Merge remote-tracking branch 'origin/master' into fast-dev
This commit is contained in:
Ludovico Magnocavallo
90
adrs/20251013-context-locals.md
Normal file
90
adrs/20251013-context-locals.md
Normal file
@@ -0,0 +1,90 @@
|
||||
# Using single local `ctx` for context interpolations
|
||||
|
||||
**authors:** [Wiktor Niesiobedzki](https://github.com/wiktorn)
|
||||
**date:** Oct 13, 2025
|
||||
|
||||
## Status
|
||||
|
||||
Draft
|
||||
|
||||
## Context
|
||||
|
||||
Terraform build dependency graph using variables and locals as nodes. If those are complex structures, such as lists, maps or objects, they can contain references to multiple resources. Because of that, any access to a complex variable creates an implicit dependency on all resources referenced within this variable. For example:
|
||||
|
||||
```hcl
|
||||
locals {
|
||||
ctx = {
|
||||
folder = google_folder.this.id
|
||||
project = google_project.this.id
|
||||
}
|
||||
}
|
||||
|
||||
resource "terraform_data" "this" {
|
||||
input = local.ctx.folder
|
||||
}
|
||||
```
|
||||
|
||||
Creates implicit dependencies like this:
|
||||
* `terraform_data.this` depends on `local.ctx`
|
||||
* `local.ctx` depends on `google_folder.this`
|
||||
* `local.ctx` depends on `google_project.this`
|
||||
|
||||
This may result in unnecessary dependencies and eventually, in dependency cycles.
|
||||
|
||||
|
||||
## Decision:
|
||||
Use single `local.ctx` to store context and single `context` variable to pass context between modules.
|
||||
|
||||
|
||||
## Consequences
|
||||
|
||||
This may result in dependency cycles when calling the module, for example when creating custom roles that are needed for IAM grants in the same organization / project. This can be easily work around, by separating the module calls into two:
|
||||
* one that does primary setup
|
||||
* second that does the IAM, and uses the resources created in the first call
|
||||
|
||||
In some specific cases, it might be necessary to have a separate context local for specific type of resource to avoid dependency cycles.
|
||||
|
||||
## Reasoning
|
||||
|
||||
The primary reason is to make module calls concise and easy to use. As of now, the dependency cycles are occurring rarely and are easily fixed by separating the module calls.
|
||||
|
||||
## Alternatives Considered:
|
||||
|
||||
### Separating `local.ctx` by type of context
|
||||
Currently, `local.ctx` is build like this (example from `modules/project`):
|
||||
```hcl
|
||||
locals {
|
||||
ctx = {
|
||||
for k, v in var.context : k => {
|
||||
for kk, vv in v : "${local.ctx_p}${k}:${kk}" => vv
|
||||
} if k != "condition_vars"
|
||||
}
|
||||
}
|
||||
```
|
||||
|
||||
To use separate local this needs to be changed to:
|
||||
```hcl
|
||||
locals {
|
||||
ctx_custom_roles = {for k, v in var.context_custom_roles : "${local.ctx_p}custom_roles:${k}" => v}
|
||||
ctx_folder_ids = {for k, v in var.context_folder_ids : "${local.ctx_p}folder_ids:${k}" => v}
|
||||
ctx_kms_keys = {for k, v in var.context_kms_keys : "${local.ctx_p}kms_keys:${k}" => v}
|
||||
ctx_iam_principals = {for k, v in var.context_iam_principals : "${local.ctx_p}iam_principals:${k}" => v}
|
||||
ctx_notification_channels = {
|
||||
for k, v in var.context_notification_channels :"${local.ctx_p}notification_channels:${k}" => v
|
||||
}
|
||||
ctx_logging_bucket_names = {
|
||||
for k, v in var.context_logging_bucket_names : "${local.ctx_p}logging_bucket_names:${k}" => v
|
||||
}
|
||||
ctx_project_ids = {for k, v in var.context_project_ids : "${local.ctx_p}project_ids:${k}" => v}
|
||||
ctx_tag_keys = {for k, v in var.context_tag_keys : "${local.ctx_p}tag_keys:${k}" => v}
|
||||
ctx_tag_values = {for k, v in var.context_tag_values : "${local.ctx_p}tag_values:${k}" => v}
|
||||
ctx_vpc_sc_perimeters = {for k, v in var.context_vpc_sc_perimeters : "${local.ctx_p}vpc_sc_perimeters:${k}" => v}
|
||||
}
|
||||
```
|
||||
|
||||
Which is way more verbose. Note, that to disentangle the dependency tree, we need also separate input variables in the module, and the callers will need to pass context separately, which increases the burden of the module user.
