-
Notifications
You must be signed in to change notification settings - Fork 394
Expand file tree
/
Copy pathmetadata.yaml
More file actions
469 lines (468 loc) · 17.7 KB
/
metadata.yaml
File metadata and controls
469 lines (468 loc) · 17.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
# Copyright 2026 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: blueprints.cloud.google.com/v1alpha1
kind: BlueprintMetadata
metadata:
name: terraform-google-vm-compute-instance
annotations:
config.kubernetes.io/local-config: "true"
spec:
info:
title: Compute Instance
source:
repo: https://github.com/terraform-google-modules/terraform-google-vm
sourceType: git
dir: /modules/compute_instance
version: 15.0.0
actuationTool:
flavor: Terraform
version: ">=1.3.0"
description: {}
content:
examples:
- name: additional_disks
location: examples/instance_template/additional_disks
- name: alias_ip_range
location: examples/instance_template/alias_ip_range
- name: autoscaler
location: examples/mig/autoscaler
- name: confidential_computing
location: examples/confidential_computing
- name: confidential_computing
location: examples/instance_template/confidential_computing
- name: confidential_computing_intel
location: examples/confidential_computing_intel
- name: disk_snapshot
location: examples/compute_instance/disk_snapshot
- name: encrypted_disks
location: examples/instance_template/encrypted_disks
- name: full
location: examples/mig/full
- name: full
location: examples/umig/full
- name: healthcheck
location: examples/mig/healthcheck
- name: it_simple_with_sa_creation
location: examples/it_simple_with_sa_creation
- name: mig_stateful
location: examples/mig_stateful
- name: multiple_interfaces
location: examples/compute_instance/multiple_interfaces
- name: named_ports
location: examples/umig/named_ports
- name: next_hop
location: examples/compute_instance/next_hop
- name: simple
location: examples/compute_instance/simple
- name: simple
location: examples/instance_template/simple
- name: simple
location: examples/mig/simple
- name: simple
location: examples/mig_with_percent/simple
- name: simple
location: examples/preemptible_and_regular_instance_templates/simple
- name: simple
location: examples/umig/simple
- name: static_ips
location: examples/umig/static_ips
- name: tags
location: examples/compute_instance/tags
interfaces:
variables:
- name: project_id
description: The ID of the project in which the compute instance will be created.
varType: string
required: true
- name: network
description: Network to deploy to. Only one of network or subnetwork should be specified.
varType: string
defaultValue: ""
- name: subnetwork
description: Subnet to deploy to. Only one of network or subnetwork should be specified.
varType: string
defaultValue: ""
connections:
- source:
source: github.com/terraform-google-modules/terraform-google-network//modules/subnets
version: ~> 6.0
spec:
outputExpr: subnets[0].self_link
- name: subnetwork_project
description: The project that subnetwork belongs to
varType: string
defaultValue: ""
- name: hostname
description: Hostname of instances
varType: string
defaultValue: ""
- name: add_hostname_suffix
description: Adds a suffix to the hostname
varType: bool
defaultValue: true
- name: static_ips
description: List of static IPs for VM instances
varType: list(string)
defaultValue: []
connections:
- source:
source: github.com/terraform-google-modules/terraform-google-address
version: ">=4.4"
spec:
outputExpr: addresses
- name: access_config
description: Access configurations, i.e. IPs via which the VM instance can be accessed via the Internet.
varType: |-
list(object({
nat_ip = string
network_tier = string
}))
defaultValue: []
- name: ipv6_access_config
description: IPv6 access configurations. Currently a max of 1 IPv6 access configuration is supported. If not specified, the instance will have no external IPv6 Internet access.
varType: |-
list(object({
network_tier = string
}))
defaultValue: []
- name: num_instances
description: Number of instances to create. This value is ignored if static_ips is provided.
varType: number
defaultValue: 1
- name: instance_template
description: Instance template self_link used to create compute instances
varType: string
required: true
connections:
- source:
source: github.com/terraform-google-modules/terraform-google-vm//modules/instance_template
version: ">=14.0"
spec:
outputExpr: self_link
- name: region
description: Region where the instances should be created.
varType: string
- name: zone
description: Zone where the instances should be created. If not specified, instances will be spread across available zones in the region.
varType: string
- name: hostname_suffix_separator
description: Separator character to compose hostname when add_hostname_suffix is set to true.
varType: string
defaultValue: "-"
- name: deletion_protection
description: "Enable deletion protection on this instance. Note: you must disable deletion protection before removing the resource, or the instance cannot be deleted and the Terraform run will not complete successfully."
varType: bool
defaultValue: false
- name: alias_ip_ranges
description: (Optional) An array of alias IP ranges for this network interface. Can only be specified for network interfaces on subnet-mode networks.
varType: |-
list(object({
ip_cidr_range = string
subnetwork_range_name = string
}))
defaultValue: []
- name: resource_policies
description: (Optional) A list of short names or self_links of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported.
varType: list(string)
defaultValue: []
- name: labels
description: (Optional) Labels to override those from the template, provided as a map
varType: map(string)
- name: resource_manager_tags
description: (Optional) A tag is a key-value pair that can be attached to a Google Cloud resource. You can use tags to conditionally allow or deny policies based on whether a resource has a specific tag. This value is not returned by the API. In Terraform, this value cannot be updated and changing it will recreate the resource.
