Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / website / docs / r / gke_backup_restore_plan.html.markdown
blob: 61b57c2ffe23276d16d63d4d9acabfa30e2026e8 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Backup for GKE"
description: |-
Represents a Restore Plan instance.
---
# google\_gke\_backup\_restore\_plan
Represents a Restore Plan instance.
To get more information about RestorePlan, see:
* [API documentation](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/reference/rest/v1/projects.locations.restorePlans)
* How-to Guides
* [Official Documentation](https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke)
## Example Usage - Gkebackup Restoreplan All Namespaces
```hcl
resource "google_container_cluster" "primary" {
name = "restore-all-ns-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "restore-all-ns"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "all_ns" {
name = "restore-all-ns"
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
all_namespaces = true
namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
cluster_resource_restore_scope {
all_group_kinds = true
}
cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
}
}
```
## Example Usage - Gkebackup Restoreplan Rollback Namespace
```hcl
resource "google_container_cluster" "primary" {
name = "rollback-ns-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "rollback-ns"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "rollback_ns" {
name = "rollback-ns-rp"
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
selected_namespaces {
namespaces = ["my-ns"]
}
namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
cluster_resource_restore_scope {
selected_group_kinds {
resource_group = "apiextension.k8s.io"
resource_kind = "CustomResourceDefinition"
}
selected_group_kinds {
resource_group = "storage.k8s.io"
resource_kind = "StorageClass"
}
}
cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
}
}
```
## Example Usage - Gkebackup Restoreplan Protected Application
```hcl
resource "google_container_cluster" "primary" {
name = "rollback-app-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "rollback-app"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "rollback_app" {
name = "rollback-app-rp"
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
selected_applications {
namespaced_names {
name = "my-app"
namespace = "my-ns"
}
}
namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
volume_data_restore_policy = "REUSE_VOLUME_HANDLE_FROM_BACKUP"
cluster_resource_restore_scope {
no_group_kinds = true
}
}
}
```
## Example Usage - Gkebackup Restoreplan All Cluster Resources
```hcl
resource "google_container_cluster" "primary" {
name = "all-groupkinds-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "all-groupkinds"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "all_cluster_resources" {
name = "all-groupkinds-rp"
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
no_namespaces = true
namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
cluster_resource_restore_scope {
all_group_kinds = true
}
cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
}
}
```
## Example Usage - Gkebackup Restoreplan Rename Namespace
```hcl
resource "google_container_cluster" "primary" {
name = "rename-ns-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "rename-ns"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "rename_ns" {
name = "rename-ns-rp"
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
selected_namespaces {
namespaces = ["ns1"]
}
namespaced_resource_restore_mode = "FAIL_ON_CONFLICT"
volume_data_restore_policy = "REUSE_VOLUME_HANDLE_FROM_BACKUP"
cluster_resource_restore_scope {
no_group_kinds = true
}
transformation_rules {
description = "rename namespace from ns1 to ns2"
resource_filter {
group_kinds {
resource_kind = "Namespace"
}
json_path = ".metadata[?(@.name == 'ns1')]"
}
field_actions {
op = "REPLACE"
path = "/metadata/name"
value = "ns2"
}
}
transformation_rules {
description = "move all resources from ns1 to ns2"
resource_filter {
namespaces = ["ns1"]
}
field_actions {
op = "REPLACE"
path = "/metadata/namespace"
value = "ns2"
}
}
}
}
```
## Example Usage - Gkebackup Restoreplan Second Transformation
```hcl
resource "google_container_cluster" "primary" {
name = "transform-rule-cluster"
location = "us-central1"
initial_node_count = 1
workload_identity_config {
workload_pool = "my-project-name.svc.id.goog"
}
addons_config {
gke_backup_agent_config {
enabled = true
}
}
deletion_protection = ""
network = "default"
subnetwork = "default"
}
resource "google_gke_backup_backup_plan" "basic" {
name = "transform-rule"
cluster = google_container_cluster.primary.id
location = "us-central1"
backup_config {
include_volume_data = true
include_secrets = true
all_namespaces = true
}
}
resource "google_gke_backup_restore_plan" "transform_rule" {
name = "transform-rule-rp"
description = "copy nginx env variables"
labels = {
"app" = "nginx"
}
location = "us-central1"
backup_plan = google_gke_backup_backup_plan.basic.id
cluster = google_container_cluster.primary.id
restore_config {
excluded_namespaces {
namespaces = ["my-ns"]
}
namespaced_resource_restore_mode = "DELETE_AND_RESTORE"
volume_data_restore_policy = "RESTORE_VOLUME_DATA_FROM_BACKUP"
cluster_resource_restore_scope {
excluded_group_kinds {
resource_group = "apiextension.k8s.io"
resource_kind = "CustomResourceDefinition"
}
}
cluster_resource_conflict_policy = "USE_EXISTING_VERSION"
transformation_rules {
description = "Copy environment variables from the nginx container to the install init container."