|
||||
|
||||
|
||||
## Implementation:
|
||||
|
||||
At the time of writing this ADR, all modules and FAST stages already use single `context` variable and `local.ctx`.
|
||||
@@ -76,6 +76,7 @@ locals {
|
||||
name = replace("${vpn_key}/${vpn_config.ncc_spoke_config.hub}", "$ncc_hubs:", "") # TODO: eww
|
||||
project_id = vpn_config.project_id
|
||||
hub = vpn_config.ncc_spoke_config.hub
|
||||
group = try(vpn_config.ncc_spoke_config.group, null)
|
||||
location = vpn_config.region
|
||||
description = lookup(vpn_config.ncc_spoke_config, "description", "Terraform-managed.")
|
||||
labels = lookup(vpn_config.ncc_spoke_config, "labels", {})
|
||||
@@ -179,6 +180,11 @@ resource "google_network_connectivity_spoke" "tunnels" {
|
||||
replace(each.value.hub, "$ncc_hubs:", ""),
|
||||
each.value.hub
|
||||
)
|
||||
group = each.value.group == null ? null : lookup(
|
||||
local.ctx_ncc_groups,
|
||||
replace(each.value.group, "$ncc_groups:", ""),
|
||||
each.value.group
|
||||
)
|
||||
linked_vpn_tunnels {
|
||||
uris = each.value.tunnel_self_link
|
||||
site_to_site_data_transfer = true
|
||||
|
||||
@@ -1160,8 +1160,8 @@ module "sole-tenancy" {
|
||||
|---|---|:---:|:---:|:---:|
|
||||
| [name](variables.tf#L322) | Instance name. | <code>string</code> | ✓ | |
|
||||
| [network_interfaces](variables.tf#L334) | Network interfaces configuration. Use self links for Shared VPC, set addresses to null if not needed. | <code title="list(object({ network = string subnetwork = string alias_ips = optional(map(string), {}) nat = optional(bool, false) nic_type = optional(string) stack_type = optional(string) addresses = optional(object({ internal = optional(string) external = optional(string) }), null) network_tier = optional(string) }))">list(object({…}))</code> | ✓ | |
|
||||
| [project_id](variables.tf#L419) | Project id. | <code>string</code> | ✓ | |
|
||||
| [zone](variables.tf#L539) | Compute zone. | <code>string</code> | ✓ | |
|
||||
| [project_id](variables.tf#L429) | Project id. | <code>string</code> | ✓ | |
|
||||
| [zone](variables.tf#L549) | Compute zone. | <code>string</code> | ✓ | |
|
||||
| [attached_disk_defaults](variables.tf#L17) | Defaults for attached disks options. | <code title="object({ auto_delete = optional(bool, false) mode = string replica_zone = string type = string })">object({…})</code> | | <code title="{ auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" }">{…}</code> |
|
||||
| [attached_disks](variables.tf#L37) | Additional disks, if options is null defaults will be used in its place. Source type is one of 'image' (zonal disks in vms and template), 'snapshot' (vm), 'existing', and null. | <code title="list(object({ name = optional(string) device_name = optional(string) size = string snapshot_schedule = optional(list(string)) source = optional(string) source_type = optional(string) options = optional( object({ architecture = optional(string) auto_delete = optional(bool, false) # applies only to vm templates mode = optional(string, "READ_WRITE") provisioned_iops = optional(number) provisioned_throughput = optional(number) # in MiB/s replica_zone = optional(string) storage_pool = optional(string) type = optional(string, "pd-balanced") }), { auto_delete = true mode = "READ_WRITE" replica_zone = null type = "pd-balanced" } ) }))">list(object({…}))</code> | | <code>[]</code> |
|
||||
| [boot_disk](variables.tf#L92) | Boot disk properties. Initialize params are ignored when source is set. | <code title="object({ auto_delete = optional(bool, true) snapshot_schedule = optional(list(string)) source = optional(string) initialize_params = optional(object({ architecture = optional(string) image = optional(string, "projects/debian-cloud/global/images/family/debian-11") provisioned_iops = optional(number) provisioned_throughput = optional(number) # in MiB/s size = optional(number, 10) storage_pool = optional(string) type = optional(string, "pd-balanced") }), {}) use_independent_disk = optional(bool, false) })">object({…})</code> | | <code title="{ initialize_params = {} }">{…}</code> |
|
||||
@@ -1185,16 +1185,16 @@ module "sole-tenancy" {
|
||||
| [min_cpu_platform](variables.tf#L316) | Minimum CPU platform. | <code>string</code> | | <code>null</code> |
|
||||
