diff --git a/README.md b/README.md
index d227643..08945f0 100644
--- a/README.md
+++ b/README.md
@@ -40,9 +40,9 @@ tf apply
| Name | Version |
|------|---------|
-| [google](#provider\_google) | ~> 5.19 |
-| [helm](#provider\_helm) | ~> 2.2 |
-| [kubernetes](#provider\_kubernetes) | ~> 2.8 |
+| [google](#provider\_google) | 5.45.0 |
+| [helm](#provider\_helm) | 2.17.0 |
+| [kubernetes](#provider\_kubernetes) | 2.35.1 |
## Modules
@@ -51,8 +51,8 @@ tf apply
| [cert\_manager\_sa](#module\_cert\_manager\_sa) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | 30.1.0 |
| [external\_dns\_sa](#module\_external\_dns\_sa) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | 30.1.0 |
| [external\_secrets\_sa](#module\_external\_secrets\_sa) | terraform-google-modules/kubernetes-engine/google//modules/workload-identity | 30.1.0 |
-| [gke](#module\_gke) | terraform-google-modules/kubernetes-engine/google | 29.0.0 |
-| [gke\_private](#module\_gke\_private) | terraform-google-modules/kubernetes-engine/google//modules/private-cluster | 29.0.0 |
+| [gke](#module\_gke) | terraform-google-modules/kubernetes-engine/google | 33.1.0 |
+| [gke\_private](#module\_gke\_private) | terraform-google-modules/kubernetes-engine/google//modules/private-cluster | 33.1.0 |
| [istio](#module\_istio) | github.com/streamnative/terraform-helm-charts//modules/istio-operator | master |
## Resources
@@ -91,7 +91,7 @@ tf apply
| [cilium\_helm\_chart\_name](#input\_cilium\_helm\_chart\_name) | The name of the Helm chart in the repository for Cilium. | `string` | `"cilium"` | no |
| [cilium\_helm\_chart\_repository](#input\_cilium\_helm\_chart\_repository) | The repository containing the Cilium helm chart. | `string` | `"https://helm.cilium.io"` | no |
| [cilium\_helm\_chart\_version](#input\_cilium\_helm\_chart\_version) | Helm chart version for Cilium. See https://artifacthub.io/packages/helm/cilium/cilium for updates. | `string` | `"1.13.2"` | no |
-| [cluster\_autoscaling\_config](#input\_cluster\_autoscaling\_config) | Cluster autoscaling configuration for node auto-provisioning. This is disabled for our configuration, since we typically want to scale existing node pools rather than add new ones to the cluster | object({
enabled = bool
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
auto_repair = bool
auto_upgrade = bool
}) | {
"auto_repair": true,
"auto_upgrade": false,
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": null,
"max_memory_gb": null,
"min_cpu_cores": null,
"min_memory_gb": null
} | no |
+| [cluster\_autoscaling\_config](#input\_cluster\_autoscaling\_config) | Cluster autoscaling configuration for node auto-provisioning. This is disabled for our configuration, since we typically want to scale existing node pools rather than add new ones to the cluster | object({
enabled = bool
min_cpu_cores = number
max_cpu_cores = number
min_memory_gb = number
max_memory_gb = number
gpu_resources = list(object({ resource_type = string, minimum = number, maximum = number }))
auto_repair = bool
auto_upgrade = bool
autoscaling_profile = string
}) | {
"auto_repair": true,
"auto_upgrade": false,
"autoscaling_profile": "BALANCED",
"enabled": false,
"gpu_resources": [],
"max_cpu_cores": null,
"max_memory_gb": null,
"min_cpu_cores": null,
"min_memory_gb": null
} | no |
| [cluster\_http\_load\_balancing](#input\_cluster\_http\_load\_balancing) | Enable the HTTP load balancing addon for the cluster. Defaults to "true" | `bool` | `true` | no |
| [cluster\_name](#input\_cluster\_name) | The name of your GKE cluster. | `string` | n/a | yes |
| [cluster\_network\_policy](#input\_cluster\_network\_policy) | Enable the network policy addon for the cluster. Defaults to "true", and uses CALICO as the provider | `bool` | `true` | no |
@@ -108,7 +108,7 @@ tf apply
| [enable\_func\_pool](#input\_enable\_func\_pool) | Enable an additional dedicated pool for Pulsar Functions. Enabled by default. | `bool` | `true` | no |
| [enable\_istio](#input\_enable\_istio) | Enables Istio on the cluster. Set to "false" by default. | `bool` | `false` | no |
| [enable\_private\_gke](#input\_enable\_private\_gke) | Enables private GKE cluster, where nodes are not publicly accessible. Defaults to "false". | `bool` | `false` | no |
-| [enable\_private\_nodes](#input\_enable\_private\_nodes) | Whether nodes have internal IP addresses only, only used for private clusters | `bool` | `true` | no |
+| [enable\_private\_nodes](#input\_enable\_private\_nodes) | Whether nodes have internal IP addresses only. | `bool` | `false` | no |
| [enable\_resource\_creation](#input\_enable\_resource\_creation) | When enabled, all dependencies, like service accounts, buckets, etc will be created. When disabled, they will note. Use in combination with `enable_` to manage these outside this module | `bool` | `true` | no |
| [external\_dns\_helm\_chart\_name](#input\_external\_dns\_helm\_chart\_name) | The name of the Helm chart in the repository for ExternalDNS. | `string` | `"external-dns"` | no |
| [external\_dns\_helm\_chart\_repository](#input\_external\_dns\_helm\_chart\_repository) | The repository containing the ExternalDNS helm chart. | `string` | `"https://charts.bitnami.com/bitnami"` | no |
@@ -138,6 +138,7 @@ tf apply
| [func\_pool\_service\_account](#input\_func\_pool\_service\_account) | The service account email address to use for the Pulsar Functions pool. If create\_service\_account is set to true, it will use the the output from the module. | `string` | `""` | no |
| [func\_pool\_ssd\_count](#input\_func\_pool\_ssd\_count) | The number of SSDs to attach to each node in the Pulsar Functions pool. Defaults to 0. | `number` | `0` | no |
| [func\_pool\_version](#input\_func\_pool\_version) | The version of Kubernetes to use for the Pulsar Functions pool. If the input "release\_channel" is not defined, defaults to "kubernetes\_version" used for the cluster. Should only be defined while "func\_pool\_auto\_upgrade" is also set to "false". | `string` | `""` | no |
+| [gcp\_public\_cidrs\_access\_enabled](#input\_gcp\_public\_cidrs\_access\_enabled) | Enable access from GCP public CIDRs. Defaults to false. | `bool` | `false` | no |
| [google\_service\_account](#input\_google\_service\_account) | when set, don't create GSAs and instead use the this service account for all apps | `string` | `""` | no |
| [horizontal\_pod\_autoscaling](#input\_horizontal\_pod\_autoscaling) | Enable horizontal pod autoscaling for the cluster. Defaults to "true". | `bool` | `true` | no |
| [istio\_chart\_version](#input\_istio\_chart\_version) | The version of the istio chart to use | `string` | `"2.11"` | no |
diff --git a/variables.tf b/variables.tf
index 14fdf4d..ece8cf9 100644
--- a/variables.tf
+++ b/variables.tf
@@ -455,8 +455,9 @@ variable "master_authorized_networks" {
}
variable "gcp_public_cidrs_access_enabled" {
- default = false
+ default = false
description = "Enable access from GCP public CIDRs. Defaults to false."
+ type = bool
}
variable "node_pool_autoscaling" {