googleComputeSnapshot
Represents a Persistent Disk Snapshot resource.
Use snapshots to back up data from your persistent disks. Snapshots are different from public images and custom images, which are used primarily to create instances or configure instance templates. Snapshots are useful for periodic backup of the data on your persistent disks. You can create snapshots from persistent disks even while they are attached to running instances.
Snapshots are incremental, so you can create regular snapshots on a persistent disk faster and at a much lower cost than if you regularly created a full image of the disk.
To get more information about Snapshot, see:
- API documentation
- How-to Guides
- Official Documentation
\~> Warning: All arguments including snapshotEncryptionKeyRawKey and sourceDiskEncryptionKeyRawKey will be stored in the raw state as plain-text. Read more about sensitive data in state.
Example Usage - Snapshot Basic
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const dataGoogleComputeImageDebian =
new google.dataGoogleComputeImage.DataGoogleComputeImage(this, "debian", {
family: "debian-11",
project: "debian-cloud",
});
const googleComputeDiskPersistent = new google.computeDisk.ComputeDisk(
this,
"persistent",
{
image: dataGoogleComputeImageDebian.selfLink,
name: "debian-disk",
size: 10,
type: "pd-ssd",
zone: "us-central1-a",
}
);
new google.computeSnapshot.ComputeSnapshot(this, "snapshot", {
labels: [
{
my_label: "value",
},
],
name: "my-snapshot",
source_disk: googleComputeDiskPersistent.id,
storage_locations: ["us-central1"],
zone: "us-central1-a",
});
Example Usage - Snapshot Chainname
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const dataGoogleComputeImageDebian =
new google.dataGoogleComputeImage.DataGoogleComputeImage(this, "debian", {
family: "debian-11",
project: "debian-cloud",
});
const googleComputeDiskPersistent = new google.computeDisk.ComputeDisk(
this,
"persistent",
{
image: dataGoogleComputeImageDebian.selfLink,
name: "debian-disk",
size: 10,
type: "pd-ssd",
zone: "us-central1-a",
}
);
new google.computeSnapshot.ComputeSnapshot(this, "snapshot", {
chain_name: "snapshot-chain",
labels: [
{
my_label: "value",
},
],
name: "my-snapshot",
source_disk: googleComputeDiskPersistent.id,
storage_locations: ["us-central1"],
zone: "us-central1-a",
});
Argument Reference
The following arguments are supported:
-
name- (Required) Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression[aZ]([AZ09]*[aZ09])?which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. -
sourceDisk- (Required) A reference to the disk used to create this snapshot.
-
chainName- (Optional) Creates the new snapshot in the snapshot chain labeled with the specified name. The chain name must be 1-63 characters long and comply with RFC1035. This is an uncommon option only for advanced service owners who needs to create separate snapshot chains, for example, for chargeback tracking. When you describe your snapshot resource, this field is visible only if it has a non-empty value. -
description- (Optional) An optional description of this resource. -
storageLocations- (Optional) Cloud Storage bucket storage location of the snapshot (regional or multi-regional). -
labels- (Optional) Labels to apply to this Snapshot. -
zone- (Optional) A reference to the zone where the disk is hosted. -
snapshotEncryptionKey- (Optional) Encrypts the snapshot using a customer-supplied encryption key. After you encrypt a snapshot using a customer-supplied key, you must provide the same key if you use the snapshot later. For example, you must provide the encryption key when you create a disk from the encrypted snapshot in a future request. Customer-supplied encryption keys do not protect access to metadata of the snapshot. If you do not provide an encryption key when creating the snapshot, then the snapshot will be encrypted using an automatically generated key and you do not need to provide a key to use the snapshot later. Structure is documented below. -
sourceDiskEncryptionKey- (Optional) The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. Structure is documented below. -
project- (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
The snapshotEncryptionKey block supports:
-
rawKey- (Optional) Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. Note: This property is sensitive and will not be displayed in the plan. -
sha256- (Output) The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource. -
kmsKeySelfLink- (Optional) The name of the encryption key that is stored in Google Cloud KMS. -
kmsKeyServiceAccount- (Optional) The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.
The sourceDiskEncryptionKey block supports:
-
rawKey- (Optional) Specifies a 256-bit customer-supplied encryption key, encoded in RFC 4648 base64 to either encrypt or decrypt this resource. Note: This property is sensitive and will not be displayed in the plan. -
kmsKeyServiceAccount- (Optional) The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
id- an identifier for the resource with formatprojects/{{project}}/global/snapshots/{{name}} -
creationTimestamp- Creation timestamp in RFC3339 text format. -
snapshotId- The unique identifier for the resource. -
diskSizeGb- Size of the snapshot, specified in GB. -
storageBytes- A size of the storage used by the snapshot. As snapshots share storage, this number is expected to change with snapshot creation/deletion. -
licenses- A list of public visible licenses that apply to this snapshot. This can be because the original image had licenses attached (such as a Windows image). snapshotEncryptionKey nested object Encrypts the snapshot using a customer-supplied encryption key. -
labelFingerprint- The fingerprint used for optimistic locking of this resource. Used internally during updates. -
selfLink- The URI of the created resource.
Timeouts
This resource provides the following Timeouts configuration options:
create- Default is 20 minutes.update- Default is 20 minutes.delete- Default is 20 minutes.
Import
Snapshot can be imported using any of these accepted formats:
$ terraform import google_compute_snapshot.default projects/{{project}}/global/snapshots/{{name}}
$ terraform import google_compute_snapshot.default {{project}}/{{name}}
$ terraform import google_compute_snapshot.default {{name}}
User Project Overrides
This resource supports User Project Overrides.