varType: map(string)
outputs:
- name: available_zones
description: List of available zones in region
type:
- list
- string
- name: instance_name
description: The name of the first compute instance.
type: string
- name: instances_details
description: List of all details for compute instances
type:
- list
- - object
- advanced_machine_features:
- list
- - object
- enable_nested_virtualization: bool
enable_uefi_networking: bool
performance_monitoring_unit: string
threads_per_core: number
turbo_mode: string
visible_core_count: number
allow_stopping_for_update: bool
attached_disk:
- list
- - object
- device_name: string
disk_encryption_key_raw: string
disk_encryption_key_rsa: string
disk_encryption_key_sha256: string
disk_encryption_service_account: string
force_attach: bool
kms_key_self_link: string
mode: string
source: string
boot_disk:
- list
- - object
- auto_delete: bool
device_name: string
disk_encryption_key_raw: string
disk_encryption_key_rsa: string
disk_encryption_key_sha256: string
disk_encryption_service_account: string
force_attach: bool
guest_os_features:
- list
- string
initialize_params:
- list
- - object
- architecture: string
enable_confidential_compute: bool
image: string
labels:
- map
- string
provisioned_iops: number
provisioned_throughput: number
resource_manager_tags:
- map
- string
resource_policies:
- list
- string
size: number
snapshot: string
source_image_encryption_key:
- list
- - object
- kms_key_self_link: string
kms_key_service_account: string
raw_key: string
rsa_encrypted_key: string
sha256: string
source_snapshot_encryption_key:
- list
- - object
- kms_key_self_link: string
kms_key_service_account: string
raw_key: string
rsa_encrypted_key: string
sha256: string
storage_pool: string
type: string
interface: string
kms_key_self_link: string
mode: string
source: string
can_ip_forward: bool
confidential_instance_config:
- list
- - object
- confidential_instance_type: string
enable_confidential_compute: bool
cpu_platform: string
creation_timestamp: string
current_status: string
deletion_protection: bool
description: string
desired_status: string
effective_labels:
- map
- string
enable_display: bool
guest_accelerator:
- list
- - object
- count: number
type: string
hostname: string
id: string
instance_encryption_key:
- list
- - object
- kms_key_self_link: string
kms_key_service_account: string
sha256: string
instance_id: string
key_revocation_action_type: string
label_fingerprint: string
labels:
- map
- string
machine_type: string
metadata:
- map
- string
metadata_fingerprint: string
metadata_startup_script: string
min_cpu_platform: string
name: string
network_interface:
- list
- - object
- access_config:
- list
- - object
- nat_ip: string
network_tier: string
public_ptr_domain_name: string
alias_ip_range:
- list
- - object
- ip_cidr_range: string
subnetwork_range_name: string
internal_ipv6_prefix_length: number
ipv6_access_config:
- list
- - object
- external_ipv6: string
external_ipv6_prefix_length: string
name: string
network_tier: string
public_ptr_domain_name: string
ipv6_access_type: string
ipv6_address: string
name: string
network: string
network_attachment: string
network_ip: string
nic_type: string
queue_count: number
stack_type: string
subnetwork: string
subnetwork_project: string
network_performance_config:
- list
- - object
- total_egress_bandwidth_tier: string
params:
- list
- - object
- resource_manager_tags:
- map
- string
project: string
reservation_affinity:
- list
- - object
- specific_reservation:
- list
- - object
- key: string
values:
- list
- string
type: string
resource_policies:
- list
- string
scheduling:
- list
- - object
- automatic_restart: bool
availability_domain: number
instance_termination_action: string
local_ssd_recovery_timeout:
- list
- - object
- nanos: number
seconds: number
max_run_duration:
- list
- - object
- nanos: number
seconds: number
min_node_cpus: number
node_affinities:
- list
- - object
- key: string
operator: string
values:
- list
- string
on_host_maintenance: string
on_instance_stop_action:
- list
- - object
- discard_local_ssd: bool
preemptible: bool
provisioning_model: string
termination_time: string
scratch_disk:
- list
- - object
- device_name: string
interface: string
size: number
self_link: string
service_account:
- list
- - object
- email: string
scopes:
- list
- string
shielded_instance_config:
- list
- - object
- enable_integrity_monitoring: bool
enable_secure_boot: bool
enable_vtpm: bool
source_instance_template: string
tags:
- list
- string
tags_fingerprint: string
terraform_labels:
- map
- string
timeouts:
- object
- create: string
delete: string
update: string
zone: string
- name: instances_self_links
description: List of self-links for compute instances
type:
- list
- string
- name: service_account_email
description: The service account email associated with the instances.
type: string
requirements:
roles:
- level: Project
roles:
- roles/compute.networkAdmin
- roles/iam.serviceAccountUser
- roles/iam.serviceAccountAdmin
- roles/compute.instanceAdmin
- roles/resourcemanager.projectIamAdmin
- roles/compute.admin
services:
- cloudresourcemanager.googleapis.com
- compute.googleapis.com
- iam.googleapis.com
providerVersions:
- source: hashicorp/google
version: ">= 3.88, < 7"