1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 cnrm.cloud.google.com/version: 0.0.0-dev
6 creationTimestamp: null
7 labels:
8 cnrm.cloud.google.com/managed-by-kcc: "true"
9 cnrm.cloud.google.com/stability-level: stable
10 cnrm.cloud.google.com/system: "true"
11 cnrm.cloud.google.com/tf2crd: "true"
12 name: computeinstancetemplates.compute.cnrm.cloud.google.com
13spec:
14 group: compute.cnrm.cloud.google.com
15 names:
16 categories:
17 - gcp
18 kind: ComputeInstanceTemplate
19 plural: computeinstancetemplates
20 shortNames:
21 - gcpcomputeinstancetemplate
22 - gcpcomputeinstancetemplates
23 singular: computeinstancetemplate
24 preserveUnknownFields: false
25 scope: Namespaced
26 versions:
27 - additionalPrinterColumns:
28 - jsonPath: .metadata.creationTimestamp
29 name: Age
30 type: date
31 - description: When 'True', the most recent reconcile of the resource succeeded
32 jsonPath: .status.conditions[?(@.type=='Ready')].status
33 name: Ready
34 type: string
35 - description: The reason for the value in 'Ready'
36 jsonPath: .status.conditions[?(@.type=='Ready')].reason
37 name: Status
38 type: string
39 - description: The last transition time for the value in 'Status'
40 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
41 name: Status Age
42 type: date
43 name: v1beta1
44 schema:
45 openAPIV3Schema:
46 properties:
47 apiVersion:
48 description: 'apiVersion defines the versioned schema of this representation
49 of an object. Servers should convert recognized schemas to the latest
50 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
51 type: string
52 kind:
53 description: 'kind is a string value representing the REST resource this
54 object represents. Servers may infer this from the endpoint the client
55 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
56 type: string
57 metadata:
58 type: object
59 spec:
60 properties:
61 advancedMachineFeatures:
62 description: Immutable. Controls for advanced machine-related behavior
63 features.
64 properties:
65 enableNestedVirtualization:
66 description: Immutable. Whether to enable nested virtualization
67 or not.
68 type: boolean
69 threadsPerCore:
70 description: Immutable. The number of threads per physical core.
71 To disable simultaneous multithreading (SMT) set this to 1.
72 If unset, the maximum number of threads supported per core by
73 the underlying processor is assumed.
74 type: integer
75 visibleCoreCount:
76 description: Immutable. The number of physical cores to expose
77 to an instance. Multiply by the number of threads per core to
78 compute the total number of virtual CPUs to expose to the instance.
79 If unset, the number of cores is inferred from the instance\'s
80 nominal CPU count and the underlying platform\'s SMT width.
81 type: integer
82 type: object
83 canIpForward:
84 description: Immutable. Whether to allow sending and receiving of
85 packets with non-matching source or destination IPs. This defaults
86 to false.
87 type: boolean
88 confidentialInstanceConfig:
89 description: Immutable. The Confidential VM config being used by the
90 instance. on_host_maintenance has to be set to TERMINATE or this
91 will fail to create.
92 properties:
93 enableConfidentialCompute:
94 description: Immutable. Defines whether the instance should have
95 confidential compute enabled.
96 type: boolean
97 required:
98 - enableConfidentialCompute
99 type: object
100 description:
101 description: Immutable. A brief description of this resource.
102 type: string
103 disk:
104 description: Immutable. Disks to attach to instances created from
105 this template. This can be specified multiple times for multiple
106 disks.
107 items:
108 properties:
109 autoDelete:
110 description: Immutable. Whether or not the disk should be auto-deleted.
111 This defaults to true.
112 type: boolean
113 boot:
114 description: Immutable. Indicates that this is a boot disk.
115 type: boolean
116 deviceName:
117 description: Immutable. A unique device name that is reflected
118 into the /dev/ tree of a Linux operating system running within
119 the instance. If not specified, the server chooses a default
120 device name to apply to this disk.
121 type: string
122 diskEncryptionKey:
123 description: Immutable. Encrypts or decrypts a disk using a
124 customer-supplied encryption key.
125 properties:
126 kmsKeyRef:
127 oneOf:
128 - not:
129 required:
130 - external
131 required:
132 - name
133 - not:
134 anyOf:
135 - required:
136 - name
137 - required:
138 - namespace
139 required:
140 - external
141 properties:
142 external:
143 description: 'Allowed value: The `selfLink` field of
144 a `KMSCryptoKey` resource.'
