Package com.pulumi.gcp.container

Class Cluster

  • public class Cluster
extends com.pulumi.resources.CustomResource
    Manages a Google Kubernetes Engine (GKE) cluster. For more information see [the official documentation](https://cloud.google.com/container-engine/docs/clusters) and [the API reference](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters). > **Warning:** All arguments and attributes, including basic auth username and passwords as well as certificate outputs will be stored in the raw state as plaintext. [Read more about secrets in state](https://www.pulumi.com/docs/intro/concepts/programming-model/#secrets). ## Example Usage ### With A Separately Managed Node Pool (Recommended) ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.serviceAccount.Account; import com.pulumi.gcp.serviceAccount.AccountArgs; import com.pulumi.gcp.container.Cluster; import com.pulumi.gcp.container.ClusterArgs; import com.pulumi.gcp.container.NodePool; import com.pulumi.gcp.container.NodePoolArgs; import com.pulumi.gcp.container.inputs.NodePoolNodeConfigArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var default_ = new Account("default", AccountArgs.builder() .accountId("service-account-id") .displayName("Service Account") .build()); var primary = new Cluster("primary", ClusterArgs.builder() .location("us-central1") .removeDefaultNodePool(true) .initialNodeCount(1) .build()); var primaryPreemptibleNodes = new NodePool("primaryPreemptibleNodes", NodePoolArgs.builder() .location("us-central1") .cluster(primary.name()) .nodeCount(1) .nodeConfig(NodePoolNodeConfigArgs.builder() .preemptible(true) .machineType("e2-medium") .serviceAccount(default_.email()) .oauthScopes("https://www.googleapis.com/auth/cloud-platform") .build()) .build()); } } ``` > **Note:** It is recommended that node pools be created and managed as separate resources as in the example above. This allows node pools to be added and removed without recreating the cluster. Node pools defined directly in the `gcp.container.Cluster` resource cannot be removed without re-creating the cluster. ### With The Default Node Pool ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.serviceAccount.Account; import com.pulumi.gcp.serviceAccount.AccountArgs; import com.pulumi.gcp.container.Cluster; import com.pulumi.gcp.container.ClusterArgs; import com.pulumi.gcp.container.inputs.ClusterNodeConfigArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var default_ = new Account("default", AccountArgs.builder() .accountId("service-account-id") .displayName("Service Account") .build()); var primary = new Cluster("primary", ClusterArgs.builder() .location("us-central1-a") .initialNodeCount(3) .nodeConfig(ClusterNodeConfigArgs.builder() .serviceAccount(default_.email()) .oauthScopes("https://www.googleapis.com/auth/cloud-platform") .labels(Map.of("foo", "bar")) .tags( "foo", "bar") .build()) .timeouts(%!v(PANIC=Format method: runtime error: invalid memory address or nil pointer dereference)) .build()); } } ``` ### Autopilot ```java package generated_program; import com.pulumi.Context; import com.pulumi.Pulumi; import com.pulumi.core.Output; import com.pulumi.gcp.serviceAccount.Account; import com.pulumi.gcp.serviceAccount.AccountArgs; import com.pulumi.gcp.container.Cluster; import com.pulumi.gcp.container.ClusterArgs; import java.util.List; import java.util.ArrayList; import java.util.Map; import java.io.File; import java.nio.file.Files; import java.nio.file.Paths; public class App { public static void main(String[] args) { Pulumi.run(App::stack); } public static void stack(Context ctx) { var default_ = new Account("default", AccountArgs.builder() .accountId("service-account-id") .displayName("Service Account") .build()); var primary = new Cluster("primary", ClusterArgs.builder() .enableAutopilot(true) .location("us-central1-a") .build()); } } ``` ## Import GKE clusters can be imported using the `project` , `location`, and `name`. If the project is omitted, the default provider value will be used. Examples ```sh $ pulumi import gcp:container/cluster:Cluster mycluster projects/my-gcp-project/locations/us-east1-a/clusters/my-cluster ``` ```sh $ pulumi import gcp:container/cluster:Cluster mycluster my-gcp-project/us-east1-a/my-cluster ``` ```sh $ pulumi import gcp:container/cluster:Cluster mycluster us-east1-a/my-cluster ``` For example, the following fields will show diffs if set in config- `min_master_version` - `remove_default_node_pool`

    • Constructor Detail

      • Cluster

        public Cluster​(java.lang.String name)
        Parameters:
        name - The _unique_ name of the resulting resource.

