v5.18.0/website/docs/r/redis_instance.html.markdown

---
# ----------------------------------------------------------------------------
#
#     ***     AUTO GENERATED CODE    ***    Type: MMv1     ***
#
# ----------------------------------------------------------------------------
#
#     This file is automatically generated by Magic Modules and manual
#     changes will be clobbered when the file is regenerated.
#
#     Please read more about how to change this file in
#     .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Memorystore (Redis)"
description: |-
  A Google Cloud Redis instance.
---

# google\_redis\_instance

A Google Cloud Redis instance.


To get more information about Instance, see:

* [API documentation](https://cloud.google.com/memorystore/docs/redis/reference/rest/v1/projects.locations.instances)
* How-to Guides
    * [Official Documentation](https://cloud.google.com/memorystore/docs/redis/)

<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=redis_instance_basic&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Redis Instance Basic


```hcl
resource "google_redis_instance" "cache" {
  name           = "memory-cache"
  memory_size_gb = 1

  lifecycle {
    prevent_destroy = true
  }
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=redis_instance_full&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Redis Instance Full


```hcl
resource "google_redis_instance" "cache" {
  name           = "ha-memory-cache"
  tier           = "STANDARD_HA"
  memory_size_gb = 1

  location_id             = "us-central1-a"
  alternative_location_id = "us-central1-f"

  authorized_network = data.google_compute_network.redis-network.id

  redis_version     = "REDIS_4_0"
  display_name      = "Terraform Test Instance"
  reserved_ip_range = "192.168.0.0/29"

  labels = {
    my_key    = "my_val"
    other_key = "other_val"
  }

  maintenance_policy {
    weekly_maintenance_window {
      day = "TUESDAY"
      start_time {
        hours = 0
        minutes = 30
        seconds = 0
        nanos = 0
      }
    }
  }

