may be different than the minMasterVersion set in the config if the master has been updated by GKE.

property minMasterVersion

public minMasterVersion: pulumi.Output<string | undefined>;

The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version–use the read-only masterVersion field to obtain that. If unset, the cluster’s version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version). Most users will find the gcp.container.getEngineVersions data source useful - it indicates which versions are available. If you intend to specify versions manually, the docs describe the various acceptable formats for this field.

property monitoringService

public monitoringService: pulumi.Output<string | undefined>;

The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include monitoring.googleapis.com(Legacy Stackdriver), monitoring.googleapis.com/kubernetes(Stackdriver Kubernetes Engine Monitoring), and none. Defaults to monitoring.googleapis.com/kubernetes

property name

public name: pulumi.Output<string>;

The name of the cluster, unique within the project and location.

property network

public network: pulumi.Output<string | undefined>;

The name or selfLink of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.

property networkPolicy

public networkPolicy: pulumi.Output<ClusterNetworkPolicy>;

Configuration options for the NetworkPolicy feature. Structure is documented below.

property nodeConfig

public nodeConfig: pulumi.Output<ClusterNodeConfig>;

Parameters used in creating the default node pool. Generally, this field should not be used at the same time as a gcp.container.NodePool or a nodePool block; this configuration manages the default node pool, which isn’t recommended to be used. Structure is documented below.

property nodeLocations

public nodeLocations: pulumi.Output<string[]>;

The list of zones in which the cluster’s nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster’s zone for zonal clusters. If this is specified for a zonal cluster, omit the cluster’s zone.

property nodePools

public nodePools: pulumi.Output<ClusterNodePool[]>;

List of node pools associated with this cluster. See gcp.container.NodePool for schema. Warning: node pools defined inside a cluster can’t be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say “these are the only node pools associated with this cluster”, use the gcp.container.NodePool resource instead of this property.

property nodeVersion

public nodeVersion: pulumi.Output<string>;

The Kubernetes version on the nodes. Must either be unset or set to the same value as minMasterVersion on create. Defaults to the default version set by GKE which is not necessarily the latest version. This only affects nodes in the default node pool. While a fuzzy version can be specified, it’s recommended that you specify explicit versions as the provider will see spurious diffs when fuzzy versions are used. See the gcp.container.getEngineVersions data source’s versionPrefix field to approximate fuzzy versions. To update nodes in other node pools, use the version attribute on the node pool.

property operation

public operation: pulumi.Output<string>;

property podSecurityPolicyConfig

public podSecurityPolicyConfig: pulumi.Output<ClusterPodSecurityPolicyConfig | undefined>;

Configuration for the PodSecurityPolicy feature. Structure is documented below.

property privateClusterConfig

public privateClusterConfig: pulumi.Output<ClusterPrivateClusterConfig>;

Configuration for private clusters, clusters with private nodes. Structure is documented below.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property releaseChannel

public releaseChannel: pulumi.Output<ClusterReleaseChannel>;

Configuration options for the Release channel feature, which provide more control over automatic upgrades of your GKE clusters. When updating this field, GKE imposes specific version requirements. See Migrating between release channels for more details; the gcp.container.getEngineVersions datasource can provide the default version for a channel. Note that removing the releaseChannel field from your config will cause this provider to stop managing your cluster’s release channel, but will not unenroll it. Instead, use the "UNSPECIFIED" channel. Structure is documented below.

property removeDefaultNodePool

public removeDefaultNodePool: pulumi.Output<boolean | undefined>;

If true, deletes the default node pool upon cluster creation. If you’re using gcp.container.NodePool resources with no default node pool, this should be set to true, alongside setting initialNodeCount to at least 1.

property resourceLabels

public resourceLabels: pulumi.Output<{[key: string]: string} | undefined>;

The GCE resource labels (a map of key/value pairs) to be applied to the cluster.

property resourceUsageExportConfig

public resourceUsageExportConfig: pulumi.Output<ClusterResourceUsageExportConfig | undefined>;

Configuration for the ResourceUsageExportConfig feature. Structure is documented below.

property servicesIpv4Cidr

public servicesIpv4Cidr: pulumi.Output<string>;

The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR.

property subnetwork

public subnetwork: pulumi.Output<string>;

The name or selfLink of the Google Compute Engine subnetwork in which the cluster’s instances are launched.

property tpuIpv4CidrBlock

public tpuIpv4CidrBlock: pulumi.Output<string>;

The IP address range of the Cloud TPUs in this cluster, in CIDR notation (e.g. 1.2.3.4/29).

