ComputeSnapshot
| Property | Value |
|---|---|
| Google Cloud Service Name | Compute Engine |
| Google Cloud Service Documentation | /compute/docs/ |
| Google Cloud REST Resource Name | v1.snapshots |
| Google Cloud REST Resource Documentation | /compute/docs/reference/rest/v1/snapshots |
| Config Connector Resource Short Names | gcpcomputesnapshot gcpcomputesnapshots computesnapshot |
| Config Connector Service Name | compute.googleapis.com |
| Config Connector Resource Fully Qualified Name | computesnapshots.compute.cnrm.cloud.google.com |
| Can Be Referenced by IAMPolicy/IAMPolicyMember | Yes |
| Supports IAM Conditions | No |
| Supports IAM Audit Configs | No |
| IAM External Reference Format |
projects/{{project}}/global/snapshots/{{name}} |
| Config Connector Default Average Reconcile Interval In Seconds | 600 |
Custom Resource Definition Properties
Annotations
| Fields | |
|---|---|
cnrm.cloud.google.com/project-id |
|
Spec
Schema
chainName: string
description: string
resourceID: string
snapshotEncryptionKey:
kmsKeyRef:
external: string
name: string
namespace: string
kmsKeyServiceAccountRef:
external: string
name: string
namespace: string
rawKey:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
sha256: string
sourceDiskEncryptionKey:
kmsKeyServiceAccountRef:
external: string
name: string
namespace: string
rawKey:
value: string
valueFrom:
secretKeyRef:
key: string
name: string
sourceDiskRef:
external: string
name: string
namespace: string
storageLocations:
- string
zone: string
| Fields | |
|---|---|
|
Optional |
Immutable. Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value. |
|
Optional |
Immutable. An optional description of this resource. |
|
Optional |
Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. |
|
Optional |
Immutable. Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later. |
|
Optional |
The encryption key that is stored in Google Cloud KMS. |
|
Optional |
Allowed value: The `selfLink` field of a `KMSCryptoKey` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. |
|
Optional |
Allowed value: The `email` field of an `IAMServiceAccount` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Optional |
The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. |
|
Optional |
Immutable. The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. |
|
Optional |
The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used. |
|
Optional |
Allowed value: The `email` field of an `IAMServiceAccount` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. |
|
Optional |
Value of the field. Cannot be used if 'valueFrom' is specified. |
|
Optional |
Source for the field's value. Cannot be used if 'value' is specified. |
|
Optional |
Reference to a value with the given key in the given Secret in the resource's namespace. |
|
Required* |
Key that identifies the value to be extracted. |
|
Required* |
Name of the Secret to extract a value from. |
|
Required |
A reference to the disk used to create this snapshot. |
|
Optional |
Allowed value: The `name` field of a `ComputeDisk` resource. |
|
Optional |
Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names |
|
Optional |
Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ |
|
Optional |
Immutable. Cloud Storage bucket storage location of the snapshot (regional or multi-regional). |
|
Optional |
|
|
Optional |
Immutable. A reference to the zone where the disk is hosted. |
* Field is required when parent field is specified
Status
Schema
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
creationTimestamp: string
diskSizeGb: integer
labelFingerprint: string
licenses:
- string
observedGeneration: integer
selfLink: string
snapshotId: integer
storageBytes: integer
| Fields | |
|---|---|
conditions |
Conditions represent the latest available observation of the resource's current state. |
conditions[] |
|
conditions[].lastTransitionTime |
Last time the condition transitioned from one status to another. |
conditions[].message |
Human-readable message indicating details about last transition. |
conditions[].reason |
Unique, one-word, CamelCase reason for the condition's last transition. |
conditions[].status |
Status is the status of the condition. Can be True, False, Unknown. |
conditions[].type |
Type is the type of the condition. |
creationTimestamp |
Creation timestamp in RFC3339 text format. |
diskSizeGb |
Size of the snapshot, specified in GB. |
labelFingerprint |
The fingerprint used for optimistic locking of this resource. Used internally during updates. |
licenses |
A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key. |
licenses[] |
|
observedGeneration |
ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. |
selfLink |
|
snapshotId |
The unique identifier for the resource. |
storageBytes |
A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion. |
Sample YAML(s)
Typical Use Case
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeSnapshot
metadata:
name: computesnapshot-sample
labels:
label-one: "value-one"
spec:
description: "ComputeSnapshot Sample"
zone: us-west1-c
sourceDiskRef:
name: computesnapshot-dep
snapshotEncryptionKey:
rawKey:
valueFrom:
secretKeyRef:
name: computesnapshot-dep
key: snapshotEncryptionKey
sourceDiskEncryptionKey:
rawKey:
valueFrom:
secretKeyRef:
name: computesnapshot-dep
key: sourceDiskEncryptionKey
---
apiVersion: compute.cnrm.cloud.google.com/v1beta1
kind: ComputeDisk
metadata:
name: computesnapshot-dep
spec:
location: us-west1-c
diskEncryptionKey:
rawKey:
valueFrom:
secretKeyRef:
name: computesnapshot-dep
key: sourceDiskEncryptionKey
---
apiVersion: v1
kind: Secret
metadata:
name: computesnapshot-dep
stringData:
snapshotEncryptionKey: a2NjIGlzIGF3ZXNvbWUgeW91IHNob3VsZCB0cnkgaXQ=
sourceDiskEncryptionKey: SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0=