      • Cluster

        public Cluster​(java.lang.String name,
               @Nullable
               ClusterArgs args)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.

      • Cluster

        public Cluster​(java.lang.String name,
               @Nullable
               ClusterArgs args,
               @Nullable
               com.pulumi.resources.CustomResourceOptions options)
        Parameters:
        name - The _unique_ name of the resulting resource.
        args - The arguments to use to populate this resource's properties.
        options - A bag of options that control this resource's behavior.

    • Method Detail

      • addonsConfig

        public com.pulumi.core.Output<ClusterAddonsConfig> addonsConfig()
        Returns:
        The configuration for addons supported by GKE. Structure is documented below.

      • allowNetAdmin

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> allowNetAdmin()
        Returns:
        Enable NET_ADMIN for the cluster. Defaults to `false`. This field should only be enabled for Autopilot clusters (`enable_autopilot` set to `true`).

      • authenticatorGroupsConfig

        public com.pulumi.core.Output<ClusterAuthenticatorGroupsConfig> authenticatorGroupsConfig()
        Returns:
        Configuration for the [Google Groups for GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/role-based-access-control#groups-setup-gsuite) feature. Structure is documented below.

      • binaryAuthorization

        public com.pulumi.core.Output<java.util.Optional<ClusterBinaryAuthorization>> binaryAuthorization()
        Returns:
        Configuration options for the Binary Authorization feature. Structure is documented below.

      • clusterAutoscaling

        public com.pulumi.core.Output<ClusterClusterAutoscaling> clusterAutoscaling()
        Returns:
        Per-cluster configuration of Node Auto-Provisioning with Cluster Autoscaler to automatically adjust the size of the cluster and create/delete node pools based on the current needs of the cluster's workload. See the [guide to using Node Auto-Provisioning](https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning) for more details. Structure is documented below.

      • clusterIpv4Cidr

        public com.pulumi.core.Output<java.lang.String> clusterIpv4Cidr()
        Returns:
        The IP address range of the Kubernetes pods in this cluster in CIDR notation (e.g. `10.96.0.0/14`). Leave blank to have one automatically chosen or specify a `/14` block in `10.0.0.0/8`. This field will only work for routes-based clusters, where `ip_allocation_policy` is not defined.

      • clusterTelemetry

        public com.pulumi.core.Output<ClusterClusterTelemetry> clusterTelemetry()
        Returns:
        Configuration for [ClusterTelemetry](https://cloud.google.com/monitoring/kubernetes-engine/installing#controlling_the_collection_of_application_logs) feature, Structure is documented below.

      • confidentialNodes

        public com.pulumi.core.Output<ClusterConfidentialNodes> confidentialNodes()
        Returns:
        Configuration for [Confidential Nodes](https://cloud.google.com/kubernetes-engine/docs/how-to/confidential-gke-nodes) feature. Structure is documented below documented below.

      • costManagementConfig

        public com.pulumi.core.Output<ClusterCostManagementConfig> costManagementConfig()
        Returns:
        Configuration for the [Cost Allocation](https://cloud.google.com/kubernetes-engine/docs/how-to/cost-allocations) feature. Structure is documented below.

      • databaseEncryption

        public com.pulumi.core.Output<ClusterDatabaseEncryption> databaseEncryption()
        Returns:
        Structure is documented below.

