import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Manages a VM instance resource within GCE. For more information see * [the official documentation](https://cloud.google.com/compute/docs/instances) * and * [API](https://cloud.google.com/compute/docs/reference/latest/instances). * * ## Example Usage * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.serviceaccount.Account("default", { * accountId: "my-custom-sa", * displayName: "Custom SA for VM Instance", * }); * const defaultInstance = new gcp.compute.Instance("default", { * networkInterfaces: [{ * accessConfigs: [{}], * network: "default", * }], * name: "my-instance", * machineType: "n2-standard-2", * zone: "us-central1-a", * tags: [ * "foo", * "bar", * ], * bootDisk: { * initializeParams: { * image: "debian-cloud/debian-11", * labels: { * my_label: "value", * }, * }, * }, * scratchDisks: [{ * "interface": "NVME", * }], * metadata: { * foo: "bar", * }, * metadataStartupScript: "echo hi > /test.txt", * serviceAccount: { * email: _default.email, * scopes: ["cloud-platform"], * }, * }); * ``` * * ### Confidential Computing * * Example with [Confidential Mode](https://cloud.google.com/confidential-computing/confidential-vm/docs/confidential-vm-overview) activated. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as gcp from "@pulumi/gcp"; * * const _default = new gcp.serviceaccount.Account("default", { * accountId: "my-custom-sa", * displayName: "Custom SA for VM Instance", * }); * const confidentialInstance = new gcp.compute.Instance("confidential_instance", { * networkInterfaces: [{ * accessConfigs: [{}], * network: "default", * }], * name: "my-confidential-instance", * zone: "us-central1-a", * machineType: "n2d-standard-2", * minCpuPlatform: "AMD Milan", * confidentialInstanceConfig: { * enableConfidentialCompute: true, * confidentialInstanceType: "SEV", * }, * bootDisk: { * initializeParams: { * image: "ubuntu-os-cloud/ubuntu-2204-lts", * labels: { * my_label: "value", * }, * }, * }, * scratchDisks: [{ * "interface": "NVME", * }], * serviceAccount: { * email: _default.email, * scopes: ["cloud-platform"], * }, * }); * ``` * * ## Import * * > **Note:** The fields `boot_disk.0.disk_encryption_raw` and `attached_disk.*.disk_encryption_key_raw` cannot be imported automatically. The API doesn't return this information. If you are setting one of these fields in your config, you will need to update your state manually after importing the resource. * * > **Note:** The `desiredStatus` field will not be set on import. If you have it set, Terraform will update the field on the next `pulumi up`, bringing your instance to the desired status. * * Instances can be imported using any of these accepted formats: * * * `projects/{{project}}/zones/{{zone}}/instances/{{name}}` * * `{{project}}/{{zone}}/{{name}}` * * `{{name}}` * * When using the `pulumi import` command, instances can be imported using one of the formats above. For example: * * ```sh * $ pulumi import gcp:compute/instance:Instance default projects/{{project}}/zones/{{zone}}/instances/{{name}} * $ pulumi import gcp:compute/instance:Instance default {{project}}/{{zone}}/{{name}} * $ pulumi import gcp:compute/instance:Instance default {{name}} * ``` */ export declare class Instance extends pulumi.CustomResource { /** * Get an existing Instance resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance; /** * Returns true if the given object is an instance of Instance. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Instance; /** * Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below */ readonly advancedMachineFeatures: pulumi.Output; /** * If true, allows this prvider to stop the instance to update its properties. * If you try to update a property that requires stopping the instance without setting this field, the update will fail. */ readonly allowStoppingForUpdate: pulumi.Output; /** * Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below. */ readonly attachedDisks: pulumi.Output; /** * The boot disk for the instance. * Structure is documented below. */ readonly bootDisk: pulumi.Output; /** * Whether to allow sending and receiving of * packets with non-matching source or destination IPs. * This defaults to false. */ readonly canIpForward: pulumi.Output; /** * Enable [Confidential Mode](https://cloud.google.com/compute/confidential-vm/docs/about-cvm) on this VM. Structure is documented below */ readonly confidentialInstanceConfig: pulumi.Output; /** * The CPU platform used by this instance. */ readonly cpuPlatform: pulumi.Output; /** * Creation timestamp in RFC3339 text format. */ readonly creationTimestamp: pulumi.Output; /** * The