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property verticalPodAutoscaling

public verticalPodAutoscaling: pulumi.Output<ClusterVerticalPodAutoscaling | undefined>;

Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.

property workloadIdentityConfig

public workloadIdentityConfig: pulumi.Output<ClusterWorkloadIdentityConfig | undefined>;

Workload Identity allows Kubernetes service accounts to act as a user-managed Google IAM Service Account. Structure is documented below.

Resource NodePool

class NodePool extends CustomResource

Manages a node pool in a Google Kubernetes Engine (GKE) cluster separately from the cluster control plane. For more information see the official documentation and the API reference.

Example Usage - using a separately managed node pool (recommended)

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.container.Cluster("primary", {
    location: "us-central1",
    removeDefaultNodePool: true,
    initialNodeCount: 1,
});
const primaryPreemptibleNodes = new gcp.container.NodePool("primaryPreemptibleNodes", {
    location: "us-central1",
    cluster: primary.name,
    nodeCount: 1,
    node_config: {
        preemptible: true,
        machineType: "n1-standard-1",
        oauthScopes: [
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
    },
});

Example Usage - 2 node pools, 1 separately managed + the default node pool

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const primary = new gcp.container.Cluster("primary", {
    location: "us-central1-a",
    initialNodeCount: 3,
    nodeLocations: ["us-central1-c"],
    master_auth: {
        username: "",
        password: "",
        client_certificate_config: {
            issueClientCertificate: false,
        },
    },
    node_config: {
        oauthScopes: [
            "https://www.googleapis.com/auth/logging.write",
            "https://www.googleapis.com/auth/monitoring",
        ],
        metadata: {
            "disable-legacy-endpoints": "true",
        },
        guest_accelerator: [{
            type: "nvidia-tesla-k80",
            count: 1,
        }],
    },
});
const np = new gcp.container.NodePool("np", {
    location: "us-central1-a",
    cluster: primary.name,
    nodeCount: 3,
    timeouts: [{
        create: "30m",
        update: "20m",
    }],
});

constructor

new NodePool(name: string, args: NodePoolArgs, opts?: pulumi.CustomResourceOptions)

Create a NodePool resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NodePoolState, opts?: pulumi.CustomResourceOptions): NodePool

Get an existing NodePool resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is NodePool

Returns true if the given object is an instance of NodePool. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoscaling

public autoscaling: pulumi.Output<NodePoolAutoscaling | undefined>;

Configuration required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. Structure is documented below.

property cluster

public cluster: pulumi.Output<string>;

The cluster to create the node pool for. Cluster must be present in location provided for zonal clusters.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property initialNodeCount

public initialNodeCount: pulumi.Output<number>;

The initial number of nodes for the pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Changing this will force recreation of the resource.

property instanceGroupUrls

public instanceGroupUrls: pulumi.Output<string[]>;

The resource URLs of the managed instance groups associated with this node pool.

property location

public location: pulumi.Output<string>;

The location (region or zone) of the cluster.

property management

public management: pulumi.Output<NodePoolManagement>;

Node management configuration, wherein auto-repair and auto-upgrade is configured. Structure is documented below.

property maxPodsPerNode

public maxPodsPerNode: pulumi.Output<number>;

The maximum number of pods per node in this node pool. Note that this does not work on node pools which are “route-based” - that is, node pools belonging to clusters that do not have IP Aliasing enabled. See the official documentation for more information.

property name

public name: pulumi.Output<string>;

The name of the node pool. If left blank, the provider will auto-generate a unique name.

property namePrefix

public namePrefix: pulumi.Output<string>;

Creates a unique name for the node pool beginning with the specified prefix. Conflicts with name.

property nodeConfig

public nodeConfig: pulumi.Output<NodePoolNodeConfig>;

The node configuration of the pool. See gcp.container.Cluster for schema.

property nodeCount

public nodeCount: pulumi.Output<number>;

The number of nodes per instance group. This field can be used to update the number of nodes per instance group but should not be used alongside autoscaling.

property nodeLocations

public nodeLocations: pulumi.Output<string[]>;

The list of zones in which the node pool’s nodes should be located. Nodes must be in the region of their regional cluster or in the same region as their cluster’s zone for zonal clusters. If unspecified, the cluster-level nodeLocations will be used.

property project

public project: pulumi.Output<string>;

The ID of the project in which to create the node pool. If blank, the provider-configured project will be used.

property upgradeSettings

public upgradeSettings: pulumi.Output<NodePoolUpgradeSettings>;

Specify node upgrade settings to change how many nodes GKE attempts to upgrade at once. The number of nodes upgraded simultaneously is the sum of maxSurge and maxUnavailable. The maximum number of nodes upgraded simultaneously is limited to 20.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property version

public version: pulumi.Output<string>;

The Kubernetes version for the nodes in this pool. Note that if this field and autoUpgrade are both specified, they will fight each other for what the node version should be, so setting both is highly discouraged. While a fuzzy version can be specified, it’s recommended that you specify explicit versions as the provider will see spurious diffs when fuzzy versions are used. See the gcp.container.getEngineVersions data source’s versionPrefix field to approximate fuzzy versions in a provider-compatible way.