      • datapathProvider

        public com.pulumi.core.Output<java.lang.String> datapathProvider()
        Returns:
        The desired datapath provider for this cluster. This is set to `LEGACY_DATAPATH` by default, which uses the IPTables-based kube-proxy implementation. Set to `ADVANCED_DATAPATH` to enable Dataplane v2.

      • defaultMaxPodsPerNode

        public com.pulumi.core.Output<java.lang.Integer> defaultMaxPodsPerNode()
        Returns:
        The default maximum number of pods per node in this cluster. This doesn't work on "routes-based" clusters, clusters that don't have IP Aliasing enabled. See the [official documentation](https://cloud.google.com/kubernetes-engine/docs/how-to/flexible-pod-cidr) for more information.

      • defaultSnatStatus

        public com.pulumi.core.Output<ClusterDefaultSnatStatus> defaultSnatStatus()
        Returns:
        [GKE SNAT](https://cloud.google.com/kubernetes-engine/docs/how-to/ip-masquerade-agent#how_ipmasq_works) DefaultSnatStatus contains the desired state of whether default sNAT should be disabled on the cluster, [API doc](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters#networkconfig). Structure is documented below

      • description

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> description()
        Returns:
        Description of the cluster.

      • dnsConfig

        public com.pulumi.core.Output<java.util.Optional<ClusterDnsConfig>> dnsConfig()
        Returns:
        Configuration for [Using Cloud DNS for GKE](https://cloud.google.com/kubernetes-engine/docs/how-to/cloud-dns). Structure is documented below.

      • enableAutopilot

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableAutopilot()
        Returns:
        Enable Autopilot for this cluster. Defaults to `false`. Note that when this option is enabled, certain features of Standard GKE are not available. See the [official documentation](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview#comparison) for available features.

      • enableBinaryAuthorization

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableBinaryAuthorization()
        Returns:
        Enable Binary Authorization for this cluster. If enabled, all container images will be validated by Google Binary Authorization. Deprecated in favor of `binary_authorization`.

      • enableFqdnNetworkPolicy

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableFqdnNetworkPolicy()
        Returns:
        ) Whether FQDN Network Policy is enabled on this cluster. Users who enable this feature for existing Standard clusters must restart the GKE Dataplane V2 `anetd` DaemonSet after enabling it. See the [Enable FQDN Network Policy in an existing cluster](https://cloud.google.com/kubernetes-engine/docs/how-to/fqdn-network-policies#enable_fqdn_network_policy_in_an_existing_cluster) for more information.

      • enableIntranodeVisibility

        public com.pulumi.core.Output<java.lang.Boolean> enableIntranodeVisibility()
        Returns:
        Whether Intra-node visibility is enabled for this cluster. This makes same node pod to pod traffic visible for VPC network.

      • enableK8sBetaApis

        public com.pulumi.core.Output<java.util.Optional<ClusterEnableK8sBetaApis>> enableK8sBetaApis()
        Returns:
        Configuration for Kubernetes Beta APIs. Structure is documented below.

      • enableKubernetesAlpha

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableKubernetesAlpha()
        Returns:
        Whether to enable Kubernetes Alpha features for this cluster. Note that when this option is enabled, the cluster cannot be upgraded and will be automatically deleted after 30 days.

      • enableL4IlbSubsetting

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableL4IlbSubsetting()
        Returns:
        Whether L4ILB Subsetting is enabled for this cluster.

      • enableLegacyAbac

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableLegacyAbac()
        Returns:
        Whether the ABAC authorizer is enabled for this cluster. When enabled, identities in the system, including service accounts, nodes, and controllers, will have statically granted permissions beyond those provided by the RBAC configuration or IAM. Defaults to `false`

      • enableMultiNetworking

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableMultiNetworking()
        Returns:
        ) Whether multi-networking is enabled for this cluster.

