diff --git a/README.md b/README.md
index f78a2470e1..91ee510acc 100644
--- a/README.md
+++ b/README.md
@@ -222,6 +222,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/autogen/main/cluster.tf.tmpl b/autogen/main/cluster.tf.tmpl
index 5d5b5a6bcc..5e79561d49 100644
--- a/autogen/main/cluster.tf.tmpl
+++ b/autogen/main/cluster.tf.tmpl
@@ -628,6 +628,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
{% if beta_cluster and autopilot_cluster != true %}
diff --git a/autogen/main/variables.tf.tmpl b/autogen/main/variables.tf.tmpl
index c429de7f35..8c11019aef 100644
--- a/autogen/main/variables.tf.tmpl
+++ b/autogen/main/variables.tf.tmpl
@@ -620,9 +620,15 @@ variable "disable_default_snat" {
}
variable "notification_config_topic" {
- type = string
+ type = string
description = "The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}."
- default = ""
+ default = ""
+}
+
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
}
variable "deletion_protection" {
diff --git a/cluster.tf b/cluster.tf
index 1bdf843645..2f3d2b26be 100644
--- a/cluster.tf
+++ b/cluster.tf
@@ -465,6 +465,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
}
diff --git a/modules/beta-autopilot-private-cluster/README.md b/modules/beta-autopilot-private-cluster/README.md
index 71a415fa3c..ab7c564231 100644
--- a/modules/beta-autopilot-private-cluster/README.md
+++ b/modules/beta-autopilot-private-cluster/README.md
@@ -130,6 +130,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-autopilot-private-cluster/cluster.tf b/modules/beta-autopilot-private-cluster/cluster.tf
index 331ce7b1a9..a7283e1e35 100644
--- a/modules/beta-autopilot-private-cluster/cluster.tf
+++ b/modules/beta-autopilot-private-cluster/cluster.tf
@@ -296,6 +296,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-autopilot-private-cluster/variables.tf b/modules/beta-autopilot-private-cluster/variables.tf
index 017f13766e..88cadf8abf 100644
--- a/modules/beta-autopilot-private-cluster/variables.tf
+++ b/modules/beta-autopilot-private-cluster/variables.tf
@@ -430,6 +430,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/beta-autopilot-public-cluster/README.md b/modules/beta-autopilot-public-cluster/README.md
index d29fa7a7ae..52b472a7ac 100644
--- a/modules/beta-autopilot-public-cluster/README.md
+++ b/modules/beta-autopilot-public-cluster/README.md
@@ -119,6 +119,7 @@ Then perform the following commands on the root folder:
| network\_tags | (Optional) - List of network tags applied to auto-provisioned node pools. | `list(string)` | `[]` | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-autopilot-public-cluster/cluster.tf b/modules/beta-autopilot-public-cluster/cluster.tf
index 57b9288fcf..ff4c88b6f2 100644
--- a/modules/beta-autopilot-public-cluster/cluster.tf
+++ b/modules/beta-autopilot-public-cluster/cluster.tf
@@ -277,6 +277,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-autopilot-public-cluster/variables.tf b/modules/beta-autopilot-public-cluster/variables.tf
index f73b556115..d5a2ad0cb8 100644
--- a/modules/beta-autopilot-public-cluster/variables.tf
+++ b/modules/beta-autopilot-public-cluster/variables.tf
@@ -400,6 +400,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/beta-private-cluster-update-variant/README.md b/modules/beta-private-cluster-update-variant/README.md
index 7f0575c31d..5c823a11f8 100644
--- a/modules/beta-private-cluster-update-variant/README.md
+++ b/modules/beta-private-cluster-update-variant/README.md
@@ -270,6 +270,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-private-cluster-update-variant/cluster.tf b/modules/beta-private-cluster-update-variant/cluster.tf
index 630ccc6669..8946f7dae3 100644
--- a/modules/beta-private-cluster-update-variant/cluster.tf
+++ b/modules/beta-private-cluster-update-variant/cluster.tf
@@ -544,6 +544,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-private-cluster-update-variant/variables.tf b/modules/beta-private-cluster-update-variant/variables.tf
index 1dc85ac867..6c0fa1aafa 100644
--- a/modules/beta-private-cluster-update-variant/variables.tf
+++ b/modules/beta-private-cluster-update-variant/variables.tf
@@ -599,6 +599,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/beta-private-cluster/README.md b/modules/beta-private-cluster/README.md
index e6faa6b955..b56788608b 100644
--- a/modules/beta-private-cluster/README.md
+++ b/modules/beta-private-cluster/README.md
@@ -248,6 +248,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-private-cluster/cluster.tf b/modules/beta-private-cluster/cluster.tf
index 88469dd152..1b385d77dc 100644
--- a/modules/beta-private-cluster/cluster.tf
+++ b/modules/beta-private-cluster/cluster.tf
@@ -544,6 +544,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-private-cluster/variables.tf b/modules/beta-private-cluster/variables.tf
index 1dc85ac867..6c0fa1aafa 100644
--- a/modules/beta-private-cluster/variables.tf
+++ b/modules/beta-private-cluster/variables.tf
@@ -599,6 +599,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/beta-public-cluster-update-variant/README.md b/modules/beta-public-cluster-update-variant/README.md
index 780d094616..666df46159 100644
--- a/modules/beta-public-cluster-update-variant/README.md
+++ b/modules/beta-public-cluster-update-variant/README.md
@@ -259,6 +259,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-public-cluster-update-variant/cluster.tf b/modules/beta-public-cluster-update-variant/cluster.tf