Resource Registry

class Registry extends CustomResource

Ensures that the Google Cloud Storage bucket that backs Google Container Registry exists. Creating this resource will create the backing bucket if it does not exist, or do nothing if the bucket already exists. Destroying this resource does NOT destroy the backing bucket. For more information see the official documentation

This resource can be used to ensure that the GCS bucket exists prior to assigning permissions. For more information see the access control page for GCR.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const registry = new gcp.container.Registry("registry", {
    location: "EU",
    project: "my-project",
});

constructor

new Registry(name: string, args?: RegistryArgs, opts?: pulumi.CustomResourceOptions)

Create a Registry resource with the given unique name, arguments, and options.

name The unique name of the resource.
args The arguments to use to populate this resource's properties.
opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RegistryState, opts?: pulumi.CustomResourceOptions): Registry

Get an existing Registry resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): obj is Registry

Returns true if the given object is an instance of Registry. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucketSelfLink

public bucketSelfLink: pulumi.Output<string>;

The URI of the created resource.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property location

public location: pulumi.Output<string | undefined>;

The location of the registry. One of ASIA, EU, US or not specified. See the official documentation for more information on registry locations.

property project

public project: pulumi.Output<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Functions

Function getCluster

getCluster(args: GetClusterArgs, opts?: pulumi.InvokeOptions): Promise<GetClusterResult>

Get info about a GKE cluster from its name and location.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const myCluster = gcp.container.getCluster({
    name: "my-cluster",
    location: "us-east1-a",
});
export const clusterUsername = myCluster.then(myCluster => myCluster.masterAuths[0].username);
export const clusterPassword = myCluster.then(myCluster => myCluster.masterAuths[0].password);
export const endpoint = myCluster.then(myCluster => myCluster.endpoint);
export const instanceGroupUrls = myCluster.then(myCluster => myCluster.instanceGroupUrls);
export const nodeConfig = myCluster.then(myCluster => myCluster.nodeConfigs);
export const nodePools = myCluster.then(myCluster => myCluster.nodePools);

Function getEngineVersions

getEngineVersions(args?: GetEngineVersionsArgs, opts?: pulumi.InvokeOptions): Promise<GetEngineVersionsResult>

Provides access to available Google Kubernetes Engine versions in a zone or region for a given project.

If you are using the gcp.container.getEngineVersions datasource with a regional cluster, ensure that you have provided a region as the location to the datasource. A region can have a different set of supported versions than its component zones, and not all zones in a region are guaranteed to support the same version.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const central1b = gcp.container.getEngineVersions({
    location: "us-central1-b",
    versionPrefix: "1.12.",
});
const foo = new gcp.container.Cluster("foo", {
    location: "us-central1-b",
    nodeVersion: central1b.then(central1b => central1b.latestNodeVersion),
    initialNodeCount: 1,
    master_auth: {
        username: "mr.yoda",
        password: "adoy.rm",
    },
});
export const stableChannelVersion = central1b.then(central1b => central1b.releaseChannelDefaultVersion.STABLE);

Function getRegistryImage

getRegistryImage(args: GetRegistryImageArgs, opts?: pulumi.InvokeOptions): Promise<GetRegistryImageResult>

This data source fetches the project name, and provides the appropriate URLs to use for container registry for this project.

The URLs are computed entirely offline - as long as the project exists, they will be valid, but this data source does not contact Google Container Registry (GCR) at any point.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const debian = gcp.container.getRegistryImage({
    name: "debian",
});
export const gcrLocation = debian.then(debian => debian.imageUrl);

Function getRegistryRepository

getRegistryRepository(args?: GetRegistryRepositoryArgs, opts?: pulumi.InvokeOptions): Promise<GetRegistryRepositoryResult>

This data source fetches the project name, and provides the appropriate URLs to use for container registry for this project.

