ComputeInstance

Property Value
Google Cloud Service Name Compute Engine
Google Cloud Service Documentation /compute/docs/
Google Cloud REST Resource Name v1.instances
Google Cloud REST Resource Documentation /compute/docs/reference/rest/v1/instances
Config Connector Resource Short Names gcpcomputeinstance
gcpcomputeinstances
computeinstance
Config Connector Service Name compute.googleapis.com
Config Connector Resource Fully Qualified Name computeinstances.compute.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember Yes
Supports IAM Conditions Yes
IAM External Reference Format

projects/{{project}}/zones/{{zone}}/instances/{{name}}

Custom Resource Definition Properties

Annotations

Fields
cnrm.cloud.google.com/allow-stopping-for-update
cnrm.cloud.google.com/project-id

Spec

Schema

attachedDisk:
- deviceName: string
  diskEncryptionKeyRaw:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  diskEncryptionKeySha256: string
  kmsKeyRef:
    external: string
    name: string
    namespace: string
  mode: string
  sourceDiskRef:
    external: string
    name: string
    namespace: string
bootDisk:
  autoDelete: boolean
  deviceName: string
  diskEncryptionKeyRaw:
    value: string
    valueFrom:
      secretKeyRef:
        key: string
        name: string
  diskEncryptionKeySha256: string
  initializeParams:
    labels: {}
    size: integer
    sourceImageRef:
      external: string
      name: string
      namespace: string
    type: string
  kmsKeyRef:
    external: string
    name: string
    namespace: string
  mode: string
  sourceDiskRef:
    external: string
    name: string
    namespace: string
canIpForward: boolean
deletionProtection: boolean
description: string
desiredStatus: string
enableDisplay: boolean
guestAccelerator:
- count: integer
  type: string
hostname: string
instanceTemplateRef:
  external: string
  name: string
  namespace: string
machineType: string
metadata:
- key: string
  value: string
metadataStartupScript: string
minCpuPlatform: string
networkInterface:
- accessConfig:
  - natIpRef:
      external: string
      name: string
      namespace: string
    networkTier: string
    publicPtrDomainName: string
  aliasIpRange:
  - ipCidrRange: string
    subnetworkRangeName: string
  name: string
  networkIp: string
  networkRef:
    external: string
    name: string
    namespace: string
  subnetworkProject: string
  subnetworkRef:
    external: string
    name: string
    namespace: string
resourcePolicies:
- external: string
  name: string
  namespace: string
scheduling:
  automaticRestart: boolean
  nodeAffinities:
  - value: {}
  onHostMaintenance: string
  preemptible: boolean
scratchDisk:
- interface: string
serviceAccount:
  scopes:
  - string
  serviceAccountRef:
    external: string
    name: string
    namespace: string
shieldedInstanceConfig:
  enableIntegrityMonitoring: boolean
  enableSecureBoot: boolean
  enableVtpm: boolean
tags:
- string
zone: string
Fields

attachedDisk

Optional

list (object)

attachedDisk.[]

Optional

object

attachedDisk.[].deviceName

Optional

string

attachedDisk.[].diskEncryptionKeyRaw

Optional

object

attachedDisk.[].diskEncryptionKeyRaw.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

attachedDisk.[].diskEncryptionKeyRaw.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

attachedDisk.[].diskEncryptionKeyRaw.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

attachedDisk.[].diskEncryptionKeyRaw.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

attachedDisk.[].diskEncryptionKeyRaw.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

attachedDisk.[].diskEncryptionKeySha256

Optional

string

attachedDisk.[].kmsKeyRef

Optional

object

attachedDisk.[].kmsKeyRef.external

Optional

string

The selfLink of a KMSCryptoKey.

attachedDisk.[].kmsKeyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

attachedDisk.[].kmsKeyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

attachedDisk.[].mode

Optional

string

attachedDisk.[].sourceDiskRef

Required*

object

attachedDisk.[].sourceDiskRef.external

Optional

string

The selfLink of a ComputeDisk.

