diff --git a/example/main.tf b/example/main.tf index 526054e..9265f10 100644 --- a/example/main.tf +++ b/example/main.tf @@ -1,12 +1,39 @@ -module "project" { +resource "stackit_network_area" "project_sna" { + organization_id = var.organization_id + name = var.SNA_name + network_ranges = var.SNA_network_ranges + transfer_network = var.SNA_transfer_network +} + +module "projects" { source = "../project" - name = "project-123" - labels = { - "example" = "test" - } + projects = var.Projects_map organization_id = var.organization_id - owner_email = "maximilian.schlenz@stackit.cloud" + sna_id = stackit_network_area.project_sna.network_area_id + labels = var.labels != null ? var.labels : {} +} + +locals { + project_ids = { for k, v in module.projects.created_projects : k => v.project_id } +} + +module "stackit_ske_cluster" { + source = "../ske" + for_each = var.ske_clusters + + project_id = local.project_ids[each.value.project_key] + name = each.value.name + node_pools = each.value.node_pools + network = { + id = each.value.network_id + } + + kubernetes_version_min = lookup(each.value, "kubernetes_version_min", null) + hibernations = lookup(each.value, "hibernations", null) + maintenance = lookup(each.value, "maintenance", null) + extensions = lookup(each.value, "extensions", null) + default_region = var.default_region } module "security_groups" { @@ -14,7 +41,7 @@ module "security_groups" { for_each = var.security_groups - project_id = module.project.project_id + project_id = local.project_ids[each.value.project_key] name = each.value.name description = each.value.description != null ? each.value.description : "" rules = each.value.rules @@ -33,10 +60,9 @@ module "net" { for_each = var.networks - project_id = module.project.project_id + project_id = local.project_ids[each.value.project_key] name = each.value.name - # IPv4 and IPv6 settings ipv4_gateway = each.value.ipv4_gateway ipv4_nameservers = each.value.ipv4_nameservers ipv4_prefix = each.value.ipv4_prefix @@ -52,7 +78,6 @@ module "net" { routed = each.value.routed labels = each.value.labels - # NIC options nics = each.value.nics security_group_ids_by_name = local.security_group_ids_by_name } @@ -62,7 +87,7 @@ module "postgres" { for_each = var.postgres_instances - project_id = module.project.project_id + project_id = local.project_ids[each.value.project_key] name = each.value.name ver = each.value.version flavor = each.value.flavor @@ -74,22 +99,11 @@ module "postgres" { databases = each.value.databases } -# module "ske" { -# source = "../ske" - -# for_each = var.ske_clusters - -# project_id = module.project.project_id -# name = each.value.name -# kubernetes_version_min = each.value.kubernetes_version_min -# node_pools = each.value.node_pools -# } - module "observability" { source = "../observability" for_each = var.observability_instances - project_id = module.project.project_id + project_id = local.project_ids[each.value.project_key] name = each.value.name plan_name = each.value.plan_name @@ -112,7 +126,6 @@ module "observability" { scrapeconfigs = each.value.scrapeconfigs } - output "obs_url" { value = { for key, instance in module.observability : diff --git a/example/providers.tf b/example/providers.tf index 21bfe9e..502d800 100644 --- a/example/providers.tf +++ b/example/providers.tf @@ -10,7 +10,7 @@ terraform { provider "stackit" { default_region = var.region - service_account_token = var.service_account_token != "" ? var.service_account_token : null - service_account_key_path = var.service_account_key_path != "" ? var.service_account_key_path : null + service_account_token = var.service_account_token != null ? var.service_account_token : null + service_account_key_path = var.service_account_key_path != null ? var.service_account_key_path : null enable_beta_resources = true } diff --git a/example/terraform.tfvars b/example/terraform.tfvars index 718230f..9a27fb6 100644 --- a/example/terraform.tfvars +++ b/example/terraform.tfvars @@ -1,148 +1,176 @@ -region = "eu01" -service_account_token = "" -project_id = "" -organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef" -service_account_key_path = "/Users/schlenz/sa-key-dd5fa2c9-1651-4da7-8404-9ac4fe9bc3d5.json" +organization_id = "03a34540-3c1a-4794-b2c6-7111ecf824ef" + +Projects_map = { + "projekt-alpha" = { + name = "tf_modules_test_3_max" + owner_email = "maximilian.schlenz@stackit.cloud" + }, + "projekt-beta" = { + name = "tf_modules_test_4_max" + owner_email = "maximilian.schlenz@stackit.cloud" + } +} + +SNA_name = "sna-tf_modules_test" + +SNA_network_ranges = [ + { prefix = "192.168.10.0/24" } +] + +SNA_transfer_network = "172.16.0.0/24" security_groups = { - # ssh_ingress_group = { - # name = "ssh-ingress-group" - # description = "ALLOW SSH ingress" - # rules = [ - # { description = "SSH RULE 1" - # direction = "ingress" - # ether_type = "IPv4" - # ip_range = "0.0.0.0/0" - # protocol = { - # name = "tcp" - # } - # port_range = { - # min = 22 - # max = 22 - # } - # }, - # ] - # }, + ssh_ingress_group = { + name = "ssh-ingress-group" + project_key = "projekt-alpha" + description = "ALLOW SSH ingress" + rules = [ + { description = "SSH RULE 1" + direction = "ingress" + ether_type = "IPv4" + ip_range = "0.0.0.0/0" + protocol = { + name = "tcp" + } + port_range = { + min = 22 + max = 22 + } + }, + ] + }, - # web_traffic_group = { - # name = "web-traffic-group" - # description = "ALLOW WEB TRAFFIC ingress" - # rules = [ - # { description = "ALLOW ALL 80" - # direction = "ingress" - # ether_type = "IPv4" - # ip_range = "0.0.0.0/0" - # protocol = { - # name = "tcp" - # } - # port_range = { - # min = 80 - # max = 80 - # } - # }, - # { description = "ALLOW ALL 443" - # direction = "ingress" - # ether_type = "IPv4" - # ip_range = "0.0.0.0/0" - # protocol = { - # name = "tcp" - # } - # port_range = { - # min = 443 - # max = 443 - # } - # }, - # ] - # }, + web_traffic_group = { + name = "web-traffic-group" + project_key = "projekt-alpha" + description = "ALLOW WEB TRAFFIC ingress" + rules = [ + { description = "ALLOW ALL 80" + direction = "ingress" + ether_type = "IPv4" + ip_range = "0.0.0.0/0" + protocol = { + name = "tcp" + } + port_range = { + min = 80 + max = 80 + } + }, + { description = "ALLOW ALL 443" + direction = "ingress" + ether_type = "IPv4" + ip_range = "0.0.0.0/0" + protocol = { + name = "tcp" + } + port_range = { + min = 443 + max = 443 + } + }, + ] + }, } postgres_instances = { - # dev = { - # name = "pg-test-instance" - # version = 17 - # flavor = { - # cpu = 2, - # ram = 4 - # } - # storage = { - # class = "premium-perf6-stackit", - # size = 20 - # } - # replicas = 1 - # acl = ["0.0.0.0/0"] - # backup_schedule = "00 00 * * *" + dev = { + name = "pg-test-instance" + project_key = "projekt-alpha" + version = 17 + flavor = { + cpu = 2, + ram = 4 + } + storage = { + class = "premium-perf6-stackit", + size = 20 + } + replicas = 1 + acl = ["0.0.0.0/0"] + backup_schedule = "00 00 * * *" - # users = [ - # { username = "adminusr", - # roles = ["login", "createdb"] - # }, - # { username = "testusr", - # roles = ["login"] - # } - # ] + users = [ + { username = "adminusr", + roles = ["login", "createdb"] + }, + { username = "testusr", + roles = ["login"] + } + ] - # databases = [ - # { - # name = "testdb", - # owner = "admin" - # } - # ] - # } + databases = [ + { + name = "testdb", + owner = "admin" + } + ] + } } networks = { - # wan_network = { - # name = "wan_network" - # ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] - # ipv4_prefix_length = 24 - # ipv4_prefix = "10.219.0.0/24" - # routed = true - # } - # lan_network1 = { - # name = "lan_network1" - # ipv4_prefix_length = 24 - # ipv4_prefix = "10.220.1.0/24" - # routed = true - # nics = { - # p2_lan1 = { - # nic_name = "P2LAN1" - # nic_ipv4 = "10.220.1.32" - # nic_security = true - # nic_security_group_names = ["ssh-ingress-group"] - # } - # } - # } - # lan_network2 = { - # name = "lan_network2" - # ipv4_prefix_length = 24 - # ipv4_prefix = "10.221.0.0/24" - # routed = true - # } - # lan_network3 = { - # name = "lan_network3" - # ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] - # ipv4_prefix_length = 24 - # ipv4_prefix = "10.223.3.0/24" - # routed = true - # } - # wan = { - # name = "MGMT" - # ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] - # ipv4_prefix_length = 24 - # nic_ipv4 = "10.224.0.254" - # } + wan_network = { + name = "wan_network" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.219.0.0/24" + routed = true + } + lan_network1 = { + name = "lan_network1" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.220.1.0/24" + routed = true + nics = { + p2_lan1 = { + nic_name = "P2LAN1" + nic_ipv4 = "10.220.1.32" + nic_security = true + nic_security_group_names = ["ssh-ingress-group"] + } + } + } + lan_network2 = { + name = "lan_network2" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.221.0.0/24" + routed = true + } + lan_network3 = { + name = "lan_network3" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + ipv4_prefix = "10.223.3.0/24" + routed = true + } + wan = { + name = "MGMT" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + ipv4_prefix_length = 24 + nic_ipv4 = "10.224.0.254" + } - # db = { - # name = "db-net" - # nic_ipv4 = "10.0.0.126" - # nic_security = true - # } + db = { + name = "db-net" + project_key = "projekt-alpha" + ipv4_nameservers = ["1.1.1.1", "8.8.8.8"] + nic_ipv4 = "10.0.0.126" + nic_security = true + } } observability_instances = { test = { # Required name = "test-observability" + project_key = "projekt-alpha" plan_name = "Observability-Large-EU01" # Optional instance settings @@ -248,43 +276,70 @@ observability_instances = { } ske_clusters = { - # dev = { - # name = "dev-cluster" - # kubernetes_version_min = "1.31" - # node_pools = [ - # { name = "default" - # machine_type = "c2.1" - # availability_zones = ["eu01-1", "eu01-2"] - # volume_size = 40 - # minimum = 1 - # maximum = 3 - # } - # ] - # } - # staging = { - # name = "staging-cluster" - # kubernetes_version_min = "1.31" - # node_pools = [ - # { name = "general" - # machine_type = "c2.2" - # availability_zones = ["eu03-1", "eu03-2"] - # volume_size = 80 - # minimum = 2 - # maximum = 4 - # } - # ] - # } - # } + "prod-cluster" = { + name = "clusterprod" + project_key = "projekt-alpha" + network_id = "53917a75-0014-49b0-a4d6-e62934ab479f" # WICHTIG: Hier die Netzwerk-ID connecten + kubernetes_version_min = "1.32.5" - # observability_instances = { - # starter = { - # name = "Observability-1" - # plan_name = "Observability-Starter-EU01" - # } + node_pools = [ + { + name = "defaulpool" + machine_type = "c1.2" + availability_zones = ["eu01-1"] + minimum = 1 + maximum = 2 + cri = "containerd" + volume_type = "storage_premium_perf1" + volume_size = 21 + labels = { "worker" = "default" } + taints = [{ + effect = "NoSchedule" + key = "app" + value = "database" + }] + } + ] - # prod = { - # name = "Observability-2" - # plan_name = "Observability-Large-EU01" - # } -} \ No newline at end of file + hibernations = [ + { + start = "00 18 * * 1-5" # Mo-Fr um 18:00 Uhr + end = "00 08 * * 1-5" # Mo-Fr um 08:00 Uhr + timezone = "Europe/Berlin" + } + ] + + maintenance = { + enable_kubernetes_version_updates = true + enable_machine_image_version_updates = true + start = "01:00:00Z" + end = "03:00:00Z" + } + + extensions = { + acl = { + enabled = true + allowed_cidrs = ["0.0.0.0/0"] + } + } + }, + + "dev-cluster" = { + name = "clusterdev" + kubernetes_version_min = "1.32.5" + project_key = "projekt-beta" + network_id = "bedfc709-9285-4078-93ab-8e8a1c0be6bd" # WICHTIG: Hier die Netzwerk-ID connecten + + node_pools = [ + { + name = "devpool" + machine_type = "c1.2" + availability_zones = ["eu01-2"] + minimum = 1 + maximum = 2 + volume_size = 21 + } + ] + } +} diff --git a/example/variables.tf b/example/variables.tf index 71ee2ea..65b7661 100644 --- a/example/variables.tf +++ b/example/variables.tf @@ -7,33 +7,65 @@ variable "region" { variable "project_id" { description = "STACKIT Cloud project ID" type = string + default = null } variable "service_account_token" { description = "Service account token for authentication" sensitive = true type = string + default = null +} + +# SNA & Projects variables + +variable "organization_id" { + description = "Die Container-ID deiner STACKIT Organisation." + type = string } variable "service_account_key_path" { + type = string + default = "/users/schlenz/.stackit/sa.json" +} + +variable "default_region" { type = string - default = "" + default = "eu01" } -variable "organization_id" { - description = "Organization ID" +variable "SNA_name" { + description = "Name der zu erstellenden Service Network Area." type = string } -variable "owner_email" { - description = "Email of the project owner" +variable "SNA_network_ranges" { + description = "Liste der Netzwerk-CIDRs für die SNA." + type = list(object({ prefix = string })) +} + +variable "SNA_transfer_network" { + description = "Das Transfer-Netzwerk für die SNA (z.B. 172.16.9.0/24)." type = string - default = null +} + +variable "Projects_map" { + description = "Eine Map von Projekten, die erstellt werden sollen." + type = map(object({ + name = string + owner_email = string + })) +} + +variable "labels" { + type = map(string) + default = {} } variable "security_groups" { type = map(object({ name = optional(string) + project_key = string description = optional(string) rules = list(object({ direction = string @@ -60,6 +92,7 @@ variable "security_groups" { variable "postgres_instances" { type = map(object({ name = string + project_key = string version = number flavor = object({ cpu = number, ram = number }) storage = object({ class = string, size = number }) @@ -81,7 +114,7 @@ variable "postgres_instances" { variable "networks" { type = map(object({ name = string - + project_key = string # IPv4 settings ipv4_gateway = optional(string) ipv4_nameservers = optional(list(string)) @@ -100,7 +133,7 @@ variable "networks" { no_ipv6_gateway = optional(bool) routed = optional(bool) - # NIC‑specific options + # NIC-specific options nics = optional(map(object({ nic_ipv4 = optional(string) nic_name = string @@ -115,20 +148,62 @@ variable "networks" { default = {} } - variable "ske_clusters" { + description = "Eine Map von SKE-Clustern" type = map(object({ - name = string - kubernetes_version_min = string + + name = string + project_key = string + network_id = string + + kubernetes_version_min = optional(string) + hibernations = optional(list(object({ + start = string + end = string + timezone = optional(string) + }))) + maintenance = optional(object({ + enable_kubernetes_version_updates = bool + enable_machine_image_version_updates = bool + start = string + end = string + })) + extensions = optional(object({ + acl = optional(object({ + enabled = bool + allowed_cidrs = list(string) + })) + argus = optional(object({ + enabled = bool + argus_instance_id = string + })) + })) + node_pools = list(object({ + name = string machine_type = string availability_zones = list(string) - volume_size = number minimum = number maximum = number + + allow_system_components = optional(bool) + cri = optional(string) + labels = optional(map(string)) + max_surge = optional(number) + max_unavailable = optional(number) + os_name = optional(string) + os_version_min = optional(string) + volume_size = optional(number) + volume_type = optional(string) + taints = optional(list(object({ + effect = string + key = string + value = optional(string) + }))) })) })) + default = {} } variable "observability_instances" { @@ -136,6 +211,7 @@ variable "observability_instances" { type = map(object({ # Required name = string + project_key = string plan_name = string # Optional instance settings @@ -150,7 +226,7 @@ variable "observability_instances" { create_credentials = optional(bool, true) credentials_count = optional(number, 1) - # alert‑groups + # alert-groups alertgroups = optional(map(object({ name = string interval = optional(string) @@ -163,7 +239,7 @@ variable "observability_instances" { })) })), {}) - # log‑alert‑groups + # log-alert-groups logalertgroups = optional(map(object({ name = string interval = optional(string) @@ -176,7 +252,7 @@ variable "observability_instances" { })) })), {}) - # scrape‑configs + # scrape-configs scrapeconfigs = optional(map(object({ name = string metrics_path = string @@ -217,20 +293,20 @@ variable "observability_instances" { ], v.plan_name) ]) error_message = <<-EOM -One or more observability_instances specify an invalid plan_name. -See the