resource_filter {
group_kinds {
resource_kind = "Pod"
resource_group = ""
}
json_path = ".metadata[?(@.name == 'nginx')]"
}
field_actions {
op = "COPY"
path = "/spec/initContainers/0/env"
from_path = "/spec/containers/0/env"
}
}
}
}
```
## Argument Reference
The following arguments are supported:
* `name` -
(Required)
The full name of the BackupPlan Resource.
* `backup_plan` -
(Required)
A reference to the BackupPlan from which Backups may be used
as the source for Restores created via this RestorePlan.
* `cluster` -
(Required)
The source cluster from which Restores will be created via this RestorePlan.
* `restore_config` -
(Required)
Defines the configuration of Restores created via this RestorePlan.
Structure is [documented below](#nested_restore_config).
* `location` -
(Required)
The region of the Restore Plan.
<a name="nested_restore_config"></a>The `restore_config` block supports:
* `all_namespaces` -
(Optional)
If True, restore all namespaced resources in the Backup.
Setting this field to False will result in an error.
* `excluded_namespaces` -
(Optional)
A list of selected namespaces excluded from restoration.
All namespaces except those in this list will be restored.
Structure is [documented below](#nested_excluded_namespaces).
* `selected_namespaces` -
(Optional)
A list of selected namespaces to restore from the Backup.
The listed Namespaces and all resources contained in them will be restored.
Structure is [documented below](#nested_selected_namespaces).
* `selected_applications` -
(Optional)
A list of selected ProtectedApplications to restore.
The listed ProtectedApplications and all the resources
to which they refer will be restored.
Structure is [documented below](#nested_selected_applications).
* `no_namespaces` -
(Optional)
Do not restore any namespaced resources if set to "True".
Specifying this field to "False" is not allowed.
* `namespaced_resource_restore_mode` -
(Optional)
Defines the behavior for handling the situation where sets of namespaced resources
being restored already exist in the target cluster.
This MUST be set to a value other than `NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED`
if the `namespacedResourceRestoreScope` is anything other than `noNamespaces`.
See https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/reference/rest/v1/RestoreConfig#namespacedresourcerestoremode
for more information on each mode.
Possible values are: `DELETE_AND_RESTORE`, `FAIL_ON_CONFLICT`.
* `volume_data_restore_policy` -
(Optional)
Specifies the mechanism to be used to restore volume data.
This should be set to a value other than `NAMESPACED_RESOURCE_RESTORE_MODE_UNSPECIFIED`
if the `namespacedResourceRestoreScope` is anything other than `noNamespaces`.
If not specified, it will be treated as `NO_VOLUME_DATA_RESTORATION`.
See https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/reference/rest/v1/RestoreConfig#VolumeDataRestorePolicy
for more information on each policy option.
Possible values are: `RESTORE_VOLUME_DATA_FROM_BACKUP`, `REUSE_VOLUME_HANDLE_FROM_BACKUP`, `NO_VOLUME_DATA_RESTORATION`.