The URLs are computed entirely offline - as long as the project exists, they will be valid, but this data source does not contact Google Container Registry (GCR) at any point.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const foo = gcp.container.getRegistryRepository({});
export const gcrLocation = foo.then(foo => foo.repositoryUrl);

Others

interface ClusterArgs

interface ClusterArgs

The set of arguments for constructing a Cluster resource.

property addonsConfig

addonsConfig?: pulumi.Input<ClusterAddonsConfig>;

The configuration for addons supported by GKE. Structure is documented below.

property authenticatorGroupsConfig

authenticatorGroupsConfig?: pulumi.Input<ClusterAuthenticatorGroupsConfig>;

Configuration for the Google Groups for GKE feature. Structure is documented below.

property clusterAutoscaling

clusterAutoscaling?: pulumi.Input<ClusterClusterAutoscaling>;

property clusterIpv4Cidr

clusterIpv4Cidr?: pulumi.Input<string>;

property databaseEncryption

databaseEncryption?: pulumi.Input<ClusterDatabaseEncryption>;

. Structure is documented below.

property defaultMaxPodsPerNode

defaultMaxPodsPerNode?: pulumi.Input<number>;

property description

description?: pulumi.Input<string>;

Description of the cluster.

property enableBinaryAuthorization

enableBinaryAuthorization?: pulumi.Input<boolean>;

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization.

property enableIntranodeVisibility

enableIntranodeVisibility?: pulumi.Input<boolean>;

Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

property enableKubernetesAlpha

enableKubernetesAlpha?: pulumi.Input<boolean>;

Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

property enableLegacyAbac

enableLegacyAbac?: pulumi.Input<boolean>;

property enableShieldedNodes

enableShieldedNodes?: pulumi.Input<boolean>;

Enable Shielded Nodes features on all nodes in this cluster. Defaults to false.

property enableTpu

enableTpu?: pulumi.Input<boolean>;

Whether to enable Cloud TPU resources in this cluster. See the official documentation.

property initialNodeCount

initialNodeCount?: pulumi.Input<number>;

property ipAllocationPolicy

ipAllocationPolicy?: pulumi.Input<ClusterIpAllocationPolicy>;

Configuration of cluster IP allocation for VPC-native clusters. Adding this block enables IP aliasing, making the cluster VPC-native instead of routes-based. Structure is documented below.

property location

location?: pulumi.Input<string>;

property loggingService

loggingService?: pulumi.Input<string>;

property maintenancePolicy

maintenancePolicy?: pulumi.Input<ClusterMaintenancePolicy>;

The maintenance policy to use for the cluster. Structure is documented below.

property masterAuth

masterAuth?: pulumi.Input<ClusterMasterAuth>;

property masterAuthorizedNetworksConfig

masterAuthorizedNetworksConfig?: pulumi.Input<ClusterMasterAuthorizedNetworksConfig>;

The desired configuration options for master authorized networks. Omit the nested cidrBlocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).

property minMasterVersion

minMasterVersion?: pulumi.Input<string>;

property monitoringService

monitoringService?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

The name of the cluster, unique within the project and location.

property network

network?: pulumi.Input<string>;

The name or selfLink of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.

property networkPolicy

networkPolicy?: pulumi.Input<ClusterNetworkPolicy>;

Configuration options for the NetworkPolicy feature. Structure is documented below.

property nodeConfig

nodeConfig?: pulumi.Input<ClusterNodeConfig>;

property nodeLocations

nodeLocations?: pulumi.Input<pulumi.Input<string>[]>;

property nodePools

nodePools?: pulumi.Input<pulumi.Input<ClusterNodePool>[]>;

property nodeVersion

nodeVersion?: pulumi.Input<string>;

property podSecurityPolicyConfig

podSecurityPolicyConfig?: pulumi.Input<ClusterPodSecurityPolicyConfig>;

Configuration for the PodSecurityPolicy feature. Structure is documented below.

property privateClusterConfig

privateClusterConfig?: pulumi.Input<ClusterPrivateClusterConfig>;

Configuration for private clusters, clusters with private nodes. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property releaseChannel

releaseChannel?: pulumi.Input<ClusterReleaseChannel>;

property removeDefaultNodePool

removeDefaultNodePool?: pulumi.Input<boolean>;

property resourceLabels

resourceLabels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

The GCE resource labels (a map of key/value pairs) to be applied to the cluster.

property resourceUsageExportConfig

resourceUsageExportConfig?: pulumi.Input<ClusterResourceUsageExportConfig>;

Configuration for the ResourceUsageExportConfig feature. Structure is documented below.

property subnetwork

subnetwork?: pulumi.Input<string>;

