Labels make it easier to manage assets and differentiate between clusters and environments, allowing the mapping of computational resources to the wider organisational structure.
Impact
Asset management can be limited/more difficult
Recommended Actions
Follow the appropriate remediation steps below to resolve the issue.
resource"google_service_account" "default" {
account_id="service-account-id" display_name="Service Account"
}
resource"google_container_cluster" "good_example" {
name="my-gke-cluster" location="us-central1" # We can't create a cluster with no node pool defined, but we want to only use
# separately managed node pools. So we create the smallest possible default
# node pool and immediately delete it.
remove_default_node_pool=true initial_node_count=1 resource_labels= {
"env"="staging"
}
}
resource"google_container_node_pool" "primary_preemptible_nodes" {
name="my-node-pool" location="us-central1" cluster=google_container_cluster.primary.name node_count=1node_config {
preemptible=true machine_type="e2-medium" # Google recommends custom service accounts that have cloud-platform scope and permissions granted via IAM Roles.
service_account=google_service_account.default.email oauth_scopes=["https://www.googleapis.com/auth/cloud-platform"]
}
}