provider error output for the list of supported plans. Allowed values: - Observability-Medium-EU01 - Observability-Monitoring-XL-EU01 - Observability-Large-EU01 - Observability-Monitoring-Basic-EU01 - Observability-Monitoring-Large-EU01 - Observability-Basic-EU01 - Observability-Monitoring-Medium-EU01 - Observability-Monitoring-XXL-EU01 - Observability-Metrics-Endpoint-100k-EU01 - Observability-Frontend-Starter-EU01 - Observability-Monitoring-Starter-EU01 - Observability-Starter-EU01 + One or more observability_instances specify an invalid plan_name. + See the provider error output for the list of supported plans. Allowed values: + Observability-Medium-EU01 + Observability-Monitoring-XL-EU01 + Observability-Large-EU01 + Observability-Monitoring-Basic-EU01 + Observability-Monitoring-Large-EU01 + Observability-Basic-EU01 + Observability-Monitoring-Medium-EU01 + Observability-Monitoring-XXL-EU01 + Observability-Metrics-Endpoint-100k-EU01 + Observability-Frontend-Starter-EU01 + Observability-Monitoring-Starter-EU01 + Observability-Starter-EU01 EOM } } diff --git a/network/main.tf b/network/main.tf index fd6691d..246cdcf 100644 --- a/network/main.tf +++ b/network/main.tf @@ -37,5 +37,15 @@ resource "stackit_network_interface" "nics" { [for name in each.value.nic_security_group_names : var.security_group_ids_by_name[name]] : [] ) + + lifecycle { + precondition { + condition = alltrue([ + for sg_name in try(each.value.nic_security_group_names, []) : + contains(keys(var.security_group_ids_by_name), sg_name) + ]) + error_message = "NIC '${each.key}' references unknown security group name(s)." + } + } } diff --git a/project/main.tf b/project/main.tf index bc13502..a00c15d 100644 --- a/project/main.tf +++ b/project/main.tf @@ -1,6 +1,14 @@ -resource "stackit_resourcemanager_project" "this" { +resource "stackit_resourcemanager_project" "project" { + for_each = var.projects + parent_container_id = var.organization_id - name = var.name - labels = var.labels - owner_email = var.owner_email + name = each.value.name + owner_email = each.value.owner_email + + labels = merge( + { + "networkArea" = var.sna_id + }, + var.labels + ) } diff --git a/project/output.tf b/project/output.tf index 957559e..6aac267 100644 --- a/project/output.tf +++ b/project/output.tf @@ -1,4 +1,4 @@ -output "project_id" { - value = stackit_resourcemanager_project.this.project_id - description = "ID of the project" -} +output "created_projects" { + description = "Eine Map aller erstellten STACKIT Projekte." + value = stackit_resourcemanager_project.project +} \ No newline at end of file diff --git a/project/variables.tf b/project/variables.tf index ff96a41..9be4103 100644 --- a/project/variables.tf +++ b/project/variables.tf @@ -1,27 +1,21 @@ variable "organization_id" { - type = string + description = "Empfängt die Container-ID der Organisation vom Root-Modul." + type = string } -variable "name" { - type = string +variable "projects" { + type = map(object({ + name = string + owner_email = string + })) } -variable "description" { - type = string - default = null +variable "sna_id" { + description = "Empfängt die ID der Network Area vom Root-Modul." + type = string } variable "labels" { type = map(string) default = {} } - -variable "project_id" { - type = string - default = null -} - -variable "owner_email" { - type = string - default = null -} diff --git a/security-group/main.tf b/security-group/main.tf index 3098cf0..73675ab 100644 --- a/security-group/main.tf +++ b/security-group/main.tf @@ -1,7 +1,3 @@ -locals { - rule_count = length(var.rules) -} - resource "stackit_security_group" "this" { project_id = var.project_id name = var.name @@ -9,17 +5,19 @@ resource "stackit_security_group" "this" { } resource "stackit_security_group_rule" "rule" { - count = local.rule_count + for_each = { + for idx, r in var.rules : idx => r + } - direction = var.rules[count.index].direction + direction = each.value.direction project_id = var.project_id security_group_id = stackit_security_group.this.security_group_id - description = var.rules[count.index].description - ether_type = var.rules[count.index].ether_type - icmp_parameters = var.rules[count.index].icmp_parameters - ip_range = var.rules[count.index].ip_range - port_range = var.rules[count.index].port_range - protocol = var.rules[count.index].protocol - remote_security_group_id = var.rules[count.index].remote_security_group_id + description = each.value.description + ether_type = each.value.ether_type + icmp_parameters = each.value.icmp_parameters + ip_range = each.value.ip_range + port_range = each.value.port_range + protocol = each.value.protocol + remote_security_group_id = each.value.remote_security_group_id } diff --git a/ske/main.tf b/ske/main.tf index 90124a0..1cda6b9 100644 --- a/ske/main.tf +++ b/ske/main.tf @@ -1,8 +1,13 @@ resource "stackit_ske_cluster" "this" { - project_id = var.project_id - name = var.name - kubernetes_version_min = var.kubernetes_version_min - node_pools = var.node_pools + project_id = var.project_id + name = var.name + node_pools = var.node_pools + kubernetes_version_min = var.kubernetes_version_min + hibernations = var.hibernations + maintenance = var.maintenance + extensions = var.extensions + network = var.network + region = var.default_region } resource "stackit_ske_kubeconfig" "admin" { diff --git a/ske/output.tf b/ske/output.tf index 9abc2e4..88f4e56 100644 --- a/ske/output.tf +++ b/ske/output.tf @@ -7,4 +7,4 @@ output "kubeconfig" { description = "Kubeconfig of SKE cluster" value = stackit_ske_kubeconfig.admin.kube_config sensitive = true -} \ No newline at end of file +} diff --git a/ske/providers.tf b/ske/providers.tf index 6e038c3..532c77d 100644 --- a/ske/providers.tf +++ b/ske/providers.tf @@ -3,7 +3,7 @@ terraform { required_providers { stackit = { source = "stackitcloud/stackit" - version = "0.56.0" + version = "0.54.0" } } } diff --git a/ske/variables.tf b/ske/variables.tf index 53533c0..ccae10c 100644 --- a/ske/variables.tf +++ b/ske/variables.tf @@ -1,22 +1,94 @@ variable "project_id" { - type = string + description = "STACKIT project ID to which the cluster is associated." + type = string } variable "name" { - type = string -} - -variable "kubernetes_version_min" { - type = string + description = "The cluster name." + type = string } variable "node_pools" { + description = "One or more node_pool blocks." type = list(object({ - name = string - machine_type = string - availability_zones = list(string) - volume_size = number - minimum = number - maximum = number + name = string + machine_type = string + availability_zones = list(string) + minimum = number + maximum = number + allow_system_components = optional(bool) + cri = optional(string) + labels = optional(map(string)) + max_surge = optional(number) + max_unavailable = optional(number) + os_name = optional(string) + os_version_min = optional(string) + taints = optional(list(object({ + effect = string + key = string + value = optional(string) + }))) + volume_size = optional(number) + volume_type = optional(string) })) } + +# Optionale Variablen +variable "kubernetes_version_min" { + description = "The minimum Kubernetes version." + type = string + default = null +} + +variable "hibernations" { + description = "A list of hibernation schedules for the cluster." + type = list(object({ + start = string + end = string + timezone = optional(string) + })) + default = null +} + +variable "maintenance" { + description = "A single maintenance block." + type = object({ + enable_kubernetes_version_updates = bool + enable_machine_image_version_updates = bool + start = string + end = string + }) + default = null +} +variable "extensions" { + description = "A single extensions block." + type = object({ + acl = optional(object({ + enabled = bool + allowed_cidrs = list(string) + })) + argus = optional(object({ + enabled = bool + argus_instance_id = string + })) + dns = optional(object({ + enabled = bool + zones = optional(list(string)) + })) + }) + default = null +} + +variable "network" { + description = "Network block." + type = object({ + id = string + }) + default = null +} + +variable "default_region" { + description = "The resource region." + type = string + default = null +} \ No newline at end of file