current status of the instance. This could be one of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see [Instance life cycle](https://cloud.google.com/compute/docs/instances/instance-life-cycle). */ readonly currentStatus: pulumi.Output; /** * Enable deletion protection on this instance. Defaults to false. * **Note:** you must disable deletion protection before removing the resource (e.g., via `pulumi destroy`), or the instance cannot be deleted and the provider run will not complete successfully. */ readonly deletionProtection: pulumi.Output; /** * A brief description of this resource. */ readonly description: pulumi.Output; /** * Desired status of the instance. Either * `"RUNNING"`, `"SUSPENDED"` or `"TERMINATED"`. */ readonly desiredStatus: pulumi.Output; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ readonly effectiveLabels: pulumi.Output<{ [key: string]: string; }>; /** * Enable [Virtual Displays](https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display#verify_display_driver) on this instance. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ readonly enableDisplay: pulumi.Output; /** * List of the type and count of accelerator cards attached to the instance. Structure documented below. * **Note:** GPU accelerators can only be used with `onHostMaintenance` option set to TERMINATE. */ readonly guestAccelerators: pulumi.Output; /** * A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. * Valid format is a series of labels 1-63 characters long matching the regular expression `a-z`, concatenated with periods. * The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created. */ readonly hostname: pulumi.Output; /** * Configuration for data encryption on the instance with encryption keys. Structure is documented below. */ readonly instanceEncryptionKey: pulumi.Output; /** * The server-assigned unique identifier of this instance. */ readonly instanceId: pulumi.Output; /** * Action to be taken when a customer's encryption key is revoked. Supports `STOP` and `NONE`, with `NONE` being the default. */ readonly keyRevocationActionType: pulumi.Output; /** * The unique fingerprint of the labels. */ readonly labelFingerprint: pulumi.Output; /** * A map of key/value label pairs to assign to the instance. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field 'effective_labels' for all of the labels present on the resource. */ readonly labels: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The machine type to create. * * **Note:** If you want to update this value (resize the VM) after initial creation, you must set `allowStoppingForUpdate` to `true`. * * [Custom machine types](https://cloud.google.com/dataproc/docs/concepts/compute/custom-machine-types) can be formatted as `custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY_MB`, e.g. `custom-6-20480` for 6 vCPU and 20GB of RAM. * Because of current API limitations some custom machine types may get converted to different machine types (such as an equivalent standard type) and cause non-empty plans in your configuration. Use * `lifecycle.ignore_changes` on `machineType` in these cases. * * There is a limit of 6.5 GB per CPU unless you add [extended memory](https://cloud.google.com/compute/docs/instances/creating-instance-with-custom-machine-type#extendedmemory). You must do this explicitly by adding the suffix `-ext`, e.g. `custom-2-15360-ext` for 2 vCPU and 15 GB of memory. */ readonly machineType: pulumi.Output; /** * Metadata key/value pairs to make available from * within the instance. Ssh keys attached in the Cloud Console will be removed. * Add them to your config in order to keep them attached to your instance. * A list of predefined metadata keys (e.g. ssh-keys) can be found [here](https://cloud.google.com/compute/docs/metadata/predefined-metadata-keys) * * > Depending on the OS you choose for your instance, some metadata keys have * special functionality. Most linux-based images will run the content of * `metadata.startup-script` in a shell on every boot. At a minimum, * Debian, CentOS, RHEL, SLES, Container-Optimized OS, and Ubuntu images * support this key. Windows instances require other keys depending on the format * of the script and the time you would like it to run - see [this table](https://cloud.google.com/compute/docs/startupscript#providing_a_startup_script_for_windows_instances). * For the convenience of the users of `metadata.startup-script`, * we provide a special attribute, `metadataStartupScript`, which is documented below. */ readonly metadata: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The unique fingerprint of the