Default nodepool creation fix (#999)

* Default nodepool creation fix * Removed comments and fixded formatting with fmt * Refactored per PR comment Co-authored-by: Astian Seb <[email protected]> Co-authored-by: Ludovico Magnocavallo <[email protected]>
GoogleCloudPlatform · Nov 22, 2022 · 345cb4b · 345cb4b
1 parent cb9a87d
commit 345cb4b
Showing 1 changed file with 12 additions and 1 deletion.
diff --git a/modules/gke-cluster/main.tf b/modules/gke-cluster/main.tf
@@ -48,7 +48,18 @@ resource "google_container_cluster" "cluster" {
   enable_autopilot = var.enable_features.autopilot ? true : null
 
   # the default nodepool is deleted here, use the gke-nodepool module instead
-  # node_config {}
+  # default nodepool configuration based on a shielded_nodes variable
+  node_config {
+    dynamic "shielded_instance_config" {
+      for_each = var.enable_features.shielded_nodes ? [""] : []
+      content {
+        enable_secure_boot          = true
+        enable_integrity_monitoring = true
+      }
+    }
+  }
+
+
 
   addons_config {
     dynamic "dns_cache_config" {