145 type: string
146 name:
147 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
148 type: string
149 namespace:
150 description: 'Namespace of the referent. More info:
151 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
152 type: string
153 type: object
154 required:
155 - kmsKeyRef
156 type: object
157 diskName:
158 description: Immutable. Name of the disk. When not provided,
159 this defaults to the name of the instance.
160 type: string
161 diskSizeGb:
162 description: Immutable. The size of the image in gigabytes.
163 If not specified, it will inherit the size of its base image.
164 For SCRATCH disks, the size must be one of 375 or 3000 GB,
165 with a default of 375 GB.
166 type: integer
167 diskType:
168 description: Immutable. The Google Compute Engine disk type.
169 Such as "pd-ssd", "local-ssd", "pd-balanced" or "pd-standard".
170 type: string
171 interface:
172 description: Immutable. Specifies the disk interface to use
173 for attaching this disk.
174 type: string
175 labels:
176 additionalProperties:
177 type: string
178 description: Immutable. A set of key/value label pairs to assign
179 to disks,.
180 type: object
181 mode:
182 description: Immutable. The mode in which to attach this disk,
183 either READ_WRITE or READ_ONLY. If you are attaching or creating
184 a boot disk, this must read-write mode.
185 type: string
186 resourcePolicies:
187 items:
188 oneOf:
189 - not:
190 required:
191 - external
192 required:
193 - name
194 - not:
195 anyOf:
196 - required:
197 - name
198 - required:
199 - namespace
200 required:
201 - external
202 properties:
203 external:
204 description: 'Allowed value: The `selfLink` field of a
205 `ComputeResourcePolicy` resource.'
206 type: string
207 name:
208 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
209 type: string
210 namespace:
211 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
212 type: string
213 type: object
214 type: array
215 sourceDiskRef:
216 oneOf:
217 - not:
218 required:
219 - external
220 required:
221 - name
222 - not:
223 anyOf:
224 - required:
225 - name
226 - required:
227 - namespace
228 required:
229 - external
230 properties:
231 external:
232 description: 'Allowed value: The `name` field of a `ComputeDisk`
233 resource.'
234 type: string
235 name:
236 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
237 type: string
238 namespace:
239 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
240 type: string
241 type: object
242 sourceImageEncryptionKey:
243 description: |-
244 Immutable. The customer-supplied encryption key of the source
245 image. Required if the source image is protected by a
246 customer-supplied encryption key.
247
248 Instance templates do not store customer-supplied
249 encryption keys, so you cannot create disks for
250 instances in a managed instance group if the source
251 images are encrypted with your own keys.
252 properties:
253 kmsKeySelfLinkRef:
254 description: |-
255 The self link of the encryption key that is stored in Google Cloud
256 KMS.
257 oneOf:
258 - not:
259 required:
260 - external
261 required:
262 - name
263 - not:
264 anyOf:
265 - required:
266 - name
267 - required:
268 - namespace
269 required:
270 - external
271 properties:
272 external:
273 description: 'Allowed value: The `selfLink` field of
274 a `KMSCryptoKey` resource.'
275 type: string
276 name:
277 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
278 type: string
279 namespace:
280 description: 'Namespace of the referent. More info:
281 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
282 type: string
283 type: object
284 kmsKeyServiceAccountRef:
285 description: |-
286 The service account being used for the encryption request for the
287 given KMS key. If absent, the Compute Engine default service account
288 is used.
289 oneOf:
290 - not:
291 required:
292 - external
293 required:
294 - name
295 - not:
296 anyOf:
297 - required:
298 - name
299 - required:
300 - namespace
301 required:
302 - external
303 properties:
304 external:
305 description: 'Allowed value: The `email` field of an
306 `IAMServiceAccount` resource.'
307 type: string
308 name:
309 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
310 type: string
311 namespace:
312 description: 'Namespace of the referent. More info:
313 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
314 type: string
315 type: object
316 required:
317 - kmsKeySelfLinkRef
318 type: object
319 sourceImageRef:
320 oneOf:
321 - not:
322 required:
323 - external
324 required:
325 - name
326 - not:
327 anyOf:
328 - required:
329 - name
330 - required:
331 - namespace
332 required:
333 - external
334 properties:
335 external:
336 description: 'Allowed value: The `selfLink` field of a `ComputeImage`
337 resource.'