* `cluster_resource_restore_scope` -
(Optional)
Identifies the cluster-scoped resources to restore from the Backup.
Structure is [documented below](#nested_cluster_resource_restore_scope).
* `cluster_resource_conflict_policy` -
(Optional)
Defines the behavior for handling the situation where cluster-scoped resources
being restored already exist in the target cluster.
This MUST be set to a value other than `CLUSTER_RESOURCE_CONFLICT_POLICY_UNSPECIFIED`
if `clusterResourceRestoreScope` is anyting other than `noGroupKinds`.
See https://cloud.google.com/kubernetes-engine/docs/add-on/backup-for-gke/reference/rest/v1/RestoreConfig#clusterresourceconflictpolicy
for more information on each policy option.
Possible values are: `USE_EXISTING_VERSION`, `USE_BACKUP_VERSION`.
* `transformation_rules` -
(Optional)
A list of transformation rules to be applied against Kubernetes
resources as they are selected for restoration from a Backup.
Rules are executed in order defined - this order matters,
as changes made by a rule may impact the filtering logic of subsequent
rules. An empty list means no transformation will occur.
Structure is [documented below](#nested_transformation_rules).
<a name="nested_excluded_namespaces"></a>The `excluded_namespaces` block supports:
* `namespaces` -
(Required)
A list of Kubernetes Namespaces.
<a name="nested_selected_namespaces"></a>The `selected_namespaces` block supports:
* `namespaces` -
(Required)
A list of Kubernetes Namespaces.
<a name="nested_selected_applications"></a>The `selected_applications` block supports:
* `namespaced_names` -
(Required)
A list of namespaced Kubernetes resources.
Structure is [documented below](#nested_namespaced_names).
<a name="nested_namespaced_names"></a>The `namespaced_names` block supports:
* `namespace` -
(Required)
The namespace of a Kubernetes Resource.
* `name` -
(Required)
The name of a Kubernetes Resource.
<a name="nested_cluster_resource_restore_scope"></a>The `cluster_resource_restore_scope` block supports:
* `all_group_kinds` -
(Optional)
If True, all valid cluster-scoped resources will be restored.
Mutually exclusive to any other field in `clusterResourceRestoreScope`.
* `excluded_group_kinds` -
(Optional)
A list of cluster-scoped resource group kinds to NOT restore from the backup.
If specified, all valid cluster-scoped resources will be restored except
for those specified in the list.
Mutually exclusive to any other field in `clusterResourceRestoreScope`.
Structure is [documented below](#nested_excluded_group_kinds).
* `selected_group_kinds` -
(Optional)
A list of cluster-scoped resource group kinds to restore from the backup.
If specified, only the selected resources will be restored.
Mutually exclusive to any other field in the `clusterResourceRestoreScope`.
Structure is [documented below](#nested_selected_group_kinds).
* `no_group_kinds` -
(Optional)
If True, no cluster-scoped resources will be restored.
Mutually exclusive to any other field in `clusterResourceRestoreScope`.
<a name="nested_excluded_group_kinds"></a>The `excluded_group_kinds` block supports:
* `resource_group` -
(Optional)
API Group string of a Kubernetes resource, e.g.
"apiextensions.k8s.io", "storage.k8s.io", etc.
Use empty string for core group.
* `resource_kind` -
(Optional)
Kind of a Kubernetes resource, e.g.
"CustomResourceDefinition", "StorageClass", etc.
<a name="nested_selected_group_kinds"></a>The `selected_group_kinds` block supports:
* `resource_group` -
(Optional)
API Group string of a Kubernetes resource, e.g.
"apiextensions.k8s.io", "storage.k8s.io", etc.
Use empty string for core group.
* `resource_kind` -
(Optional)
Kind of a Kubernetes resource, e.g.
"CustomResourceDefinition", "StorageClass", etc.
<a name="nested_transformation_rules"></a>The `transformation_rules` block supports:
* `description` -
(Optional)
The description is a user specified string description
of the transformation rule.
