def Run(self, args): holder = base_classes.ComputeApiHolder(self.ReleaseTrack()) client = holder.client messages = client.messages disk_ref = disks_flags.MakeDiskArg(plural=False).ResolveAsResource( args, holder.resources) resource_policies = [] for policy in args.resource_policies: resource_policy_ref = util.ParseResourcePolicyWithZone( holder.resources, policy, project=disk_ref.project, zone=disk_ref.zone) resource_policies.append(resource_policy_ref.SelfLink()) add_request = messages.ComputeDisksAddResourcePoliciesRequest( disk=disk_ref.Name(), project=disk_ref.project, zone=disk_ref.zone, disksAddResourcePoliciesRequest=messages. DisksAddResourcePoliciesRequest( resourcePolicies=resource_policies)) return client.MakeRequests([(client.apitools_client.disks, 'AddResourcePolicies', add_request)])
def Run(self, args): holder = base_classes.ComputeApiHolder(self.ReleaseTrack()) client = holder.client messages = client.messages instance_ref = instance_flags.INSTANCE_ARG.ResolveAsResource( args, holder.resources, scope_lister=instance_flags.GetInstanceZoneScopeLister(client)) resource_policies = [] for policy in args.resource_policies: resource_policy_ref = util.ParseResourcePolicyWithZone( holder.resources, policy, project=instance_ref.project, zone=instance_ref.zone) resource_policies.append(resource_policy_ref.SelfLink()) add_request = messages.ComputeInstancesAddResourcePoliciesRequest( instance=instance_ref.Name(), project=instance_ref.project, zone=instance_ref.zone, instancesAddResourcePoliciesRequest=messages. InstancesAddResourcePoliciesRequest( resourcePolicies=resource_policies)) return client.MakeRequests([(client.apitools_client.instances, 'AddResourcePolicies', add_request)])
def _CreateRequests( self, args, instance_refs, compute_client, resource_parser, holder): # gcloud creates default values for some fields in Instance resource # when no value was specified on command line. # When --source-instance-template was specified, defaults are taken from # Instance Template and gcloud flags are used to override them - by default # fields should not be initialized. source_instance_template = self.GetSourceInstanceTemplate( args, resource_parser) skip_defaults = source_instance_template is not None source_machine_image = self.GetSourceMachineImage( args, resource_parser) skip_defaults = skip_defaults or source_machine_image is not None scheduling = instance_utils.GetScheduling( args, compute_client, skip_defaults, support_node_affinity=True, support_min_node_cpus=self._support_min_node_cpus, support_location_hint=self._support_location_hint) tags = instance_utils.GetTags(args, compute_client) labels = instance_utils.GetLabels(args, compute_client) metadata = instance_utils.GetMetadata(args, compute_client, skip_defaults) boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args) network_interfaces = self._GetNetworkInterfacesWithValidation( args, resource_parser, compute_client, holder, instance_refs, skip_defaults) machine_type_uris = instance_utils.GetMachineTypeUris( args, compute_client, holder, instance_refs, skip_defaults) create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk or []) image_uri = self._GetImageUri( args, compute_client, create_boot_disk, instance_refs, resource_parser) shielded_instance_config = self._BuildShieldedInstanceConfigMessage( messages=compute_client.messages, args=args) if self._support_confidential_compute: confidential_instance_config = ( self._BuildConfidentialInstanceConfigMessage( messages=compute_client.messages, args=args)) # TODO(b/80138906): Release track should not be used like this. # These feature are only exposed in alpha/beta allow_rsa_encrypted = False if self.ReleaseTrack() in [base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA]: allow_rsa_encrypted = True csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted) disks_messages = self._GetDiskMessages( args, skip_defaults, instance_refs, compute_client, resource_parser, create_boot_disk, boot_disk_size_gb, image_uri, csek_keys) project_to_sa = self._GetProjectToServiceAccountMap( args, instance_refs, compute_client, skip_defaults) requests = [] for instance_ref, machine_type_uri, disks in zip( instance_refs, machine_type_uris, disks_messages): can_ip_forward = instance_utils.GetCanIpForward(args, skip_defaults) guest_accelerators = instance_utils.GetAccelerators( args, compute_client, resource_parser, instance_ref) instance = compute_client.messages.Instance( canIpForward=can_ip_forward, deletionProtection=args.deletion_protection, description=args.description, disks=disks, guestAccelerators=guest_accelerators, hostname=args.hostname, labels=labels, machineType=machine_type_uri, metadata=metadata, minCpuPlatform=args.min_cpu_platform, name=instance_ref.Name(), networkInterfaces=network_interfaces, serviceAccounts=project_to_sa[instance_ref.project], scheduling=scheduling, tags=tags) resource_policies = getattr( args, 'resource_policies', None) if resource_policies: parsed_resource_policies = [] for policy in resource_policies: resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone( resource_parser, policy, project=instance_ref.project, zone=instance_ref.zone) parsed_resource_policies.append(resource_policy_ref.SelfLink()) instance.resourcePolicies = parsed_resource_policies if shielded_instance_config: instance.shieldedInstanceConfig = shielded_instance_config if self._support_confidential_compute and confidential_instance_config: instance.confidentialInstanceConfig = confidential_instance_config if self._support_erase_vss and \ args.IsSpecified('erase_windows_vss_signature'): instance.eraseWindowsVssSignature = args.erase_windows_vss_signature request = compute_client.messages.ComputeInstancesInsertRequest( instance=instance, project=instance_ref.project, zone=instance_ref.zone) if source_instance_template: request.sourceInstanceTemplate = source_instance_template if source_machine_image: request.instance.sourceMachineImage = source_machine_image if args.IsSpecified('source_machine_image_csek_key_file'): key = instance_utils.GetSourceMachineImageKey( args, self.SOURCE_MACHINE_IMAGE, compute_client, holder) request.instance.sourceMachineImageEncryptionKey = key if self._support_machine_image_key and \ args.IsSpecified('source_machine_image_csek_key_file'): if not args.IsSpecified('source_machine_image'): raise exceptions.RequiredArgumentException( '`--source-machine-image`', '`--source-machine-image-csek-key-file` requires ' '`--source-machine-image` to be specified`') if args.IsSpecified('enable_display_device'): request.instance.displayDevice = compute_client.messages.DisplayDevice( enableDisplay=args.enable_display_device) request.instance.reservationAffinity = instance_utils.GetReservationAffinity( args, compute_client) requests.append( (compute_client.apitools_client.instances, 'Insert', request)) return requests
def _CreateRequests(self, args, instance_refs, compute_client, resource_parser, holder): # gcloud creates default values for some fields in Instance resource # when no value was specified on command line. # When --source-instance-template was specified, defaults are taken from # Instance Template and gcloud flags are used to override them - by default # fields should not be initialized. source_instance_template = self.GetSourceInstanceTemplate( args, resource_parser) skip_defaults = source_instance_template is not None scheduling = instance_utils.GetScheduling( args, compute_client, skip_defaults, support_node_affinity=self._support_node_affinity) tags = instance_utils.GetTags(args, compute_client) labels = instance_utils.GetLabels(args, compute_client) metadata = instance_utils.GetMetadata(args, compute_client, skip_defaults) boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args) network_interfaces = self._GetNetworkInterfacesWithValidation( args, resource_parser, compute_client, holder, instance_refs, skip_defaults) machine_type_uris = instance_utils.GetMachineTypeUris( args, compute_client, holder, instance_refs, skip_defaults) create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk or []) image_uri = self._GetImageUri(args, compute_client, create_boot_disk, instance_refs, resource_parser) # TODO(b/80138906): Release track should not be used like this. # These feature are only exposed in alpha/beta shielded_vm_config = None allow_rsa_encrypted = False if self.ReleaseTrack() in [ base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA ]: allow_rsa_encrypted = True shielded_vm_config = self._BuildShieldedVMConfigMessage( messages=compute_client.messages, args=args) csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted) disks_messages = self._GetDiskMessagess(args, skip_defaults, instance_refs, compute_client, resource_parser, create_boot_disk, boot_disk_size_gb, image_uri, csek_keys) project_to_sa = self._GetProjectToServiceAccountMap( args, instance_refs, compute_client, skip_defaults) requests = [] for instance_ref, machine_type_uri, disks in zip( instance_refs, machine_type_uris, disks_messages): can_ip_forward = instance_utils.GetCanIpForward( args, skip_defaults) guest_accelerators = instance_utils.GetAccelerators( args, compute_client, resource_parser, instance_ref) instance = compute_client.messages.Instance( canIpForward=can_ip_forward, deletionProtection=args.deletion_protection, description=args.description, disks=disks, guestAccelerators=guest_accelerators, labels=labels, machineType=machine_type_uri, metadata=metadata, minCpuPlatform=args.min_cpu_platform, name=instance_ref.Name(), networkInterfaces=network_interfaces, serviceAccounts=project_to_sa[instance_ref.project], scheduling=scheduling, tags=tags) sole_tenancy_host = self._GetGetSoleTenancyHost( args, resource_parser, instance_ref) if sole_tenancy_host: instance.host = sole_tenancy_host resource_policies = getattr(args, 'resource_policies', None) if resource_policies: parsed_resource_policies = [] for policy in resource_policies: resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone( resource_parser, policy, project=instance_ref.project, zone=instance_ref.zone) parsed_resource_policies.append( resource_policy_ref.SelfLink()) instance.resourcePolicies = parsed_resource_policies if shielded_vm_config: instance.shieldedVmConfig = shielded_vm_config request = compute_client.messages.ComputeInstancesInsertRequest( instance=instance, project=instance_ref.project, zone=instance_ref.zone) if source_instance_template: request.sourceInstanceTemplate = source_instance_template requests.append( (compute_client.apitools_client.instances, 'Insert', request)) return requests
def _CreateRequests(self, args, instance_refs, project, zone, compute_client, resource_parser, holder): # gcloud creates default values for some fields in Instance resource # when no value was specified on command line. # When --source-instance-template was specified, defaults are taken from # Instance Template and gcloud flags are used to override them - by default # fields should not be initialized. source_instance_template = self.GetSourceInstanceTemplate( args, resource_parser) skip_defaults = source_instance_template is not None source_machine_image = self.GetSourceMachineImage( args, resource_parser) skip_defaults = skip_defaults or source_machine_image is not None scheduling = instance_utils.GetScheduling( args, compute_client, skip_defaults, support_node_affinity=True, support_min_node_cpu=self._support_min_node_cpu, support_location_hint=self._support_location_hint) tags = instance_utils.GetTags(args, compute_client) labels = instance_utils.GetLabels(args, compute_client) metadata = instance_utils.GetMetadata(args, compute_client, skip_defaults) boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args) network_interfaces = create_utils.GetNetworkInterfacesWithValidation( args=args, resource_parser=resource_parser, compute_client=compute_client, holder=holder, project=project, location=zone, scope=compute_scopes.ScopeEnum.ZONE, skip_defaults=skip_defaults, support_public_dns=self._support_public_dns) create_boot_disk = not instance_utils.UseExistingBootDisk(args.disk or []) image_uri = create_utils.GetImageUri(args, compute_client, create_boot_disk, project, resource_parser) shielded_instance_config = create_utils.BuildShieldedInstanceConfigMessage( messages=compute_client.messages, args=args) if self._support_confidential_compute: confidential_instance_config = ( create_utils.BuildConfidentialInstanceConfigMessage( messages=compute_client.messages, args=args)) csek_keys = csek_utils.CsekKeyStore.FromArgs( args, self._support_rsa_encrypted) project_to_sa = create_utils.GetProjectToServiceAccountMap( args, instance_refs, compute_client, skip_defaults) requests = [] for instance_ref in instance_refs: disks = [] if