338 type: string
339 name:
340 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
341 type: string
342 namespace:
343 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
344 type: string
345 type: object
346 sourceSnapshotEncryptionKey:
347 description: Immutable. The customer-supplied encryption key
348 of the source snapshot.
349 properties:
350 kmsKeySelfLinkRef:
351 description: |-
352 The self link of the encryption key that is stored in Google Cloud
353 KMS.
354 oneOf:
355 - not:
356 required:
357 - external
358 required:
359 - name
360 - not:
361 anyOf:
362 - required:
363 - name
364 - required:
365 - namespace
366 required:
367 - external
368 properties:
369 external:
370 description: 'Allowed value: The `selfLink` field of
371 a `KMSCryptoKey` resource.'
372 type: string
373 name:
374 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
375 type: string
376 namespace:
377 description: 'Namespace of the referent. More info:
378 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
379 type: string
380 type: object
381 kmsKeyServiceAccountRef:
382 description: |-
383 The service account being used for the encryption request for the
384 given KMS key. If absent, the Compute Engine default service account
385 is used.
386 oneOf:
387 - not:
388 required:
389 - external
390 required:
391 - name
392 - not:
393 anyOf:
394 - required:
395 - name
396 - required:
397 - namespace
398 required:
399 - external
400 properties:
401 external:
402 description: 'Allowed value: The `email` field of an
403 `IAMServiceAccount` resource.'
404 type: string
405 name:
406 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
407 type: string
408 namespace:
409 description: 'Namespace of the referent. More info:
410 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
411 type: string
412 type: object
413 required:
414 - kmsKeySelfLinkRef
415 type: object
416 sourceSnapshotRef:
417 description: |-
418 The source snapshot to create this disk. When creating a new
419 instance, one of initializeParams.sourceSnapshot,
420 initializeParams.sourceImage, or disks.source is required except for
421 local SSD.
422 oneOf:
423 - not:
424 required:
425 - external
426 required:
427 - name
428 - not:
429 anyOf:
430 - required:
431 - name
432 - required:
433 - namespace
434 required:
435 - external
436 properties:
437 external:
438 description: 'Allowed value: The `selfLink` field of a `ComputeSnapshot`
439 resource.'
440 type: string
441 name:
442 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
443 type: string
444 namespace:
445 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
446 type: string
447 type: object
448 type:
449 description: Immutable. The type of Google Compute Engine disk,
450 can be either "SCRATCH" or "PERSISTENT".
451 type: string
452 type: object
453 type: array
454 enableDisplay:
455 description: 'Immutable. Enable Virtual Displays on this instance.
456 Note: allow_stopping_for_update must be set to true in order to
457 update this field.'
458 type: boolean
459 guestAccelerator:
460 description: Immutable. List of the type and count of accelerator
461 cards attached to the instance.
462 items:
463 properties:
464 count:
465 description: Immutable. The number of the guest accelerator
466 cards exposed to this instance.
467 type: integer
468 type:
469 description: Immutable. The accelerator type resource to expose
470 to this instance. E.g. nvidia-tesla-k80.
471 type: string
472 required:
473 - count
474 - type
475 type: object
476 type: array
477 instanceDescription:
478 description: Immutable. A description of the instance.
479 type: string
480 machineType:
481 description: Immutable. The machine type to create. To create a machine
482 with a custom type (such as extended memory), format the value like
483 custom-VCPUS-MEM_IN_MB like custom-6-20480 for 6 vCPU and 20GB of
484 RAM.
485 type: string
486 metadata:
487 items:
488 properties:
489 key:
490 type: string
491 value:
492 type: string
493 required:
494 - key
495 - value
496 type: object
497 type: array
498 metadataStartupScript:
499 description: Immutable. An alternative to using the startup-script
500 metadata key, mostly to match the compute_instance resource. This
501 replaces the startup-script metadata key on the created instance
502 and thus the two mechanisms are not allowed to be used simultaneously.
503 type: string
504 minCpuPlatform:
505 description: Immutable. Specifies a minimum CPU platform. Applicable
506 values are the friendly names of CPU platforms, such as Intel Haswell
507 or Intel Skylake.