| [network_attached_interfaces](variables.tf#L327) | Network interfaces using network attachments. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [network_tag_bindings](variables.tf#L355) | Resource manager tag bindings in arbitrary key => tag key or value id format. Set on both the instance only for networking purposes, and modifiable without impacting the main resource lifecycle. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [options](variables.tf#L362) | Instance options. | <code title="object({ advanced_machine_features = optional(object({ enable_nested_virtualization = optional(bool) enable_turbo_mode = optional(bool) enable_uefi_networking = optional(bool) performance_monitoring_unit = optional(string) threads_per_core = optional(number) visible_core_count = optional(number) })) allow_stopping_for_update = optional(bool, true) deletion_protection = optional(bool, false) graceful_shutdown = optional(object({ enabled = optional(bool, false) max_duration_secs = optional(number) })) max_run_duration = optional(object({ nanos = optional(number) seconds = number })) node_affinities = optional(map(object({ values = list(string) in = optional(bool, true) })), {}) spot = optional(bool, false) termination_action = optional(string) })">object({…})</code> | | <code title="{ allow_stopping_for_update = true deletion_protection = false spot = false termination_action = null }">{…}</code> |
|
||||
| [project_number](variables.tf#L424) | Project number. Used in tag bindings to avoid a permadiff. | <code>string</code> | | <code>null</code> |
|
||||
| [resource_policies](variables.tf#L430) | Resource policies to attach to the instance or template. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [scratch_disks](variables.tf#L437) | Scratch disks configuration. | <code title="object({ count = number interface = string })">object({…})</code> | | <code title="{ count = 0 interface = "NVME" }">{…}</code> |
|
||||
| [service_account](variables.tf#L449) | Service account email and scopes. If email is null, the default Compute service account will be used unless auto_create is true, in which case a service account will be created. Set the variable to null to avoid attaching a service account. | <code title="object({ auto_create = optional(bool, false) email = optional(string) scopes = optional(list(string)) })">object({…})</code> | | <code>{}</code> |
|
||||
| [shielded_config](variables.tf#L459) | Shielded VM configuration of the instances. | <code title="object({ enable_secure_boot = optional(bool, true) enable_vtpm = optional(bool, true) enable_integrity_monitoring = optional(bool, true) })">object({…})</code> | | <code>null</code> |
|
||||
| [snapshot_schedules](variables.tf#L469) | Snapshot schedule resource policies that can be attached to disks. | <code title="map(object({ schedule = object({ daily = optional(object({ days_in_cycle = number start_time = string })) hourly = optional(object({ hours_in_cycle = number start_time = string })) weekly = optional(list(object({ day = string start_time = string }))) }) description = optional(string) retention_policy = optional(object({ max_retention_days = number on_source_disk_delete_keep = optional(bool) })) snapshot_properties = optional(object({ chain_name = optional(string) guest_flush = optional(bool) labels = optional(map(string)) storage_locations = optional(list(string)) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tag_bindings](variables.tf#L512) | Resource manager tag bindings in arbitrary key => tag key or value id format. Set on both the instance and zonal disks, and modifiable without impacting the main resource lifecycle. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [tag_bindings_immutable](variables.tf#L519) | Immutable resource manager tag bindings, in tagKeys/id => tagValues/id format. These are set on the instance or instance template at creation time, and trigger recreation if changed. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [tags](variables.tf#L533) | Instance network tags for firewall rule targets. | <code>list(string)</code> | | <code>[]</code> |
|
||||