create_utils.CheckSpecifiedDiskArgs( args=args, skip_defaults=skip_defaults, support_kms=self._support_kms): disks = create_utils.CreateDiskMessages( args=args, instance_name=instance_ref.Name(), project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE, compute_client=compute_client, resource_parser=resource_parser, boot_disk_size_gb=boot_disk_size_gb, image_uri=image_uri, create_boot_disk=create_boot_disk, csek_keys=csek_keys, support_kms=self._support_kms, support_nvdimm=self._support_nvdimm, support_disk_resource_policy=self. _support_disk_resource_policy, support_source_snapshot_csek=self. _support_source_snapshot_csek, support_boot_snapshot_uri=self._support_boot_snapshot_uri, support_image_csek=self._support_image_csek, support_create_disk_snapshots=self. _support_create_disk_snapshots) machine_type_uri = None if instance_utils.CheckSpecifiedMachineTypeArgs( args, skip_defaults): machine_type_uri = instance_utils.CreateMachineTypeUri( args=args, compute_client=compute_client, resource_parser=resource_parser, project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE) can_ip_forward = instance_utils.GetCanIpForward( args, skip_defaults) guest_accelerators = create_utils.GetAccelerators( args=args, compute_client=compute_client, resource_parser=resource_parser, project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE) instance = compute_client.messages.Instance( canIpForward=can_ip_forward, deletionProtection=args.deletion_protection, description=args.description, disks=disks, guestAccelerators=guest_accelerators, hostname=args.hostname, labels=labels, machineType=machine_type_uri, metadata=metadata, minCpuPlatform=args.min_cpu_platform, name=instance_ref.Name(), networkInterfaces=network_interfaces, serviceAccounts=project_to_sa[instance_ref.project], scheduling=scheduling, tags=tags) if args.private_ipv6_google_access_type is not None: instance.privateIpv6GoogleAccess = ( instances_flags.GetPrivateIpv6GoogleAccessTypeFlagMapper( compute_client.messages).GetEnumForChoice( args.private_ipv6_google_access_type)) resource_policies = getattr(args, 'resource_policies', None) if resource_policies: parsed_resource_policies = [] for policy in resource_policies: resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone( resource_parser, policy, project=instance_ref.project, zone=instance_ref.zone) parsed_resource_policies.append( resource_policy_ref.SelfLink()) instance.resourcePolicies = parsed_resource_policies if shielded_instance_config: instance.shieldedInstanceConfig = shielded_instance_config if self._support_confidential_compute and confidential_instance_config: instance.confidentialInstanceConfig = confidential_instance_config if self._support_erase_vss and \ args.IsSpecified('erase_windows_vss_signature'): instance.eraseWindowsVssSignature = args.erase_windows_vss_signature if self._support_post_key_revocation_action_type and args.IsSpecified( 'post_key_revocation_action_type'): instance.postKeyRevocationActionType = arg_utils.ChoiceToEnum( args.post_key_revocation_action_type, compute_client.messages.Instance. PostKeyRevocationActionTypeValueValuesEnum) request = compute_client.messages.ComputeInstancesInsertRequest( instance=instance, project=instance_ref.project, zone=instance_ref.zone) if source_instance_template: request.sourceInstanceTemplate = source_instance_template if source_machine_image: request.instance.sourceMachineImage = source_machine_image if args.IsSpecified('source_machine_image_csek_key_file'): key = instance_utils.GetSourceMachineImageKey( args, self.SOURCE_MACHINE_IMAGE, compute_client, holder) request.instance.sourceMachineImageEncryptionKey = key if self._support_machine_image_key and \ args.IsSpecified('source_machine_image_csek_key_file'): if not args.IsSpecified('source_machine_image'): raise exceptions.RequiredArgumentException( '`--source-machine-image`', '`--source-machine-image-csek-key-file` requires ' '`--source-machine-image` to be specified`') if args.IsSpecified('enable_display_device'): request.instance.displayDevice = compute_client.messages.DisplayDevice( enableDisplay=args.enable_display_device) request.instance.reservationAffinity = instance_utils.GetReservationAffinity( args, compute_client) requests.append( (compute_client.apitools_client.instances, 'Insert', request)) return requests