* `resource_filter` -
(Optional)
This field is used to specify a set of fields that should be used to
determine which resources in backup should be acted upon by the
supplied transformation rule actions, and this will ensure that only
specific resources are affected by transformation rule actions.
Structure is [documented below](#nested_resource_filter).
* `field_actions` -
(Required)
A list of transformation rule actions to take against candidate
resources. Actions are executed in order defined - this order
matters, as they could potentially interfere with each other and
the first operation could affect the outcome of the second operation.
Structure is [documented below](#nested_field_actions).
<a name="nested_resource_filter"></a>The `resource_filter` block supports:
* `namespaces` -
(Optional)
(Filtering parameter) Any resource subject to transformation must
be contained within one of the listed Kubernetes Namespace in the
Backup. If this field is not provided, no namespace filtering will
be performed (all resources in all Namespaces, including all
cluster-scoped resources, will be candidates for transformation).
To mix cluster-scoped and namespaced resources in the same rule,
use an empty string ("") as one of the target namespaces.
* `group_kinds` -
(Optional)
(Filtering parameter) Any resource subject to transformation must
belong to one of the listed "types". If this field is not provided,
no type filtering will be performed
(all resources of all types matching previous filtering parameters
will be candidates for transformation).
Structure is [documented below](#nested_group_kinds).
* `json_path` -
(Optional)
This is a JSONPath expression that matches specific fields of
candidate resources and it operates as a filtering parameter
(resources that are not matched with this expression will not
be candidates for transformation).
<a name="nested_group_kinds"></a>The `group_kinds` block supports:
* `resource_group` -
(Optional)
API Group string of a Kubernetes resource, e.g.
"apiextensions.k8s.io", "storage.k8s.io", etc.
Use empty string for core group.
* `resource_kind` -
(Optional)
Kind of a Kubernetes resource, e.g.
"CustomResourceDefinition", "StorageClass", etc.
<a name="nested_field_actions"></a>The `field_actions` block supports:
* `op` -
(Required)
Specifies the operation to perform.
Possible values are: `REMOVE`, `MOVE`, `COPY`, `ADD`, `TEST`, `REPLACE`.
* `from_path` -
(Optional)
A string containing a JSON Pointer value that references the
location in the target document to move the value from.
* `path` -
(Optional)
A string containing a JSON-Pointer value that references a
location within the target document where the operation is performed.
* `value` -
(Optional)
A string that specifies the desired value in string format
to use for transformation.
- - -
* `description` -
(Optional)
User specified descriptive string for this RestorePlan.
* `labels` -
(Optional)
Description: A set of custom labels supplied by the user.
A list of key->value pairs.
Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
**Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field `effective_labels` for all of the labels present on the resource.
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{location}}/restorePlans/{{name}}`
* `uid` -
Server generated, unique identifier of UUID format.
* `state` -
The State of the RestorePlan.
* `state_reason` -
Detailed description of why RestorePlan is in its current state.
* `terraform_labels` -
The combination of labels configured directly on the resource
and default labels configured on the provider.
* `effective_labels` -
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.
## Import
RestorePlan can be imported using any of these accepted formats:
* `projects/{{project}}/locations/{{location}}/restorePlans/{{name}}`
* `{{project}}/{{location}}/{{name}}`
* `{{location}}/{{name}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import RestorePlan using one of the formats above. For example:
```tf
import {
id = "projects/{{project}}/locations/{{location}}/restorePlans/{{name}}"
to = google_gke_backup_restore_plan.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), RestorePlan can be imported using one of the formats above. For example:
```
$ terraform import google_gke_backup_restore_plan.default projects/{{project}}/locations/{{location}}/restorePlans/{{name}}
$ terraform import google_gke_backup_restore_plan.default {{project}}/{{location}}/{{name}}
$ terraform import google_gke_backup_restore_plan.default {{location}}/{{name}}
```
## User Project Overrides
This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).