The name or selfLink of the Google Compute Engine subnetwork in which the cluster’s instances are launched.

property verticalPodAutoscaling

verticalPodAutoscaling?: pulumi.Input<ClusterVerticalPodAutoscaling>;

Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.

property workloadIdentityConfig

workloadIdentityConfig?: pulumi.Input<ClusterWorkloadIdentityConfig>;

Workload Identity allows Kubernetes service accounts to act as a user-managed Google IAM Service Account. Structure is documented below.

interface ClusterState

interface ClusterState

Input properties used for looking up and filtering Cluster resources.

property addonsConfig

addonsConfig?: pulumi.Input<ClusterAddonsConfig>;

The configuration for addons supported by GKE. Structure is documented below.

property authenticatorGroupsConfig

authenticatorGroupsConfig?: pulumi.Input<ClusterAuthenticatorGroupsConfig>;

Configuration for the Google Groups for GKE feature. Structure is documented below.

property clusterAutoscaling

clusterAutoscaling?: pulumi.Input<ClusterClusterAutoscaling>;

property clusterIpv4Cidr

clusterIpv4Cidr?: pulumi.Input<string>;

property databaseEncryption

databaseEncryption?: pulumi.Input<ClusterDatabaseEncryption>;

. Structure is documented below.

property defaultMaxPodsPerNode

defaultMaxPodsPerNode?: pulumi.Input<number>;

property description

description?: pulumi.Input<string>;

Description of the cluster.

property enableBinaryAuthorization

enableBinaryAuthorization?: pulumi.Input<boolean>;

Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization.

property enableIntranodeVisibility

enableIntranodeVisibility?: pulumi.Input<boolean>;

Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

property enableKubernetesAlpha

enableKubernetesAlpha?: pulumi.Input<boolean>;

Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

property enableLegacyAbac

enableLegacyAbac?: pulumi.Input<boolean>;

property enableShieldedNodes

enableShieldedNodes?: pulumi.Input<boolean>;

Enable Shielded Nodes features on all nodes in this cluster. Defaults to false.

property enableTpu

enableTpu?: pulumi.Input<boolean>;

Whether to enable Cloud TPU resources in this cluster. See the official documentation.

property endpoint

endpoint?: pulumi.Input<string>;

The IP address of this cluster’s Kubernetes master.

property initialNodeCount

initialNodeCount?: pulumi.Input<number>;

property instanceGroupUrls

instanceGroupUrls?: pulumi.Input<pulumi.Input<string>[]>;

List of instance group URLs which have been assigned to the cluster.

property ipAllocationPolicy

ipAllocationPolicy?: pulumi.Input<ClusterIpAllocationPolicy>;

Configuration of cluster IP allocation for VPC-native clusters. Adding this block enables IP aliasing, making the cluster VPC-native instead of routes-based. Structure is documented below.

property labelFingerprint

labelFingerprint?: pulumi.Input<string>;

The fingerprint of the set of labels for this cluster.

property location

location?: pulumi.Input<string>;

property loggingService

loggingService?: pulumi.Input<string>;

property maintenancePolicy

maintenancePolicy?: pulumi.Input<ClusterMaintenancePolicy>;

The maintenance policy to use for the cluster. Structure is documented below.

property masterAuth

masterAuth?: pulumi.Input<ClusterMasterAuth>;

property masterAuthorizedNetworksConfig

masterAuthorizedNetworksConfig?: pulumi.Input<ClusterMasterAuthorizedNetworksConfig>;

The desired configuration options for master authorized networks. Omit the nested cidrBlocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists).

property masterVersion

masterVersion?: pulumi.Input<string>;

The current version of the master in the cluster. This may be different than the minMasterVersion set in the config if the master has been updated by GKE.

property minMasterVersion

minMasterVersion?: pulumi.Input<string>;

property monitoringService

monitoringService?: pulumi.Input<string>;

property name

name?: pulumi.Input<string>;

The name of the cluster, unique within the project and location.

property network

network?: pulumi.Input<string>;

The name or selfLink of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.

property networkPolicy

networkPolicy?: pulumi.Input<ClusterNetworkPolicy>;

Configuration options for the NetworkPolicy feature. Structure is documented below.

property nodeConfig

nodeConfig?: pulumi.Input<ClusterNodeConfig>;

property nodeLocations

nodeLocations?: pulumi.Input<pulumi.Input<string>[]>;

property nodePools

nodePools?: pulumi.Input<pulumi.Input<ClusterNodePool>[]>;

property nodeVersion

nodeVersion?: pulumi.Input<string>;

property operation

operation?: pulumi.Input<string>;

property podSecurityPolicyConfig

podSecurityPolicyConfig?: pulumi.Input<ClusterPodSecurityPolicyConfig>;