| [options](variables.tf#L362) | Instance options. | <code title="object({ advanced_machine_features = optional(object({ enable_nested_virtualization = optional(bool) enable_turbo_mode = optional(bool) enable_uefi_networking = optional(bool) performance_monitoring_unit = optional(string) threads_per_core = optional(number) visible_core_count = optional(number) })) allow_stopping_for_update = optional(bool, true) deletion_protection = optional(bool, false) key_revocation_action_type = optional(string) graceful_shutdown = optional(object({ enabled = optional(bool, false) max_duration_secs = optional(number) })) max_run_duration = optional(object({ nanos = optional(number) seconds = number })) node_affinities = optional(map(object({ values = list(string) in = optional(bool, true) })), {}) spot = optional(bool, false) termination_action = optional(string) })">object({…})</code> | | <code title="{ allow_stopping_for_update = true deletion_protection = false spot = false termination_action = null key_revocation_action_type = "NONE" }">{…}</code> |
|
||||
| [project_number](variables.tf#L434) | Project number. Used in tag bindings to avoid a permadiff. | <code>string</code> | | <code>null</code> |
|
||||
| [resource_policies](variables.tf#L440) | Resource policies to attach to the instance or template. | <code>list(string)</code> | | <code>null</code> |
|
||||
| [scratch_disks](variables.tf#L447) | Scratch disks configuration. | <code title="object({ count = number interface = string })">object({…})</code> | | <code title="{ count = 0 interface = "NVME" }">{…}</code> |
|
||||
| [service_account](variables.tf#L459) | Service account email and scopes. If email is null, the default Compute service account will be used unless auto_create is true, in which case a service account will be created. Set the variable to null to avoid attaching a service account. | <code title="object({ auto_create = optional(bool, false) email = optional(string) scopes = optional(list(string)) })">object({…})</code> | | <code>{}</code> |
|
||||
| [shielded_config](variables.tf#L469) | Shielded VM configuration of the instances. | <code title="object({ enable_secure_boot = optional(bool, true) enable_vtpm = optional(bool, true) enable_integrity_monitoring = optional(bool, true) })">object({…})</code> | | <code>null</code> |
|
||||
| [snapshot_schedules](variables.tf#L479) | Snapshot schedule resource policies that can be attached to disks. | <code title="map(object({ schedule = object({ daily = optional(object({ days_in_cycle = number start_time = string })) hourly = optional(object({ hours_in_cycle = number start_time = string })) weekly = optional(list(object({ day = string start_time = string }))) }) description = optional(string) retention_policy = optional(object({ max_retention_days = number on_source_disk_delete_keep = optional(bool) })) snapshot_properties = optional(object({ chain_name = optional(string) guest_flush = optional(bool) labels = optional(map(string)) storage_locations = optional(list(string)) })) }))">map(object({…}))</code> | | <code>{}</code> |
|
||||
| [tag_bindings](variables.tf#L522) | Resource manager tag bindings in arbitrary key => tag key or value id format. Set on both the instance and zonal disks, and modifiable without impacting the main resource lifecycle. | <code>map(string)</code> | | <code>{}</code> |
|
||||
| [tag_bindings_immutable](variables.tf#L529) | Immutable resource manager tag bindings, in tagKeys/id => tagValues/id format. These are set on the instance or instance template at creation time, and trigger recreation if changed. | <code>map(string)</code> | | <code>null</code> |
|
||||
| [tags](variables.tf#L543) | Instance network tags for firewall rule targets. | <code>list(string)</code> | | <code>[]</code> |
|
||||
|
||||
## Outputs
|
||||
|
||||
|
||||
@@ -190,23 +190,24 @@ resource "google_compute_region_disk" "disks" {
|
||||
}
|
||||
|
||||
resource "google_compute_instance" "default" {
|
||||
provider = google-beta
|
||||
count = local.template_create ? 0 : 1
|
||||
project = local.project_id
|
||||
zone = local.zone
|
||||
name = var.name
|
||||
hostname = var.hostname
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
allow_stopping_for_update = var.options.allow_stopping_for_update
|
||||
deletion_protection = var.options.deletion_protection
|
||||