def _Run(self, args, supports_kms_keys=False): compute_holder = base_classes.ComputeApiHolder(self.ReleaseTrack()) client = compute_holder.client self.show_unformated_message = not ( args.IsSpecified('image') or args.IsSpecified('image_family') or args.IsSpecified('source_snapshot')) disk_refs = self.ValidateAndParseDiskRefs(args, compute_holder) from_image = self.GetFromImage(args) size_gb = self.GetDiskSizeGb(args, from_image) self.WarnAboutScopeDeprecationsAndMaintainance(disk_refs, client) project_to_source_image = self.GetProjectToSourceImageDict( args, disk_refs, compute_holder, from_image) snapshot_uri = self.GetSnapshotUri(args, compute_holder) # Those features are only exposed in alpha/beta, it would be nice to have # code supporting them only in alpha and beta versions of the command. labels = self.GetLabels(args, client) allow_rsa_encrypted = self.ReleaseTrack() in [ base.ReleaseTrack.ALPHA, base.ReleaseTrack.BETA ] csek_keys = csek_utils.CsekKeyStore.FromArgs(args, allow_rsa_encrypted) for project in project_to_source_image: source_image_uri = project_to_source_image[project].uri project_to_source_image[project].keys = ( csek_utils.MaybeLookupKeyMessagesByUri( csek_keys, compute_holder.resources, [source_image_uri, snapshot_uri], client.apitools_client)) resource_policies = getattr(args, 'resource_policies', None) # end of alpha/beta features. guest_os_feature_messages = _ParseGuestOsFeaturesToMessages( args, client.messages) requests = [] for disk_ref in disk_refs: type_uri = self.GetDiskTypeUri(args, disk_ref, compute_holder) # Those features are only exposed in alpha/beta, it would be nice to have # code supporting them only in alpha and beta versions of the command. # TODO(b/65161039): Stop checking release path in the middle of GA code. kwargs = {} if csek_keys: disk_key_or_none = csek_keys.LookupKey( disk_ref, args.require_csek_key_create) disk_key_message_or_none = csek_utils.MaybeToMessage( disk_key_or_none, client.apitools_client) kwargs['diskEncryptionKey'] = disk_key_message_or_none kwargs['sourceImageEncryptionKey'] = ( project_to_source_image[disk_ref.project].keys[0]) kwargs['sourceSnapshotEncryptionKey'] = ( project_to_source_image[disk_ref.project].keys[1]) if labels: kwargs['labels'] = labels if supports_kms_keys: kwargs['diskEncryptionKey'] = kms_utils.MaybeGetKmsKey( args, client.messages, kwargs.get('diskEncryptionKey', None)) if resource_policies: if disk_ref.Collection() == 'compute.regionDisks': raise exceptions.InvalidArgumentException( '--resource-policies', 'Resource policies are not supported for regional disks.' ) parsed_resource_policies = [] for policy in resource_policies: resource_policy_ref = resource_util.ParseResourcePolicyWithZone( compute_holder.resources, policy, project=disk_ref.project, zone=disk_ref.zone) parsed_resource_policies.append( resource_policy_ref.SelfLink()) kwargs['resourcePolicies'] = parsed_resource_policies # end of alpha/beta features. disk = client.messages.Disk(name=disk_ref.Name(), description=args.description, sizeGb=size_gb, sourceSnapshot=snapshot_uri, type=type_uri, **kwargs) if guest_os_feature_messages: disk.guestOsFeatures = guest_os_feature_messages disk.licenses = self.ParseLicenses(args) if disk_ref.Collection() == 'compute.disks': request = client.messages.ComputeDisksInsertRequest( disk=disk, project=disk_ref.project, sourceImage=project_to_source_image[disk_ref.project].uri, zone=disk_ref.zone) request = (client.apitools_client.disks, 'Insert', request) elif disk_ref.Collection() == 'compute.regionDisks': disk.replicaZones = self.GetReplicaZones( args, compute_holder, disk_ref) request = client.messages.ComputeRegionDisksInsertRequest( disk=disk, project=disk_ref.project, sourceImage=project_to_source_image[disk_ref.project].uri, region=disk_ref.region) request = (client.apitools_client.regionDisks, 'Insert', request) requests.append(request) return client.MakeRequests(requests)