Configuration for the PodSecurityPolicy feature. Structure is documented below.

property privateClusterConfig

privateClusterConfig?: pulumi.Input<ClusterPrivateClusterConfig>;

Configuration for private clusters, clusters with private nodes. Structure is documented below.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

property releaseChannel

releaseChannel?: pulumi.Input<ClusterReleaseChannel>;

property removeDefaultNodePool

removeDefaultNodePool?: pulumi.Input<boolean>;

property resourceLabels

resourceLabels?: pulumi.Input<{[key: string]: pulumi.Input<string>}>;

The GCE resource labels (a map of key/value pairs) to be applied to the cluster.

property resourceUsageExportConfig

resourceUsageExportConfig?: pulumi.Input<ClusterResourceUsageExportConfig>;

Configuration for the ResourceUsageExportConfig feature. Structure is documented below.

property servicesIpv4Cidr

servicesIpv4Cidr?: pulumi.Input<string>;

The IP address range of the Kubernetes services in this cluster, in CIDR notation (e.g. 1.2.3.4/29). Service addresses are typically put in the last /16 from the container CIDR.

property subnetwork

subnetwork?: pulumi.Input<string>;

The name or selfLink of the Google Compute Engine subnetwork in which the cluster’s instances are launched.

property tpuIpv4CidrBlock

tpuIpv4CidrBlock?: pulumi.Input<string>;

The IP address range of the Cloud TPUs in this cluster, in CIDR notation (e.g. 1.2.3.4/29).

property verticalPodAutoscaling

verticalPodAutoscaling?: pulumi.Input<ClusterVerticalPodAutoscaling>;

Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.

property workloadIdentityConfig

workloadIdentityConfig?: pulumi.Input<ClusterWorkloadIdentityConfig>;

Workload Identity allows Kubernetes service accounts to act as a user-managed Google IAM Service Account. Structure is documented below.

interface GetClusterArgs

interface GetClusterArgs

A collection of arguments for invoking getCluster.

property location

location?: undefined | string;

The location (zone or region) this cluster has been created in. One of location, region, zone, or a provider-level zone must be specified.

property name

name: string;

The name of the cluster.

property project

project?: undefined | string;

The project in which the resource belongs. If it is not provided, the provider project is used.

property region

region?: undefined | string;

The region this cluster has been created in. Deprecated in favour of location.

property zone

zone?: undefined | string;

The zone this cluster has been created in. Deprecated in favour of location.

interface GetClusterResult

interface GetClusterResult

A collection of values returned by getCluster.

property additionalZones

additionalZones: string[];

property addonsConfigs

addonsConfigs: GetClusterAddonsConfig[];

property authenticatorGroupsConfigs

authenticatorGroupsConfigs: GetClusterAuthenticatorGroupsConfig[];

property clusterAutoscalings

clusterAutoscalings: GetClusterClusterAutoscaling[];

property clusterIpv4Cidr

clusterIpv4Cidr: string;

property databaseEncryptions

databaseEncryptions: GetClusterDatabaseEncryption[];

property defaultMaxPodsPerNode

defaultMaxPodsPerNode: number;

property description

description: string;

property enableBinaryAuthorization

enableBinaryAuthorization: boolean;

property enableIntranodeVisibility

enableIntranodeVisibility: boolean;

property enableKubernetesAlpha

enableKubernetesAlpha: boolean;

property enableLegacyAbac

enableLegacyAbac: boolean;

property enableShieldedNodes

enableShieldedNodes: boolean;

property enableTpu

enableTpu: boolean;

property endpoint

endpoint: string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property initialNodeCount

initialNodeCount: number;

property instanceGroupUrls

instanceGroupUrls: string[];

property ipAllocationPolicies

ipAllocationPolicies: GetClusterIpAllocationPolicy[];

property labelFingerprint

labelFingerprint: string;

property location

location?: undefined | string;

property loggingService

loggingService: string;

property maintenancePolicies

maintenancePolicies: GetClusterMaintenancePolicy[];

property masterAuthorizedNetworksConfigs

masterAuthorizedNetworksConfigs: GetClusterMasterAuthorizedNetworksConfig[];

property masterAuths

masterAuths: GetClusterMasterAuth[];

property masterVersion

masterVersion: string;

property minMasterVersion

minMasterVersion: string;

property monitoringService

monitoringService: string;

property name

name: string;

