additive_vpc_scope_dns_domain feature support for autopilot mode GKE Cluster

[acloudpotato]

TL;DR

When creating an Autopilot cluster using the google_container_cluster resource block, the dns_config block is unsupported if enable_autopilot is set to true.

Although the console and REST documentation indicate that the additive_vpc_scope_dns_domain value can be set on a GKE Autopilot cluster(Reference Link) However, as the dns_config block is not supported in this context, the additive_vpc_scope_dns_domain variable is also ignored for autopilot mode GKE Cluster.

Terraform Resources

google_container_cluster - https://registry.terraform.io/providers/hashicorp/google-beta/latest/docs/resources/container_cluster

Used Versions: 
Provider version --> google_beta (5.41.0) - https://github.com/hashicorp/terraform-provider-google-beta/tree/v5.41.0
terraform version --> v1.8.3

Detailed design

The GKE Autopilot cluster allows configuration of DNS settings via the console and REST API, specifically the additive_vpc_scope_dns_domain. This setting should ideally be handled within the Terraform resource block using a dns_config attribute. However, When enable_autopilot is set to true, the dns_config block is currently unsupported, resulting in the omission of crucial DNS settings from the Terraform deployment.

Additional information

Expected Behavior: The Terraform google_container_cluster resource should support configuring DNS settings for Autopilot clusters through the dns_config block(maybe along with Cloud DNS as default DNS), enabling management of parameters like additive_vpc_scope_dns_domain within the infrastructure as code definition.

Current Workaround: Currently, DNS settings for Autopilot clusters must be configured manually post-creation using the Google Cloud Console or the REST API.

Impact: This limitation prevents users from fully automating GKE Autopilot cluster creation and management using Terraform, increasing the risk of configuration drift and requiring manual intervention.

[ajinkya101]

Hi Team, We are also looking for this feature available in the GKE Autopilot cluster. A similar feature is already supported on the standard GKE terraform code. We hope this will come out as soon as possible.

[omkarsuperb]

Hi Team, We are not able to use GKE auto pilot to one of our customer due to unavailability of this feature. Let us know once this feature is rolled out.

[pranavdhopey]

Team, We are looking for this feature to be available in the GKE Autopilot cluster, similar to what is already supported in the standard GKE terraform code.

[maci0]

This is a bug in the google-beta terraform provider. I have submitted a PR to fix this GoogleCloudPlatform/magic-modules#11562

[github-actions]

This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 7 days

[pranavdhopey]

There is still no option of additive_vpc_scope_dns_domain under autopilot TF code dns_config , this option is only available from console.

Please look into this issue on priority basis as this is needed to be set for one of our customer through TF.