attachedDisk.[].sourceDiskRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

attachedDisk.[].sourceDiskRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

bootDisk

Optional

object

bootDisk.autoDelete

Optional

boolean

bootDisk.deviceName

Optional

string

bootDisk.diskEncryptionKeyRaw

Optional

object

bootDisk.diskEncryptionKeyRaw.value

Optional

string

Value of the field. Cannot be used if 'valueFrom' is specified.

bootDisk.diskEncryptionKeyRaw.valueFrom

Optional

object

Source for the field's value. Cannot be used if 'value' is specified.

bootDisk.diskEncryptionKeyRaw.valueFrom.secretKeyRef

Optional

object

Reference to a value with the given key in the given Secret in the resource's namespace.

bootDisk.diskEncryptionKeyRaw.valueFrom.secretKeyRef.key

Required*

string

Key that identifies the value to be extracted.

bootDisk.diskEncryptionKeyRaw.valueFrom.secretKeyRef.name

Required*

string

Name of the Secret to extract a value from.

bootDisk.diskEncryptionKeySha256

Optional

string

bootDisk.initializeParams

Optional

object

bootDisk.initializeParams.labels

Optional

object

bootDisk.initializeParams.size

Optional

integer

bootDisk.initializeParams.sourceImageRef

Optional

object

bootDisk.initializeParams.sourceImageRef.external

Optional

string

The selfLink of a ComputeImage.

bootDisk.initializeParams.sourceImageRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

bootDisk.initializeParams.sourceImageRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

bootDisk.initializeParams.type

Optional

string

bootDisk.kmsKeyRef

Optional

object

bootDisk.kmsKeyRef.external

Optional

string

The selfLink of a KMSCryptoKey.

bootDisk.kmsKeyRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

bootDisk.kmsKeyRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

bootDisk.mode

Optional

string

bootDisk.sourceDiskRef

Optional

object

bootDisk.sourceDiskRef.external

Optional

string

The selfLink of a ComputeDisk.

bootDisk.sourceDiskRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

bootDisk.sourceDiskRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

canIpForward

Optional

boolean

deletionProtection

Optional

boolean

description

Optional

string

desiredStatus

Optional

string

enableDisplay

Optional

boolean

guestAccelerator

Optional

list (object)

guestAccelerator.[]

Optional

object

guestAccelerator.[].count

Required*

integer

guestAccelerator.[].type

Required*

string

hostname

Optional

string

instanceTemplateRef

Optional

object

instanceTemplateRef.external

Optional

string

The selfLink of a ComputeInstanceTemplate.

instanceTemplateRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

instanceTemplateRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

machineType

Optional

string

metadata

Optional

list (object)

metadata.[]

Optional

object

metadata.[].key

Required*

string

metadata.[].value

Required*

string

metadataStartupScript

Optional

string

minCpuPlatform

Optional

string

networkInterface

Optional

list (object)

networkInterface.[]

Optional

object

networkInterface.[].accessConfig

Optional

list (object)

networkInterface.[].accessConfig.[]

Optional

object

networkInterface.[].accessConfig.[].natIpRef

Optional

object

networkInterface.[].accessConfig.[].natIpRef.external

Optional

string

The address of a ComputeAddress.

networkInterface.[].accessConfig.[].natIpRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].accessConfig.[].natIpRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkInterface.[].accessConfig.[].networkTier

Optional

string

networkInterface.[].accessConfig.[].publicPtrDomainName

Optional

string

networkInterface.[].aliasIpRange

Optional

list (object)

networkInterface.[].aliasIpRange.[]

Optional

object

networkInterface.[].aliasIpRange.[].ipCidrRange

Required*

string

networkInterface.[].aliasIpRange.[].subnetworkRangeName

Optional

string

networkInterface.[].name

Optional

string

networkInterface.[].networkIp

Optional

string

networkInterface.[].networkRef

Optional

object

networkInterface.[].networkRef.external

Optional

string

The selfLink of a ComputeNetwork.

networkInterface.[].networkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].networkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

networkInterface.[].subnetworkProject

Optional

string

networkInterface.[].subnetworkRef

Optional

object

networkInterface.[].subnetworkRef.external

Optional

string

The selfLink of a ComputeSubnetwork.