metadata. */ readonly metadataFingerprint: pulumi.Output; /** * An alternative to using the * startup-script metadata key, except this one forces the instance to be recreated * (thus re-running the script) if it is changed. This replaces the startup-script * metadata key on the created instance and thus the two mechanisms are not * allowed to be used simultaneously. Users are free to use either mechanism - the * only distinction is that this separate attribute will cause a recreate on * modification. On import, `metadataStartupScript` will not be set - if you * choose to specify it you will see a diff immediately after import causing a * destroy/recreate operation. If importing an instance and specifying this value * is desired, you will need to modify your state file. */ readonly metadataStartupScript: pulumi.Output; /** * Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as * `Intel Haswell` or `Intel Skylake`. See the complete list [here](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ readonly minCpuPlatform: pulumi.Output; /** * A unique name for the resource, required by GCE. * Changing this forces a new resource to be created. */ readonly name: pulumi.Output; /** * Networks to attach to the instance. This can * be specified multiple times. Structure is documented below. * * - - - */ readonly networkInterfaces: pulumi.Output; /** * Configures network performance settings for the instance. Structure is * documented below. **Note**: `machineType` must be a [supported type](https://cloud.google.com/compute/docs/networking/configure-vm-with-high-bandwidth-configuration), * the `image` used must include the [`GVNIC`](https://cloud.google.com/compute/docs/networking/using-gvnic#create-instance-gvnic-image) * in `guest-os-features`, and `network_interface.0.nic-type` must be `GVNIC` * in order for this setting to take effect. */ readonly networkPerformanceConfig: pulumi.Output; /** * Additional instance parameters. * . */ readonly params: pulumi.Output; /** * Beta key/value pair represents partner metadata assigned to instance where key represent a defined namespace and value is a json string represent the entries associted with the namespace. */ readonly partnerMetadata: pulumi.Output<{ [key: string]: string; } | undefined>; /** * The ID of the project in which the resource belongs. If it * is not provided, the provider project is used. */ readonly project: pulumi.Output; /** * The combination of labels configured directly on the resource and default labels configured on the provider. */ readonly pulumiLabels: pulumi.Output<{ [key: string]: string; }>; /** * Specifies the reservations that this instance can consume from. * Structure is documented below. */ readonly reservationAffinity: pulumi.Output; /** * - A list of selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported. */ readonly resourcePolicies: pulumi.Output; /** * The scheduling strategy to use. More details about * this configuration option are detailed below. */ readonly scheduling: pulumi.Output; /** * Scratch disks to attach to the instance. This can be * specified multiple times for multiple scratch disks. Structure is documented below. */ readonly scratchDisks: pulumi.Output; /** * The URI of the created resource. */ readonly selfLink: pulumi.Output; /** * Service account to attach to the instance. * Structure is documented below. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ readonly serviceAccount: pulumi.Output; /** * Enable [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm) on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. * **Note**: `shieldedInstanceConfig` can only be used with boot images with shielded vm support. See the complete list [here](https://cloud.google.com/compute/docs/images#shielded-images). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ readonly shieldedInstanceConfig: pulumi.Output; /** * A list of network tags to attach to the instance. */ readonly tags: pulumi.Output; /** * The unique fingerprint of the tags. */ readonly tagsFingerprint: pulumi.Output; /** * The zone that the machine should be created in. If it is not provided, the provider zone is used. */ readonly zone: pulumi.Output; /** * Create a Instance resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: InstanceArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Instance resources. */ export interface InstanceState { /** * Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below */ advancedMachineFeatures?: pulumi.Input; /** * If true, allows this prvider to stop the instance to update its properties. * If you try to update a property that requires stopping