property network

network: string;

property networkPolicies

networkPolicies: GetClusterNetworkPolicy[];

property nodeConfigs

nodeConfigs: GetClusterNodeConfig[];

property nodeLocations

nodeLocations: string[];

property nodePools

nodePools: GetClusterNodePool[];

property nodeVersion

nodeVersion: string;

property operation

operation: string;

property podSecurityPolicyConfigs

podSecurityPolicyConfigs: GetClusterPodSecurityPolicyConfig[];

property privateClusterConfigs

privateClusterConfigs: GetClusterPrivateClusterConfig[];

property project

project?: undefined | string;

property region

region?: undefined | string;

property releaseChannels

releaseChannels: GetClusterReleaseChannel[];

property removeDefaultNodePool

removeDefaultNodePool: boolean;

property resourceLabels

resourceLabels: {[key: string]: string};

property resourceUsageExportConfigs

resourceUsageExportConfigs: GetClusterResourceUsageExportConfig[];

property servicesIpv4Cidr

servicesIpv4Cidr: string;

property subnetwork

subnetwork: string;

property tpuIpv4CidrBlock

tpuIpv4CidrBlock: string;

property verticalPodAutoscalings

verticalPodAutoscalings: GetClusterVerticalPodAutoscaling[];

property workloadIdentityConfigs

workloadIdentityConfigs: GetClusterWorkloadIdentityConfig[];

property zone

zone?: undefined | string;

interface GetEngineVersionsArgs

interface GetEngineVersionsArgs

A collection of arguments for invoking getEngineVersions.

property location

location?: undefined | string;

The location (region or zone) to list versions for. Must exactly match the location the cluster will be deployed in, or listed versions may not be available. If location, region, and zone are not specified, the provider-level zone must be set and is used instead.

property project

project?: undefined | string;

ID of the project to list available cluster versions for. Should match the project the cluster will be deployed to. Defaults to the project that the provider is authenticated with.

property versionPrefix

versionPrefix?: undefined | string;

If provided, the provider will only return versions that match the string prefix. For example, 1.11. will match all 1.11 series releases. Since this is just a string match, it’s recommended that you append a . after minor versions to ensure that prefixes such as 1.1 don’t match versions like 1.12.5-gke.10 accidentally. See the docs on versioning schema for full details on how version strings are formatted.

interface GetEngineVersionsResult

interface GetEngineVersionsResult

A collection of values returned by getEngineVersions.

property defaultClusterVersion

defaultClusterVersion: string;

Version of Kubernetes the service deploys by default.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property latestMasterVersion

latestMasterVersion: string;

The latest version available in the given zone for use with master instances.

property latestNodeVersion

latestNodeVersion: string;

The latest version available in the given zone for use with node instances.

property location

location?: undefined | string;

property project

project?: undefined | string;

property releaseChannelDefaultVersion

releaseChannelDefaultVersion: {[key: string]: string};

A map from a release channel name to the channel’s default version.

property validMasterVersions

validMasterVersions: string[];

A list of versions available in the given zone for use with master instances.

property validNodeVersions

validNodeVersions: string[];

A list of versions available in the given zone for use with node instances.

property versionPrefix

versionPrefix?: undefined | string;

interface GetRegistryImageArgs

interface GetRegistryImageArgs

A collection of arguments for invoking getRegistryImage.

property digest

digest?: undefined | string;

property name

name: string;

property project

project?: undefined | string;

property region

region?: undefined | string;

property tag

tag?: undefined | string;

interface GetRegistryImageResult

interface GetRegistryImageResult

A collection of values returned by getRegistryImage.

property digest

digest?: undefined | string;

property id

id: string;

The provider-assigned unique ID for this managed resource.

property imageUrl

imageUrl: string;

property name

name: string;

property project

project: string;

property region

region?: undefined | string;

property tag

tag?: undefined | string;

interface GetRegistryRepositoryArgs

interface GetRegistryRepositoryArgs

A collection of arguments for invoking getRegistryRepository.

property project

project?: undefined | string;

property region

region?: undefined | string;

interface GetRegistryRepositoryResult

interface GetRegistryRepositoryResult

A collection of values returned by getRegistryRepository.

property id

id: string;

The provider-assigned unique ID for this managed resource.

property project

project: string;

property region

region?: undefined | string;

property repositoryUrl

repositoryUrl: string;

interface NodePoolArgs

interface NodePoolArgs

The set of arguments for constructing a NodePool resource.

property autoscaling

autoscaling?: pulumi.Input<NodePoolAutoscaling>;

