From 7f751bdf360f8026b8d81d990a7ac312d61172a8 Mon Sep 17 00:00:00 2001 From: Modular Magician Date: Fri, 9 Jan 2026 01:35:26 +0000 Subject: [PATCH] Add RestoreWorkload resource with custom create and delete (#16080) [upstream:42fadccbfc2e8c847bcdd2c82e55ee2c93b7a7fd] Signed-off-by: Modular Magician --- .changelog/16080.txt | 3 + ...esource_backup_dr_restore_workload_test.go | 342 ++++++ .../backup_dr_restore_workload.html.markdown | 1069 +++++++++++++++++ 3 files changed, 1414 insertions(+) create mode 100644 .changelog/16080.txt create mode 100644 google/services/backupdr/resource_backup_dr_restore_workload_test.go create mode 100644 website/docs/r/backup_dr_restore_workload.html.markdown diff --git a/.changelog/16080.txt b/.changelog/16080.txt new file mode 100644 index 00000000000..f2dd968c97f --- /dev/null +++ b/.changelog/16080.txt @@ -0,0 +1,3 @@ +```release-note:enhancement +backupdr: added support for restore compute instance and disk +``` \ No newline at end of file diff --git a/google/services/backupdr/resource_backup_dr_restore_workload_test.go b/google/services/backupdr/resource_backup_dr_restore_workload_test.go new file mode 100644 index 00000000000..580ac9c0a7b --- /dev/null +++ b/google/services/backupdr/resource_backup_dr_restore_workload_test.go @@ -0,0 +1,342 @@ +// Copyright (c) HashiCorp, Inc. +// SPDX-License-Identifier: MPL-2.0 +// ---------------------------------------------------------------------------- +// +// *** AUTO GENERATED CODE *** Type: Handwritten *** +// +// ---------------------------------------------------------------------------- +// +// This code is generated by Magic Modules using the following: +// +// Source file: https://github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/third_party/terraform/services/backupdr/resource_backup_dr_restore_workload_test.go +// +// DO NOT EDIT this file directly. Any changes made to this file will be +// overwritten during the next generation cycle. +// +// ---------------------------------------------------------------------------- +//go:build !ga +// +build !ga + +package backupdr_test + +import ( + "os" + "testing" + + "github.com/hashicorp/terraform-plugin-testing/helper/resource" + "github.com/hashicorp/terraform-provider-google/google/acctest" + "github.com/hashicorp/terraform-provider-google/google/envvar" +) + +// This test cannot be run locally without seeding your environment with a backup vault and scheduling +// the backup of a compute instance to generate a backup. The values in this test correspond to those +// used in our testing processes. To run locally, set env vars: +// GOOGLE_BACKUP_DR_BACKUP_VAULT_ID, GOOGLE_BACKUP_DR_DATA_SOURCE_ID, GOOGLE_BACKUP_DR_BACKUP_ID +func TestAccBackupDRRestoreWorkload_computeInstanceBasic(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + backupVaultId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID") + if backupVaultId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID must be set for this test") + } + dataSourceId := os.Getenv("GOOGLE_BACKUP_DR_DATA_SOURCE_ID") + if dataSourceId == "" { + t.Skip("GOOGLE_BACKUP_DR_DATA_SOURCE_ID must be set for this test") + } + backupId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_ID") + if backupId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_ID must be set for this test") + } + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + "backup_vault_id": backupVaultId, + "data_source_id": dataSourceId, + "backup_id": backupId, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccBackupDRRestoreWorkload_computeInstanceBasic(context), + }, + }, + }) +} + +func TestAccBackupDRRestoreWorkload_computeInstanceWithProperties(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + backupVaultId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID") + if backupVaultId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID must be set for this test") + } + dataSourceId := os.Getenv("GOOGLE_BACKUP_DR_DATA_SOURCE_ID") + if dataSourceId == "" { + t.Skip("GOOGLE_BACKUP_DR_DATA_SOURCE_ID must be set for this test") + } + backupId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_ID") + if backupId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_ID must be set for this test") + } + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + "backup_vault_id": backupVaultId, + "data_source_id": dataSourceId, + "backup_id": backupId, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccBackupDRRestoreWorkload_computeInstanceWithProperties(context), + }, + }, + }) +} + +func TestAccBackupDRRestoreWorkload_diskBasic(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + backupVaultId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID") + if backupVaultId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID must be set for this test") + } + dataSourceId := os.Getenv("GOOGLE_BACKUP_DR_DATA_SOURCE_ID") + if