the instance without setting this field, the update will fail. */ allowStoppingForUpdate?: pulumi.Input; /** * Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below. */ attachedDisks?: pulumi.Input[]>; /** * The boot disk for the instance. * Structure is documented below. */ bootDisk?: pulumi.Input; /** * Whether to allow sending and receiving of * packets with non-matching source or destination IPs. * This defaults to false. */ canIpForward?: pulumi.Input; /** * Enable [Confidential Mode](https://cloud.google.com/compute/confidential-vm/docs/about-cvm) on this VM. Structure is documented below */ confidentialInstanceConfig?: pulumi.Input; /** * The CPU platform used by this instance. */ cpuPlatform?: pulumi.Input; /** * Creation timestamp in RFC3339 text format. */ creationTimestamp?: pulumi.Input; /** * The current status of the instance. This could be one of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED. For more information about the status of the instance, see [Instance life cycle](https://cloud.google.com/compute/docs/instances/instance-life-cycle). */ currentStatus?: pulumi.Input; /** * Enable deletion protection on this instance. Defaults to false. * **Note:** you must disable deletion protection before removing the resource (e.g., via `pulumi destroy`), or the instance cannot be deleted and the provider run will not complete successfully. */ deletionProtection?: pulumi.Input; /** * A brief description of this resource. */ description?: pulumi.Input; /** * Desired status of the instance. Either * `"RUNNING"`, `"SUSPENDED"` or `"TERMINATED"`. */ desiredStatus?: pulumi.Input; /** * All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services. */ effectiveLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Enable [Virtual Displays](https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display#verify_display_driver) on this instance. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ enableDisplay?: pulumi.Input; /** * List of the type and count of accelerator cards attached to the instance. Structure documented below. * **Note:** GPU accelerators can only be used with `onHostMaintenance` option set to TERMINATE. */ guestAccelerators?: pulumi.Input[]>; /** * A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. * Valid format is a series of labels 1-63 characters long matching the regular expression `a-z`, concatenated with periods. * The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created. */ hostname?: pulumi.Input; /** * Configuration for data encryption on the instance with encryption keys. Structure is documented below. */ instanceEncryptionKey?: pulumi.Input; /** * The server-assigned unique identifier of this instance. */ instanceId?: pulumi.Input; /** * Action to be taken when a customer's encryption key is revoked. Supports `STOP` and `NONE`, with `NONE` being the default. */ keyRevocationActionType?: pulumi.Input; /** * The unique fingerprint of the labels. */ labelFingerprint?: pulumi.Input; /** * A map of key/value label pairs to assign to the instance. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field 'effective_labels' for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The machine type to create. * * **Note:** If you want to update this value (resize the VM) after initial creation, you must set `allowStoppingForUpdate` to `true`. * * [Custom machine types](https://cloud.google.com/dataproc/docs/concepts/compute/custom-machine-types) can be formatted as `custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY_MB`, e.g. `custom-6-20480` for 6 vCPU and 20GB of RAM. * Because of current API limitations some custom machine types may get converted to different machine types (such as an equivalent standard type) and cause non-empty plans in your configuration. Use * `lifecycle.ignore_changes` on `machineType` in these cases. * * There is a limit of 6.5 GB per CPU unless you add [extended memory](https://cloud.google.com/compute/docs/instances/creating-instance-with-custom-machine-type#extendedmemory). You must do this explicitly by adding the suffix `-ext`, e.g. `custom-2-15360-ext` for 2 vCPU and 15 GB of memory. */ machineType?: pulumi.Input; /** * Metadata key/value pairs to make available from * within the instance. Ssh keys attached in the Cloud Console will be removed. * Add them to your config in order to keep them attached to your instance. * A list of predefined metadata keys (e.g. ssh-keys) can be found [here](https://cloud.google.com/compute/docs/metadata/predefined-metadata-keys) * * > Depending on the OS you choose for your instance, some metadata keys have * special functionality. Most linux-based images will run the content of * `metadata.startup-script` in a shell on every boot. At a minimum, * Debian, CentOS, RHEL, SLES, Container-Optimized OS, and Ubuntu images * support this key. Windows instances require other keys depending on the format * of the script and the time you would like it to run - see [this table](https://cloud.google.com/compute/docs/startupscript#providing_a_startup_script_for_windows_instances). * For the convenience of the users of `metadata.startup-script`, * we provide a special attribute, `metadataStartupScript`, which is documented below. */ metadata?