Enable specifying master_authorized_networks_config

cluster_regional.tf

@@ -33,6 +33,8 @@ resource "google_container_cluster" "primary" {
   logging_service    = "${var.logging_service}"
   monitoring_service = "${var.monitoring_service}"
 
+  master_authorized_networks_config = "${var.master_authorized_networks_config}"
+
   addons_config {
     http_load_balancing {
       disabled = "${var.http_load_balancing ? 0 : 1}"

cluster_zonal.tf

@@ -33,6 +33,8 @@ resource "google_container_cluster" "zonal_primary" {
   logging_service    = "${var.logging_service}"
   monitoring_service = "${var.monitoring_service}"
 
+  master_authorized_networks_config = "${var.master_authorized_networks_config}"
+
   addons_config {
     http_load_balancing {
       disabled = "${var.http_load_balancing ? 0 : 1}"

outputs.tf

@@ -60,6 +60,11 @@ output "monitoring_service" {
   value       = "${local.cluster_monitoring_service}"
 }
 
+output "master_authorized_networks_config" {
+  description = "Networks from which access to master is permitted"
+  value       = "${var.master_authorized_networks_config}"
+}
+
 output "master_version" {
   description = "Current master kubernetes version"
   value       = "${local.cluster_master_version}"

variables.tf

@@ -65,6 +65,12 @@ variable "node_version" {
   default     = ""
 }
 
+variable "master_authorized_networks_config" {
+  description = "The desired configuration options for master authorized networks. Omit the nested cidr_blocks attribute to disallow external access (except the cluster node IPs, which GKE automatically whitelists)."
+  type        = "list"
+  default     = []
+}
+
 variable "horizontal_pod_autoscaling" {
   description = "Enable horizontal pod autoscaling addon"
   default     = false