508 type: string
509 namePrefix:
510 description: Immutable. Creates a unique name beginning with the specified
511 prefix. Conflicts with name.
512 type: string
513 networkInterface:
514 description: Immutable. Networks to attach to instances created from
515 this template. This can be specified multiple times for multiple
516 networks.
517 items:
518 properties:
519 accessConfig:
520 items:
521 properties:
522 natIpRef:
523 oneOf:
524 - not:
525 required:
526 - external
527 required:
528 - name
529 - not:
530 anyOf:
531 - required:
532 - name
533 - required:
534 - namespace
535 required:
536 - external
537 properties:
538 external:
539 description: 'Allowed value: The `address` field of
540 a `ComputeAddress` resource.'
541 type: string
542 name:
543 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
544 type: string
545 namespace:
546 description: 'Namespace of the referent. More info:
547 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
548 type: string
549 type: object
550 networkTier:
551 description: 'Immutable. The networking tier used for
552 configuring this instance template. This field can take
553 the following values: PREMIUM, STANDARD, FIXED_STANDARD.
554 If this field is not specified, it is assumed to be
555 PREMIUM.'
556 type: string
557 publicPtrDomainName:
558 description: The DNS domain name for the public PTR record.The
559 DNS domain name for the public PTR record.
560 type: string
561 type: object
562 type: array
563 aliasIpRange:
564 description: Immutable. An array of alias IP ranges for this
565 network interface. Can only be specified for network interfaces
566 on subnet-mode networks.
567 items:
568 properties:
569 ipCidrRange:
570 description: Immutable. The IP CIDR range represented
571 by this alias IP range. This IP CIDR range must belong
572 to the specified subnetwork and cannot contain IP addresses
573 reserved by system or used by other network interfaces.
574 At the time of writing only a netmask (e.g. /24) may
575 be supplied, with a CIDR format resulting in an API
576 error.
577 type: string
578 subnetworkRangeName:
579 description: Immutable. The subnetwork secondary range
580 name specifying the secondary range from which to allocate
581 the IP CIDR range for this alias IP range. If left unspecified,
582 the primary range of the subnetwork will be used.
583 type: string
584 required:
585 - ipCidrRange
586 type: object
587 type: array
588 ipv6AccessConfig:
589 description: An array of IPv6 access configurations for this
590 interface. Currently, only one IPv6 access config, DIRECT_IPV6,
591 is supported. If there is no ipv6AccessConfig specified, then
592 this instance will have no external IPv6 Internet access.
593 items:
594 properties:
595 externalIpv6:
596 description: The first IPv6 address of the external IPv6
597 range associated with this instance, prefix length is
598 stored in externalIpv6PrefixLength in ipv6AccessConfig.
599 The field is output only, an IPv6 address from a subnetwork
600 associated with the instance will be allocated dynamically.
601 type: string
602 externalIpv6PrefixLength:
603 description: The prefix length of the external IPv6 range.
604 type: string
605 networkTier:
606 description: The service-level to be provided for IPv6
607 traffic when the subnet has an external subnet. Only
608 PREMIUM tier is valid for IPv6.
609 type: string
610 publicPtrDomainName:
611 description: The domain name to be used when creating
612 DNSv6 records for the external IPv6 ranges.
613 type: string
614 required:
615 - networkTier
616 type: object
617 type: array
618 ipv6AccessType:
619 description: One of EXTERNAL, INTERNAL to indicate whether the
620 IP can be accessed from the Internet. This field is always
621 inherited from its subnetwork.
622 type: string
623 name:
624 description: The name of the network_interface.
625 type: string
626 networkIp:
627 description: Immutable. The private IP address to assign to
628 the instance. If empty, the address will be automatically
629 assigned.
630 type: string
631 networkRef:
632 oneOf:
633 - not:
634 required:
635 - external
636 required:
637 - name
638 - not:
639 anyOf:
640 - required:
641 - name
642 - required:
643 - namespace
644 required:
645 - external
646 properties:
647 external:
648 description: 'Allowed value: The `selfLink` field of a `ComputeNetwork`
649 resource.'
650 type: string
651 name:
652 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
653 type: string
654 namespace:
655 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
656 type: string
657 type: object
658 nicType:
659 description: Immutable. The type of vNIC to be used on this
660 interface. Possible values:GVNIC, VIRTIO_NET.
