github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/digitalocean/compute/AVD-DIG-0006/Terraform.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/digitalocean/compute/AVD-DIG-0006/Terraform.md (about)

     1  Set `auto_upgrade` to `true` and set `maintenance_policy` to a time window when you know the workloads of your cluster is not peaking.
     2  
     3  ```hcl
     4  data "digitalocean_kubernetes_versions" "example" {
     5    version_prefix = "1.22."
     6  }
     7  
     8  resource "digitalocean_kubernetes_cluster" "foo" {
     9    name         = "foo"
    10    region       = "nyc1"
    11    auto_upgrade = true
    12    version      = data.digitalocean_kubernetes_versions.example.latest_version
    13  
    14    # remember to actively set this
    15    maintenance_policy {
    16      start_time  = "04:00"
    17      day         = "sunday"
    18    }
    19  
    20    node_pool {
    21      name       = "default"
    22      size       = "s-1vcpu-2gb"
    23      node_count = 3
    24    }
    25  }
    26  ```
    27  
    28  #### Remediation Links
    29   - https://registry.terraform.io/providers/digitalocean/digitalocean/latest/docs/resources/kubernetes_cluster#auto_upgrade