  lifecycle {
    prevent_destroy = true
  }
}

// This example assumes this network already exists.
// The API creates a tenant network per network authorized for a
// Redis instance and that network is not deleted when the user-created
// network (authorized_network) is deleted, so this prevents issues
// with tenant network quota.
// If this network hasn't been created and you are using this example in your
// config, add an additional network resource or change
// this from "data"to "resource"
data "google_compute_network" "redis-network" {
  name = "redis-test-network"
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=redis_instance_full_with_persistence_config&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Redis Instance Full With Persistence Config


```hcl
resource "google_redis_instance" "cache-persis" {
  name           = "ha-memory-cache-persis"
  tier           = "STANDARD_HA"
  memory_size_gb = 1
  location_id             = "us-central1-a"
  alternative_location_id = "us-central1-f"

  persistence_config {
    persistence_mode = "RDB"
    rdb_snapshot_period = "TWELVE_HOURS"
  }

  lifecycle {
    prevent_destroy = true
  }
}
```
## Example Usage - Redis Instance Private Service


```hcl
// This example assumes this network already exists.
// The API creates a tenant network per network authorized for a
// Redis instance and that network is not deleted when the user-created
// network (authorized_network) is deleted, so this prevents issues
// with tenant network quota.
// If this network hasn't been created and you are using this example in your
// config, add an additional network resource or change
// this from "data"to "resource"
resource "google_compute_network" "redis-network" {
  name = "redis-test-network"
}

resource "google_compute_global_address" "service_range" {
  name          = "address"
  purpose       = "VPC_PEERING"
  address_type  = "INTERNAL"
  prefix_length = 16
  network       = google_compute_network.redis-network.id
}

resource "google_service_networking_connection" "private_service_connection" {
  network                 = google_compute_network.redis-network.id
  service                 = "servicenetworking.googleapis.com"
  reserved_peering_ranges = [google_compute_global_address.service_range.name]
}

resource "google_redis_instance" "cache" {
  name           = "private-cache"
  tier           = "STANDARD_HA"
  memory_size_gb = 1

  location_id             = "us-central1-a"
  alternative_location_id = "us-central1-f"

  authorized_network = google_compute_network.redis-network.id
  connect_mode       = "PRIVATE_SERVICE_ACCESS"

  redis_version     = "REDIS_4_0"
  display_name      = "Terraform Test Instance"

  depends_on = [google_service_networking_connection.private_service_connection]

  lifecycle {
    prevent_destroy = true
  }
}
```
<div class = "oics-button" style="float: right; margin: 0 0 -15px">
  <a href="https://console.cloud.google.com/cloudshell/open?cloudshell_git_repo=https%3A%2F%2Fgithub.com%2Fterraform-google-modules%2Fdocs-examples.git&cloudshell_working_dir=redis_instance_mrr&cloudshell_image=gcr.io%2Fcloudshell-images%2Fcloudshell%3Alatest&open_in_editor=main.tf&cloudshell_print=.%2Fmotd&cloudshell_tutorial=.%2Ftutorial.md" target="_blank">
    <img alt="Open in Cloud Shell" src="//gstatic.com/cloudssh/images/open-btn.svg" style="max-height: 44px; margin: 32px auto; max-width: 100%;">
  </a>
</div>
## Example Usage - Redis Instance Mrr


```hcl
resource "google_redis_instance" "cache" {
  name           = "mrr-memory-cache"
  tier           = "STANDARD_HA"
  memory_size_gb = 5

  location_id             = "us-central1-a"
  alternative_location_id = "us-central1-f"

  authorized_network = data.google_compute_network.redis-network.id

  redis_version     = "REDIS_6_X"
  display_name      = "Terraform Test Instance"
  reserved_ip_range = "192.168.0.0/28"
  replica_count     = 5
  read_replicas_mode = "READ_REPLICAS_ENABLED"

  labels = {
    my_key    = "my_val"
    other_key = "other_val"
  }

  lifecycle {
    prevent_destroy = true
  }
}

// This example assumes this network already exists.
// The API creates a tenant network per network authorized for a
// Redis instance and that network is not deleted when the user-created
// network (authorized_network) is deleted, so this prevents issues
// with tenant network quota.
// If this network hasn't been created and you are using this example in your
// config, add an additional network resource or change
// this from "data"to "resource"
data "google_compute_network" "redis-network" {
  name = "redis-test-network"
}
```
## Example Usage - Redis Instance Cmek


```hcl
resource "google_redis_instance" "cache" {
  name           = "cmek-memory-cache"
  tier           = "STANDARD_HA"
  memory_size_gb = 1

  location_id             = "us-central1-a"
  alternative_location_id = "us-central1-f"

  authorized_network = data.google_compute_network.redis-network.id

  redis_version     = "REDIS_6_X"
  display_name      = "Terraform Test Instance"
  reserved_ip_range = "192.168.0.0/29"

  labels = {
    my_key    = "my_val"
    other_key = "other_val"
  }
  customer_managed_key = google_kms_crypto_key.redis_key.id

  lifecycle {
    prevent_destroy = true
  }
}

resource "google_kms_key_ring" "redis_keyring" {
  name     = "redis-keyring"
  location = "us-central1"
}

resource "google_kms_crypto_key" "redis_key" {
  name            = "redis-key"
  key_ring        = google_kms_key_ring.redis_keyring.id
}

// This example assumes this network already exists.
// The API creates a tenant network per network authorized for a
// Redis instance and that network is not deleted when the user-created
// network (authorized_network) is deleted, so this prevents issues
// with tenant network quota.
// If this network hasn't been created and you are using this example in your
// config, add an additional network resource or change
// this from "data"to "resource"
data "google_compute_network" "redis-network" {
  name = "redis-test-network"
}
```

## Argument Reference

The following arguments are supported:


* `name` -
  (Required)
  The ID of the instance or a fully qualified identifier for the instance.

* `memory_size_gb` -
  (Required)
  Redis memory size in GiB.


- - -


* `alternative_location_id` -
  (Optional)
  Only applicable to STANDARD_HA tier which protects the instance
  against zonal failures by provisioning it across two zones.
  If provided, it must be a different zone from the one provided in
  [locationId].

* `auth_enabled` -
  (Optional)
  Optional. Indicates whether OSS Redis AUTH is enabled for the
  instance. If set to "true" AUTH is enabled on the instance.
  Default value is "false" meaning AUTH is disabled.