      • enableShieldedNodes

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> enableShieldedNodes()
        Returns:
        Enable Shielded Nodes features on all nodes in this cluster. Defaults to `true`.

      • enableTpu

        public com.pulumi.core.Output<java.lang.Boolean> enableTpu()
        Returns:
        Whether to enable Cloud TPU resources in this cluster. See the [official documentation](https://cloud.google.com/tpu/docs/kubernetes-engine-setup).

      • endpoint

        public com.pulumi.core.Output<java.lang.String> endpoint()
        Returns:
        The IP address of this cluster's Kubernetes master.

      • gatewayApiConfig

        public com.pulumi.core.Output<ClusterGatewayApiConfig> gatewayApiConfig()
        Returns:
        Configuration for [GKE Gateway API controller](https://cloud.google.com/kubernetes-engine/docs/concepts/gateway-api). Structure is documented below.

      • identityServiceConfig

        public com.pulumi.core.Output<ClusterIdentityServiceConfig> identityServiceConfig()
        Returns:
        . Structure is documented below.

      • initialNodeCount

        public com.pulumi.core.Output<java.util.Optional<java.lang.Integer>> initialNodeCount()
        Returns:
        The number of nodes to create in this cluster's default node pool. In regional or multi-zonal clusters, this is the number of nodes per zone. Must be set if `node_pool` is not set. If you're using `gcp.container.NodePool` objects with no default node pool, you'll need to set this to a value of at least `1`, alongside setting `remove_default_node_pool` to `true`.

      • ipAllocationPolicy

        public com.pulumi.core.Output<ClusterIpAllocationPolicy> ipAllocationPolicy()
        Returns:
        Configuration of cluster IP allocation for VPC-native clusters. Adding this block enables [IP aliasing](https://cloud.google.com/kubernetes-engine/docs/how-to/ip-aliases), making the cluster VPC-native instead of routes-based. Structure is documented below.

      • labelFingerprint

        public com.pulumi.core.Output<java.lang.String> labelFingerprint()
        Returns:
        The fingerprint of the set of labels for this cluster.

      • location

        public com.pulumi.core.Output<java.lang.String> location()
        Returns:
        The location (region or zone) in which the cluster master will be created, as well as the default node location. If you specify a zone (such as `us-central1-a`), the cluster will be a zonal cluster with a single cluster master. If you specify a region (such as `us-west1`), the cluster will be a regional cluster with multiple masters spread across zones in the region, and with default node locations in those zones as well

      • loggingConfig

        public com.pulumi.core.Output<ClusterLoggingConfig> loggingConfig()
        Returns:
        Logging configuration for the cluster. Structure is documented below.

      • loggingService

        public com.pulumi.core.Output<java.lang.String> loggingService()
        Returns:
        The logging service that the cluster should write logs to. Available options include `logging.googleapis.com`(Legacy Stackdriver), `logging.googleapis.com/kubernetes`(Stackdriver Kubernetes Engine Logging), and `none`. Defaults to `logging.googleapis.com/kubernetes`

      • maintenancePolicy

        public com.pulumi.core.Output<java.util.Optional<ClusterMaintenancePolicy>> maintenancePolicy()
        Returns:
        The maintenance policy to use for the cluster. Structure is documented below.

      • masterAuth

        public com.pulumi.core.Output<ClusterMasterAuth> masterAuth()
        Returns:
        The authentication information for accessing the Kubernetes master. Some values in this block are only returned by the API if your service account has permission to get credentials for your GKE cluster. If you see an unexpected diff unsetting your client cert, ensure you have the `container.clusters.getCredentials` permission. Structure is documented below.

      • masterAuthorizedNetworksConfig

        public com.pulumi.core.Output<ClusterMasterAuthorizedNetworksConfig> masterAuthorizedNetworksConfig()
        Returns:
        The desired configuration options for master authorized networks. Omit the nested `cidr_blocks` attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists). Structure is documented below.