dataSourceId == "" { + t.Skip("GOOGLE_BACKUP_DR_DATA_SOURCE_ID must be set for this test") + } + backupId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_ID") + if backupId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_ID must be set for this test") + } + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + "backup_vault_id": backupVaultId, + "data_source_id": dataSourceId, + "backup_id": backupId, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccBackupDRRestoreWorkload_diskBasic(context), + }, + }, + }) +} + +func TestAccBackupDRRestoreWorkload_regionalDisk(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + backupVaultId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID") + if backupVaultId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID must be set for this test") + } + dataSourceId := os.Getenv("GOOGLE_BACKUP_DR_DATA_SOURCE_ID") + if dataSourceId == "" { + t.Skip("GOOGLE_BACKUP_DR_DATA_SOURCE_ID must be set for this test") + } + backupId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_ID") + if backupId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_ID must be set for this test") + } + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + "backup_vault_id": backupVaultId, + "data_source_id": dataSourceId, + "backup_id": backupId, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccBackupDRRestoreWorkload_regionalDisk(context), + }, + }, + }) +} + +func TestAccBackupDRRestoreWorkload_deleteInstanceFalse(t *testing.T) { + acctest.SkipIfVcr(t) + t.Parallel() + + backupVaultId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID") + if backupVaultId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_VAULT_ID must be set for this test") + } + dataSourceId := os.Getenv("GOOGLE_BACKUP_DR_DATA_SOURCE_ID") + if dataSourceId == "" { + t.Skip("GOOGLE_BACKUP_DR_DATA_SOURCE_ID must be set for this test") + } + backupId := os.Getenv("GOOGLE_BACKUP_DR_BACKUP_ID") + if backupId == "" { + t.Skip("GOOGLE_BACKUP_DR_BACKUP_ID must be set for this test") + } + + context := map[string]interface{}{ + "project": envvar.GetTestProjectFromEnv(), + "random_suffix": acctest.RandString(t, 10), + "backup_vault_id": backupVaultId, + "data_source_id": dataSourceId, + "backup_id": backupId, + } + + acctest.VcrTest(t, resource.TestCase{ + PreCheck: func() { acctest.AccTestPreCheck(t) }, + ProtoV5ProviderFactories: acctest.ProtoV5ProviderFactories(t), + Steps: []resource.TestStep{ + { + Config: testAccBackupDRRestoreWorkload_deleteInstanceFalse(context), + }, + }, + }) +} + +func testAccBackupDRRestoreWorkload_computeInstanceBasic(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_backup_dr_restore_workload" "restore" { + location = "us-central1" + backup_vault_id = "%{backup_vault_id}" + data_source_id = "%{data_source_id}" + backup_id = "%{backup_id}" + + name = "projects/%{project}/locations/us-central1/backups/test-backup" + + compute_instance_target_environment { + project = "%{project}" + zone = "us-central1-a" + } + + compute_instance_restore_properties { + name = "tf-test-restored-instance-%{random_suffix}" + machine_type = "projects/%{project}/zones/us-central1-a/machineTypes/e2-medium" + } +} +`, context) +} + +func testAccBackupDRRestoreWorkload_computeInstanceWithProperties(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_backup_dr_restore_workload" "restore" { + location = "us-central1" + backup_vault_id = "%{backup_vault_id}" + data_source_id = "%{data_source_id}" + backup_id = "%{backup_id}" + + name = "projects/%{project}/locations/us-central1/backups/test-backup" + + compute_instance_target_environment { + project = "%{project}" + zone = "us-central1-a" + } + + compute_instance_restore_properties { + name = "tf-test-restored-instance-%{random_suffix}" + machine_type = "projects/%{project}/zones/us-central1-a/machineTypes/e2-medium" + description = "Restored instance with custom properties" + + can_ip_forward = true + deletion_protection = false + } +} +`, context) +} + +func testAccBackupDRRestoreWorkload_diskBasic(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_backup_dr_restore_workload" "restore" { + location = "us-central1" + backup_vault_id = "%{backup_vault_id}" + data_source_id = "%{data_source_id}" + backup_id = "%{backup_id}" + + name = "projects/%{project}/locations/us-central1/backups/test-backup" + + disk_target_environment { + project = "%{project}" + zone = "us-central1-a" + } + + disk_restore_properties { + name = "tf-test-restored-disk-%{random_suffix}" + size_gb = 100 + type = "projects/%{project}/zones/us-central1-a/diskTypes/pd-standard" + + description = "Restored disk from backup" + } +} +`, context) +} + +func testAccBackupDRRestoreWorkload_regionalDisk(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_backup_dr_restore_workload" "restore" { + location = "us-central1" + backup_vault_id = "%{backup_vault_id}" + data_source_id = "%{data_source_id}" + backup_id = "%{backup_id}" + + name = "projects/%{project}/locations/us-central1/backups/test-backup" + + region_disk_target_environment { + project = "%{project}" + region = "us-central1" + replica_zones = [ + "projects/%{project}/zones/us-central1-a", + "projects/%{project}/zones/us-central1-b" + ] + } + + disk_restore_properties { + name = "tf-test-restored-regional-disk-%{random_suffix}" + size_gb = 200 + type = "projects/%{project}/regions/us-central1/diskTypes/pd-balanced" + } +} +`, context) +} + +func testAccBackupDRRestoreWorkload_deleteInstanceFalse(context map[string]interface{}) string { + return acctest.Nprintf(` +resource "google_backup_dr_restore_workload" "restore" { + location = "us-central1" + backup_vault_id = "%{backup_vault_id}" + data_source_id = "%{data_source_id}" + backup_id = "%{backup_id}" + + name = "projects/%{project}/locations/us-central1/backups/test-backup" + + delete_restored_instance = false + + compute_instance_target_environment { + project = "%{project}" + zone = "us-central1-a" + } + + compute_instance_restore_properties { + name = "tf-test-persist-instance-%{random_suffix}" + machine_type = "projects/%{project}/zones/us-central1-a/machineTypes/e2-medium" + } +} +`, context) +} diff --git a/website/docs/r/backup_dr_restore_workload.html.markdown b/website/docs/r/backup_dr_restore_workload.html.markdown new file mode 100644 index 00000000000..d42e515814e --- /dev/null +++ b/website/docs/r/backup_dr_restore_workload.html.markdown @@ -0,0 +1,1069 @@ +--- +# ---------------------------------------------------------------------------- +# +# *** AUTO GENERATED CODE *** Type: MMv1 *** +# +# ---------------------------------------------------------------------------- +# +# This code is generated by Magic Modules using the following: +# +# Configuration: https:#github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/products/backupdr/RestoreWorkload.yaml +# Template: https:#github.com/GoogleCloudPlatform/magic-modules/tree/main/mmv1/templates/terraform/resource.html.markdown.tmpl +# +# DO NOT EDIT this file directly. Any changes made to this file will be +# overwritten during the next generation cycle. +# +# ---------------------------------------------------------------------------- +subcategory: "Backup and DR Service" +description: |- + An imperative resource that triggers a GCBDR restoration event. +--- + +# google_backup_dr_restore_workload + +An imperative resource that triggers a GCBDR restoration event. +Creating this resource will initiate a restore operation from a specified backup. +The resource represents the restore operation and its result. + +~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider. +See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources. + + +## Example Usage - Backup Dr Restore Workload Compute Instance Basic + + +```hcl +resource "google_backup_dr_restore_workload" "restore_compute_basic" { + location = "us-central1" + backup_vault_id = "backup-vault" + data_source_id = "data-source" + backup_id = "backup" + + name = "projects/my-project/locations/us-central1/backups/my-backup" + + compute_instance_target_environment { + project = "my-project-name" + zone = "us-central1-a" + } + + compute_instance_restore_properties { + name = "restored-instance" + machine_type = "e2-medium" + } +} +``` +## Example Usage - Backup Dr Restore Workload Compute Instance Full + + +```hcl +resource "google_backup_dr_restore_workload" "restore_compute_full" { + location = "us-central1" + backup_vault_id = "backup-vault" + data_source_id = "data-source" + backup_id = "backup" + + name = "projects/my-project/locations/us-central1/backups/my-backup" + + compute_instance_target_environment { + project = "my-project-name" + zone = "us-central1-a" + } + + compute_instance_restore_properties { + name = "restored-instance-full" + machine_type = "e2-medium" + description = "Restored compute instance with advanced configuration" + + can_ip_forward = true + deletion_protection = false + + labels = { + environment = "production" + restored = "true" + team = "infrastructure" + } + + tags { + items = ["web", "https-server", "restored"] + } + + network_interfaces { + network = "default" + subnetwork = "projects/my-project-name/regions/us-central1/subnetworks/default" + + access_configs { + name = "External NAT" + network_tier = "PREMIUM" + } + } + + scheduling { + automatic_restart = true + on_host_maintenance = "MIGRATE" + preemptible = false + provisioning_model = "STANDARD" + } + + service_accounts { + email = "default" + scopes = [ + "https://www.googleapis.com/auth/cloud-platform", + "https://www.googleapis.com/auth/compute" + ] + } + + shielded_instance_config { + enable_secure_boot = true + enable_vtpm = true + enable_integrity_monitoring = true + } + + advanced_machine_features { + enable_nested_virtualization = false + threads_per_core = 1 + } + + metadata { + items { + key = "startup-script" + value = "#!