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The unique fingerprint of the metadata. */ metadataFingerprint?: pulumi.Input; /** * An alternative to using the * startup-script metadata key, except this one forces the instance to be recreated * (thus re-running the script) if it is changed. This replaces the startup-script * metadata key on the created instance and thus the two mechanisms are not * allowed to be used simultaneously. Users are free to use either mechanism - the * only distinction is that this separate attribute will cause a recreate on * modification. On import, `metadataStartupScript` will not be set - if you * choose to specify it you will see a diff immediately after import causing a * destroy/recreate operation. If importing an instance and specifying this value * is desired, you will need to modify your state file. */ metadataStartupScript?: pulumi.Input; /** * Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as * `Intel Haswell` or `Intel Skylake`. See the complete list [here](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ minCpuPlatform?: pulumi.Input; /** * A unique name for the resource, required by GCE. * Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * Networks to attach to the instance. This can * be specified multiple times. Structure is documented below. * * - - - */ networkInterfaces?: pulumi.Input[]>; /** * Configures network performance settings for the instance. Structure is * documented below. **Note**: `machineType` must be a [supported type](https://cloud.google.com/compute/docs/networking/configure-vm-with-high-bandwidth-configuration), * the `image` used must include the [`GVNIC`](https://cloud.google.com/compute/docs/networking/using-gvnic#create-instance-gvnic-image) * in `guest-os-features`, and `network_interface.0.nic-type` must be `GVNIC` * in order for this setting to take effect. */ networkPerformanceConfig?: pulumi.Input; /** * Additional instance parameters. * . */ params?: pulumi.Input; /** * Beta key/value pair represents partner metadata assigned to instance where key represent a defined namespace and value is a json string represent the entries associted with the namespace. */ partnerMetadata?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The ID of the project in which the resource belongs. If it * is not provided, the provider project is used. */ project?: pulumi.Input; /** * The combination of labels configured directly on the resource and default labels configured on the provider. */ pulumiLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Specifies the reservations that this instance can consume from. * Structure is documented below. */ reservationAffinity?: pulumi.Input; /** * - A list of selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported. */ resourcePolicies?: pulumi.Input; /** * The scheduling strategy to use. More details about * this configuration option are detailed below. */ scheduling?: pulumi.Input; /** * Scratch disks to attach to the instance. This can be * specified multiple times for multiple scratch disks. Structure is documented below. */ scratchDisks?: pulumi.Input[]>; /** * The URI of the created resource. */ selfLink?: pulumi.Input; /** * Service account to attach to the instance. * Structure is documented below. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ serviceAccount?: pulumi.Input; /** * Enable [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm) on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. * **Note**: `shieldedInstanceConfig` can only be used with boot images with shielded vm support. See the complete list [here](https://cloud.google.com/compute/docs/images#shielded-images). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ shieldedInstanceConfig?: pulumi.Input; /** * A list of network tags to attach to the instance. */ tags?: pulumi.Input[]>; /** * The unique fingerprint of the tags. */ tagsFingerprint?: pulumi.Input; /** * The zone that the machine should be created in. If it is not provided, the provider zone is used. */ zone?: pulumi.Input; } /** * The set of arguments for constructing a Instance resource. */ export interface InstanceArgs { /** * Configure Nested Virtualisation and Simultaneous Hyper Threading on this VM. Structure is documented below */ advancedMachineFeatures?: pulumi.Input; /** * If true, allows this prvider to stop the instance to update its properties. * If you try to update a property that requires stopping the instance without setting this field, the update will fail. */ allowStoppingForUpdate?: pulumi.Input; /** * Additional disks to attach to the instance. Can be repeated multiple times for multiple disks. Structure is documented below. */ attachedDisks?: pulumi.Input[]>; /** * The boot disk for the instance. * Structure is documented below. */ bootDisk: pulumi.Input; /** * Whether to allow sending and receiving of * packets with non-matching source or destination IPs. * This defaults to false. */ canIpForward?: pulumi.Input; /** * Enable [Confidential Mode](https://cloud.google.com/compute/confidential-vm/docs/about-cvm) on this VM. Structure is documented below */ confidentialInstanceConfig?: pulumi.Input; /** * Enable deletion protection on this instance. Defaults to false. * **Note:** you must disable deletion protection before removing the resource (e.g., via `pulumi destroy`), or the instance cannot be deleted and the provider run will not complete successfully. */ deletionProtection?: pulumi.Input; /** * A brief description of this resource. */ description?: pulumi.Input; /** * Desired status of the instance. Either * `"RUNNING"`, `"SUSPENDED"` or `"TERMINATED"`. */ desiredStatus?: pulumi.Input; /** * Enable [Virtual Displays](https://cloud.google.com/compute/docs/instances/enable-instance-virtual-display#verify_display_driver) on this instance. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ enableDisplay?: pulumi.Input; /** * List of the type and count of accelerator cards attached to the instance. Structure documented below. * **Note:** GPU accelerators can only be used with `onHostMaintenance` option set to TERMINATE. */ guestAccelerators?: pulumi.Input[]>; /** * A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. * Valid format is a series of labels 1-63 characters long matching the regular expression `a-z`, concatenated with periods. * The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created. */ hostname?: pulumi.Input; /** * Configuration for data encryption on the instance with encryption keys. Structure is documented below. */ instanceEncryptionKey?: pulumi.Input; /** * Action to be taken when a customer's encryption key is revoked. Supports `STOP` and `NONE`, with `NONE` being the default. */ keyRevocationActionType?: pulumi.Input; /** * A map of key/value label pairs to assign to the instance. * **Note**: This field is non-authoritative, and will only manage the labels present in your configuration. * Please refer to the field 'effective_labels' for all of the labels present on the resource. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The machine type to create. * * **Note:** If you want to update this value (resize the VM) after initial creation, you must set `allowStoppingForUpdate` to `true`. * * [Custom machine types](https://cloud.google.com/dataproc/docs/concepts/compute/custom-machine-types) can be formatted as `custom-NUMBER_OF_CPUS-AMOUNT_OF_MEMORY_MB`, e.g. `custom-6-20480` for 6 vCPU and 20GB of RAM. * Because of current API limitations some custom machine types may get converted to different machine types (such as an equivalent standard type) and cause non-empty plans in your configuration. Use * `lifecycle.ignore_changes` on `machineType` in these cases. * * There is a limit of 6.5 GB per CPU unless you add [extended memory](https://cloud.google.com/compute/docs/instances/creating-instance-with-custom-machine-type#extendedmemory). You must do this explicitly by adding the suffix `-ext`, e.g. `custom-2-15360-ext` for 2 vCPU and 15 GB of memory. */ machineType: pulumi.Input; /** * Metadata key/value pairs to make available from * within the instance. Ssh keys attached in the Cloud Console will be removed. * Add them to your config in order to keep them attached to your instance. * A list of predefined metadata keys (e.g. ssh-keys) can be found [here](https://cloud.google.com/compute/docs/metadata/predefined-metadata-keys) * * > Depending on the OS you choose for your instance, some metadata keys have * special functionality. Most linux-based images will run the content of * `metadata.startup-script` in a shell on every boot. At a minimum, * Debian, CentOS, RHEL, SLES, Container-Optimized OS, and Ubuntu images * support this key. Windows instances require other keys depending on the format * of the script and the time you would like it to run - see [this table](https://cloud.google.com/compute/docs/startupscript#providing_a_startup_script_for_windows_instances). * For the convenience of the users of `metadata.startup-script`, * we provide a special attribute, `metadataStartupScript`, which is documented below. */ metadata?