update missing flag

firewall.tf

@@ -83,6 +83,7 @@ resource "google_compute_firewall" "master_webhooks" {
 
 }
 
+
 /******************************************
   Create shadow firewall rules to capture the 
   traffic flow between the managed firewall rules
@@ -115,6 +116,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -135,6 +137,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/beta-private-cluster-update-variant/firewall.tf

@@ -110,6 +110,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -130,6 +131,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/beta-private-cluster/firewall.tf

@@ -110,6 +110,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -130,6 +131,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/beta-public-cluster-update-variant/firewall.tf

@@ -116,6 +116,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -136,6 +137,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/beta-public-cluster/firewall.tf

@@ -116,6 +116,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -136,6 +137,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/private-cluster-update-variant/firewall.tf

@@ -110,6 +110,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -130,6 +131,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id

modules/private-cluster/firewall.tf

@@ -110,6 +110,7 @@ resource "google_compute_firewall" "shadow_allow_pods" {
 
 resource "google_compute_firewall" "shadow_allow_master" {
   count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-master"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow master and woker nodes communication."
   project     = local.network_project_id
@@ -130,6 +131,8 @@ resource "google_compute_firewall" "shadow_allow_master" {
 }
 
 resource "google_compute_firewall" "shadow_allow_nodes" {
+  count       = var.add_shadow_firewall_rules ? 1 : 0
+
   name        = "gke-shadow-${substr(var.name, 0, min(25, length(var.name)))}-vms"
   description = "Managed by terraform gke module: A shadow firewall rule to match the fireall allow woker nodes communication."
   project     = local.network_project_id