def _CreateRequests(self, args, instance_refs, project, zone, compute_client, resource_parser, holder): # gcloud creates default values for some fields in Instance resource # when no value was specified on command line. # When --source-instance-template was specified, defaults are taken from # Instance Template and gcloud flags are used to override them - by default # fields should not be initialized. source_instance_template = self.GetSourceInstanceTemplate( args, resource_parser) skip_defaults = source_instance_template is not None source_machine_image = self.GetSourceMachineImage( args, resource_parser) skip_defaults = skip_defaults or source_machine_image is not None scheduling = instance_utils.GetScheduling( args, compute_client, skip_defaults, support_node_affinity=True, support_node_project=self._support_node_project, support_host_error_timeout_seconds=self. _support_host_error_timeout_seconds, support_max_run_duration=self._support_max_run_duration) tags = instance_utils.GetTags(args, compute_client) labels = instance_utils.GetLabels(args, compute_client) metadata = instance_utils.GetMetadata(args, compute_client, skip_defaults) boot_disk_size_gb = instance_utils.GetBootDiskSizeGb(args) network_interfaces = create_utils.GetNetworkInterfacesWithValidation( args=args, resource_parser=resource_parser, compute_client=compute_client, holder=holder, project=project, location=zone, scope=compute_scopes.ScopeEnum.ZONE, skip_defaults=skip_defaults, support_public_dns=self._support_public_dns, support_ipv6_assignment=self._support_ipv6_assignment) confidential_vm = (args.IsSpecified('confidential_compute') and args.confidential_compute) create_boot_disk = not ( instance_utils.UseExistingBootDisk((args.disk or []) + (args.create_disk or []))) image_uri = create_utils.GetImageUri( args, compute_client, create_boot_disk, project, resource_parser, confidential_vm, image_family_scope=args.image_family_scope, support_image_family_scope=True) shielded_instance_config = create_utils.BuildShieldedInstanceConfigMessage( messages=compute_client.messages, args=args) confidential_instance_config = ( create_utils.BuildConfidentialInstanceConfigMessage( messages=compute_client.messages, args=args)) csek_keys = csek_utils.CsekKeyStore.FromArgs( args, self._support_rsa_encrypted) project_to_sa = create_utils.GetProjectToServiceAccountMap( args, instance_refs, compute_client, skip_defaults) requests = [] for instance_ref in instance_refs: disks = [] if create_utils.CheckSpecifiedDiskArgs( args=args, skip_defaults=skip_defaults, support_kms=self._support_kms): disks = create_utils.CreateDiskMessages( args=args, instance_name=instance_ref.Name(), project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE, compute_client=compute_client, resource_parser=resource_parser, boot_disk_size_gb=boot_disk_size_gb, image_uri=image_uri, create_boot_disk=create_boot_disk, csek_keys=csek_keys, holder=holder, support_kms=self._support_kms, support_nvdimm=self._support_nvdimm, support_source_snapshot_csek=self. _support_source_snapshot_csek, support_boot_snapshot_uri=self._support_boot_snapshot_uri, support_image_csek=self._support_image_csek, support_create_disk_snapshots=self. _support_create_disk_snapshots, support_replica_zones=self._support_replica_zones, support_multi_writer=self._support_multi_writer, support_disk_architecture=self._support_disk_architecture) machine_type_uri = None if instance_utils.CheckSpecifiedMachineTypeArgs( args, skip_defaults): machine_type_uri = instance_utils.CreateMachineTypeUri( args=args, compute_client=compute_client, resource_parser=resource_parser, project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE, confidential_vm=confidential_vm) can_ip_forward = instance_utils.GetCanIpForward( args, skip_defaults) guest_accelerators = create_utils.GetAccelerators( args=args, compute_client=compute_client, resource_parser=resource_parser, project=instance_ref.project, location=instance_ref.zone, scope=compute_scopes.ScopeEnum.ZONE) instance = compute_client.messages.Instance( canIpForward=can_ip_forward, deletionProtection=args.deletion_protection, description=args.description, disks=disks, guestAccelerators=guest_accelerators, hostname=args.hostname, labels=labels, machineType=machine_type_uri, metadata=metadata, minCpuPlatform=args.min_cpu_platform, name=instance_ref.Name(), networkInterfaces=network_interfaces, serviceAccounts=project_to_sa[instance_ref.project], scheduling=scheduling, tags=tags) if self._support_instance_kms and args.CONCEPTS.instance_kms_key: instance.instanceEncryptionKey = kms_utils.MaybeGetKmsKey( args, compute_client.messages, instance.instanceEncryptionKey, instance_prefix=True) if self._support_secure_tag and args.secure_tags: instance.secureTags = secure_tags_utils.GetSecureTags( args.secure_tags) if args.resource_manager_tags: ret_resource_manager_tags = resource_manager_tags_utils.GetResourceManagerTags( args.resource_manager_tags) if ret_resource_manager_tags is not None: params = compute_client.messages.InstanceParams instance.params = params( resourceManagerTags=params.ResourceManagerTagsValue( additionalProperties=[ params.ResourceManagerTagsValue. AdditionalProperty(key=key, value=value) for key, value in sorted( six.iteritems(ret_resource_manager_tags)) ])) if args.private_ipv6_google_access_type is not None: instance.privateIpv6GoogleAccess = ( instances_flags.GetPrivateIpv6GoogleAccessTypeFlagMapper( compute_client.messages).GetEnumForChoice( args.private_ipv6_google_access_type)) has_visible_core_count = (self._support_visible_core_count and args.visible_core_count is not None) if (args.enable_nested_virtualization is not None or args.threads_per_core is not None or (self._support_numa_node_count and args.numa_node_count is not None) or has_visible_core_count or args.enable_uefi_networking is not None): visible_core_count = args.visible_core_count if has_visible_core_count else None instance.advancedMachineFeatures = ( instance_utils.CreateAdvancedMachineFeaturesMessage( compute_client.messages, args.enable_nested_virtualization, args.threads_per_core, args.numa_node_count if self._support_numa_node_count else None, visible_core_count, args.enable_uefi_networking)) resource_policies = getattr(args, 'resource_policies', None) if resource_policies: parsed_resource_policies = [] for policy in resource_policies: resource_policy_ref = maintenance_util.ParseResourcePolicyWithZone( resource_parser, policy, project=instance_ref.project, zone=instance_ref.zone) parsed_resource_policies.append( resource_policy_ref.SelfLink()) instance.resourcePolicies = parsed_resource_policies if shielded_instance_config: instance.shieldedInstanceConfig = shielded_instance_config if confidential_instance_config: instance.confidentialInstanceConfig = confidential_instance_config if self._support_erase_vss and args.IsSpecified( 'erase_windows_vss_signature'): instance.eraseWindowsVssSignature = args.erase_windows_vss_signature if self._support_post_key_revocation_action_type and args.IsSpecified( 'post_key_revocation_action_type'): instance.postKeyRevocationActionType = arg_utils.ChoiceToEnum( args.post_key_revocation_action_type, compute_client.messages.Instance. PostKeyRevocationActionTypeValueValuesEnum) if self._support_key_revocation_action_type and args.IsSpecified( 'key_revocation_action_type'): instance.keyRevocationActionType = arg_utils.ChoiceToEnum( args.key_revocation_action_type, compute_client.messages. Instance.KeyRevocationActionTypeValueValuesEnum) if args.IsSpecified('network_performance_configs'): instance.networkPerformanceConfig = instance_utils.GetNetworkPerformanceConfig( args, compute_client) request = compute_client.messages.ComputeInstancesInsertRequest( instance=instance, project=instance_ref.project, zone=instance_ref.zone) if source_instance_template: request.sourceInstanceTemplate = source_instance_template if source_machine_image: request.instance.sourceMachineImage = source_machine_image if args.IsSpecified('source_machine_image_csek_key_file'): key = instance_utils.GetSourceMachineImageKey( args, self.SOURCE_MACHINE_IMAGE, compute_client, holder) request.instance.sourceMachineImageEncryptionKey = key if self._support_machine_image_key and args.IsSpecified( 'source_machine_image_csek_key_file'): if not args.IsSpecified('source_machine_image'): raise exceptions.RequiredArgumentException( '`--source-machine-image`', '`--source-machine-image-csek-key-file` requires ' '`--source-machine-image` to be specified`') if args.IsSpecified('enable_display_device'): request.instance.displayDevice = compute_client.messages.DisplayDevice( enableDisplay=args.enable_display_device) request.instance.reservationAffinity = instance_utils.GetReservationAffinity( args, compute_client) requests.append( (compute_client.apitools_client.instances, 'Insert', request)) return requests