diff --git a/aks/main.tf b/aks/main.tf index 7fed679..72e9bfd 100644 --- a/aks/main.tf +++ b/aks/main.tf @@ -71,6 +71,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids + network_policy_thanos = var.network_policy_thanos resources = var.resources diff --git a/eks/main.tf b/eks/main.tf index c6bcde7..ea38368 100644 --- a/eks/main.tf +++ b/eks/main.tf @@ -62,6 +62,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids + network_policy_thanos = var.network_policy_thanos resources = var.resources diff --git a/kind/main.tf b/kind/main.tf index 721e18d..c504f87 100644 --- a/kind/main.tf +++ b/kind/main.tf @@ -13,6 +13,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids + network_policy_thanos = var.network_policy_thanos resources = var.resources diff --git a/locals.tf b/locals.tf index 098f82a..fbde678 100644 --- a/locals.tf +++ b/locals.tf @@ -44,7 +44,7 @@ locals { limits = { for k, v in var.resources.storegateway.limits : k => v if v != null } } networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } extraFlags = [ # Store Gateway index cache config -> https://thanos.io/tip/components/store.md/#index-cache @@ -84,7 +84,7 @@ locals { limits = { for k, v in var.resources.query.limits : k => v if v != null } } networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } @@ -108,7 +108,7 @@ locals { size = local.thanos.compactor_persistence_size } networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } @@ -200,7 +200,7 @@ locals { }] } networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } @@ -334,17 +334,17 @@ locals { }] } networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } receive = { networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } ruler = { networkPolicy = { - enabled = false + enabled = var.network_policy_thanos } } } diff --git a/sks/main.tf b/sks/main.tf index 721e18d..c504f87 100644 --- a/sks/main.tf +++ b/sks/main.tf @@ -13,6 +13,7 @@ module "thanos" { enable_service_monitor = var.enable_service_monitor app_autosync = var.app_autosync dependency_ids = var.dependency_ids + network_policy_thanos = var.network_policy_thanos resources = var.resources diff --git a/variables.tf b/variables.tf index 7b4b0c3..458b030 100644 --- a/variables.tf +++ b/variables.tf @@ -174,3 +174,9 @@ variable "enable_service_monitor" { type = bool default = false } + +variable "network_policy_thanos" { + description = "Enable or disable network policy for Thanos components." + type = bool + default = false +}