networkInterface.[].subnetworkRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkInterface.[].subnetworkRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

resourcePolicies

Optional

list (object)

resourcePolicies.[]

Optional

object

resourcePolicies.[].external

Optional

string

The selfLink of a ComputeResourcePolicy.

resourcePolicies.[].name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

resourcePolicies.[].namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

scheduling

Optional

object

scheduling.automaticRestart

Optional

boolean

scheduling.nodeAffinities

Optional

list (object)

scheduling.nodeAffinities.[]

Optional

object

scheduling.nodeAffinities.[].value

Optional

object

scheduling.onHostMaintenance

Optional

string

scheduling.preemptible

Optional

boolean

scratchDisk

Optional

list (object)

scratchDisk.[]

Optional

object

scratchDisk.[].interface

Required*

string

serviceAccount

Optional

object

serviceAccount.scopes

Required*

list (string)

serviceAccount.scopes.[]

Required*

string

serviceAccount.serviceAccountRef

Optional

object

serviceAccount.serviceAccountRef.external

Optional

string

The email of an IAMServiceAccount.

serviceAccount.serviceAccountRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

serviceAccount.serviceAccountRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

shieldedInstanceConfig

Optional

object

shieldedInstanceConfig.enableIntegrityMonitoring

Optional

boolean

shieldedInstanceConfig.enableSecureBoot

Optional

boolean

shieldedInstanceConfig.enableVtpm

Optional

boolean

tags

Optional

list (string)

tags.[]

Optional

string

zone

Optional

string

* Field is required when parent field is specified

Status

Schema

conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
cpuPlatform: string
currentStatus: string
instanceId: string
labelFingerprint: string
metadataFingerprint: string
selfLink: string
tagsFingerprint: string
Fields
conditions

list (object)

conditions.[]

object

conditions.[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions.[].message

string

Human-readable message indicating details about last transition.

conditions.[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions.[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions.[].type

string

Type is the type of the condition.

cpuPlatform

string

currentStatus

string

instanceId

string

labelFingerprint

string

metadataFingerprint

string

selfLink

string

tagsFingerprint

string

Sample YAML(s)

Cloud Machine Instance

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
  annotations:
    cnrm.cloud.google.com/allow-stopping-for-update: "true"
  name: computeinstance-sample-cloudmachine
  labels:
    created-from: "image"
    network-type: "subnetwork"
spec:
  machineType: n1-standard-1
  zone: us-west1-a
  bootDisk:
    initializeParams:
      size: 24
      type: pd-ssd
      sourceImageRef:
        external: debian-cloud/debian-9
  networkInterface:
    - subnetworkRef:
        name: computeinstance-dep-cloudmachine
      aliasIpRange:
        - ipCidrRange: /24
          subnetworkRangeName: cloudrange
  attachedDisk:
    - sourceDiskRef:
        name: computeinstance-dep1-cloudmachine
      mode: READ_ONLY
      deviceName: proxycontroldisk
      diskEncryptionKeyRaw:
        valueFrom:
          secretKeyRef:
            name: computeinstance-dep-cloudmachine
            key: diskEncryptionKey
    - sourceDiskRef:
        name: computeinstance-dep2-cloudmachine
      mode: READ_WRITE
      deviceName: persistentdisk
  minCpuPlatform: "Intel Skylake"
  serviceAccount:
    serviceAccountRef:
      name: inst-dep-cloudmachine
    scopes:
    - compute-rw
    - logging-write
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
  name: computeinstance-dep1-cloudmachine
spec:
  description: a sample encrypted, blank disk
  physicalBlockSizeBytes: 4096
  size: 1
  type: pd-ssd
  location: us-west1-a
  diskEncryptionKey:
    rawKey:
      valueFrom:
        secretKeyRef:
          name: computeinstance-dep-cloudmachine
          key: diskEncryptionKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
  name: computeinstance-dep2-cloudmachine
spec:
  size: 1
  type: pd-ssd
  location: us-west1-a
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
  name: computeinstance-dep-cloudmachine
spec:
  routingMode: REGIONAL
  autoCreateSubnetworks: false
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSubnetwork
metadata:
  name: computeinstance-dep-cloudmachine
spec:
  networkRef:
    name: computeinstance-dep-cloudmachine
  ipCidrRange: 10.2.0.0/16
  region: us-west1
  secondaryIpRange:
    - rangeName: cloudrange
      ipCidrRange: 10.3.16.0/20
---
apiVersion: iam.cnrm.cloud.google.com/v1beta1
kind: IAMServiceAccount
metadata:
  name: inst-dep-cloudmachine
---
apiVersion: v1
kind: Secret
metadata:
  name: computeinstance-dep-cloudmachine
stringData:
  diskEncryptionKey: "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="