Configuration required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. Structure is documented below.

property cluster

cluster: pulumi.Input<string>;

The cluster to create the node pool for. Cluster must be present in location provided for zonal clusters.

property initialNodeCount

initialNodeCount?: pulumi.Input<number>;

The initial number of nodes for the pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Changing this will force recreation of the resource.

property location

location?: pulumi.Input<string>;

The location (region or zone) of the cluster.

property management

management?: pulumi.Input<NodePoolManagement>;

Node management configuration, wherein auto-repair and auto-upgrade is configured. Structure is documented below.

property maxPodsPerNode

maxPodsPerNode?: pulumi.Input<number>;

property name

name?: pulumi.Input<string>;

The name of the node pool. If left blank, the provider will auto-generate a unique name.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name for the node pool beginning with the specified prefix. Conflicts with name.

property nodeConfig

nodeConfig?: pulumi.Input<NodePoolNodeConfig>;

The node configuration of the pool. See gcp.container.Cluster for schema.

property nodeCount

nodeCount?: pulumi.Input<number>;

The number of nodes per instance group. This field can be used to update the number of nodes per instance group but should not be used alongside autoscaling.

property nodeLocations

nodeLocations?: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which to create the node pool. If blank, the provider-configured project will be used.

property upgradeSettings

upgradeSettings?: pulumi.Input<NodePoolUpgradeSettings>;

property version

version?: pulumi.Input<string>;

interface NodePoolState

interface NodePoolState

Input properties used for looking up and filtering NodePool resources.

property autoscaling

autoscaling?: pulumi.Input<NodePoolAutoscaling>;

Configuration required by cluster autoscaler to adjust the size of the node pool to the current cluster usage. Structure is documented below.

property cluster

cluster?: pulumi.Input<string>;

The cluster to create the node pool for. Cluster must be present in location provided for zonal clusters.

property initialNodeCount

initialNodeCount?: pulumi.Input<number>;

The initial number of nodes for the pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Changing this will force recreation of the resource.

property instanceGroupUrls

instanceGroupUrls?: pulumi.Input<pulumi.Input<string>[]>;

The resource URLs of the managed instance groups associated with this node pool.

property location

location?: pulumi.Input<string>;

The location (region or zone) of the cluster.

property management

management?: pulumi.Input<NodePoolManagement>;

Node management configuration, wherein auto-repair and auto-upgrade is configured. Structure is documented below.

property maxPodsPerNode

maxPodsPerNode?: pulumi.Input<number>;

property name

name?: pulumi.Input<string>;

The name of the node pool. If left blank, the provider will auto-generate a unique name.

property namePrefix

namePrefix?: pulumi.Input<string>;

Creates a unique name for the node pool beginning with the specified prefix. Conflicts with name.

property nodeConfig

nodeConfig?: pulumi.Input<NodePoolNodeConfig>;

The node configuration of the pool. See gcp.container.Cluster for schema.

property nodeCount

nodeCount?: pulumi.Input<number>;

The number of nodes per instance group. This field can be used to update the number of nodes per instance group but should not be used alongside autoscaling.

property nodeLocations

nodeLocations?: pulumi.Input<pulumi.Input<string>[]>;

property project

project?: pulumi.Input<string>;

The ID of the project in which to create the node pool. If blank, the provider-configured project will be used.

property upgradeSettings

upgradeSettings?: pulumi.Input<NodePoolUpgradeSettings>;

property version

version?: pulumi.Input<string>;

interface RegistryArgs

interface RegistryArgs

The set of arguments for constructing a Registry resource.

property location

location?: pulumi.Input<string>;

The location of the registry. One of ASIA, EU, US or not specified. See the official documentation for more information on registry locations.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

interface RegistryState

interface RegistryState

Input properties used for looking up and filtering Registry resources.

property bucketSelfLink

bucketSelfLink?: pulumi.Input<string>;

The URI of the created resource.

property location

location?: pulumi.Input<string>;

The location of the registry. One of ASIA, EU, US or not specified. See the official documentation for more information on registry locations.

property project

project?: pulumi.Input<string>;

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The Pulumi Platform

Get Started

Migrate to Pulumi

Solutions for All Teams and Engineers

Any Code

Any Cloud

Module container

Resources

Functions

Others

Resources

Example Usage - with a separately managed node pool (recommended)

Example Usage - with the default node pool

Example Usage - using a separately managed node pool (recommended)

Example Usage - 2 node pools, 1 separately managed + the default node pool

Example Usage

Functions

Example Usage

Example Usage

Example Usage

Example Usage

Others