{"id":18624789,"url":"https://github.com/opszero/terraform-google-kubespot","last_synced_at":"2026-03-19T05:26:16.705Z","repository":{"id":39869980,"uuid":"482105311","full_name":"opszero/terraform-google-kubespot","owner":"opszero","description":null,"archived":false,"fork":false,"pushed_at":"2025-11-06T12:42:22.000Z","size":56856,"stargazers_count":0,"open_issues_count":2,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-11-06T14:28:13.703Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://opszero.com","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/opszero.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":"SUPPORT","governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null},"funding":{"github":["abhiyerra"],"custom":["https://www.opszero.com"]}},"created_at":"2022-04-15T23:02:58.000Z","updated_at":"2025-11-06T12:42:26.000Z","dependencies_parsed_at":"2024-03-18T21:27:20.665Z","dependency_job_id":"e8c1b944-c475-47a4-97aa-9653ff17276c","html_url":"https://github.com/opszero/terraform-google-kubespot","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/opszero/terraform-google-kubespot","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opszero%2Fterraform-google-kubespot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opszero%2Fterraform-google-kubespot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opszero%2Fterraform-google-kubespot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opszero%2Fterraform-google-kubespot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/opszero","download_url":"https://codeload.github.com/opszero/terraform-google-kubespot/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/opszero%2Fterraform-google-kubespot/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28755946,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-25T16:32:25.380Z","status":"ssl_error","status_checked_at":"2026-01-25T16:32:09.189Z","response_time":113,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T04:31:05.286Z","updated_at":"2026-01-25T17:33:32.519Z","avatar_url":"https://github.com/opszero.png","language":"HCL","funding_links":["https://github.com/sponsors/abhiyerra","https://www.opszero.com"],"categories":[],"sub_categories":[],"readme":"\u003c!-- BEGIN_TF_DOCS --\u003e\n# Kubespot (GCP)\n\n\u003cimg src=\"http://assets.opszero.com/images/auditkube.png\" width=\"200px\" /\u003e\n\nCompliance Oriented Kubernetes Setup for Google Cloud.\n\n# Tools \u0026 Setup\n\n```\nbrew install kubectl kubernetes-helm google-cloud-sdk terraform\n```\n\n# Terraform usage\n\n```\ngcloud auth activate-service-account --key-file=./account.json\nterraform init \u0026\u0026 terraform get -update \u0026\u0026 terraform apply\n\n\ngcloud config set account foo@opszero.com # Set account name\ngcloud container clusters get-credentials \u003cclustername\u003e --region us-central1\n```\n## Providers\n\n| Name | Version |\n|------|---------|\n| \u003ca name=\"provider_google\"\u003e\u003c/a\u003e [google](#provider\\_google) | n/a |\n| \u003ca name=\"provider_helm\"\u003e\u003c/a\u003e [helm](#provider\\_helm) | n/a |\n| \u003ca name=\"provider_http\"\u003e\u003c/a\u003e [http](#provider\\_http) | n/a |\n| \u003ca name=\"provider_null\"\u003e\u003c/a\u003e [null](#provider\\_null) | n/a |\n| \u003ca name=\"provider_random\"\u003e\u003c/a\u003e [random](#provider\\_random) | n/a |\n## Inputs\n\n| Name | Description | Type | Default | Required |\n|------|-------------|------|---------|:--------:|\n| \u003ca name=\"input_auto_repair\"\u003e\u003c/a\u003e [auto\\_repair](#input\\_auto\\_repair) | Enables or disables automatic repair of nodes in the cluster. | `bool` | `true` | no |\n| \u003ca name=\"input_auto_upgrade\"\u003e\u003c/a\u003e [auto\\_upgrade](#input\\_auto\\_upgrade) | Enables or disables automatic upgrades of nodes in the cluster. | `bool` | `true` | no |\n| \u003ca name=\"input_cluster_create_timeouts\"\u003e\u003c/a\u003e [cluster\\_create\\_timeouts](#input\\_cluster\\_create\\_timeouts) | Timeout for creating the cluster. | `string` | `\"30m\"` | no |\n| \u003ca name=\"input_cluster_delete_timeouts\"\u003e\u003c/a\u003e [cluster\\_delete\\_timeouts](#input\\_cluster\\_delete\\_timeouts) | Timeout for deleting the cluster. | `string` | `\"30m\"` | no |\n| \u003ca name=\"input_cluster_update_timeouts\"\u003e\u003c/a\u003e [cluster\\_update\\_timeouts](#input\\_cluster\\_update\\_timeouts) | Timeout for updating the cluster. | `string` | `\"30m\"` | no |\n| \u003ca name=\"input_cluster_version\"\u003e\u003c/a\u003e [cluster\\_version](#input\\_cluster\\_version) | The minimum version of the master | `string` | `\"1.27\"` | no |\n| \u003ca name=\"input_csi_secrets_store_enabled\"\u003e\u003c/a\u003e [csi\\_secrets\\_store\\_enabled](#input\\_csi\\_secrets\\_store\\_enabled) | Specify whether the CSI driver is enabled | `bool` | `false` | no |\n| \u003ca name=\"input_disk_size_gb\"\u003e\u003c/a\u003e [disk\\_size\\_gb](#input\\_disk\\_size\\_gb) | Size of the disk in gigabytes for each node in the cluster. | `number` | `10` | no |\n| \u003ca name=\"input_disk_type\"\u003e\u003c/a\u003e [disk\\_type](#input\\_disk\\_type) | Type of disk to use for the nodes in the cluster. | `string` | `\"\"` | no |\n| \u003ca name=\"input_environment_name\"\u003e\u003c/a\u003e [environment\\_name](#input\\_environment\\_name) | Name of the resource. Provided by the client when the resource is created. | `string` | `\"\"` | no |\n| \u003ca name=\"input_image_type\"\u003e\u003c/a\u003e [image\\_type](#input\\_image\\_type) | Type of image to use for the nodes in the cluster. | `string` | `\"\"` | no |\n| \u003ca name=\"input_initial_node_count\"\u003e\u003c/a\u003e [initial\\_node\\_count](#input\\_initial\\_node\\_count) | The number of nodes to create in this cluster's default node pool. | `number` | `0` | no |\n| \u003ca name=\"input_kms_enabled\"\u003e\u003c/a\u003e [kms\\_enabled](#input\\_kms\\_enabled) | Specify whether the redis cluster is enabled | `bool` | `false` | no |\n| \u003ca name=\"input_kubectl_config_path\"\u003e\u003c/a\u003e [kubectl\\_config\\_path](#input\\_kubectl\\_config\\_path) | Path to the kubectl config file. Defaults to $HOME/.kube/config | `string` | `\"\"` | no |\n| \u003ca name=\"input_location\"\u003e\u003c/a\u003e [location](#input\\_location) | The location (region or zone) in which the cluster master will be created, as well as the default node location. | `string` | `\"\"` | no |\n| \u003ca name=\"input_location_policy\"\u003e\u003c/a\u003e [location\\_policy](#input\\_location\\_policy) | Specifies the policy for distributing nodes across locations, with the default being BALANCED | `string` | `\"BALANCED\"` | no |\n| \u003ca name=\"input_machine_type\"\u003e\u003c/a\u003e [machine\\_type](#input\\_machine\\_type) | Specifies the machine type for the nodes in the cluster. | `string` | `\"\"` | no |\n| \u003ca name=\"input_max_node_count\"\u003e\u003c/a\u003e [max\\_node\\_count](#input\\_max\\_node\\_count) | Maximum number of nodes in the cluster. | `number` | `1` | no |\n| \u003ca name=\"input_min_master_version\"\u003e\u003c/a\u003e [min\\_master\\_version](#input\\_min\\_master\\_version) | The minimum version of the master. | `string` | `\"\"` | no |\n| \u003ca name=\"input_min_node_count\"\u003e\u003c/a\u003e [min\\_node\\_count](#input\\_min\\_node\\_count) | Minimum number of nodes in the cluster. | `number` | `1` | no |\n| \u003ca name=\"input_preemptible\"\u003e\u003c/a\u003e [preemptible](#input\\_preemptible) | Specifies whether the nodes in the cluster should be preemptible. | `bool` | `false` | no |\n| \u003ca name=\"input_project\"\u003e\u003c/a\u003e [project](#input\\_project) | The Google project that will host the cluster | `string` | n/a | yes |\n| \u003ca name=\"input_redis_enabled\"\u003e\u003c/a\u003e [redis\\_enabled](#input\\_redis\\_enabled) | Specify whether the redis cluster is enabled | `bool` | `false` | no |\n| \u003ca name=\"input_redis_ha_enabled\"\u003e\u003c/a\u003e [redis\\_ha\\_enabled](#input\\_redis\\_ha\\_enabled) | Specify whether HA is enabled for redis | `bool` | `false` | no |\n| \u003ca name=\"input_redis_memory_in_gb\"\u003e\u003c/a\u003e [redis\\_memory\\_in\\_gb](#input\\_redis\\_memory\\_in\\_gb) | Redis memory size in GiB | `number` | `1` | no |\n| \u003ca name=\"input_region\"\u003e\u003c/a\u003e [region](#input\\_region) | The location (region or zone) in which the cluster master will be created | `string` | `\"\"` | no |\n| \u003ca name=\"input_remove_default_node_pool\"\u003e\u003c/a\u003e [remove\\_default\\_node\\_pool](#input\\_remove\\_default\\_node\\_pool) | deletes the default node pool upon cluster creation. | `bool` | `true` | no |\n| \u003ca name=\"input_service_account\"\u003e\u003c/a\u003e [service\\_account](#input\\_service\\_account) | The Google Cloud Platform Service Account to be used by the node VMs created by GKE Autopilot or NAP. | `string` | `\"\"` | no |\n| \u003ca name=\"input_sql_enabled\"\u003e\u003c/a\u003e [sql\\_enabled](#input\\_sql\\_enabled) | Specify whether the sql instance is enabled | `bool` | `false` | no |\n| \u003ca name=\"input_sql_engine\"\u003e\u003c/a\u003e [sql\\_engine](#input\\_sql\\_engine) | The sql version to use | `string` | `\"POSTGRES_15\"` | no |\n| \u003ca name=\"input_sql_instance_class\"\u003e\u003c/a\u003e [sql\\_instance\\_class](#input\\_sql\\_instance\\_class) | The machine type to use | `string` | `\"db-f1-micro\"` | no |\n| \u003ca name=\"input_sql_master_password\"\u003e\u003c/a\u003e [sql\\_master\\_password](#input\\_sql\\_master\\_password) | The password for the db user | `string` | `\"\"` | no |\n| \u003ca name=\"input_sql_master_username\"\u003e\u003c/a\u003e [sql\\_master\\_username](#input\\_sql\\_master\\_username) | The name of the db user | `string` | `\"\"` | no |\n| \u003ca name=\"input_tags\"\u003e\u003c/a\u003e [tags](#input\\_tags) | Terraform map to create custom tags for the Google resources | `map` | `{}` | no |\n## Resources\n\n| Name | Type |\n|------|------|\n| [google_compute_global_address.private_ip_address](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_global_address) | resource |\n| [google_compute_network.network](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network) | resource |\n| [google_compute_router.nat_router](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router) | resource |\n| [google_compute_router_nat.nat_config](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router_nat) | resource |\n| [google_compute_subnetwork.subnet](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork) | resource |\n| [google_container_cluster.primary](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster) | resource |\n| [google_container_node_pool.node_pool](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_node_pool) | resource |\n| [google_kms_crypto_key.key](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_crypto_key) | resource |\n| [google_kms_key_ring.keyring](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/kms_key_ring) | resource |\n| [google_redis_instance.cache](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/redis_instance) | resource |\n| [google_service_networking_connection.private_vpc_connection](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/service_networking_connection) | resource |\n| [google_sql_database_instance.default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_database_instance) | resource |\n| [google_sql_user.user](https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/sql_user) | resource |\n| [helm_release.csi_secrets_store](https://registry.terraform.io/providers/hashicorp/helm/latest/docs/resources/release) | resource |\n| [null_resource.configure_kubectl](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |\n| [null_resource.csi_secrets_store_aws_provider](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |\n| [null_resource.sql_vpc_lock](https://registry.terraform.io/providers/hashicorp/null/latest/docs/resources/resource) | resource |\n| [random_id.server](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/id) | resource |\n| [google_client_config.default](https://registry.terraform.io/providers/hashicorp/google/latest/docs/data-sources/client_config) | data source |\n| [http_http.csi_secrets_store_gcp_provider](https://registry.terraform.io/providers/hashicorp/http/latest/docs/data-sources/http) | data source |\n## Outputs\n\n| Name | Description |\n|------|-------------|\n| \u003ca name=\"output_private_vpc_network\"\u003e\u003c/a\u003e [private\\_vpc\\_network](#output\\_private\\_vpc\\_network) | n/a |\n| \u003ca name=\"output_sql_database\"\u003e\u003c/a\u003e [sql\\_database](#output\\_sql\\_database) | n/a |\n# 🚀 Built by opsZero!\n\n\u003ca href=\"https://opszero.com\"\u003e\u003cimg src=\"https://opszero.com/img/common/opsZero-Logo-Large.webp\" width=\"300px\"/\u003e\u003c/a\u003e\n\n[opsZero](https://opszero.com) provides software and consulting for Cloud + AI. With our decade plus of experience scaling some of the world’s most innovative companies we have developed deep expertise in Kubernetes, DevOps, FinOps, and Compliance.\n\nOur software and consulting solutions enable organizations to:\n\n- migrate workloads to the Cloud\n- setup compliance frameworks including SOC2, HIPAA, PCI-DSS, ITAR, FedRamp, CMMC, and more.\n- FinOps solutions to reduce the cost of running Cloud workloads\n- Kubernetes optimized for web scale and AI workloads\n- finding underutilized Cloud resources\n- setting up custom AI training and delivery\n- building data integrations and scrapers\n- modernizing onto modern ARM based processors\n\nWe do this with a high-touch support model where you:\n\n- Get access to us on Slack, Microsoft Teams or Email\n- Get 24/7 coverage of your infrastructure\n- Get an accelerated migration to Kubernetes\n\nPlease [schedule a call](https://calendly.com/opszero-llc/discovery) if you need support.\n\n\u003cbr/\u003e\u003cbr/\u003e\n\n\u003cdiv style=\"display: block\"\u003e\n  \u003cimg src=\"https://opszero.com/img/common/aws-advanced.png\" alt=\"AWS Advanced Tier\" width=\"150px\" \u003e\n  \u003cimg src=\"https://opszero.com/img/common/aws-devops-competency.png\" alt=\"AWS DevOps Competency\" width=\"150px\" \u003e\n  \u003cimg src=\"https://opszero.com/img/common/aws-eks.png\" alt=\"AWS EKS Delivery\" width=\"150px\" \u003e\n  \u003cimg src=\"https://opszero.com/img/common/aws-public-sector.png\" alt=\"AWS Public Sector\" width=\"150px\" \u003e\n\u003c/div\u003e\n\u003c!-- END_TF_DOCS --\u003e","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopszero%2Fterraform-google-kubespot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fopszero%2Fterraform-google-kubespot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fopszero%2Fterraform-google-kubespot/lists"}