| _key | core | string | |
| addons_config | core | json | Configurations for the various addons available to run in the cluster. |
| ancestors | core | array<string> | |
| authenticator_groups_config | core | json | Configuration controlling RBAC group membership information. |
| autopilot | core | json | Autopilot configuration for the cluster. |
| autoscaling | core | json | Cluster-level autoscaling configuration. |
| binary_authorization | core | json | Configuration for Binary Authorization. |
| cluster_ipv4_cidr | core | string | The IP address range of the container pods in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `10.96.0.0/14`). Leave blank to have one automatically chosen or specify a `/14` block in `10.0.0.0/8`. |
| cluster_telemetry | core | json | Telemetry integration for the cluster. |
| compliance_posture_config | core | json | Enable/Disable Compliance Posture features for the cluster. |
| conditions | core | json | Which conditions caused the current cluster state. |
| confidential_nodes | core | json | Configuration of Confidential Nodes. All the nodes in the cluster will be Confidential VM once enabled. |
| cost_management_config | core | json | Configuration for the fine-grained cost management feature. |
| create_time | core | string | Output only. The time the cluster was created, in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. |
| current_master_version | core | string | Output only. The current software version of the master endpoint. |
| current_node_count | core | int64 | Output only. The number of nodes currently in the cluster. Deprecated. Call Kubernetes API directly to retrieve node information. |
| current_node_version | core | string | Output only. Deprecated, use [NodePool.version](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1beta1/projects.locations.clusters.nodePools) instead. The current version of the node software components. If they are currently at multiple versions because they're in the process of being upgraded, this reflects the minimum version of all nodes. |
| database_encryption | core | json | Configuration of etcd encryption. |
| datadog_display_name | core | string | |
| default_max_pods_constraint | core | json | The default constraint on the maximum number of pods that can be run simultaneously on a node in the node pool of this cluster. Only honored if cluster created with IP Alias support. |
| description | core | string | An optional description of this cluster. |
| enable_k8s_beta_apis | core | json | Kubernetes open source beta apis enabled on the cluster. Only beta apis. |
| enable_kubernetes_alpha | core | bool | Kubernetes alpha features are enabled on this cluster. This includes alpha API groups (e.g. v1beta1) and features that may not be production ready in the kubernetes version of the master and nodes. The cluster has no SLA for uptime and master/node upgrades are disabled. Alpha enabled clusters are automatically deleted thirty days after creation. |
| enable_tpu | core | bool | Enable the ability to use Cloud TPUs in this cluster. This field is deprecated, use tpu_config.enabled instead. |
| endpoint | core | string | Output only. The IP address of this cluster's master endpoint. The endpoint can be accessed from the internet at `https://username:password@endpoint/`. See the `masterAuth` property of this resource for username and password information. |
| enterprise_config | core | json | GKE Enterprise Configuration. |
| etag | core | string | This checksum is computed by the server based on the value of cluster fields, and may be sent on update requests to ensure the client has an up-to-date value before proceeding. |
| expire_time | core | string | Output only. The time the cluster will be automatically deleted in [RFC3339](https://www.ietf.org/rfc/rfc3339.txt) text format. |
| fleet | core | json | Fleet information for the cluster. |
| gcp_status | core | string | Output only. The current status of this cluster. Possible values: ['STATUS_UNSPECIFIED', 'PROVISIONING', 'RUNNING', 'RECONCILING', 'STOPPING', 'ERROR', 'DEGRADED']. Values descriptions: ['Not set.', 'The PROVISIONING state indicates the cluster is being created.', 'The RUNNING state indicates the cluster has been created and is fully usable.', 'The RECONCILING state indicates that some work is actively being done on the cluster, such as upgrading the master or node software. Details can be found in the `statusMessage` field.', 'The STOPPING state indicates the cluster is being deleted.', 'The ERROR state indicates the cluster may be unusable. Details can be found in the `statusMessage` field.', 'The DEGRADED state indicates the cluster requires user action to restore full functionality. Details can be found in the `statusMessage` field.'] |
| id | core | string | Output only. Unique id for the cluster. |
| identity_service_config | core | json | Configuration for Identity Service component. |
