---
# generated by https://github.com/hashicorp/terraform-plugin-docs
page_title: "constellation_cluster Resource - constellation"
subcategory: ""
description: |-
  Resource for a Constellation cluster.
---

# constellation_cluster (Resource)

Resource for a Constellation cluster.



<!-- schema generated by tfplugindocs -->
## Schema

### Required

- `attestation` (Attributes) Attestation comprises the measurements and SEV-SNP specific parameters. (see [below for nested schema](#nestedatt--attestation))
- `init_secret` (String) The init secret to use for the cluster.
- `master_secret` (String) The master secret to use for the cluster.
- `uid` (String) The UID of the cluster.

### Optional

- `constellation_microservices_version` (String) The Constellation microservices version to use for the cluster.
- `extra_microservices` (Attributes) Extra microservice settings. (see [below for nested schema](#nestedatt--extra_microservices))
- `image` (String) The Constellation OS image to use in the CSP specific reference format. Use the `constellation_image` data source to find the correct image for your CSP.
- `init_endpoint` (String) The endpoint to use for cluster initialization. This is the endpoint of the node running the bootstrapper.
- `kubernetes_api_endpoint` (String) The endpoint to use for the Kubernetes API.
- `kubernetes_version` (String) The Kubernetes version to use for the cluster. When not set, the latest default version ("v1.27.7") will be used. The supported versions are [v1.26.10 v1.27.7 v1.28.3].
- `name` (String) Name used in the cluster's named resources / cluster name.

### Read-Only

- `cluster_id` (String) The cluster ID of the cluster.
- `kubeconfig` (String) The kubeconfig of the cluster.
- `owner_id` (String) The owner ID of the cluster.

<a id="nestedatt--attestation"></a>
### Nested Schema for `attestation`

Required:

- `amd_root_key` (String)
- `bootloader_version` (Number)
- `measurements` (Attributes Map) (see [below for nested schema](#nestedatt--attestation--measurements))
- `microcode_version` (Number)
- `snp_version` (Number)
- `tee_version` (Number)
- `variant` (String) Attestation variant the image should work with. Can be one of:
  * `aws-sev-snp`
  * `aws-nitro-tpm`
  * `azure-sev-snp`
  * `gcp-sev-es`

Optional:

- `azure_firmware_signer_config` (Attributes) (see [below for nested schema](#nestedatt--attestation--azure_firmware_signer_config))

<a id="nestedatt--attestation--measurements"></a>
### Nested Schema for `attestation.measurements`

Required:

- `expected` (String)
- `warn_only` (Boolean)


<a id="nestedatt--attestation--azure_firmware_signer_config"></a>
### Nested Schema for `attestation.azure_firmware_signer_config`

Optional:

- `accepted_key_digests` (List of String)
- `enforcement_policy` (String)
- `maa_url` (String)



<a id="nestedatt--extra_microservices"></a>
### Nested Schema for `extra_microservices`

Optional:

- `csi_driver` (Boolean) Enable the CSI driver microservice.