enable_display = var.enable_display
|
||||
labels = var.labels
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
provider = google-beta
|
||||
count = local.template_create ? 0 : 1
|
||||
project = local.project_id
|
||||
zone = local.zone
|
||||
name = var.name
|
||||
hostname = var.hostname
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
allow_stopping_for_update = var.options.allow_stopping_for_update
|
||||
deletion_protection = var.options.deletion_protection
|
||||
key_revocation_action_type = var.options.key_revocation_action_type
|
||||
enable_display = var.enable_display
|
||||
labels = var.labels
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
resource_policies = (
|
||||
var.resource_policies == null && var.instance_schedule == null
|
||||
? null
|
||||
|
||||
@@ -20,20 +20,21 @@ locals {
|
||||
}
|
||||
|
||||
resource "google_compute_instance_template" "default" {
|
||||
provider = google-beta
|
||||
count = local.template_create && !local.template_regional ? 1 : 0
|
||||
project = local.project_id
|
||||
region = local.region
|
||||
name_prefix = "${var.name}-"
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
labels = var.labels
|
||||
resource_manager_tags = var.tag_bindings_immutable
|
||||
provider = google-beta
|
||||
count = local.template_create && !local.template_regional ? 1 : 0
|
||||
project = local.project_id
|
||||
region = local.region
|
||||
name_prefix = "${var.name}-"
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
labels = var.labels
|
||||
resource_manager_tags = var.tag_bindings_immutable
|
||||
key_revocation_action_type = var.options.key_revocation_action_type
|
||||
resource_policies = (
|
||||
var.resource_policies == null && var.instance_schedule == null
|
||||
? null
|
||||
@@ -245,20 +246,21 @@ resource "google_compute_instance_template" "default" {
|
||||
}
|
||||
|
||||
resource "google_compute_region_instance_template" "default" {
|
||||
provider = google-beta
|
||||
count = local.template_create && local.template_regional ? 1 : 0
|
||||
project = local.project_id
|
||||
region = local.region
|
||||
name_prefix = "${var.name}-"
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
labels = var.labels
|
||||
resource_manager_tags = var.tag_bindings_immutable
|
||||
provider = google-beta
|
||||
count = local.template_create && local.template_regional ? 1 : 0
|
||||
project = local.project_id
|
||||
region = local.region
|
||||
name_prefix = "${var.name}-"
|
||||
description = var.description
|
||||
tags = var.tags
|
||||
machine_type = var.instance_type
|
||||
min_cpu_platform = var.min_cpu_platform
|
||||
can_ip_forward = var.can_ip_forward
|
||||
metadata = var.metadata
|
||||
metadata_startup_script = var.metadata_startup_script
|
||||
labels = var.labels
|
||||
resource_manager_tags = var.tag_bindings_immutable
|
||||
key_revocation_action_type = var.options.key_revocation_action_type
|
||||
resource_policies = (
|
||||
var.resource_policies == null && var.instance_schedule == null
|
||||
? null
|
||||
|
||||
@@ -370,8 +370,9 @@ variable "options" {
|
||||
threads_per_core = optional(number)
|
||||
visible_core_count = optional(number)
|
||||
}))
|
||||
allow_stopping_for_update = optional(bool, true)
|
||||
deletion_protection = optional(bool, false)
|
||||
allow_stopping_for_update = optional(bool, true)
|
||||
deletion_protection = optional(bool, false)
|
||||
key_revocation_action_type = optional(string)
|
||||
graceful_shutdown = optional(object({
|
||||
enabled = optional(bool, false)
|
||||
max_duration_secs = optional(number)
|
||||
@@ -388,10 +389,11 @@ variable "options" {
|
||||
termination_action = optional(string)
|
||||
})
|
||||
default = {
|
||||
allow_stopping_for_update = true
|
||||
deletion_protection = false
|
||||
spot = false
|
||||
termination_action = null
|
||||
allow_stopping_for_update = true
|
||||
deletion_protection = false
|
||||
spot = false
|
||||
termination_action = null
|
||||
key_revocation_action_type = "NONE"
|
||||
}
|
||||
validation {
|
||||
condition = (
|
||||
@@ -414,6 +416,14 @@ variable "options" {
|
||||
)
|
||||
error_message = "Allowed values for options.advanced_machine_features.performance_monitoring_unit are ARCHITECTURAL', 'ENHANCED', 'STANDARD' and null."