* `authorized_network` -
  (Optional)
  The full name of the Google Compute Engine network to which the
  instance is connected. If left unspecified, the default network
  will be used.

* `connect_mode` -
  (Optional)
  The connection mode of the Redis instance.
  Default value is `DIRECT_PEERING`.
  Possible values are: `DIRECT_PEERING`, `PRIVATE_SERVICE_ACCESS`.

* `display_name` -
  (Optional)
  An arbitrary and optional user-provided name for the instance.

* `labels` -
  (Optional)
  Resource labels to represent user provided metadata.
  **Note**: This field is non-authoritative, and will only manage the labels present in your configuration.
  Please refer to the field `effective_labels` for all of the labels present on the resource.

* `redis_configs` -
  (Optional)
  Redis configuration parameters, according to http://redis.io/topics/config.
  Please check Memorystore documentation for the list of supported parameters:
  https://cloud.google.com/memorystore/docs/redis/reference/rest/v1/projects.locations.instances#Instance.FIELDS.redis_configs

* `location_id` -
  (Optional)
  The zone where the instance will be provisioned. If not provided,
  the service will choose a zone for the instance. For STANDARD_HA tier,
  instances will be created across two zones for protection against
  zonal failures. If [alternativeLocationId] is also provided, it must
  be different from [locationId].

* `persistence_config` -
  (Optional)
  Persistence configuration for an instance.
  Structure is [documented below](#nested_persistence_config).

* `maintenance_policy` -
  (Optional)
  Maintenance policy for an instance.
  Structure is [documented below](#nested_maintenance_policy).

* `redis_version` -
  (Optional)
  The version of Redis software. If not provided, latest supported
  version will be used. Please check the API documentation linked
  at the top for the latest valid values.

* `reserved_ip_range` -
  (Optional)
  The CIDR range of internal addresses that are reserved for this
  instance. If not provided, the service will choose an unused /29
  block, for example, 10.0.0.0/29 or 192.168.0.0/29. Ranges must be
  unique and non-overlapping with existing subnets in an authorized
  network.

* `tier` -
  (Optional)
  The service tier of the instance. Must be one of these values:
  - BASIC: standalone instance
  - STANDARD_HA: highly available primary/replica instances
  Default value is `BASIC`.
  Possible values are: `BASIC`, `STANDARD_HA`.

* `transit_encryption_mode` -
  (Optional)
  The TLS mode of the Redis instance, If not provided, TLS is disabled for the instance.
  - SERVER_AUTHENTICATION: Client to Server traffic encryption enabled with server authentication
  Default value is `DISABLED`.
  Possible values are: `SERVER_AUTHENTICATION`, `DISABLED`.

* `replica_count` -
  (Optional)
  Optional. The number of replica nodes. The valid range for the Standard Tier with
  read replicas enabled is [1-5] and defaults to 2. If read replicas are not enabled
  for a Standard Tier instance, the only valid value is 1 and the default is 1.
  The valid value for basic tier is 0 and the default is also 0.

* `read_replicas_mode` -
  (Optional)
  Optional. Read replica mode. Can only be specified when trying to create the instance.
  If not set, Memorystore Redis backend will default to READ_REPLICAS_DISABLED.
  - READ_REPLICAS_DISABLED: If disabled, read endpoint will not be provided and the
  instance cannot scale up or down the number of replicas.
  - READ_REPLICAS_ENABLED: If enabled, read endpoint will be provided and the instance
  can scale up and down the number of replicas.
  Possible values are: `READ_REPLICAS_DISABLED`, `READ_REPLICAS_ENABLED`.

* `secondary_ip_range` -
  (Optional)
  Optional. Additional IP range for node placement. Required when enabling read replicas on
  an existing instance. For DIRECT_PEERING mode value must be a CIDR range of size /28, or
  "auto". For PRIVATE_SERVICE_ACCESS mode value must be the name of an allocated address
  range associated with the private service access connection, or "auto".

* `customer_managed_key` -
  (Optional)
  Optional. The KMS key reference that you want to use to encrypt the data at rest for this Redis
  instance. If this is provided, CMEK is enabled.

* `region` -
  (Optional)
  The name of the Redis region of the instance.

* `project` - (Optional) The ID of the project in which the resource belongs.
    If it is not provided, the provider project is used.


<a name="nested_persistence_config"></a>The `persistence_config` block supports:

* `persistence_mode` -
  (Required)
  Optional. Controls whether Persistence features are enabled. If not provided, the existing value will be used.
  - DISABLED: 	Persistence is disabled for the instance, and any existing snapshots are deleted.
  - RDB: RDB based Persistence is enabled.
  Possible values are: `DISABLED`, `RDB`.

* `rdb_snapshot_period` -
  (Optional)
  Optional. Available snapshot periods for scheduling.
  - ONE_HOUR:	Snapshot every 1 hour.
  - SIX_HOURS:	Snapshot every 6 hours.
  - TWELVE_HOURS:	Snapshot every 12 hours.
  - TWENTY_FOUR_HOURS:	Snapshot every 24 hours.
  Possible values are: `ONE_HOUR`, `SIX_HOURS`, `TWELVE_HOURS`, `TWENTY_FOUR_HOURS`.

* `rdb_next_snapshot_time` -
  (Output)
  Output only. The next time that a snapshot attempt is scheduled to occur.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up
  to nine fractional digits.
  Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

* `rdb_snapshot_start_time` -
  (Optional)
  Optional. Date and time that the first snapshot was/will be attempted,
  and to which future snapshots will be aligned. If not provided,
  the current time will be used.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution
  and up to nine fractional digits.
  Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

<a name="nested_maintenance_policy"></a>The `maintenance_policy` block supports:

* `create_time` -
  (Output)
  Output only. The time when the policy was created.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond
  resolution and up to nine fractional digits.

* `update_time` -
  (Output)
  Output only. The time when the policy was last updated.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond
  resolution and up to nine fractional digits.

* `description` -
  (Optional)
  Optional. Description of what this policy is for.
  Create/Update methods return INVALID_ARGUMENT if the
  length is greater than 512.

* `weekly_maintenance_window` -
  (Optional)
  Optional. Maintenance window that is applied to resources covered by this policy.
  Minimum 1. For the current version, the maximum number
  of weekly_window is expected to be one.
  Structure is [documented below](#nested_weekly_maintenance_window).


<a name="nested_weekly_maintenance_window"></a>The `weekly_maintenance_window` block supports:

* `day` -
  (Required)
  Required. The day of week that maintenance updates occur.
  - DAY_OF_WEEK_UNSPECIFIED: The day of the week is unspecified.
  - MONDAY: Monday
  - TUESDAY: Tuesday
  - WEDNESDAY: Wednesday
  - THURSDAY: Thursday
  - FRIDAY: Friday
  - SATURDAY: Saturday
  - SUNDAY: Sunday
  Possible values are: `DAY_OF_WEEK_UNSPECIFIED`, `MONDAY`, `TUESDAY`, `WEDNESDAY`, `THURSDAY`, `FRIDAY`, `SATURDAY`, `SUNDAY`.

* `duration` -
  (Output)
  Output only. Duration of the maintenance window.
  The current window is fixed at 1 hour.
  A duration in seconds with up to nine fractional digits,
  terminated by 's'. Example: "3.5s".

* `start_time` -
  (Required)
  Required. Start time of the window in UTC time.
  Structure is [documented below](#nested_start_time).


<a name="nested_start_time"></a>The `start_time` block supports:

* `hours` -
  (Optional)
  Hours of day in 24 hour format. Should be from 0 to 23.
  An API may choose to allow the value "24:00:00" for scenarios like business closing time.

* `minutes` -
  (Optional)
  Minutes of hour of day. Must be from 0 to 59.

* `seconds` -
  (Optional)
  Seconds of minutes of the time. Must normally be from 0 to 59.
  An API may allow the value 60 if it allows leap-seconds.

