# Copyright 2025 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: cnrm.cloud.google.com/version: 1.128.0 creationTimestamp: null labels: cnrm.cloud.google.com/managed-by-kcc: "true" cnrm.cloud.google.com/stability-level: stable cnrm.cloud.google.com/system: "true" cnrm.cloud.google.com/tf2crd: "true" name: computeinstances.compute.cnrm.cloud.google.com spec: group: compute.cnrm.cloud.google.com names: categories: - gcp kind: ComputeInstance plural: computeinstances shortNames: - gcpcomputeinstance - gcpcomputeinstances singular: computeinstance scope: Namespaced versions: - additionalPrinterColumns: - jsonPath: .metadata.creationTimestamp name: Age type: date - description: When 'True', the most recent reconcile of the resource succeeded jsonPath: .status.conditions[?(@.type=='Ready')].status name: Ready type: string - description: The reason for the value in 'Ready' jsonPath: .status.conditions[?(@.type=='Ready')].reason name: Status type: string - description: The last transition time for the value in 'Status' jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime name: Status Age type: date name: v1beta1 schema: openAPIV3Schema: properties: apiVersion: description: 'apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources' type: string kind: description: 'kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds' type: string metadata: type: object spec: anyOf: - required: - bootDisk - machineType - networkInterface - zone - required: - instanceTemplateRef - zone properties: advancedMachineFeatures: description: Controls for advanced machine-related behavior features. properties: enableNestedVirtualization: description: Whether to enable nested virtualization or not. type: boolean threadsPerCore: description: The number of threads per physical core. To disable simultaneous multithreading (SMT) set this to 1. If unset, the maximum number of threads supported per core by the underlying processor is assumed. type: integer visibleCoreCount: description: The number of physical cores to expose to an instance. Multiply by the number of threads per core to compute the total number of virtual CPUs to expose to the instance. If unset, the number of cores is inferred from the instance\'s nominal CPU count and the underlying platform\'s SMT width. type: integer type: object attachedDisk: description: List of disks attached to the instance. items: properties: deviceName: description: Name with which the attached disk is accessible under /dev/disk/by-id/. type: string diskEncryptionKeyRaw: description: A 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set. oneOf: - not: required: - valueFrom required: - value - not: required: - value required: - valueFrom properties: value: description: Value of the field. Cannot be used if 'valueFrom' is specified. type: string valueFrom: description: Source for the field's value. Cannot be used if 'value' is specified. properties: secretKeyRef: description: Reference to a value with the given key in the given Secret in the resource's namespace. properties: key: description: Key that identifies the value to be extracted. type: string name: description: Name of the Secret to extract a value from. type: string required: - name - key type: object type: object type: object diskEncryptionKeySha256: description: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. type: string kmsKeyRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object mode: description: Read/write mode for the disk. One of "READ_ONLY" or "READ_WRITE". type: string sourceDiskRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeDisk` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: - sourceDiskRef type: object type: array bootDisk: description: Immutable. The boot disk for the instance. properties: autoDelete: description: Immutable. Whether the disk will be auto-deleted when the instance is deleted. type: boolean deviceName: description: Immutable. Name with which attached disk will be accessible under /dev/disk/by-id/. type: string diskEncryptionKeyRaw: description: Immutable. A 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to encrypt this disk. Only one of kms_key_self_link and disk_encryption_key_raw may be set. oneOf: - not: required: - valueFrom required: - value - not: required: - value required: - valueFrom properties: value: description: Value of the field. Cannot be used if 'valueFrom' is specified. type: string valueFrom: description: Source for the field's value. Cannot be used if 'value' is specified. properties: secretKeyRef: description: Reference to a value with the given key in the given Secret in the resource's namespace. properties: key: description: Key that identifies the value to be extracted. type: string name: description: Name of the Secret to extract a value from. type: string required: - name - key type: object type: object type: object diskEncryptionKeySha256: description: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. type: string initializeParams: description: Immutable. Parameters with which a disk was created alongside the instance. properties: labels: description: Immutable. A set of key/value label pairs assigned to the disk. type: object x-kubernetes-preserve-unknown-fields: true resourceManagerTags: description: Immutable. A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored (both PUT & PATCH) when empty. type: object x-kubernetes-preserve-unknown-fields: true size: description: Immutable. The size of the image in gigabytes. type: integer sourceImageRef: description: Immutable. The image from which to initialize this disk. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeImage` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: description: Immutable. The Google Compute Engine disk type. Such as pd-standard, pd-ssd or pd-balanced. type: string type: object kmsKeyRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object mode: description: Immutable. Read/write mode for the disk. One of "READ_ONLY" or "READ_WRITE". type: string sourceDiskRef: description: Immutable. The source disk used to create this disk. oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeDisk` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: object canIpForward: description: Whether sending and receiving of packets with non-matching source or destination IPs is allowed. type: boolean confidentialInstanceConfig: description: Immutable. The Confidential VM config being used by the instance. on_host_maintenance has to be set to TERMINATE or this will fail to create. properties: enableConfidentialCompute: description: Defines whether the instance should have confidential compute enabled. type: boolean required: - enableConfidentialCompute type: object deletionProtection: description: Whether deletion protection is enabled