|
||||
}
|
||||
validation {
|
||||
condition = (
|
||||
var.options.key_revocation_action_type == null
|
||||
||
|
||||
contains(["NONE", "STOP"], var.options.key_revocation_action_type)
|
||||
)
|
||||
error_message = "Allowed values for options.key_revocation_action_type are 'NONE' or 'STOP'."
|
||||
}
|
||||
}
|
||||
|
||||
variable "project_id" {
|
||||
|
||||
@@ -72,7 +72,7 @@ values:
|
||||
enable_display: null
|
||||
guest_accelerator: []
|
||||
instance_description: null
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata:
|
||||
|
||||
@@ -66,7 +66,7 @@ values:
|
||||
enable_display: null
|
||||
guest_accelerator: []
|
||||
instance_description: null
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
|
||||
@@ -66,7 +66,7 @@ values:
|
||||
enable_display: null
|
||||
guest_accelerator: []
|
||||
instance_description: null
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
|
||||
@@ -88,7 +88,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
|
||||
@@ -130,7 +130,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: c4a-standard-1
|
||||
metadata: null
|
||||
|
||||
@@ -128,7 +128,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: n4-standard-2
|
||||
metadata: null
|
||||
|
||||
@@ -165,7 +165,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: c4d-standard-2
|
||||
metadata: null
|
||||
|
||||
@@ -18,41 +18,41 @@ values:
|
||||
can_ip_forward: false
|
||||
description: Managed by the compute-vm Terraform module.
|
||||
disk:
|
||||
- auto_delete: true
|
||||
boot: true
|
||||
disk_encryption_key: []
|
||||
disk_name: null
|
||||
disk_size_gb: 10
|
||||
disk_type: pd-balanced
|
||||
guest_os_features: null
|
||||
labels: null
|
||||
resource_manager_tags: null
|
||||
resource_policies: null
|
||||
source: null
|
||||
source_image: projects/debian-cloud/global/images/family/debian-11
|
||||
source_image_encryption_key: []
|
||||
source_snapshot: null
|
||||
source_snapshot_encryption_key: []
|
||||
- auto_delete: false
|
||||
device_name: repd
|
||||
disk_encryption_key: []
|
||||
disk_name: null
|
||||
guest_os_features: null
|
||||
labels: null
|
||||
mode: READ_WRITE
|
||||
resource_manager_tags: null
|
||||
resource_policies: null
|
||||
source: https://www.googleapis.com/compute/v1/projects/project-id/regions/europe-west8/disks/repd-test-1
|
||||
source_image_encryption_key: []
|
||||
source_snapshot: null
|
||||
source_snapshot_encryption_key: []
|
||||
type: PERSISTENT
|
||||
- auto_delete: true
|
||||
boot: true
|
||||
disk_encryption_key: []
|
||||
disk_name: null
|
||||
disk_size_gb: 10
|
||||
disk_type: pd-balanced
|
||||
guest_os_features: null
|
||||
labels: null
|
||||
resource_manager_tags: null
|
||||
resource_policies: null
|
||||
source: null
|
||||
source_image: projects/debian-cloud/global/images/family/debian-11
|
||||
source_image_encryption_key: []
|
||||
source_snapshot: null
|
||||
source_snapshot_encryption_key: []
|
||||
- auto_delete: false
|
||||
device_name: repd
|
||||
disk_encryption_key: []
|
||||
disk_name: null
|
||||
guest_os_features: null
|
||||
labels: null
|
||||
mode: READ_WRITE
|
||||
resource_manager_tags: null
|
||||
resource_policies: null
|
||||
source: https://www.googleapis.com/compute/v1/projects/project-id/regions/europe-west8/disks/repd-test-1
|
||||
source_image_encryption_key: []