661 type: string
662 queueCount:
663 description: Immutable. The networking queue count that's specified
664 by users for the network interface. Both Rx and Tx queues
665 will be set to this number. It will be empty if not specified.
666 type: integer
667 stackType:
668 description: The stack type for this network interface to identify
669 whether the IPv6 feature is enabled or not. If not specified,
670 IPV4_ONLY will be used.
671 type: string
672 subnetworkProject:
673 description: Immutable. The ID of the project in which the subnetwork
674 belongs. If it is not provided, the provider project is used.
675 type: string
676 subnetworkRef:
677 oneOf:
678 - not:
679 required:
680 - external
681 required:
682 - name
683 - not:
684 anyOf:
685 - required:
686 - name
687 - required:
688 - namespace
689 required:
690 - external
691 properties:
692 external:
693 description: 'Allowed value: The `selfLink` field of a `ComputeSubnetwork`
694 resource.'
695 type: string
696 name:
697 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
698 type: string
699 namespace:
700 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
701 type: string
702 type: object
703 type: object
704 type: array
705 networkPerformanceConfig:
706 description: Immutable. Configures network performance settings for
707 the instance. If not specified, the instance will be created with
708 its default network performance configuration.
709 properties:
710 totalEgressBandwidthTier:
711 description: Immutable. The egress bandwidth tier to enable. Possible
712 values:TIER_1, DEFAULT.
713 type: string
714 required:
715 - totalEgressBandwidthTier
716 type: object
717 region:
718 description: Immutable. An instance template is a global resource
719 that is not bound to a zone or a region. However, you can still
720 specify some regional resources in an instance template, which restricts
721 the template to the region where that resource resides. For example,
722 a custom subnetwork resource is tied to a specific region. Defaults
723 to the region of the Provider if no value is given.
724 type: string
725 reservationAffinity:
726 description: Immutable. Specifies the reservations that this instance
727 can consume from.
728 properties:
729 specificReservation:
730 description: Immutable. Specifies the label selector for the reservation
731 to use.
732 properties:
733 key:
734 description: Immutable. Corresponds to the label key of a
735 reservation resource. To target a SPECIFIC_RESERVATION by
736 name, specify compute.googleapis.com/reservation-name as
737 the key and specify the name of your reservation as the
738 only value.
739 type: string
740 values:
741 description: Immutable. Corresponds to the label values of
742 a reservation resource.
743 items:
744 type: string
745 type: array
746 required:
747 - key
748 - values
749 type: object
750 type:
751 description: Immutable. The type of reservation from which this
752 instance can consume resources.
753 type: string
754 required:
755 - type
756 type: object
757 resourceID:
758 description: Immutable. Optional. The name of the resource. Used for
759 creation and acquisition. When unset, the value of `metadata.name`
760 is used as the default.
761 type: string
762 resourcePolicies:
763 items:
764 oneOf:
765 - not:
766 required:
767 - external
768 required:
769 - name
770 - not:
771 anyOf:
772 - required:
773 - name
774 - required:
775 - namespace
776 required:
777 - external
778 properties:
779 external:
780 description: 'Allowed value: The `selfLink` field of a `ComputeResourcePolicy`
781 resource.'
782 type: string
783 name:
784 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
785 type: string
786 namespace:
787 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
788 type: string
789 type: object
790 type: array
791 scheduling:
792 description: Immutable. The scheduling strategy to use.
793 properties:
794 automaticRestart:
795 description: Immutable. Specifies whether the instance should
796 be automatically restarted if it is terminated by Compute Engine
797 (not terminated by a user). This defaults to true.
798 type: boolean
799 instanceTerminationAction:
800 description: Immutable. Specifies the action GCE should take when
801 SPOT VM is preempted.
802 type: string
803 maintenanceInterval:
804 description: 'Specifies the frequency of planned maintenance events.
805 The accepted values are: PERIODIC.'
806 type: string
807 maxRunDuration:
808 description: Immutable. The timeout for new network connections
809 to hosts.
810 properties:
811 nanos:
812 description: |-
813 Immutable. Span of time that's a fraction of a second at nanosecond
814 resolution. Durations less than one second are represented
815 with a 0 seconds field and a positive nanos field. Must
816 be from 0 to 999,999,999 inclusive.