      • masterVersion

        public com.pulumi.core.Output<java.lang.String> masterVersion()
        Returns:
        The current version of the master in the cluster. This may be different than the `min_master_version` set in the config if the master has been updated by GKE.

      • meshCertificates

        public com.pulumi.core.Output<ClusterMeshCertificates> meshCertificates()
        Returns:
        Structure is documented below.

      • minMasterVersion

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> minMasterVersion()
        Returns:
        The minimum version of the master. GKE will auto-update the master to new versions, so this does not guarantee the current master version--use the read-only `master_version` field to obtain that. If unset, the cluster's version will be set by GKE to the version of the most recent official release (which is not necessarily the latest version). Most users will find the `gcp.container.getEngineVersions` data source useful - it indicates which versions are available. If you intend to specify versions manually, [the docs](https://cloud.google.com/kubernetes-engine/versioning-and-upgrades#specifying_cluster_version) describe the various acceptable formats for this field. > If you are using the `gcp.container.getEngineVersions` datasource with a regional cluster, ensure that you have provided a `location` to the datasource. A region can have a different set of supported versions than its corresponding zones, and not all zones in a region are guaranteed to support the same version.

      • monitoringConfig

        public com.pulumi.core.Output<ClusterMonitoringConfig> monitoringConfig()
        Returns:
        Monitoring configuration for the cluster. Structure is documented below.

      • monitoringService

        public com.pulumi.core.Output<java.lang.String> monitoringService()
        Returns:
        The monitoring service that the cluster should write metrics to. Automatically send metrics from pods in the cluster to the Google Cloud Monitoring API. VM metrics will be collected by Google Compute Engine regardless of this setting Available options include `monitoring.googleapis.com`(Legacy Stackdriver), `monitoring.googleapis.com/kubernetes`(Stackdriver Kubernetes Engine Monitoring), and `none`. Defaults to `monitoring.googleapis.com/kubernetes`

      • name

        public com.pulumi.core.Output<java.lang.String> name()
        Returns:
        The name of the cluster, unique within the project and location. ***

      • network

        public com.pulumi.core.Output<java.util.Optional<java.lang.String>> network()
        Returns:
        The name or self_link of the Google Compute Engine network to which the cluster is connected. For Shared VPC, set this to the self link of the shared network.

      • networkPolicy

        public com.pulumi.core.Output<java.util.Optional<ClusterNetworkPolicy>> networkPolicy()
        Returns:
        Configuration options for the [NetworkPolicy](https://kubernetes.io/docs/concepts/services-networking/networkpolicies/) feature. Structure is documented below.

      • networkingMode

        public com.pulumi.core.Output<java.lang.String> networkingMode()
        Returns:
        Determines whether alias IPs or routes will be used for pod IPs in the cluster. Options are `VPC_NATIVE` or `ROUTES`. `VPC_NATIVE` enables [IP aliasing](https://cloud.google.com/kubernetes-engine/docs/how-to/ip-aliases), and requires the `ip_allocation_policy` block to be defined. By default, when this field is unspecified and no `ip_allocation_policy` blocks are set, GKE will create a `ROUTES`-based cluster.

      • nodeConfig

        public com.pulumi.core.Output<ClusterNodeConfig> nodeConfig()
        Returns:
        Parameters used in creating the default node pool. Generally, this field should not be used at the same time as a `gcp.container.NodePool` or a `node_pool` block; this configuration manages the default node pool, which isn't recommended to be used. Structure is documented below.

      • nodeLocations

        public com.pulumi.core.Output<java.util.List<java.lang.String>> nodeLocations()
        Returns:
        The list of zones in which the cluster's nodes are located. Nodes must be in the region of their regional cluster or in the same region as their cluster's zone for zonal clusters. If this is specified for a zonal cluster, omit the cluster's zone. > A "multi-zonal" cluster is a zonal cluster with at least one additional zone defined; in a multi-zonal cluster, the cluster master is only present in a single zone while nodes are present in each of the primary zone and the node locations. In contrast, in a regional cluster, cluster master nodes are present in multiple zones in the region. For that reason, regional clusters should be preferred.