|
||||
source_snapshot: null
|
||||
source_snapshot_encryption_key: []
|
||||
type: PERSISTENT
|
||||
effective_labels:
|
||||
goog-terraform-provisioned: 'true'
|
||||
goog-terraform-provisioned: "true"
|
||||
enable_display: null
|
||||
guest_accelerator: []
|
||||
instance_description: null
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
@@ -60,14 +60,14 @@ values:
|
||||
min_cpu_platform: null
|
||||
name_prefix: test-
|
||||
network_interface:
|
||||
- access_config: []
|
||||
alias_ip_range: []
|
||||
ipv6_access_config: []
|
||||
network: https://www.googleapis.com/compute/v1/projects/xxx/global/networks/aaa
|
||||
network_ip: null
|
||||
nic_type: null
|
||||
queue_count: null
|
||||
subnetwork: subnet_self_link
|
||||
- access_config: []
|
||||
alias_ip_range: []
|
||||
ipv6_access_config: []
|
||||
network: https://www.googleapis.com/compute/v1/projects/xxx/global/networks/aaa
|
||||
network_ip: null
|
||||
nic_type: null
|
||||
queue_count: null
|
||||
subnetwork: subnet_self_link
|
||||
network_performance_config: []
|
||||
partner_metadata: null
|
||||
project: project-id
|
||||
@@ -76,30 +76,30 @@ values:
|
||||
resource_manager_tags: null
|
||||
resource_policies: null
|
||||
scheduling:
|
||||
- automatic_restart: true
|
||||
availability_domain: null
|
||||
graceful_shutdown: []
|
||||
host_error_timeout_seconds: null
|
||||
instance_termination_action: null
|
||||
local_ssd_recovery_timeout: []
|
||||
maintenance_interval: null
|
||||
max_run_duration: []
|
||||
min_node_cpus: null
|
||||
node_affinities: []
|
||||
on_host_maintenance: MIGRATE
|
||||
on_instance_stop_action: []
|
||||
preemptible: false
|
||||
provisioning_model: STANDARD
|
||||
termination_time: null
|
||||
- automatic_restart: true
|
||||
availability_domain: null
|
||||
graceful_shutdown: []
|
||||
host_error_timeout_seconds: null
|
||||
instance_termination_action: null
|
||||
local_ssd_recovery_timeout: []
|
||||
maintenance_interval: null
|
||||
max_run_duration: []
|
||||
min_node_cpus: null
|
||||
node_affinities: []
|
||||
on_host_maintenance: MIGRATE
|
||||
on_instance_stop_action: []
|
||||
preemptible: false
|
||||
provisioning_model: STANDARD
|
||||
termination_time: null
|
||||
service_account:
|
||||
- email: tf-vm-test@project-id.iam.gserviceaccount.com
|
||||
scopes:
|
||||
- https://www.googleapis.com/auth/cloud-platform
|
||||
- https://www.googleapis.com/auth/userinfo.email
|
||||
- email: tf-vm-test@project-id.iam.gserviceaccount.com
|
||||
scopes:
|
||||
- https://www.googleapis.com/auth/cloud-platform
|
||||
- https://www.googleapis.com/auth/userinfo.email
|
||||
shielded_instance_config: []
|
||||
tags: null
|
||||
terraform_labels:
|
||||
goog-terraform-provisioned: 'true'
|
||||
goog-terraform-provisioned: "true"
|
||||
timeouts: null
|
||||
module.vm-disks-example.google_service_account.service_account[0]:
|
||||
account_id: tf-vm-test
|
||||
|
||||
@@ -57,7 +57,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
@@ -143,7 +143,7 @@ values:
|
||||
enable_display: false
|
||||
hostname: null
|
||||
instance_encryption_key: []
|
||||
key_revocation_action_type: null
|
||||
key_revocation_action_type: NONE
|
||||
labels: null
|
||||
machine_type: f1-micro
|
||||
metadata: null
|
||||
|
||||
Reference in New Issue
Block a user