817 type: integer
818 seconds:
819 description: |-
820 Immutable. Span of time at a resolution of a second.
821 Must be from 0 to 315,576,000,000 inclusive.
822 type: integer
823 required:
824 - seconds
825 type: object
826 minNodeCpus:
827 description: Minimum number of cpus for the instance.
828 type: integer
829 nodeAffinities:
830 items:
831 properties:
832 value:
833 type: object
834 x-kubernetes-preserve-unknown-fields: true
835 type: object
836 type: array
837 onHostMaintenance:
838 description: Immutable. Defines the maintenance behavior for this
839 instance.
840 type: string
841 preemptible:
842 description: Immutable. Allows instance to be preempted. This
843 defaults to false.
844 type: boolean
845 provisioningModel:
846 description: Immutable. Whether the instance is spot. If this
847 is set as SPOT.
848 type: string
849 type: object
850 serviceAccount:
851 description: Immutable. Service account to attach to the instance.
852 properties:
853 scopes:
854 description: Immutable. A list of service scopes. Both OAuth2
855 URLs and gcloud short names are supported. To allow full access
856 to all Cloud APIs, use the cloud-platform scope.
857 items:
858 type: string
859 type: array
860 serviceAccountRef:
861 oneOf:
862 - not:
863 required:
864 - external
865 required:
866 - name
867 - not:
868 anyOf:
869 - required:
870 - name
871 - required:
872 - namespace
873 required:
874 - external
875 properties:
876 external:
877 description: 'Allowed value: The `email` field of an `IAMServiceAccount`
878 resource.'
879 type: string
880 name:
881 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
882 type: string
883 namespace:
884 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
885 type: string
886 type: object
887 required:
888 - scopes
889 type: object
890 shieldedInstanceConfig:
891 description: 'Immutable. Enable Shielded VM on this instance. Shielded
892 VM provides verifiable integrity to prevent against malware and
893 rootkits. Defaults to disabled. Note: shielded_instance_config can
894 only be used with boot images with shielded vm support.'
895 properties:
896 enableIntegrityMonitoring:
897 description: Immutable. Compare the most recent boot measurements
898 to the integrity policy baseline and return a pair of pass/fail
899 results depending on whether they match or not. Defaults to
900 true.
901 type: boolean
902 enableSecureBoot:
903 description: Immutable. Verify the digital signature of all boot
904 components, and halt the boot process if signature verification
905 fails. Defaults to false.
906 type: boolean
907 enableVtpm:
908 description: Immutable. Use a virtualized trusted platform module,
909 which is a specialized computer chip you can use to encrypt
910 objects like keys and certificates. Defaults to true.
911 type: boolean
912 type: object
913 tags:
914 description: Immutable. Tags to attach to the instance.
915 items:
916 type: string
917 type: array
918 required:
919 - disk
920 - machineType
921 type: object
922 status:
923 properties:
924 conditions:
925 description: Conditions represent the latest available observation
926 of the resource's current state.
927 items:
928 properties:
929 lastTransitionTime:
930 description: Last time the condition transitioned from one status
931 to another.
932 type: string
933 message:
934 description: Human-readable message indicating details about
935 last transition.
936 type: string
937 reason:
938 description: Unique, one-word, CamelCase reason for the condition's
939 last transition.
940 type: string
941 status:
942 description: Status is the status of the condition. Can be True,
943 False, Unknown.
944 type: string
945 type:
946 description: Type is the type of the condition.
947 type: string
948 type: object
949 type: array
950 metadataFingerprint:
951 description: The unique fingerprint of the metadata.
952 type: string
953 observedGeneration:
954 description: ObservedGeneration is the generation of the resource
955 that was most recently observed by the Config Connector controller.
956 If this is equal to metadata.generation, then that means that the
957 current reported status reflects the most recent desired state of
958 the resource.
959 type: integer
960 selfLink:
961 description: The URI of the created resource.
962 type: string
963 selfLinkUnique:
964 description: A special URI of the created resource that uniquely identifies
965 this instance template.
966 type: string
967 tagsFingerprint:
968 description: The unique fingerprint of the tags.
969 type: string
970 type: object
971 required:
972 - spec
973 type: object
974 served: true
975 storage: true
976 subresources:
977 status: {}
978status:
979 acceptedNames:
980 kind: ""
981 plural: ""
982 conditions: []
983 storedVersions: []
View as plain text