Skip to content
This repository has been archived by the owner on Nov 14, 2024. It is now read-only.

Commit

Permalink
Add Erase Windows VSS support to compute disk (#3898) (#441)
Browse files Browse the repository at this point in the history
Co-authored-by: Cameron Thornton <camthornton@google.com>
Signed-off-by: Modular Magician <magic-modules@google.com>

Co-authored-by: Cameron Thornton <camthornton@google.com>
  • Loading branch information
modular-magician and c2thorn authored Aug 27, 2020
1 parent a7532ad commit 5e860a3
Show file tree
Hide file tree
Showing 7 changed files with 23 additions and 1 deletion.
10 changes: 9 additions & 1 deletion docs/resources/google_compute_disk.md
Original file line number Diff line number Diff line change
Expand Up @@ -65,7 +65,9 @@ Properties that can be accessed from the `google_compute_disk` resource:

* `type`: URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk.

* `source_image`: The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-8 to use the latest Debian 8 image: projects/debian-cloud/global/images/family/debian-8 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-8-jessie-vYYYYMMDD To create a disk with a private image that you created, specify the image name in the following format: global/images/my-private-image You can also specify a private image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-private-family
* `erase_windows_vss_signature`: (Beta only) Specifies whether the disk restored from a source snapshot should erase Windows specific VSS signature.

* `source_image`: The source image used to create this disk. If the source image is deleted, this field will not be set. To create a disk with one of the public operating system images, specify the image by its family name. For example, specify family/debian-9 to use the latest Debian 9 image: projects/debian-cloud/global/images/family/debian-9 Alternatively, use a specific version of a public operating system image: projects/debian-cloud/global/images/debian-9-stretch-vYYYYMMDD To create a disk with a private image that you created, specify the image name in the following format: global/images/my-private-image You can also specify a private image by its image family, which returns the latest version of the image in that family. Replace the image name with family/family-name: global/images/family/my-private-family

* `resource_policies`: (Beta only) Resource policies applied to this disk for automatic snapshot creations.

Expand All @@ -79,6 +81,8 @@ Properties that can be accessed from the `google_compute_disk` resource:

* `kms_key_name`: The name of the encryption key that is stored in Google Cloud KMS.

* `kms_key_service_account`: The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.

* `source_image_id`: The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. For example, if you created the persistent disk from an image that was later deleted and recreated under the same name, the source image ID would identify the exact version of the image that was used.

* `disk_encryption_key`: Encrypts the disk using a customer-supplied encryption key. After you encrypt a disk with a customer-supplied key, you must provide the same key if you use the disk later (e.g. to create a disk snapshot or an image, or to attach the disk to a virtual machine). Customer-supplied encryption keys do not protect access to metadata of the disk. If you do not provide an encryption key when creating the disk, then the disk will be encrypted using an automatically generated key and you do not need to provide a key to use the disk later.
Expand All @@ -89,6 +93,8 @@ Properties that can be accessed from the `google_compute_disk` resource:

* `kms_key_name`: The name of the encryption key that is stored in Google Cloud KMS. Your project's Compute Engine System service account (`service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com`) must have `roles/cloudkms.cryptoKeyEncrypterDecrypter` to use this feature.

* `kms_key_service_account`: The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.

* `source_snapshot`: The source snapshot used to create this disk. You can provide this as a partial or full URL to the resource. If the snapshot is in another project than this disk, you must supply a full URL. For example, the following are valid values: * `https://www.googleapis.com/compute/v1/projects/project/global/snapshots/snapshot` * `projects/project/global/snapshots/snapshot` * `global/snapshots/snapshot`

* `source_snapshot_encryption_key`: The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key.
Expand All @@ -99,6 +105,8 @@ Properties that can be accessed from the `google_compute_disk` resource:

* `sha256`: The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied encryption key that protects this resource.

* `kms_key_service_account`: The service account used for the encryption request for the given KMS key. If absent, the Compute Engine Service Agent service account is used.

* `source_snapshot_id`: The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. For example, if you created the persistent disk from a snapshot that was later deleted and recreated under the same name, the source snapshot ID would identify the exact version of the snapshot that was used.