| initial_cluster_version | core | string | The initial Kubernetes version for this cluster. Valid versions are those found in validMasterVersions returned by getServerConfig. The version can be upgraded over time; such upgrades are reflected in currentMasterVersion and currentNodeVersion. Users may specify either explicit versions offered by Kubernetes Engine or version aliases, which have the following behavior: - "latest": picks the highest valid Kubernetes version - "1.X": picks the highest valid patch+gke.N patch in the 1.X version - "1.X.Y": picks the highest valid gke.N patch in the 1.X.Y version - "1.X.Y-gke.N": picks an explicit Kubernetes version - "","-": picks the default Kubernetes version |
| initial_node_count | core | int64 | The number of nodes to create in this cluster. You must ensure that your Compute Engine [resource quota](https://cloud.google.com/compute/quotas) is sufficient for this number of instances. You must also have available firewall and routes quota. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "node_config") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. This field is deprecated, use node_pool.initial_node_count instead. |
| instance_group_urls | core | array<string> | Output only. Deprecated. Use node_pools.instance_group_urls. |
| ip_allocation_policy | core | json | Configuration for cluster IP allocation. |
| label_fingerprint | core | string | The fingerprint of the set of labels for this cluster. |
| labels | core | array<string> | |
| legacy_abac | core | json | Configuration for the legacy ABAC authorization mode. |
| location | core | string | Output only. The name of the Google Compute Engine [zone](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) or [region](https://cloud.google.com/compute/docs/regions-zones/regions-zones#available) in which the cluster resides. |
| locations | core | array<string> | The list of Google Compute Engine [zones](https://cloud.google.com/compute/docs/zones#available) in which the cluster's nodes should be located. This field provides a default value if [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) are not specified during node pool creation. Warning: changing cluster locations will update the [NodePool.Locations](https://cloud.google.com/kubernetes-engine/docs/reference/rest/v1/projects.locations.clusters.nodePools#NodePool.FIELDS.locations) of all node pools and will result in nodes being added and/or removed. |
| logging_config | core | json | Logging configuration for the cluster. |
| logging_service | core | string | The logging service the cluster should use to write logs. Currently available options: * `logging.googleapis.com/kubernetes` - The Cloud Logging service with a Kubernetes-native resource model * `logging.googleapis.com` - The legacy Cloud Logging service (no longer available as of GKE 1.15). * `none` - no logs will be exported from the cluster. If left as an empty string,`logging.googleapis.com/kubernetes` will be used for GKE 1.14+ or `logging.googleapis.com` for earlier versions. |
| maintenance_policy | core | json | Configure the maintenance policy for this cluster. |
| master | core | json | Configuration for master components. |
| master_auth | core | json | The authentication information for accessing the master endpoint. If unspecified, the defaults are used: For clusters before v1.12, if master_auth is unspecified, `username` will be set to "admin", a random password will be generated, and a client certificate will be issued. |
| master_authorized_networks_config | core | json | The configuration options for master authorized networks feature. |
| master_ipv4_cidr_block | core | string | The IP prefix in CIDR notation to use for the hosted master network. This prefix will be used for assigning private IP addresses to the master or set of masters, as well as the ILB VIP. This field is deprecated, use private_cluster_config.master_ipv4_cidr_block instead. |
| mesh_certificates | core | json | Configuration for issuance of mTLS keys and certificates to Kubernetes pods. |
| monitoring_config | core | json | Monitoring configuration for the cluster. |
| monitoring_service | core | string | The monitoring service the cluster should use to write metrics. Currently available options: * "monitoring.googleapis.com/kubernetes" - The Cloud Monitoring service with a Kubernetes-native resource model * `monitoring.googleapis.com` - The legacy Cloud Monitoring service (no longer available as of GKE 1.15). * `none` - No metrics will be exported from the cluster. If left as an empty string,`monitoring.googleapis.com/kubernetes` will be used for GKE 1.14+ or `monitoring.googleapis.com` for earlier versions. |
| name | core | string | The name of this cluster. The name must be unique within this project and location (e.g. zone or region), and can be up to 40 characters with the following restrictions: * Lowercase letters, numbers, and hyphens only. * Must start with a letter. * Must end with a number or a letter. |
| network | core | string | The name of the Google Compute Engine [network](https://cloud.google.com/compute/docs/networks-and-firewalls#networks) to which the cluster is connected. If left unspecified, the `default` network will be used. On output this shows the network ID instead of the name. |
| network_config | core | json | Configuration for cluster networking. |
