1# Copyright 2022 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: core.cnrm.cloud.google.com/v1alpha1
16kind: ServiceMapping
17metadata:
18 name: container.cnrm.cloud.google.com
19 namespace: cnrm-system
20spec:
21 name: Container
22 version: v1beta1
23 serviceHostName: "container.googleapis.com"
24 resources:
25 - name: google_container_cluster
26 kind: ContainerCluster
27 idTemplate: "{{project}}/{{location}}/{{name}}"
28 idTemplateCanBeUsedToMatchResourceName: true
29 resourceAvailableInAssetInventory: true
30 ignoredFields:
31 - node_pool
32 # TODO(b/258864199): Remove disk_type field from ignoredFields.
33 - cluster_autoscaling.auto_provisioning_defaults.disk_type
34 metadataMapping:
35 name: name
36 labels: resource_labels
37 resourceID:
38 targetField: name
39 directives:
40 - remove_default_node_pool
41 mutableButUnreadableFields:
42 - min_master_version
43 containers:
44 - type: project
45 tfField: project
46 resourceReferences:
47 - tfField: cluster_autoscaling.auto_provisioning_defaults.service_account
48 key: serviceAccountRef
49 gvk:
50 kind: IAMServiceAccount
51 version: v1beta1
52 group: iam.cnrm.cloud.google.com
53 targetField: email
54 - tfField: network
55 key: networkRef
56 gvk:
57 kind: ComputeNetwork
58 version: v1beta1
59 group: compute.cnrm.cloud.google.com
60 targetField: self_link
61 - tfField: subnetwork
62 key: subnetworkRef
63 gvk:
64 kind: ComputeSubnetwork
65 version: v1beta1
66 group: compute.cnrm.cloud.google.com
67 targetField: self_link
68 - tfField: node_config.service_account
69 key: serviceAccountRef
70 gvk:
71 kind: IAMServiceAccount
72 version: v1beta1
73 group: iam.cnrm.cloud.google.com
74 targetField: email
75 - tfField: node_config.boot_disk_kms_key
76 key: bootDiskKMSCryptoKeyRef
77 gvk:
78 kind: KMSCryptoKey
79 version: v1beta1
80 group: kms.cnrm.cloud.google.com
81 targetField: self_link
82 - tfField: notification_config.pubsub.topic
83 description: |-
84 The PubSubTopic to send the notification to.
85 key: topicRef
86 gvk:
87 kind: PubSubTopic
88 version: v1beta1
89 group: pubsub.cnrm.cloud.google.com
90 valueTemplate: "projects/{{project}}/topics/{{value}}"
91 - tfField: node_config.node_group
92 description: |-
93 Immutable. Setting this field will assign instances
94 of this pool to run on the specified node group. This is useful
95 for running workloads on sole tenant nodes.
96 key: nodeGroupRef
97 gvk:
98 kind: ComputeNodeGroup
99 version: v1beta1
100 group: compute.cnrm.cloud.google.com
101 - tfField: cluster_autoscaling.auto_provisioning_defaults.boot_disk_kms_key
102 key: bootDiskKMSKeyRef
103 description: |-
104 Immutable. The Customer Managed Encryption Key used to encrypt the
105 boot disk attached to each node in the node pool.
106 gvk:
107 kind: KMSCryptoKey
108 version: v1beta1
109 group: kms.cnrm.cloud.google.com
110 targetField: self_link
111 - tfField: private_cluster_config.private_endpoint_subnetwork
112 key: privateEndpointSubnetworkRef
113 description: |-
114 Immutable. Subnetwork in cluster's network where master's endpoint
115 will be provisioned.
116 gvk:
117 kind: ComputeSubnetwork
118 version: v1beta1
119 group: compute.cnrm.cloud.google.com
120 targetField: self_link
121 - name: google_container_node_pool
122 kind: ContainerNodePool
123 idTemplate: "{{project}}/{{location}}/{{cluster}}/{{name}}"
124 # doesn't import correctly
125 idTemplateCanBeUsedToMatchResourceName: false
126 resourceAvailableInAssetInventory: true
127 metadataMapping:
128 name: name
129 resourceID:
130 targetField: name
131 resourceReferences:
132 - key: clusterRef
133 tfField: cluster
134 gvk:
135 kind: ContainerCluster
136 version: v1beta1
137 group: container.cnrm.cloud.google.com
138 parent: true
139 - tfField: node_config.service_account
140 key: serviceAccountRef
141 gvk:
142 kind: IAMServiceAccount
143 version: v1beta1
144 group: iam.cnrm.cloud.google.com
145 targetField: email
146 - tfField: node_config.boot_disk_kms_key
147 key: bootDiskKMSCryptoKeyRef
148 gvk:
149 kind: KMSCryptoKey
150 version: v1beta1
151 group: kms.cnrm.cloud.google.com
152 targetField: self_link
153 - tfField: node_config.node_group
154 description: |-
155 Immutable. Setting this field will assign instances
156 of this pool to run on the specified node group. This is useful
157 for running workloads on sole tenant nodes.
158 key: nodeGroupRef
159 gvk:
160 kind: ComputeNodeGroup
161 version: v1beta1
162 group: compute.cnrm.cloud.google.com
163 containers:
164 - type: project
165 tfField: project
View as plain text