      • nodePoolAutoConfig

        public com.pulumi.core.Output<ClusterNodePoolAutoConfig> nodePoolAutoConfig()
        Returns:
        Node pool configs that apply to auto-provisioned node pools in [autopilot](https://cloud.google.com/kubernetes-engine/docs/concepts/autopilot-overview#comparison) clusters and [node auto-provisioning](https://cloud.google.com/kubernetes-engine/docs/how-to/node-auto-provisioning)-enabled clusters. Structure is documented below.

      • nodePoolDefaults

        public com.pulumi.core.Output<ClusterNodePoolDefaults> nodePoolDefaults()
        Returns:
        Default NodePool settings for the entire cluster. These settings are overridden if specified on the specific NodePool object. Structure is documented below.

      • nodePools

        public com.pulumi.core.Output<java.util.List<ClusterNodePool>> nodePools()
        Returns:
        List of node pools associated with this cluster. See gcp.container.NodePool for schema. **Warning:** node pools defined inside a cluster can't be changed (or added/removed) after cluster creation without deleting and recreating the entire cluster. Unless you absolutely need the ability to say "these are the _only_ node pools associated with this cluster", use the gcp.container.NodePool resource instead of this property.

      • nodeVersion

        public com.pulumi.core.Output<java.lang.String> nodeVersion()
        Returns:
        The Kubernetes version on the nodes. Must either be unset or set to the same value as `min_master_version` on create. Defaults to the default version set by GKE which is not necessarily the latest version. This only affects nodes in the default node pool. While a fuzzy version can be specified, it's recommended that you specify explicit versions as the provider will see spurious diffs when fuzzy versions are used. See the `gcp.container.getEngineVersions` data source's `version_prefix` field to approximate fuzzy versions. To update nodes in other node pools, use the `version` attribute on the node pool.

      • notificationConfig

        public com.pulumi.core.Output<ClusterNotificationConfig> notificationConfig()
        Returns:
        Configuration for the [cluster upgrade notifications](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-upgrade-notifications) feature. Structure is documented below.

      • operation

        public com.pulumi.core.Output<java.lang.String> operation()

      • podSecurityPolicyConfig

        public com.pulumi.core.Output<java.util.Optional<ClusterPodSecurityPolicyConfig>> podSecurityPolicyConfig()
        Returns:
        ) Configuration for the [PodSecurityPolicy](https://cloud.google.com/kubernetes-engine/docs/how-to/pod-security-policies) feature. Structure is documented below.

      • privateClusterConfig

        public com.pulumi.core.Output<ClusterPrivateClusterConfig> privateClusterConfig()
        Returns:
        Configuration for [private clusters](https://cloud.google.com/kubernetes-engine/docs/how-to/private-clusters), clusters with private nodes. Structure is documented below.

      • privateIpv6GoogleAccess

        public com.pulumi.core.Output<java.lang.String> privateIpv6GoogleAccess()
        Returns:
        The desired state of IPv6 connectivity to Google Services. By default, no private IPv6 access to or from Google Services (all access will be via IPv4).

      • project

        public com.pulumi.core.Output<java.lang.String> project()
        Returns:
        The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

      • protectConfig

        public com.pulumi.core.Output<ClusterProtectConfig> protectConfig()
        Returns:
        ) Enable/Disable Protect API features for the cluster. Structure is documented below.