Expand Down
1 change: 1 addition & 0 deletions docs/resources/google_compute_disks.md
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,7 @@ See [google_compute_disk.md](google_compute_disk.md) for more detailed informati
* `users`: an array of `google_compute_disk` users
* `physical_block_size_bytes`: an array of `google_compute_disk` physical_block_size_bytes
* `types`: an array of `google_compute_disk` type
* `erase_windows_vss_signatures`: (Beta only) an array of `google_compute_disk` erase_windows_vss_signature
* `source_images`: an array of `google_compute_disk` source_image
* `resource_policies`: (Beta only) an array of `google_compute_disk` resource_policies
* `zones`: an array of `google_compute_disk` zone
Expand Down
3 changes: 3 additions & 0 deletions libraries/google/compute/property/disk_disk_encryption_key.rb
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,15 @@ class DiskDiskEncryptionKey

attr_reader :kms_key_name

attr_reader :kms_key_service_account

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@raw_key = args['rawKey']
@sha256 = args['sha256']
@kms_key_name = args['kmsKeyName']
@kms_key_service_account = args['kmsKeyServiceAccount']
end

def to_s
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,15 @@ class DiskSourceImageEncryptionKey

attr_reader :kms_key_name

attr_reader :kms_key_service_account

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@raw_key = args['rawKey']
@sha256 = args['sha256']
@kms_key_name = args['kmsKeyName']
@kms_key_service_account = args['kmsKeyServiceAccount']
end

def to_s
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,15 @@ class DiskSourceSnapshotEncryptionKey

attr_reader :sha256

attr_reader :kms_key_service_account

def initialize(args = nil, parent_identifier = nil)
return if args.nil?
@parent_identifier = parent_identifier
@raw_key = args['rawKey']
@kms_key_name = args['kmsKeyName']
@sha256 = args['sha256']
@kms_key_service_account = args['kmsKeyServiceAccount']
end

def to_s
Expand Down
2 changes: 2 additions & 0 deletions libraries/google_compute_disk.rb
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ class ComputeDisk < GcpResourceBase
attr_reader :users
attr_reader :physical_block_size_bytes
attr_reader :type
attr_reader :erase_windows_vss_signature
attr_reader :source_image
attr_reader :resource_policies
attr_reader :zone
Expand Down Expand Up @@ -69,6 +70,7 @@ def parse
@users = @fetched['users']
@physical_block_size_bytes = @fetched['physicalBlockSizeBytes']
@type = @fetched['type']
@erase_windows_vss_signature = @fetched['eraseWindowsVssSignature']
@source_image = @fetched['sourceImage']
@resource_policies = @fetched['resourcePolicies']
@zone = @fetched['zone']
Expand Down
2 changes: 2 additions & 0 deletions libraries/google_compute_disks.rb
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ class ComputeDisks < GcpResourceBase
filter_table_config.add(:users, field: :users)
filter_table_config.add(:physical_block_size_bytes, field: :physical_block_size_bytes)
filter_table_config.add(:types, field: :type)
filter_table_config.add(:erase_windows_vss_signatures, field: :erase_windows_vss_signature)
filter_table_config.add(:source_images, field: :source_image)
filter_table_config.add(:resource_policies, field: :resource_policies)
filter_table_config.add(:zones, field: :zone)
Expand Down Expand Up @@ -97,6 +98,7 @@ def transformers
'users' => ->(obj) { return :users, obj['users'] },
'physicalBlockSizeBytes' => ->(obj) { return :physical_block_size_bytes, obj['physicalBlockSizeBytes'] },
'type' => ->(obj) { return :type, obj['type'] },
'eraseWindowsVssSignature' => ->(obj) { return :erase_windows_vss_signature, obj['eraseWindowsVssSignature'] },
'sourceImage' => ->(obj) { return :source_image, obj['sourceImage'] },
'resourcePolicies' => ->(obj) { return :resource_policies, obj['resourcePolicies'] },
'zone' => ->(obj) { return :zone, obj['zone'] },
Expand Down

0 comments on commit 5e860a3

Please sign in to comment.