Instance From Template

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
  annotations:
    cnrm.cloud.google.com/allow-stopping-for-update: "false"
  name: computeinstance-sample-fromtemplate
  labels:
    created-from: "template"
    override-type: "largermachine"
spec:
  machineType: n1-standard-2
  instanceTemplateRef:
    name: computeinstance-dep-fromtemplate
  zone: us-west1-c
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
  name: computeinstance-dep-fromtemplate
spec:
  physicalBlockSizeBytes: 4096
  size: 1
  type: pd-ssd
  location: us-west1-c
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstanceTemplate
metadata:
  name: computeinstance-dep-fromtemplate
spec:
  machineType: n1-standard-1
  region: us-west1
  disk:
    - sourceDiskRef:
        name: computeinstance-dep-fromtemplate
      boot: true
  networkInterface:
    - networkRef:
        name: computeinstance-dep-fromtemplate
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
  name: computeinstance-dep-fromtemplate
spec:
  routingMode: REGIONAL
  autoCreateSubnetworks: true

Network Worker Instance

# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeInstance
metadata:
  annotations:
    cnrm.cloud.google.com/allow-stopping-for-update: "false"
  name: computeinstance-sample-networkworker
  labels:
    created-from: "disk"
    network-type: "global"
spec:
  machineType: n1-standard-1
  zone: us-west1-b
  bootDisk:
    sourceDiskRef:
      name: computeinstance-dep-networkworker
    autoDelete: false
    deviceName: proxycontroldisk
    mode: READ_ONLY
    diskEncryptionKeyRaw:
      valueFrom:
        secretKeyRef:
          name: computeinstance-dep-networkworker
          key: diskEncryptionKey
  networkInterface:
    - networkRef:
        name: computeinstance-dep-networkworker
      subnetworkRef:
        name: computeinstance-dep-networkworker
      networkIp: "10.2.0.4"
      accessConfig:
        - natIpRef:
            name: computeinstance-dep-networkworker
  guestAccelerator:
    - type: nvidia-tesla-v100
      count: 1
  scratchDisk:
    - interface: SCSI
    - interface: NVME
  scheduling:
    preemptible: true
    automaticRestart: false
    onHostMaintenance: TERMINATE
  canIpForward: true
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeAddress
metadata:
  name: computeinstance-dep-networkworker
spec:
  description: a sample external address
  location: us-west1
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
  name: computeinstance-dep-networkworker
spec:
  description: a sample encrypted, blank disk
  physicalBlockSizeBytes: 4096
  size: 1
  type: pd-ssd
  location: us-west1-b
  diskEncryptionKey:
    rawKey:
      valueFrom:
        secretKeyRef:
          name: computeinstance-dep-networkworker
          key: diskEncryptionKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeNetwork
metadata:
  name: computeinstance-dep-networkworker
spec:
  routingMode: REGIONAL
  autoCreateSubnetworks: false
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSubnetwork
metadata:
  name: computeinstance-dep-networkworker
spec:
  ipCidrRange: 10.2.0.0/16
  region: us-west1
  description: a sample subnetwork
  privateIpGoogleAccess: false
  networkRef:
    name: computeinstance-dep-networkworker
  logConfig:
    aggregationInterval: INTERVAL_10_MIN
    flowSampling: 0.5
    metadata: INCLUDE_ALL_METADATA
---
apiVersion: v1
kind: Secret
metadata:
  name: computeinstance-dep-networkworker
stringData:
  diskEncryptionKey: "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="