index 91608910c7..47971c2e64 100644
--- a/modules/beta-public-cluster-update-variant/cluster.tf
+++ b/modules/beta-public-cluster-update-variant/cluster.tf
@@ -525,6 +525,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-public-cluster-update-variant/variables.tf b/modules/beta-public-cluster-update-variant/variables.tf
index 6175048ab5..19b6d13654 100644
--- a/modules/beta-public-cluster-update-variant/variables.tf
+++ b/modules/beta-public-cluster-update-variant/variables.tf
@@ -569,6 +569,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/beta-public-cluster/README.md b/modules/beta-public-cluster/README.md
index 4fc82a77dc..7c23ef23de 100644
--- a/modules/beta-public-cluster/README.md
+++ b/modules/beta-public-cluster/README.md
@@ -237,6 +237,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/beta-public-cluster/cluster.tf b/modules/beta-public-cluster/cluster.tf
index 102b17e3da..933912fa2f 100644
--- a/modules/beta-public-cluster/cluster.tf
+++ b/modules/beta-public-cluster/cluster.tf
@@ -525,6 +525,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
diff --git a/modules/beta-public-cluster/variables.tf b/modules/beta-public-cluster/variables.tf
index 6175048ab5..19b6d13654 100644
--- a/modules/beta-public-cluster/variables.tf
+++ b/modules/beta-public-cluster/variables.tf
@@ -569,6 +569,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/private-cluster-update-variant/README.md b/modules/private-cluster-update-variant/README.md
index 98d97d5a35..8b2eafc05a 100644
--- a/modules/private-cluster-update-variant/README.md
+++ b/modules/private-cluster-update-variant/README.md
@@ -255,6 +255,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/private-cluster-update-variant/cluster.tf b/modules/private-cluster-update-variant/cluster.tf
index 2872a0649e..c933889af7 100644
--- a/modules/private-cluster-update-variant/cluster.tf
+++ b/modules/private-cluster-update-variant/cluster.tf
@@ -484,6 +484,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
}
diff --git a/modules/private-cluster-update-variant/variables.tf b/modules/private-cluster-update-variant/variables.tf
index 31e1435bce..26b97acc22 100644
--- a/modules/private-cluster-update-variant/variables.tf
+++ b/modules/private-cluster-update-variant/variables.tf
@@ -574,6 +574,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/modules/private-cluster/README.md b/modules/private-cluster/README.md
index 6ed41131d3..4fb6f586be 100644
--- a/modules/private-cluster/README.md
+++ b/modules/private-cluster/README.md
@@ -233,6 +233,7 @@ Then perform the following commands on the root folder:
| node\_pools\_taints | Map of lists containing node taints by node-pool name | `map(list(object({ key = string, value = string, effect = string })))` | {
"all": [],
"default-node-pool": []
} | no |
| non\_masquerade\_cidrs | List of strings in CIDR notation that specify the IP address ranges that do not use IP masquerading. | `list(string)` | [
"10.0.0.0/8",
"172.16.0.0/12",
"192.168.0.0/16"
]
| no |
| notification\_config\_topic | The desired Pub/Sub topic to which notifications will be sent by GKE. Format is projects/{project}/topics/{topic}. | `string` | `""` | no |
+| notification\_filter\_event\_type | Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE\_AVAILABLE\_EVENT, UPGRADE\_EVENT, and SECURITY\_BULLETIN\_EVENT. | `list(string)` | `[]` | no |
| project\_id | The project ID to host the cluster in (required) | `string` | n/a | yes |
| region | The region to host the cluster in (optional if zonal cluster / required if regional) | `string` | `null` | no |
| regional | Whether is a regional cluster (zonal cluster if set false. WARNING: changing this after cluster creation is destructive!) | `bool` | `true` | no |
diff --git a/modules/private-cluster/cluster.tf b/modules/private-cluster/cluster.tf
index 4216d133d0..2f4882393e 100644
--- a/modules/private-cluster/cluster.tf
+++ b/modules/private-cluster/cluster.tf
@@ -484,6 +484,13 @@ resource "google_container_cluster" "primary" {
pubsub {
enabled = var.notification_config_topic != "" ? true : false
topic = var.notification_config_topic
+
+ dynamic "filter" {
+ for_each = length(var.notification_filter_event_type) > 0 ? [1] : []
+ content {
+ event_type = var.notification_filter_event_type
+ }
+ }
}
}
}
diff --git a/modules/private-cluster/variables.tf b/modules/private-cluster/variables.tf
index 31e1435bce..26b97acc22 100644
--- a/modules/private-cluster/variables.tf
+++ b/modules/private-cluster/variables.tf
@@ -574,6 +574,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."
diff --git a/variables.tf b/variables.tf
index 087a42b962..3af25f7cd7 100644
--- a/variables.tf
+++ b/variables.tf
@@ -544,6 +544,12 @@ variable "notification_config_topic" {
default = ""
}
+variable "notification_filter_event_type" {
+ type = list(string)
+ description = "Choose what type of notifications you want to receive. If no filters are applied, you'll receive all notification types. Can be used to filter what notifications are sent. Accepted values are UPGRADE_AVAILABLE_EVENT, UPGRADE_EVENT, and SECURITY_BULLETIN_EVENT."
+ default = []
+}
+
variable "deletion_protection" {
type = bool
description = "Whether or not to allow Terraform to destroy the cluster."