| network_policy | core | json | Configuration options for the NetworkPolicy feature. |
| node_config | core | json | Parameters used in creating the cluster's nodes. For requests, this field should only be used in lieu of a "node_pool" object, since this configuration (along with the "initial_node_count") will be used to create a "NodePool" object with an auto-generated name. Do not use this and a node_pool at the same time. For responses, this field will be populated with the node configuration of the first node pool. (For configuration of each node pool, see `node_pool.config`) If unspecified, the defaults are used. This field is deprecated, use node_pool.config instead. |
| node_ipv4_cidr_size | core | int64 | Output only. The size of the address space on each node for hosting containers. This is provisioned from within the `container_ipv4_cidr` range. This field will only be set when cluster is in route-based network mode. |
| node_pool_auto_config | core | json | Node pool configs that apply to all auto-provisioned node pools in autopilot clusters and node auto-provisioning enabled clusters. |
| node_pool_defaults | core | json | Default NodePool settings for the entire cluster. These settings are overridden if specified on the specific NodePool object. |
| node_pools | core | json | The node pools associated with this cluster. This field should not be set if "node_config" or "initial_node_count" are specified. |
| notification_config | core | json | Notification configuration of the cluster. |
| organization_id | core | string | |
| parent | core | string | |
| parent_product_config | core | json | The configuration of the parent product of the cluster. This field is used by Google internal products that are built on top of the GKE cluster and take the ownership of the cluster. |
| pod_security_policy_config | core | json | Configuration for the PodSecurityPolicy feature. |
| private_cluster | core | bool | If this is a private cluster setup. Private clusters are clusters that, by default have no external IP addresses on the nodes and where nodes and the master communicate over private IP addresses. This field is deprecated, use private_cluster_config.enable_private_nodes instead. |
| private_cluster_config | core | json | Configuration for private cluster. |
| project_id | core | string | |
| project_number | core | string | |
| protect_config | core | json | Deprecated: Use SecurityPostureConfig instead. Enable/Disable Protect API features for the cluster. |
| release_channel | core | json | Release channel configuration. If left unspecified on cluster creation and a version is specified, the cluster is enrolled in the most mature release channel where the version is available (first checking STABLE, then REGULAR, and finally RAPID). Otherwise, if no release channel configuration and no version is specified, the cluster is enrolled in the REGULAR channel with its default version. |
| resource_name | core | string | |
| resource_usage_export_config | core | json | Configuration for exporting resource usages. Resource usage export is disabled when this config unspecified. |
| satisfies_pzi | core | bool | Output only. Reserved for future use. |
| satisfies_pzs | core | bool | Output only. Reserved for future use. |
| secret_manager_config | core | json | Secret CSI driver configuration. |
| security_posture_config | core | json | Enable/Disable Security Posture API features for the cluster. |
| self_link | core | string | Output only. Server-defined URL for the resource. |
| services_ipv4_cidr | core | string | Output only. The IP address range of the Kubernetes services in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). Service addresses are typically put in the last `/16` from the container CIDR. |
| shielded_nodes | core | json | Shielded Nodes configuration. |
| status_message | core | string | Output only. Deprecated. Use conditions instead. Additional information about the current status of this cluster, if available. |
| subnetwork | core | string | The name of the Google Compute Engine [subnetwork](https://cloud.google.com/compute/docs/subnetworks) to which the cluster is connected. On output this shows the subnetwork ID instead of the name. |
| tags | core | hstore | |
| tpu_config | core | json | Configuration for Cloud TPU support; |
| tpu_ipv4_cidr_block | core | string | Output only. The IP address range of the Cloud TPUs in this cluster, in [CIDR](http://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) notation (e.g. `1.2.3.4/29`). |
| vertical_pod_autoscaling | core | json | Cluster-level Vertical Pod Autoscaling configuration. |
| workload_alts_config | core | json | Configuration for direct-path (via ALTS) with workload identity. |
| workload_certificates | core | json | Configuration for issuance of mTLS keys and certificates to Kubernetes pods. |
| workload_identity_config | core | json | Configuration for the use of Kubernetes Service Accounts in GCP IAM policies. |
| zone | core | string | Output only. The name of the Google Compute Engine [zone](https://cloud.google.com/compute/docs/zones#available) in which the cluster resides. This field is deprecated, use location instead. |