on this instance. type: boolean description: description: Immutable. A brief description of the resource. type: string desiredStatus: description: Desired status of the instance. Either "RUNNING" or "TERMINATED". type: string enableDisplay: description: Whether the instance has virtual displays enabled. type: boolean guestAccelerator: description: Immutable. List of the type and count of accelerator cards attached to the instance. items: properties: count: description: Immutable. The number of the guest accelerator cards exposed to this instance. type: integer type: description: Immutable. The accelerator type resource exposed to this instance. E.g. nvidia-tesla-t4. type: string required: - count - type type: object type: array hostname: description: Immutable. A custom hostname for the instance. Must be a fully qualified DNS name and RFC-1035-valid. Valid format is a series of labels 1-63 characters long matching the regular expression [a-z]([-a-z0-9]*[a-z0-9]), concatenated with periods. The entire hostname must not exceed 253 characters. Changing this forces a new resource to be created. type: string instanceTemplateRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeInstanceTemplate` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object machineType: description: The machine type to create. type: string metadata: items: properties: key: type: string value: type: string required: - key - value type: object type: array metadataStartupScript: description: Immutable. Metadata startup scripts made available within the instance. type: string minCpuPlatform: description: The minimum CPU platform specified for the VM instance. type: string networkInterface: description: Immutable. The networks attached to the instance. items: not: required: - networkIp - networkIpRef properties: accessConfig: description: Access configurations, i.e. IPs via which this instance can be accessed via the Internet. items: properties: natIpRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `address` field of a `ComputeAddress` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object networkTier: description: The networking tier used for configuring this instance. One of PREMIUM or STANDARD. type: string publicPtrDomainName: description: The DNS domain name for the public PTR record. type: string type: object type: array aliasIpRange: description: An array of alias IP ranges for this network interface. items: properties: ipCidrRange: description: The IP CIDR range represented by this alias IP range. type: string subnetworkRangeName: description: The subnetwork secondary range name specifying the secondary range from which to allocate the IP CIDR range for this alias IP range. type: string required: - ipCidrRange type: object type: array internalIpv6PrefixLength: description: The prefix length of the primary internal IPv6 range. type: integer ipv6AccessConfig: description: An array of IPv6 access configurations for this interface. Currently, only one IPv6 access config, DIRECT_IPV6, is supported. If there is no ipv6AccessConfig specified, then this instance will have no external IPv6 Internet access. items: properties: externalIpv6: description: Immutable. The first IPv6 address of the external IPv6 range associated with this instance, prefix length is stored in externalIpv6PrefixLength in ipv6AccessConfig. To use a static external IP address, it must be unused and in the same region as the instance's zone. If not specified, Google Cloud will automatically assign an external IPv6 address from the instance's subnetwork. type: string externalIpv6PrefixLength: description: Immutable. The prefix length of the external IPv6 range. type: string name: description: Immutable. The name of this access configuration. In ipv6AccessConfigs, the recommended name is External IPv6. type: string networkTier: description: The service-level to be provided for IPv6 traffic when the subnet has an external subnet. Only PREMIUM tier is valid for IPv6. type: string publicPtrDomainName: description: The domain name to be used when creating DNSv6 records for the external IPv6 ranges. type: string required: - networkTier type: object type: array ipv6AccessType: description: One of EXTERNAL, INTERNAL to indicate whether the IP can be accessed from the Internet. This field is always inherited from its subnetwork. type: string ipv6Address: description: An IPv6 internal network address for this network interface. If not specified, Google Cloud will automatically assign an internal IPv6 address from the instance's subnetwork. type: string name: description: The name of the interface. type: string networkIp: description: DEPRECATED. Although this field is still available, there is limited support. We recommend that you use `spec.networkInterface.networkIpRef` instead. type: string networkIpRef: oneOf: - not: required: - external required: - name - kind - not: anyOf: - required: - name - required: - namespace - required: - kind required: - external properties: external: description: 'Allowed value: The `address` field of a `ComputeAddress` resource.' type: string kind: description: 'Kind of the referent. Allowed values: ComputeAddress' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object networkRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeNetwork` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object nicType: description: Immutable. The type of vNIC to be used on this interface. Possible values:GVNIC, VIRTIO_NET. type: string queueCount: description: Immutable. The networking queue count that's specified by users for the network interface. Both Rx and Tx queues will be set to this number. It will be empty if not specified. type: integer stackType: description: The stack type for this network interface to identify whether the IPv6 feature is enabled or not. If not specified, IPV4_ONLY will be used. type: string subnetworkProject: description: The project in which the subnetwork belongs. type: string subnetworkRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeSubnetwork` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: object type: array networkPerformanceConfig: description: Immutable. Configures network performance settings for the instance. If not specified, the instance will be created with its default network performance configuration. properties: totalEgressBandwidthTier: description: Immutable. The egress bandwidth tier to enable. Possible values:TIER_1, DEFAULT. type: string required: - totalEgressBandwidthTier type: object params: description: Immutable. Stores additional params passed with the request, but not persisted as part of resource payload. properties: resourceManagerTags: description: Immutable. A map of resource manager tags. Resource manager tag keys and values have the same