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An alternative to using the * startup-script metadata key, except this one forces the instance to be recreated * (thus re-running the script) if it is changed. This replaces the startup-script * metadata key on the created instance and thus the two mechanisms are not * allowed to be used simultaneously. Users are free to use either mechanism - the * only distinction is that this separate attribute will cause a recreate on * modification. On import, `metadataStartupScript` will not be set - if you * choose to specify it you will see a diff immediately after import causing a * destroy/recreate operation. If importing an instance and specifying this value * is desired, you will need to modify your state file. */ metadataStartupScript?: pulumi.Input; /** * Specifies a minimum CPU platform for the VM instance. Applicable values are the friendly names of CPU platforms, such as * `Intel Haswell` or `Intel Skylake`. See the complete list [here](https://cloud.google.com/compute/docs/instances/specify-min-cpu-platform). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ minCpuPlatform?: pulumi.Input; /** * A unique name for the resource, required by GCE. * Changing this forces a new resource to be created. */ name?: pulumi.Input; /** * Networks to attach to the instance. This can * be specified multiple times. Structure is documented below. * * - - - */ networkInterfaces: pulumi.Input[]>; /** * Configures network performance settings for the instance. Structure is * documented below. **Note**: `machineType` must be a [supported type](https://cloud.google.com/compute/docs/networking/configure-vm-with-high-bandwidth-configuration), * the `image` used must include the [`GVNIC`](https://cloud.google.com/compute/docs/networking/using-gvnic#create-instance-gvnic-image) * in `guest-os-features`, and `network_interface.0.nic-type` must be `GVNIC` * in order for this setting to take effect. */ networkPerformanceConfig?: pulumi.Input; /** * Additional instance parameters. * . */ params?: pulumi.Input; /** * Beta key/value pair represents partner metadata assigned to instance where key represent a defined namespace and value is a json string represent the entries associted with the namespace. */ partnerMetadata?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The ID of the project in which the resource belongs. If it * is not provided, the provider project is used. */ project?: pulumi.Input; /** * Specifies the reservations that this instance can consume from. * Structure is documented below. */ reservationAffinity?: pulumi.Input; /** * - A list of selfLinks of resource policies to attach to the instance. Modifying this list will cause the instance to recreate. Currently a max of 1 resource policy is supported. */ resourcePolicies?: pulumi.Input; /** * The scheduling strategy to use. More details about * this configuration option are detailed below. */ scheduling?: pulumi.Input; /** * Scratch disks to attach to the instance. This can be * specified multiple times for multiple scratch disks. Structure is documented below. */ scratchDisks?: pulumi.Input[]>; /** * Service account to attach to the instance. * Structure is documented below. * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ serviceAccount?: pulumi.Input; /** * Enable [Shielded VM](https://cloud.google.com/security/shielded-cloud/shielded-vm) on this instance. Shielded VM provides verifiable integrity to prevent against malware and rootkits. Defaults to disabled. Structure is documented below. * **Note**: `shieldedInstanceConfig` can only be used with boot images with shielded vm support. See the complete list [here](https://cloud.google.com/compute/docs/images#shielded-images). * **Note**: `allowStoppingForUpdate` must be set to true or your instance must have a `desiredStatus` of `TERMINATED` in order to update this field. */ shieldedInstanceConfig?: pulumi.Input; /** * A list of network tags to attach to the instance. */ tags?: pulumi.Input[]>; /** * The zone that the machine should be created in. If it is not provided, the provider zone is used. */ zone?: pulumi.Input; }