/bin/bash\necho 'Instance restored' > /tmp/restored.txt" + } + items { + key = "enable-oslogin" + value = "TRUE" + } + } + } +} +``` +## Example Usage - Backup Dr Restore Workload Disk Basic + + +```hcl +resource "google_backup_dr_restore_workload" "restore_disk_basic" { + location = "us-central1" + backup_vault_id = "backup-vault" + data_source_id = "data-source" + backup_id = "backup" + + name = "projects/my-project/locations/us-central1/backups/my-backup" + + disk_target_environment { + project = "my-project-name" + zone = "us-central1-a" + } + + disk_restore_properties { + name = "restored-disk" + size_gb = 100 + type = "pd-standard" + + description = "Restored persistent disk from backup" + + labels = { + environment = "production" + restored = "true" + } + } +} +``` +## Example Usage - Backup Dr Restore Workload Regional Disk + + +```hcl +resource "google_backup_dr_restore_workload" "restore_regional_disk" { + location = "us-central1" + backup_vault_id = "backup-vault" + data_source_id = "data-source" + backup_id = "backup" + + name = "projects/my-project/locations/us-central1/backups/my-backup" + + region_disk_target_environment { + project = "my-project-name" + region = "us-central1" + replica_zones = [ + "us-central1-a", + "us-central1-b" + ] + } + + disk_restore_properties { + name = "restored-regional-disk" + size_gb = 200 + type = "pd-balanced" + + description = "Restored regional persistent disk" + + labels = { + type = "regional" + environment = "production" + } + + provisioned_iops = 3000 + provisioned_throughput = 140 + } +} +``` +## Example Usage - Backup Dr Restore Workload Without Delete + + +```hcl +resource "google_backup_dr_restore_workload" "restore_without_delete" { + location = "us-central1" + backup_vault_id = "backup-vault" + data_source_id = "data-source" + backup_id = "backup" + + name = "projects/my-project/locations/us-central1/backups/my-backup" + + # Set to false to keep the restored resource in GCP after terraform destroy + delete_restored_instance = false + + disk_target_environment { + project = "my-project-name" + zone = "us-central1-a" + } + + disk_restore_properties { + name = "persistent-disk" + size_gb = 50 + type = "pd-standard" + } +} +``` + +## Argument Reference + +The following arguments are supported: + + +* `name` - + (Required) + Required. The resource name of the backup instance. + +* `location` - + (Required) + Required. The location for the backup vault. + +* `backup_vault_id` - + (Required) + Required. The ID of the backup vault. + +* `data_source_id` - + (Required) + Required. The ID of the data source. + +* `backup_id` - + (Required) + Required. The ID of the backup to restore from. + + +* `request_id` - + (Optional) + Optional. An optional request ID to identify requests. Specify a unique request ID + so that if you must retry your request, the server will know to ignore + the request if it has already been completed. + +* `compute_instance_target_environment` - + (Optional) + Optional. The destination environment for GCE VM restoration. + Structure is [documented below](#nested_compute_instance_target_environment). + +* `disk_target_environment` - + (Optional) + Optional. The destination environment for zonal disk restoration. + Structure is [documented below](#nested_disk_target_environment). + +* `region_disk_target_environment` - + (Optional) + Optional. The destination environment for regional disk restoration. + Structure is [documented below](#nested_region_disk_target_environment). + +* `compute_instance_restore_properties` - + (Optional) + Optional. Compute Engine instance properties to be overridden during restore. + Structure is [documented below](#nested_compute_instance_restore_properties). + +* `disk_restore_properties` - + (Optional) + Optional. Disk properties to be overridden during restore. + Structure is [documented below](#nested_disk_restore_properties). + +* `clear_overrides_field_mask` - + (Optional) + Optional. A field mask used to clear server-side default values during restore. + +* `delete_restored_instance` - + (Optional) + Optional. If true (default), running terraform destroy will delete the live resource in GCP. + If false, only the restore record is removed from the state, leaving the resource active. + + + +The `compute_instance_target_environment` block supports: + +* `project` - + (Required) + Required. Target project for the Compute Engine instance. + +* `zone` - + (Required) + Required. The zone of the Compute Engine instance. + +The `disk_target_environment` block supports: + +* `project` - + (Required) + Required. Target project for the disk. + +* `zone` - + (Required) + Required. Target zone for the disk. + +The `region_disk_target_environment` block supports: + +* `project` - + (Required) + Required. Target project for the disk. + +* `region` - + (Required) + Required. Target region for the disk. + +* `replica_zones` - + (Required) + Required. Target URLs of the replica zones for the disk. + +The `compute_instance_restore_properties` block supports: + +* `name` - + (Required) + Required. Name of the compute instance. + +* `advanced_machine_features` - + (Optional) + Optional. Controls for advanced machine-related behavior features. + Structure is [documented below](#nested_compute_instance_restore_properties_advanced_machine_features). + +* `can_ip_forward` - + (Optional) + Optional. Allows this instance to send and receive packets with non-matching destination or source IPs. + +* `confidential_instance_config` - + (Optional) + Optional. Controls Confidential compute options on the instance. + Structure is [documented below](#nested_compute_instance_restore_properties_confidential_instance_config). + +* `deletion_protection` - + (Optional) + Optional. Whether the resource should be protected against deletion. + +* `description` - + (Optional) + Optional. An optional description of this resource. + +* `disks` - + (Optional) + Optional. Array of disks associated with this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_disks). + +* `display_device` - + (Optional) + Optional. Enables display device for the instance. + Structure is [documented below](#nested_compute_instance_restore_properties_display_device). + +* `guest_accelerators` - + (Optional) + Optional. A list of the type and count of accelerator cards attached to the instance. + Structure is [documented below](#nested_compute_instance_restore_properties_guest_accelerators). + +* `hostname` - + (Optional) + Optional. Specifies the hostname of the instance. + +* `instance_encryption_key` - + (Optional) + Optional. Encrypts suspended data for an instance with a customer-managed encryption key. + Structure is [documented below](#nested_compute_instance_restore_properties_instance_encryption_key). + +* `key_revocation_action_type` - + (Optional) + Optional. KeyRevocationActionType of the instance. + Possible values are: `KEY_REVOCATION_ACTION_TYPE_UNSPECIFIED`, `NONE`, `STOP`. + +* `labels` - + (Optional) + Optional. Labels to apply to this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_labels). + +* `machine_type` - + (Optional) + Optional. Full or partial URL of the machine type resource to use for this instance. + +* `metadata` - + (Optional) + Optional. This includes custom metadata and predefined keys. + Structure is [documented below](#nested_compute_instance_restore_properties_metadata). + +* `min_cpu_platform` - + (Optional) + Optional. Minimum CPU platform to use for this instance. + +* `network_interfaces` - + (Optional) + Optional. An array of network configurations for this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_network_interfaces). + +* `network_performance_config` - + (Optional) + Optional. Configure network performance such as egress bandwidth tier. + Structure is [documented below](#nested_compute_instance_restore_properties_network_performance_config). + +* `params` - + (Optional) + Input only. Additional params passed with the request. + Structure is [documented below](#nested_compute_instance_restore_properties_params). + +* `private_ipv6_google_access` - + (Optional) + Optional. The private IPv6 google access type for the VM. + Possible values are: `INSTANCE_PRIVATE_IPV6_GOOGLE_ACCESS_UNSPECIFIED`, `INHERIT_FROM_SUBNETWORK`, `ENABLE_OUTBOUND_VM_ACCESS_TO_GOOGLE`, `ENABLE_BIDIRECTIONAL_ACCESS_TO_GOOGLE`. + +* `allocation_affinity` - + (Optional) + Optional. Specifies the reservations that this instance can consume from. + Structure is [documented below](#nested_compute_instance_restore_properties_allocation_affinity). + +* `resource_policies` - + (Optional) + Optional. Resource policies applied to this instance. + +* `scheduling` - + (Optional) + Optional. Sets the scheduling options for this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_scheduling). + +* `service_accounts` - + (Optional) + Optional. A list of service accounts, with their specified scopes, authorized for this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_service_accounts). + +* `shielded_instance_config` - + (Optional) + Optional. Controls Shielded compute options on the instance. + Structure is [documented below](#nested_compute_instance_restore_properties_shielded_instance_config). + +* `tags` - + (Optional) + Optional. Tags to apply to this instance. + Structure is [documented below](#nested_compute_instance_restore_properties_tags). + + +The `advanced_machine_features` block supports: + +* `enable_nested_virtualization` - + (Optional) + Optional. Whether to enable nested virtualization or not (default is false). + +* `threads_per_core` - + (Optional) + Optional. The number of threads per physical core. + +* `visible_core_count` - + (Optional) + Optional. The number of physical cores to expose to an instance. + +* `enable_uefi_networking` - + (Optional) + Optional. Whether to enable UEFI networking for instance creation. + +The `confidential_instance_config` block supports: + +* `enable_confidential_compute` - + (Optional) + Optional. Defines whether the instance should have confidential compute enabled. + +The `disks` block supports: + +* `initialize_params` - + (Optional) + Optional. Specifies the parameters to initialize this disk. + Structure is [documented below](#nested_compute_instance_restore_properties_disks_initialize_params). + +* `device_name` - + (Optional) + Optional. This is used as an identifier for the disks. + +* `kind` - + (Optional) + Optional. Type of the resource. + +* `mode` - + (Optional) + Optional. The mode in which to attach this disk. + Possible values are: `DISK_MODE_UNSPECIFIED`, `READ_WRITE`, `READ_ONLY`, `LOCKED`. + +* `source` - + (Optional) + Optional. Specifies a valid partial or full URL to an existing Persistent Disk resource. + +* `index` - + (Optional) + Optional. A zero-based index to this disk, where 0 is reserved for the boot disk. + +* `boot` - + (Optional) + Optional. Indicates that this is a boot disk. + +* `auto_delete` - + (Optional) + Optional. Specifies whether the disk will be auto-deleted when the instance is deleted. + +* `license` - + (Optional) + Optional. Any valid publicly visible licenses. + +* `disk_interface` - + (Optional) + Optional. Specifies the disk interface to use for attaching this disk. + Possible values are: `DISK_INTERFACE_UNSPECIFIED`, `SCSI`, `NVME`, `NVDIMM`, `ISCSI`. + +* `guest_os_feature` - + (Optional) + Optional. A list of features to enable on the guest operating system. + Structure is [documented below](#nested_compute_instance_restore_properties_disks_guest_os_feature). + +* `disk_encryption_key` - + (Optional) + Optional. Encrypts or decrypts a disk using a customer-supplied encryption key. + Structure is [documented below](#nested_compute_instance_restore_properties_disks_disk_encryption_key). + +* `disk_size_gb` - + (Optional) + Optional. The size of the disk in GB. + +* `saved_state` - + (Optional) + Optional. Specifies the saved state of the disk. + Possible values are: `DISK_SAVED_STATE_UNSPECIFIED`, `PRESERVED`. + +* `disk_type` - + (Optional) + Output only. The URI of the disk type resource. + +* `type` - + (Optional) + Optional. Specifies the type of the disk. + Possible values are: `DISK_TYPE_UNSPECIFIED`, `SCRATCH`, `PERSISTENT`. + + +The `initialize_params` block supports: + +* `disk_name` - + (Optional) + Optional. Specifies the disk name. + +* `replica_zones` - + (Optional) + Optional. URL of the zone where the disk should be created. + +The `guest_os_feature` block supports: + +* `type` - + (Optional) + Optional. The ID of a supported feature. + Possible values are: `FEATURE_TYPE_UNSPECIFIED`, `VIRTIO_SCSI_MULTIQUEUE`, `WINDOWS`, `MULTI_IP_SUBNET`, `UEFI_COMPATIBLE`, `SECURE_BOOT`, `GVNIC`, `SEV_CAPABLE`, `BARE_METAL_LINUX_COMPATIBLE`, `SUSPEND_RESUME_COMPATIBLE`, `SEV_LIVE_MIGRATABLE`, `SEV_SNP_CAPABLE`, `TDX_CAPABLE`, `IDPF`, `SEV_LIVE_MIGRATABLE_V2`. + +The `disk_encryption_key` block supports: + +* `raw_key` - + (Optional) + Optional. Specifies a 256-bit customer-supplied encryption key. + +* `rsa_encrypted_key` - + (Optional) + Optional. RSA-wrapped 2048-bit customer-supplied encryption key. + +* `kms_key_name` - + (Optional) + Optional. The name of the encryption key that is stored in Google Cloud KMS. + +* `kms_key_service_account` - + (Optional) + Optional. The service account being used for the encryption request. + +The `display_device` block supports: + +* `enable_display` - + (Optional) + Optional. Enables display for the Compute Engine VM. + +The `guest_accelerators` block supports: + +* `accelerator_type` - + (Optional) + Optional. Full or partial URL of the accelerator type resource. + +* `accelerator_count` - + (Optional) + Optional. The number of the guest accelerator cards exposed to this instance. + +The `instance_encryption_key` block supports: + +* `raw_key` - + (Optional) + +* `rsa_encrypted_key` - + (Optional) + +* `kms_key_name` - + (Optional) + +* `kms_key_service_account` - + (Optional) + +The `labels` block supports: + +* `key` - (Required) The identifier for this object. Format specified above. + +* `value` - + (Optional) + +The `metadata` block supports: + +* `items` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_metadata_items). + + +The `items` block supports: + +* `key` - + (Optional) + +* `value` - + (Optional) + +The `network_interfaces` block supports: + +* `network` - + (Optional) + Optional. URL of the VPC network resource for this