diff --git a/autogen/safer-cluster/main.tf.tmpl b/autogen/safer-cluster/main.tf.tmpl
index b647a7014..eef4673c8 100644
--- a/autogen/safer-cluster/main.tf.tmpl
+++ b/autogen/safer-cluster/main.tf.tmpl
@@ -41,7 +41,8 @@ module "gke" {
// the master upgrades.
//
// https://cloud.google.com/kubernetes-engine/versioning-and-upgrades
- release_channel = var.release_channel
+ release_channel = var.release_channel
+ gateway_api_channel = var.gateway_api_channel
master_authorized_networks = var.master_authorized_networks
diff --git a/autogen/safer-cluster/variables.tf.tmpl b/autogen/safer-cluster/variables.tf.tmpl
index a357cbe24..f06957508 100644
--- a/autogen/safer-cluster/variables.tf.tmpl
+++ b/autogen/safer-cluster/variables.tf.tmpl
@@ -77,6 +77,12 @@ variable "release_channel" {
default = "REGULAR"
}
+variable "gateway_api_channel" {
+ type = string
+ description = "The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`."
+ default = null
+}
+
variable "master_authorized_networks" {
type = list(object({ cidr_block = string, display_name = string }))
description = "List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists)."
diff --git a/modules/safer-cluster-update-variant/README.md b/modules/safer-cluster-update-variant/README.md
index 51875903a..5eb5105ab 100644
--- a/modules/safer-cluster-update-variant/README.md
+++ b/modules/safer-cluster-update-variant/README.md
@@ -228,6 +228,7 @@ For simplicity, we suggest using `roles/container.admin` and
| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
+| gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no |
| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no |
| grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer role. | `bool` | `true` | no |
diff --git a/modules/safer-cluster-update-variant/main.tf b/modules/safer-cluster-update-variant/main.tf
index c5e1a90b1..9366427a4 100644
--- a/modules/safer-cluster-update-variant/main.tf
+++ b/modules/safer-cluster-update-variant/main.tf
@@ -37,7 +37,8 @@ module "gke" {
// the master upgrades.
//
// https://cloud.google.com/kubernetes-engine/versioning-and-upgrades
- release_channel = var.release_channel
+ release_channel = var.release_channel
+ gateway_api_channel = var.gateway_api_channel
master_authorized_networks = var.master_authorized_networks
diff --git a/modules/safer-cluster-update-variant/variables.tf b/modules/safer-cluster-update-variant/variables.tf
index f42929b53..4c73b7005 100644
--- a/modules/safer-cluster-update-variant/variables.tf
+++ b/modules/safer-cluster-update-variant/variables.tf
@@ -77,6 +77,12 @@ variable "release_channel" {
default = "REGULAR"
}
+variable "gateway_api_channel" {
+ type = string
+ description = "The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`."
+ default = null
+}
+
variable "master_authorized_networks" {
type = list(object({ cidr_block = string, display_name = string }))
description = "List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists)."
diff --git a/modules/safer-cluster/README.md b/modules/safer-cluster/README.md
index 51875903a..5eb5105ab 100644
--- a/modules/safer-cluster/README.md
+++ b/modules/safer-cluster/README.md
@@ -228,6 +228,7 @@ For simplicity, we suggest using `roles/container.admin` and
| filestore\_csi\_driver | The status of the Filestore CSI driver addon, which allows the usage of filestore instance as volumes | `bool` | `false` | no |
| firewall\_inbound\_ports | List of TCP ports for admission/webhook controllers | `list(string)` | [
"8443",
"9443",
"15017"
]
| no |
| firewall\_priority | Priority rule for firewall rules | `number` | `1000` | no |
+| gateway\_api\_channel | The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`. | `string` | `null` | no |
| gce\_pd\_csi\_driver | (Beta) Whether this cluster should enable the Google Compute Engine Persistent Disk Container Storage Interface (CSI) Driver. | `bool` | `true` | no |
| gke\_backup\_agent\_config | (Beta) Whether Backup for GKE agent is enabled for this cluster. | `bool` | `false` | no |
| grant\_registry\_access | Grants created cluster-specific service account storage.objectViewer role. | `bool` | `true` | no |
diff --git a/modules/safer-cluster/main.tf b/modules/safer-cluster/main.tf
index 03a411eaa..e79a73d8a 100644
--- a/modules/safer-cluster/main.tf
+++ b/modules/safer-cluster/main.tf
@@ -37,7 +37,8 @@ module "gke" {
// the master upgrades.
//
// https://cloud.google.com/kubernetes-engine/versioning-and-upgrades
- release_channel = var.release_channel
+ release_channel = var.release_channel
+ gateway_api_channel = var.gateway_api_channel
master_authorized_networks = var.master_authorized_networks
diff --git a/modules/safer-cluster/variables.tf b/modules/safer-cluster/variables.tf
index f42929b53..4c73b7005 100644
--- a/modules/safer-cluster/variables.tf
+++ b/modules/safer-cluster/variables.tf
@@ -77,6 +77,12 @@ variable "release_channel" {
default = "REGULAR"
}
+variable "gateway_api_channel" {
+ type = string
+ description = "The gateway api channel of this cluster. Accepted values are `CHANNEL_STANDARD` and `CHANNEL_DISABLED`."
+ default = null
+}
+
variable "master_authorized_networks" {
type = list(object({ cidr_block = string, display_name = string }))
description = "List of master authorized networks. If none are provided, disallow external access (except the cluster node IPs, which GKE automatically whitelists)."