      • releaseChannel

        public com.pulumi.core.Output<ClusterReleaseChannel> releaseChannel()
        Returns:
        Configuration options for the [Release channel](https://cloud.google.com/kubernetes-engine/docs/concepts/release-channels) feature, which provide more control over automatic upgrades of your GKE clusters. When updating this field, GKE imposes specific version requirements. See [Selecting a new release channel](https://cloud.google.com/kubernetes-engine/docs/concepts/release-channels#selecting_a_new_release_channel) for more details; the `gcp.container.getEngineVersions` datasource can provide the default version for a channel. Note that removing the `release_channel` field from your config will cause the provider to stop managing your cluster's release channel, but will not unenroll it. Instead, use the `"UNSPECIFIED"` channel. Structure is documented below.

      • removeDefaultNodePool

        public com.pulumi.core.Output<java.util.Optional<java.lang.Boolean>> removeDefaultNodePool()
        Returns:
        If `true`, deletes the default node pool upon cluster creation. If you're using `gcp.container.NodePool` resources with no default node pool, this should be set to `true`, alongside setting `initial_node_count` to at least `1`.

      • resourceLabels

        public com.pulumi.core.Output<java.util.Optional<java.util.Map<java.lang.String,​java.lang.String>>> resourceLabels()
        Returns:
        The GCE resource labels (a map of key/value pairs) to be applied to the cluster.

      • resourceUsageExportConfig

        public com.pulumi.core.Output<java.util.Optional<ClusterResourceUsageExportConfig>> resourceUsageExportConfig()
        Returns:
        Configuration for the [ResourceUsageExportConfig](https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-usage-metering) feature. Structure is documented below.

      • securityPostureConfig

        public com.pulumi.core.Output<ClusterSecurityPostureConfig> securityPostureConfig()
        Returns:
        Enable/Disable Security Posture API features for the cluster. Structure is documented below. <a name="nested_default_snat_status"></a>The `default_snat_status` block supports

      • selfLink

        public com.pulumi.core.Output<java.lang.String> selfLink()
        Returns:
        The server-defined URL for the resource.

      • serviceExternalIpsConfig

        public com.pulumi.core.Output<ClusterServiceExternalIpsConfig> serviceExternalIpsConfig()
        Returns:
        Structure is documented below.

      • servicesIpv4Cidr

        public com.pulumi.core.Output<java.lang.String> servicesIpv4Cidr()
        Returns:
        The IP address range of the Kubernetes services in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). Service addresses are typically put in the last `/16` from the container CIDR.

      • subnetwork

        public com.pulumi.core.Output<java.lang.String> subnetwork()
        Returns:
        The name or self_link of the Google Compute Engine subnetwork in which the cluster's instances are launched.

      • tpuConfig

        public com.pulumi.core.Output<ClusterTpuConfig> tpuConfig()
        Returns:
        TPU configuration for the cluster.

      • tpuIpv4CidrBlock

        public com.pulumi.core.Output<java.lang.String> tpuIpv4CidrBlock()
        Returns:
        The IP address range of the Cloud TPUs in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`).

      • verticalPodAutoscaling

        public com.pulumi.core.Output<ClusterVerticalPodAutoscaling> verticalPodAutoscaling()
        Returns:
        Vertical Pod Autoscaling automatically adjusts the resources of pods controlled by it. Structure is documented below.

      • workloadIdentityConfig

        public com.pulumi.core.Output<ClusterWorkloadIdentityConfig> workloadIdentityConfig()
        Returns:
        Workload Identity allows Kubernetes service accounts to act as a user-managed [Google IAM Service Account](https://cloud.google.com/iam/docs/service-accounts#user-managed_service_accounts). Structure is documented below.

      • get

        public static Cluster get​(java.lang.String name,
                          com.pulumi.core.Output<java.lang.String> id,
                          @Nullable
                          ClusterState state,
                          @Nullable
                          com.pulumi.resources.CustomResourceOptions options)
        Get an existing Host resource's state with the given name, ID, and optional extra properties used to qualify the lookup.
        Parameters:
        name - The _unique_ name of the resulting resource.
        id - The _unique_ provider ID of the resource to lookup.
        state -
        options - Optional settings to control the behavior of the CustomResource.