Top / Google Cloud Platform / Google GKEHub / Membership

Google GKEHub Membership

This page shows how to write Terraform for GKEHub Membership and write them securely.

terraform-logo

Review your .tf file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

google_gke_hub_membership (Terraform)

The Membership in GKEHub can be configured in Terraform with the resource name google_gke_hub_membership. The following sections describe 1 example of how to use the resource and its parameters.

Example Usage from GitHub

main.tf#L20
resource "google_gke_hub_membership" "membership" {
  provider      = google-beta
  membership_id = var.membership_id
  endpoint {
    gke_cluster {
      resource_link = var.resource_link

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The following arguments are supported:

  • membership_id - (Required) The client-provided identifier of the membership.

  • description - (Optional, Beta) The name of this entity type to be displayed on the console. This field is unavailable in v1 of the API.

  • labels - (Optional) Labels to apply to this membership.

  • endpoint - (Optional) If this Membership is a Kubernetes API server hosted on GKE, this is a self link to its GCP resource. Structure is documented below.

  • authority - (Optional) Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity Structure is documented below.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The endpoint block supports:

  • gke_cluster - (Optional) If this Membership is a Kubernetes API server hosted on GKE, this is a self link to its GCP resource. Structure is documented below.

The gke_cluster block supports:

  • resource_link - (Required) Self-link of the GCP resource for the GKE cluster. For example: //container.googleapis.com/projects/my-project/zones/us-west1-a/clusters/my-cluster. It can be at the most 1000 characters in length. If the cluster is provisioned with Terraform, this can be "//container.googleapis.com/$[google_container_cluster.my-cluster.id]" or google_container_cluster.my-cluster.id.

The authority block supports:

  • issuer - (Required) A JSON Web Token (JWT) issuer URI. issuer must start with https:// and // be a valid with length <2000 characters. For example: https://container.googleapis.com/v1/projects/my-project/locations/us-west1/clusters/my-cluster (must be locations rather than zones). If the cluster is provisioned with Terraform, this is "https://container.googleapis.com/v1/$[google_container_cluster.my-cluster.id]".

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format [[name]]

  • name - The unique identifier of the membership.

>> from Terraform Registry

Explanation in Terraform Registry

Membership contains information about a member cluster. To get more information about Membership, see:

>> from Terraform Registry

The Other Related Google GKEHub Resources

Frequently asked questions

What is Google GKEHub Membership?

Google GKEHub Membership is a resource for GKEHub of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google GKEHub Membership?

For Terraform, the hyperionian/terraform-cloudbuild-configsync source code example is useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents