Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / website / docs / r / apigee_instance.html.markdown
blob: 2455fcf2a7f7b04108f7ca947d94e37aa39afdd1 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Apigee"
description: |-
An `Instance` is the runtime dataplane in Apigee.
---
# google\_apigee\_instance
An `Instance` is the runtime dataplane in Apigee.
To get more information about Instance, see:
* [API documentation](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances/create)
* How-to Guides
* [Creating a runtime instance](https://cloud.google.com/apigee/docs/api-platform/get-started/create-instance)
## Example Usage - Apigee Instance Basic
```hcl
data "google_client_config" "current" {}
resource "google_compute_network" "apigee_network" {
name = "apigee-network"
}
resource "google_compute_global_address" "apigee_range" {
name = "apigee-range"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 16
network = google_compute_network.apigee_network.id
}
resource "google_service_networking_connection" "apigee_vpc_connection" {
network = google_compute_network.apigee_network.id
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
}
resource "google_apigee_organization" "apigee_org" {
analytics_region = "us-central1"
project_id = data.google_client_config.current.project
authorized_network = google_compute_network.apigee_network.id
depends_on = [google_service_networking_connection.apigee_vpc_connection]
}
resource "google_apigee_instance" "apigee_instance" {
name = "my-instance-name"
location = "us-central1"
org_id = google_apigee_organization.apigee_org.id
}
```
## Example Usage - Apigee Instance Cidr Range
```hcl
data "google_client_config" "current" {}
resource "google_compute_network" "apigee_network" {
name = "apigee-network"
}
resource "google_compute_global_address" "apigee_range" {
name = "apigee-range"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 22
network = google_compute_network.apigee_network.id
}
resource "google_service_networking_connection" "apigee_vpc_connection" {
network = google_compute_network.apigee_network.id
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
}
resource "google_apigee_organization" "apigee_org" {
analytics_region = "us-central1"
project_id = data.google_client_config.current.project
authorized_network = google_compute_network.apigee_network.id
depends_on = [google_service_networking_connection.apigee_vpc_connection]
}
resource "google_apigee_instance" "apigee_instance" {
name = "my-instance-name"
location = "us-central1"
org_id = google_apigee_organization.apigee_org.id
peering_cidr_range = "SLASH_22"
}
```
## Example Usage - Apigee Instance Ip Range
```hcl
data "google_client_config" "current" {}
resource "google_compute_network" "apigee_network" {
name = "apigee-network"
}
resource "google_compute_global_address" "apigee_range" {
name = "apigee-range"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 22
network = google_compute_network.apigee_network.id
}
resource "google_service_networking_connection" "apigee_vpc_connection" {
network = google_compute_network.apigee_network.id
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
}
resource "google_apigee_organization" "apigee_org" {
analytics_region = "us-central1"
project_id = data.google_client_config.current.project
authorized_network = google_compute_network.apigee_network.id
depends_on = [google_service_networking_connection.apigee_vpc_connection]
}
resource "google_apigee_instance" "apigee_instance" {
name = "my-instance-name"
location = "us-central1"
org_id = google_apigee_organization.apigee_org.id
ip_range = "10.87.8.0/22"
}
```
## Example Usage - Apigee Instance Full
```hcl
data "google_client_config" "current" {}
resource "google_compute_network" "apigee_network" {
name = "apigee-network"
}
resource "google_compute_global_address" "apigee_range" {
name = "apigee-range"
purpose = "VPC_PEERING"
address_type = "INTERNAL"
prefix_length = 16
network = google_compute_network.apigee_network.id
}
resource "google_service_networking_connection" "apigee_vpc_connection" {
network = google_compute_network.apigee_network.id
service = "servicenetworking.googleapis.com"
reserved_peering_ranges = [google_compute_global_address.apigee_range.name]
}
resource "google_kms_key_ring" "apigee_keyring" {
name = "apigee-keyring"
location = "us-central1"
}
resource "google_kms_crypto_key" "apigee_key" {
name = "apigee-key"
key_ring = google_kms_key_ring.apigee_keyring.id
lifecycle {
prevent_destroy = true
}
}
resource "google_project_service_identity" "apigee_sa" {
provider = google-beta
project = google_project.project.project_id
service = google_project_service.apigee.service
}
resource "google_kms_crypto_key_iam_member" "apigee_sa_keyuser" {
crypto_key_id = google_kms_crypto_key.apigee_key.id
role = "roles/cloudkms.cryptoKeyEncrypterDecrypter"
member = "serviceAccount:${google_project_service_identity.apigee_sa.email}"
}
resource "google_apigee_organization" "apigee_org" {
analytics_region = "us-central1"
display_name = "apigee-org"
description = "Terraform-provisioned Apigee Org."
project_id = data.google_client_config.current.project
authorized_network = google_compute_network.apigee_network.id
runtime_database_encryption_key_name = google_kms_crypto_key.apigee_key.id
depends_on = [
google_service_networking_connection.apigee_vpc_connection,
google_kms_crypto_key_iam_member.apigee_sa_keyuser,
]
}
resource "google_apigee_instance" "apigee_instance" {
name = "my-instance-name"
location = "us-central1"
description = "Terraform-managed Apigee Runtime Instance"
display_name = "my-instance-name"
org_id = google_apigee_organization.apigee_org.id
disk_encryption_key_name = google_kms_crypto_key.apigee_key.id
}
```
## Argument Reference
The following arguments are supported:
* `name` -
(Required)
Resource ID of the instance.
* `location` -
(Required)
Required. Compute Engine location where the instance resides.
* `org_id` -
(Required)
The Apigee Organization associated with the Apigee instance,
in the format `organizations/{{org_name}}`.
- - -
* `peering_cidr_range` -
(Optional)
The size of the CIDR block range that will be reserved by the instance. For valid values,
see [CidrRange](https://cloud.google.com/apigee/docs/reference/apis/apigee/rest/v1/organizations.instances#CidrRange) on the documentation.
* `ip_range` -
(Optional)
IP range represents the customer-provided CIDR block of length 22 that will be used for
the Apigee instance creation. This optional range, if provided, should be freely
available as part of larger named range the customer has allocated to the Service
Networking peering. If this is not provided, Apigee will automatically request for any
available /22 CIDR block from Service Networking. The customer should use this CIDR block
for configuring their firewall needs to allow traffic from Apigee.
Input format: "a.b.c.d/22"
* `description` -
(Optional)
Description of the instance.
* `display_name` -
(Optional)
Display name of the instance.
* `disk_encryption_key_name` -
(Optional)
Customer Managed Encryption Key (CMEK) used for disk and volume encryption. Required for Apigee paid subscriptions only.
Use the following format: `projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)`
* `consumer_accept_list` -
(Optional)
Optional. Customer accept list represents the list of projects (id/number) on customer
side that can privately connect to the service attachment. It is an optional field
which the customers can provide during the instance creation. By default, the customer
project associated with the Apigee organization will be included to the list.
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `{{org_id}}/instances/{{name}}`
* `host` -
Output only. Hostname or IP address of the exposed Apigee endpoint used by clients to connect to the service.
* `port` -
Output only. Port number of the exposed Apigee endpoint.
* `service_attachment` -
Output only. Resource name of the service attachment created for the instance in
the format: projects/*/regions/*/serviceAttachments/* Apigee customers can privately
forward traffic to this service attachment using the PSC endpoints.
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 60 minutes.
- `delete` - Default is 60 minutes.
## Import
Instance can be imported using any of these accepted formats:
* `{{org_id}}/instances/{{name}}`
* `{{org_id}}/{{name}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Instance using one of the formats above. For example:
```tf
import {
id = "{{org_id}}/instances/{{name}}"
to = google_apigee_instance.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Instance can be imported using one of the formats above. For example:
```
$ terraform import google_apigee_instance.default {{org_id}}/instances/{{name}}
$ terraform import google_apigee_instance.default {{org_id}}/{{name}}
```