definition as resource manager tags. Keys must be in the format tagKeys/{tag_key_id}, and values are in the format tagValues/456. The field is ignored (both PUT & PATCH) when empty. type: object x-kubernetes-preserve-unknown-fields: true type: object reservationAffinity: description: Immutable. Specifies the reservations that this instance can consume from. properties: specificReservation: description: Immutable. Specifies the label selector for the reservation to use. properties: key: description: Immutable. Corresponds to the label key of a reservation resource. To target a SPECIFIC_RESERVATION by name, specify compute.googleapis.com/reservation-name as the key and specify the name of your reservation as the only value. type: string values: description: Immutable. Corresponds to the label values of a reservation resource. items: type: string type: array required: - key - values type: object type: description: Immutable. The type of reservation from which this instance can consume resources. type: string required: - type type: object resourceID: description: Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. type: string resourcePolicies: items: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `selfLink` field of a `ComputeResourcePolicy` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object type: array scheduling: description: The scheduling strategy being used by the instance. properties: automaticRestart: description: Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). type: boolean instanceTerminationAction: description: Specifies the action GCE should take when SPOT VM is preempted. type: string localSsdRecoveryTimeout: description: |- Immutable. Specifies the maximum amount of time a Local Ssd Vm should wait while recovery of the Local Ssd state is attempted. Its value should be in between 0 and 168 hours with hour granularity and the default value being 1 hour. properties: nanos: description: |- Immutable. Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. type: integer seconds: description: |- Immutable. Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. type: integer required: - seconds type: object maintenanceInterval: description: 'Specifies the frequency of planned maintenance events. The accepted values are: PERIODIC.' type: string maxRunDuration: description: Immutable. The timeout for new network connections to hosts. properties: nanos: description: |- Immutable. Span of time that's a fraction of a second at nanosecond resolution. Durations less than one second are represented with a 0 seconds field and a positive nanos field. Must be from 0 to 999,999,999 inclusive. type: integer seconds: description: |- Immutable. Span of time at a resolution of a second. Must be from 0 to 315,576,000,000 inclusive. type: integer required: - seconds type: object minNodeCpus: type: integer nodeAffinities: items: properties: value: type: object x-kubernetes-preserve-unknown-fields: true type: object type: array onHostMaintenance: description: Describes maintenance behavior for the instance. One of MIGRATE or TERMINATE,. type: string preemptible: description: Immutable. Whether the instance is preemptible. type: boolean provisioningModel: description: Immutable. Whether the instance is spot. If this is set as SPOT. type: string type: object scratchDisk: description: Immutable. The scratch disks attached to the instance. items: properties: interface: description: The disk interface used for attaching this disk. One of SCSI or NVME. type: string size: description: Immutable. The size of the disk in gigabytes. One of 375 or 3000. type: integer required: - interface type: object type: array serviceAccount: description: The service account to attach to the instance. properties: scopes: description: A list of service scopes. items: type: string type: array serviceAccountRef: oneOf: - not: required: - external required: - name - not: anyOf: - required: - name - required: - namespace required: - external properties: external: description: 'Allowed value: The `email` field of an `IAMServiceAccount` resource.' type: string name: description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names' type: string namespace: description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/' type: string type: object required: - scopes type: object shieldedInstanceConfig: description: The shielded vm config being used by the instance. properties: enableIntegrityMonitoring: description: Whether integrity monitoring is enabled for the instance. type: boolean enableSecureBoot: description: Whether secure boot is enabled for the instance. type: boolean enableVtpm: description: Whether the instance uses vTPM. type: boolean type: object tags: description: The list of tags attached to the instance. items: type: string type: array zone: description: Immutable. The zone of the instance. If self_link is provided, this value is ignored. If neither self_link nor zone are provided, the provider zone is used. type: string type: object status: properties: conditions: description: Conditions represent the latest available observation of the resource's current state. items: properties: lastTransitionTime: description: Last time the condition transitioned from one status to another. type: string message: description: Human-readable message indicating details about last transition. type: string reason: description: Unique, one-word, CamelCase reason for the condition's last transition. type: string status: description: Status is the status of the condition. Can be True, False, Unknown. type: string type: description: Type is the type of the condition. type: string type: object type: array cpuPlatform: description: The CPU platform used by this instance. type: string currentStatus: description: "\n\t\t\t\t\tCurrent status of the instance.\n\t\t\t\t\tThis could be one of the following values: PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED.\n\t\t\t\t\tFor more information about the status of the instance, see [Instance life cycle](https://cloud.google.com/compute/docs/instances/instance-life-cycle)." type: string instanceId: description: The server-assigned unique identifier of this instance. type: string labelFingerprint: description: The unique fingerprint of the labels. type: string metadataFingerprint: description: The unique fingerprint of the metadata. type: string observedGeneration: description: ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. type: integer selfLink: description: The URI of the created resource. type: string tagsFingerprint: description: The unique fingerprint of the tags. type: string type: object required: - spec type: object served: true storage: true subresources: status: {} status: acceptedNames: kind: "" plural: "" conditions: [] storedVersions: []