* `nanos` -
  (Optional)
  Fractions of seconds in nanoseconds. Must be from 0 to 999,999,999.

## Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

* `id` - an identifier for the resource with format `projects/{{project}}/locations/{{region}}/instances/{{name}}`

* `create_time` -
  The time the instance was created in RFC3339 UTC "Zulu" format,
  accurate to nanoseconds.

* `current_location_id` -
  The current zone where the Redis endpoint is placed.
  For Basic Tier instances, this will always be the same as the
  [locationId] provided by the user at creation time. For Standard Tier
  instances, this can be either [locationId] or [alternativeLocationId]
  and can change after a failover event.

* `host` -
  Hostname or IP address of the exposed Redis endpoint used by clients
  to connect to the service.

* `maintenance_schedule` -
  Upcoming maintenance schedule.
  Structure is [documented below](#nested_maintenance_schedule).

* `port` -
  The port number of the exposed Redis endpoint.

* `persistence_iam_identity` -
  Output only. Cloud IAM identity used by import / export operations
  to transfer data to/from Cloud Storage. Format is "serviceAccount:".
  The value may change over time for a given instance so should be
  checked before each import/export operation.

* `server_ca_certs` -
  List of server CA certificates for the instance.
  Structure is [documented below](#nested_server_ca_certs).

* `nodes` -
  Output only. Info per node.
  Structure is [documented below](#nested_nodes).

* `read_endpoint` -
  Output only. Hostname or IP address of the exposed readonly Redis endpoint. Standard tier only.
  Targets all healthy replica nodes in instance. Replication is asynchronous and replica nodes
  will exhibit some lag behind the primary. Write requests must target 'host'.

* `read_endpoint_port` -
  Output only. The port number of the exposed readonly redis endpoint. Standard tier only.
  Write requests should target 'port'.

* `terraform_labels` -
  The combination of labels configured directly on the resource
   and default labels configured on the provider.

* `effective_labels` -
  All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.


<a name="nested_maintenance_schedule"></a>The `maintenance_schedule` block contains:

* `start_time` -
  (Output)
  Output only. The start time of any upcoming scheduled maintenance for this instance.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond
  resolution and up to nine fractional digits.

* `end_time` -
  (Output)
  Output only. The end time of any upcoming scheduled maintenance for this instance.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond
  resolution and up to nine fractional digits.

* `schedule_deadline_time` -
  (Output)
  Output only. The deadline that the maintenance schedule start time
  can not go beyond, including reschedule.
  A timestamp in RFC3339 UTC "Zulu" format, with nanosecond
  resolution and up to nine fractional digits.

<a name="nested_server_ca_certs"></a>The `server_ca_certs` block contains:

* `serial_number` -
  (Output)
  Serial number, as extracted from the certificate.

* `cert` -
  (Output)
  The certificate data in PEM format.

* `create_time` -
  (Output)
  The time when the certificate was created.

* `expire_time` -
  (Output)
  The time when the certificate expires.

* `sha1_fingerprint` -
  (Output)
  Sha1 Fingerprint of the certificate.

<a name="nested_nodes"></a>The `nodes` block contains:

* `id` -
  (Output)
  Node identifying string. e.g. 'node-0', 'node-1'

* `zone` -
  (Output)
  Location of the node.

## Timeouts

This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:

- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.

## Import


Instance can be imported using any of these accepted formats:

* `projects/{{project}}/locations/{{region}}/instances/{{name}}`
* `{{project}}/{{region}}/{{name}}`
* `{{region}}/{{name}}`
* `{{name}}`


In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import Instance using one of the formats above. For example:

```tf
import {
  id = "projects/{{project}}/locations/{{region}}/instances/{{name}}"
  to = google_redis_instance.default
}
```

When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), Instance can be imported using one of the formats above. For example:

```
$ terraform import google_redis_instance.default projects/{{project}}/locations/{{region}}/instances/{{name}}
$ terraform import google_redis_instance.default {{project}}/{{region}}/{{name}}
$ terraform import google_redis_instance.default {{region}}/{{name}}
$ terraform import google_redis_instance.default {{name}}
```

## User Project Overrides

This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).