instance. + +* `subnetwork` - + (Optional) + Optional. The URL of the Subnetwork resource for this instance. + +* `ip_address` - + (Optional) + Optional. An IPv4 internal IP address to assign to the instance. + +* `ipv6_address` - + (Optional) + Optional. An IPv6 internal network address for this network interface. + +* `internal_ipv6_prefix_length` - + (Optional) + Optional. The prefix length of the primary internal IPv6 range. + +* `access_configs` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_network_interfaces_access_configs). + +* `ipv6_access_configs` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_network_interfaces_ipv6_access_configs). + +* `alias_ip_ranges` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_network_interfaces_alias_ip_ranges). + +* `stack_type` - + (Optional) + Possible values are: `STACK_TYPE_UNSPECIFIED`, `IPV4_ONLY`, `IPV4_IPV6`. + +* `ipv6_access_type` - + (Optional) + Possible values are: `UNSPECIFIED_IPV6_ACCESS_TYPE`, `INTERNAL`, `EXTERNAL`. + +* `queue_count` - + (Optional) + +* `nic_type` - + (Optional) + Possible values are: `NIC_TYPE_UNSPECIFIED`, `VIRTIO_NET`, `GVNIC`. + +* `network_attachment` - + (Optional) + + +The `access_configs` block supports: + +* `type` - + (Optional) + Optional. The type of configuration. + Possible values are: `ACCESS_TYPE_UNSPECIFIED`, `ONE_TO_ONE_NAT`, `DIRECT_IPV6`. + +* `name` - + (Optional) + Optional. The name of this access configuration. + +* `external_ip` - + (Optional) + +* `external_ipv6` - + (Optional) + +* `external_ipv6_prefix_length` - + (Optional) + +* `set_public_ptr` - + (Optional) + +* `public_ptr_domain_name` - + (Optional) + +* `network_tier` - + (Optional) + Possible values are: `NETWORK_TIER_UNSPECIFIED`, `PREMIUM`, `STANDARD`. + +The `ipv6_access_configs` block supports: + +* `type` - + (Optional) + Optional. The type of configuration. + Possible values are: `ACCESS_TYPE_UNSPECIFIED`, `ONE_TO_ONE_NAT`, `DIRECT_IPV6`. + +* `name` - + (Optional) + Optional. The name of this access configuration. + +* `external_ip` - + (Optional) + +* `external_ipv6` - + (Optional) + +* `external_ipv6_prefix_length` - + (Optional) + +* `set_public_ptr` - + (Optional) + +* `public_ptr_domain_name` - + (Optional) + +* `network_tier` - + (Optional) + Possible values are: `NETWORK_TIER_UNSPECIFIED`, `PREMIUM`, `STANDARD`. + +The `alias_ip_ranges` block supports: + +* `ip_cidr_range` - + (Optional) + +* `subnetwork_range_name` - + (Optional) + +The `network_performance_config` block supports: + +* `total_egress_bandwidth_tier` - + (Optional) + Possible values are: `TIER_UNSPECIFIED`, `DEFAULT`, `TIER_1`. + +The `params` block supports: + +* `resource_manager_tags` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_params_resource_manager_tags). + + +The `resource_manager_tags` block supports: + +* `key` - (Required) The identifier for this object. Format specified above. + +* `value` - + (Optional) + +The `allocation_affinity` block supports: + +* `consume_allocation_type` - + (Optional) + Possible values are: `TYPE_UNSPECIFIED`, `NO_RESERVATION`, `ANY_RESERVATION`, `SPECIFIC_RESERVATION`. + +* `key` - + (Optional) + +* `values` - + (Optional) + +The `scheduling` block supports: + +* `on_host_maintenance` - + (Optional) + Possible values are: `ON_HOST_MAINTENANCE_UNSPECIFIED`, `TERMINATE`, `MIGRATE`. + +* `automatic_restart` - + (Optional) + +* `preemptible` - + (Optional) + +* `node_affinities` - + (Optional) + Structure is [documented below](#nested_compute_instance_restore_properties_scheduling_node_affinities). + +* `min_node_cpus` - + (Optional) + +* `provisioning_model` - + (Optional) + Possible values are: `PROVISIONING_MODEL_UNSPECIFIED`, `STANDARD`, `SPOT`. + +* `instance_termination_action` - + (Optional) + Possible values are: `INSTANCE_TERMINATION_ACTION_UNSPECIFIED`, `DELETE`, `STOP`. + +* `local_ssd_recovery_timeout` - + (Optional) + A nested object resource. + Structure is [documented below](#nested_compute_instance_restore_properties_scheduling_local_ssd_recovery_timeout). + +* `max_run_duration` - + (Optional) + A nested object resource. + Structure is [documented below](#nested_compute_instance_restore_properties_scheduling_max_run_duration). + +* `termination_time` - + (Optional) + + +The `node_affinities` block supports: + +* `key` - + (Optional) + +* `operator` - + (Optional) + Possible values are: `OPERATOR_UNSPECIFIED`, `IN`, `NOT_IN`. + +* `values` - + (Optional) + +The `local_ssd_recovery_timeout` block supports: + +* `seconds` - + (Optional) + +* `nanos` - + (Optional) + +The `max_run_duration` block supports: + +* `seconds` - + (Optional) + +* `nanos` - + (Optional) + +The `service_accounts` block supports: + +* `email` - + (Optional) + +* `scopes` - + (Optional) + +The `shielded_instance_config` block supports: + +* `enable_secure_boot` - + (Optional) + +* `enable_vtpm` - + (Optional) + +* `enable_integrity_monitoring` - + (Optional) + +The `tags` block supports: + +* `items` - + (Optional) + +The `disk_restore_properties` block supports: + +* `name` - + (Required) + Required. Name of the disk. + +* `description` - + (Optional) + Optional. An optional description of this resource. + +* `size_gb` - + (Required) + Required. The size of the disk in GB. + +* `licenses` - + (Optional) + Optional. A list of publicly available licenses that are applicable to this backup. + +* `guest_os_feature` - + (Optional) + Optional. A list of features to enable in the guest operating system. + Structure is [documented below](#nested_disk_restore_properties_guest_os_feature). + +* `disk_encryption_key` - + (Optional) + Optional. Encrypts the disk using a customer-supplied encryption key. + Structure is [documented below](#nested_disk_restore_properties_disk_encryption_key). + +* `physical_block_size_bytes` - + (Optional) + Optional. Physical block size of the persistent disk, in bytes. + +* `provisioned_iops` - + (Optional) + Optional. Indicates how many IOPS to provision for the disk. + +* `provisioned_throughput` - + (Optional) + Optional. Indicates how much throughput to provision for the disk. + +* `enable_confidential_compute` - + (Optional) + Optional. Indicates whether this disk is using confidential compute mode. + +* `storage_pool` - + (Optional) + Optional. The storage pool in which the new disk is created. + +* `access_mode` - + (Optional) + Optional. The access mode of the disk. + Possible values are: `READ_WRITE_SINGLE`, `READ_WRITE_MANY`, `READ_ONLY_MANY`. + +* `architecture` - + (Optional) + Optional. The architecture of the source disk. + Possible values are: `ARCHITECTURE_UNSPECIFIED`, `X86_64`, `ARM64`. + +* `resource_policy` - + (Optional) + Optional. Resource policies applied to this disk. + +* `type` - + (Required) + Required. URL of the disk type resource describing which disk type to use. + +* `labels` - + (Optional) + Optional. Labels to apply to this disk. + Structure is [documented below](#nested_disk_restore_properties_labels). + +* `resource_manager_tags` - + (Optional) + Optional. Resource manager tags to be bound to the disk. + Structure is [documented below](#nested_disk_restore_properties_resource_manager_tags). + + +The `guest_os_feature` block supports: + +* `type` - + (Optional) + Possible values are: `FEATURE_TYPE_UNSPECIFIED`, `VIRTIO_SCSI_MULTIQUEUE`, `WINDOWS`, `MULTI_IP_SUBNET`, `UEFI_COMPATIBLE`, `SECURE_BOOT`, `GVNIC`, `SEV_CAPABLE`, `BARE_METAL_LINUX_COMPATIBLE`, `SUSPEND_RESUME_COMPATIBLE`, `SEV_LIVE_MIGRATABLE`, `SEV_SNP_CAPABLE`, `TDX_CAPABLE`, `IDPF`, `SEV_LIVE_MIGRATABLE_V2`. + +The `disk_encryption_key` block supports: + +* `raw_key` - + (Optional) + +* `rsa_encrypted_key` - + (Optional) + +* `kms_key_name` - + (Optional) + +* `kms_key_service_account` - + (Optional) + +The `labels` block supports: + +* `key` - (Required) The identifier for this object. Format specified above. + +* `value` - + (Optional) + +The `resource_manager_tags` block supports: + +* `key` - (Required) The identifier for this object. Format specified above. + +* `value` - + (Optional) + +## Attributes Reference + +In addition to the arguments listed above, the following computed attributes are exported: + +* `id` - an identifier for the resource with format `/{{name}}` + +* `target_resource` - + Output only. Details of the target resource created/modified as part of restore. + Structure is [documented below](#nested_target_resource). + + +The `target_resource` block contains: + +* `gcp_resource` - + (Optional) + Output only. Details of the native Google Cloud resource created as part of restore. + Structure is [documented below](#nested_target_resource_gcp_resource). + + +The `gcp_resource` block supports: + +* `gcp_resourcename` - + (Optional) + Output only. Name of the Google Cloud resource. + +* `location` - + (Optional) + Output only. Location of the resource. + +* `type` - + (Optional) + Output only. Type of the resource. + +## Timeouts + +This resource provides the following +[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options: + +- `create` - Default is 20 minutes. +- `delete` - Default is 20 minutes. + +## Import + + +RestoreWorkload can be imported using any of these accepted formats: + +* `/{{name}}` +* `{{name}}` + + +In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RestoreWorkload using one of the formats above. For example: + +```tf +import { + id = "/{{name}}" + to = google_backup_dr_restore_workload.default +} +``` + +When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), RestoreWorkload can be imported using one of the formats above. For example: + +``` +$ terraform import google_backup_dr_restore_workload.default /{{name}} +$ terraform import google_backup_dr_restore_workload.default {{name}} +```