Guest
An OS Config resource representing a guest configuration policy. These policies represent the desired state for VM instance guest environments including packages to install or remove, package repository configurations, and software to install. To get more information about GuestPolicies, see:
How-to Guides
Example Usage
Os Config Guest Policies Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.ComputeFunctions;
import com.pulumi.gcp.compute.inputs.GetImageArgs;
import com.pulumi.gcp.compute.Instance;
import com.pulumi.gcp.compute.InstanceArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskArgs;
import com.pulumi.gcp.compute.inputs.InstanceBootDiskInitializeParamsArgs;
import com.pulumi.gcp.compute.inputs.InstanceNetworkInterfaceArgs;
import com.pulumi.gcp.osconfig.GuestPolicies;
import com.pulumi.gcp.osconfig.GuestPoliciesArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesAssignmentArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesPackageArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var myImage = ComputeFunctions.getImage(GetImageArgs.builder()
.family("debian-11")
.project("debian-cloud")
.build());
var foobar = new Instance("foobar", InstanceArgs.builder()
.machineType("e2-medium")
.zone("us-central1-a")
.canIpForward(false)
.tags(
"foo",
"bar")
.bootDisk(InstanceBootDiskArgs.builder()
.initializeParams(InstanceBootDiskInitializeParamsArgs.builder()
.image(myImage.applyValue(getImageResult -> getImageResult.selfLink()))
.build())
.build())
.networkInterfaces(InstanceNetworkInterfaceArgs.builder()
.network("default")
.build())
.metadata(Map.of("foo", "bar"))
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
var guestPolicies = new GuestPolicies("guestPolicies", GuestPoliciesArgs.builder()
.guestPolicyId("guest-policy")
.assignment(GuestPoliciesAssignmentArgs.builder()
.instances(foobar.id())
.build())
.packages(GuestPoliciesPackageArgs.builder()
.name("my-package")
.desiredState("UPDATED")
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Os Config Guest Policies Packages
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.osconfig.GuestPolicies;
import com.pulumi.gcp.osconfig.GuestPoliciesArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesAssignmentArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesPackageArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesPackageRepositoryArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesPackageRepositoryAptArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesPackageRepositoryYumArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var guestPolicies = new GuestPolicies("guestPolicies", GuestPoliciesArgs.builder()
.guestPolicyId("guest-policy")
.assignment(GuestPoliciesAssignmentArgs.builder()
.groupLabels(
GuestPoliciesAssignmentGroupLabelArgs.builder()
.labels(Map.ofEntries(
Map.entry("color", "red"),
Map.entry("env", "test")
))
.build(),
GuestPoliciesAssignmentGroupLabelArgs.builder()
.labels(Map.ofEntries(
Map.entry("color", "blue"),
Map.entry("env", "test")
))
.build())
.build())
.packages(
GuestPoliciesPackageArgs.builder()
.name("my-package")
.desiredState("INSTALLED")
.build(),
GuestPoliciesPackageArgs.builder()
.name("bad-package-1")
.desiredState("REMOVED")
.build(),
GuestPoliciesPackageArgs.builder()
.name("bad-package-2")
.desiredState("REMOVED")
.manager("APT")
.build())
.packageRepositories(
GuestPoliciesPackageRepositoryArgs.builder()
.apt(GuestPoliciesPackageRepositoryAptArgs.builder()
.uri("https://packages.cloud.google.com/apt")
.archiveType("DEB")
.distribution("cloud-sdk-stretch")
.components("main")
.build())
.build(),
GuestPoliciesPackageRepositoryArgs.builder()
.yum(GuestPoliciesPackageRepositoryYumArgs.builder()
.id("google-cloud-sdk")
.displayName("Google Cloud SDK")
.baseUrl("https://packages.cloud.google.com/yum/repos/cloud-sdk-el7-x86_64")
.gpgKeys(
"https://packages.cloud.google.com/yum/doc/yum-key.gpg",
"https://packages.cloud.google.com/yum/doc/rpm-package-key.gpg")
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Os Config Guest Policies Recipes
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.osconfig.GuestPolicies;
import com.pulumi.gcp.osconfig.GuestPoliciesArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesAssignmentArgs;
import com.pulumi.gcp.osconfig.inputs.GuestPoliciesRecipeArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var guestPolicies = new GuestPolicies("guestPolicies", GuestPoliciesArgs.builder()
.guestPolicyId("guest-policy")
.assignment(GuestPoliciesAssignmentArgs.builder()
.zones(
"us-east1-b",
"us-east1-d")
.build())
.recipes(GuestPoliciesRecipeArgs.builder()
.name("guest-policy-recipe")
.desiredState("INSTALLED")
.artifacts(GuestPoliciesRecipeArtifactArgs.builder()
.id("guest-policy-artifact-id")
.gcs(GuestPoliciesRecipeArtifactGcsArgs.builder()
.bucket("my-bucket")
.object("executable.msi")
.generation(1546030865175603)
.build())
.build())
.installSteps(GuestPoliciesRecipeInstallStepArgs.builder()
.msiInstallation(GuestPoliciesRecipeInstallStepMsiInstallationArgs.builder()
.artifactId("guest-policy-artifact-id")
.build())
.build())
.build())
.build(), CustomResourceOptions.builder()
.provider(google_beta)
.build());
}
}Content copied to clipboard
Import
GuestPolicies can be imported using any of these accepted formats
$ pulumi import gcp:osconfig/guestPolicies:GuestPolicies default projects/{{project}}/guestPolicies/{{guest_policy_id}}Content copied to clipboard
$ pulumi import gcp:osconfig/guestPolicies:GuestPolicies default {{project}}/{{guest_policy_id}}Content copied to clipboard
$ pulumi import gcp:osconfig/guestPolicies:GuestPolicies default {{guest_policy_id}}Content copied to clipboard
Properties
Link copied to clipboard
Specifies the VM instances that are assigned to this policy. This allows you to target sets or groups of VM instances by different parameters such as labels, names, OS, or zones. If left empty, all VM instances underneath this policy are targeted. At the same level in the resource hierarchy (that is within a project), the service prevents the creation of multiple policies that conflict with each other. For more information, see how the service handles assignment conflicts. Structure is documented below.
Link copied to clipboard
The name of the package. A package is uniquely identified for conflict validation by checking the package name and the manager(s) that the package targets. (Required) The name of the repository. (Required) Unique identifier for the recipe. Only one recipe with a given name is installed on an instance. Names are also used to identify resources which helps to determine whether guest policies have conflicts. This means that requests to create multiple recipes with the same name and version are rejected since they could potentially have conflicting assignments.