intel · JoshHilliker · Feb 7, 2023 · Feb 3, 2023 · Feb 6, 2023 · Feb 6, 2023
diff --git a/README.md b/README.md
@@ -67,8 +67,12 @@ No modules.
 | <a name="input_access_config"></a> [access\_config](#input\_access\_config) | Access configurations, i.e. IPs via which this instance can be accessed via the Internet. Omit to ensure that the instance is not accessible from the Internet. If omitted, ssh provisioners will not work unless Terraform can send traffic to the instance's network. This can be represented as multiple maps | <pre>list(object({<br>    nat_ip                 = optional(string, null)<br>    public_ptr_domain_name = optional(string)<br>    network_tier           = optional(string)<br>  }))</pre> | `[]` | no |
 | <a name="input_allow_stopping_for_update"></a> [allow\_stopping\_for\_update](#input\_allow\_stopping\_for\_update) | If true, allows Terraform to stop the instance to update its properties | `bool` | `null` | no |
 | <a name="input_automatic_restart"></a> [automatic\_restart](#input\_automatic\_restart) | Specifies if the instance should be restarted if it was terminated by Compute Engine (not a user). | `bool` | `true` | no |
-| <a name="input_boot_disk"></a> [boot\_disk](#input\_boot\_disk) | The boot disk for the instance | `map(any)` | `{}` | no |
+| <a name="input_boot_disk_auto_delete"></a> [boot\_disk\_auto\_delete](#input\_boot\_disk\_auto\_delete) | Whether the disk will be auto-deleted when the instance is deleted. | `bool` | `true` | no |
+| <a name="input_boot_disk_byo_encryption_key"></a> [boot\_disk\_byo\_encryption\_key](#input\_boot\_disk\_byo\_encryption\_key) | A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk. | `string` | `null` | no |
+| <a name="input_boot_disk_labels"></a> [boot\_disk\_labels](#input\_boot\_disk\_labels) | A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks. | `map(string)` | `{}` | no |
+| <a name="input_boot_disk_mode"></a> [boot\_disk\_mode](#input\_boot\_disk\_mode) | The mode in which to attach this disk, either READ\_WRITE or READ\_ONLY. | `string` | `"READ_WRITE"` | no |
 | <a name="input_boot_disk_size"></a> [boot\_disk\_size](#input\_boot\_disk\_size) | Size of the OS disk | `number` | `100` | no |
+| <a name="input_boot_disk_source"></a> [boot\_disk\_source](#input\_boot\_disk\_source) | The name or self\_link of the existing disk (such as those managed by google\_compute\_disk) or disk image. | `string` | `"READ_WRITE"` | no |
 | <a name="input_boot_disk_type"></a> [boot\_disk\_type](#input\_boot\_disk\_type) | Disk type associated with the OS disk | `string` | `"pd-ssd"` | no |
 | <a name="input_boot_image_family"></a> [boot\_image\_family](#input\_boot\_image\_family) | The image from which to initialize this disk | `string` | `"debian-10"` | no |
 | <a name="input_boot_image_project"></a> [boot\_image\_project](#input\_boot\_image\_project) | The ID of the project in which the source image resides. | `string` | `"ubuntu-os-cloud"` | no |
@@ -93,14 +97,13 @@ No modules.
 | <a name="input_project"></a> [project](#input\_project) | The ID of the project in which the resource resides. | `string` | `""` | no |
 | <a name="input_provisioning_model"></a> [provisioning\_model](#input\_provisioning\_model) | Describe the type of preemptible VM. This field accepts the value STANDARD or SPOT | `string` | `"STANDARD"` | no |
 | <a name="input_service_account"></a> [service\_account](#input\_service\_account) | Service account and scopes that will be associated with the GCE instance. | <pre>object({<br>    service_email = optional(string, null)<br>    scopes        = optional(set(string), [])<br>  })</pre> | `{}` | no |
-| <a name="input_service_account_email"></a> [service\_account\_email](#input\_service\_account\_email) | Service account to attach to the instance | `string` | `""` | no |
-| <a name="input_service_account_scopes"></a> [service\_account\_scopes](#input\_service\_account\_scopes) | Service account to attach to the instance | `list(string)` | `[]` | no |
 | <a name="input_stack_type"></a> [stack\_type](#input\_stack\_type) | he stack type for this network interface to identify whether the IPv6 feature is enabled or not. | `string` | `"IPV4_ONLY"` | no |
 | <a name="input_subnetwork"></a> [subnetwork](#input\_subnetwork) | The name or self\_link of the subnetwork to attach this interface to. Either network or subnetwork must be provided. | `string` | `null` | no |
 | <a name="input_subnetwork_project"></a> [subnetwork\_project](#input\_subnetwork\_project) | The project in which the subnetwork belongs. If the subnetwork is a name and this field is not provided, the provider project is used. | `string` | `null` | no |
 | <a name="input_tags"></a> [tags](#input\_tags) | A list of network tags to attach to the instance | `list(string)` | `[]` | no |
 | <a name="input_termination_action"></a> [termination\_action](#input\_termination\_action) | The action that will be applied to the instance when it is terminated. | `string` | `null` | no |
 | <a name="input_threads_per_core"></a> [threads\_per\_core](#input\_threads\_per\_core) | The action that will be applied to the instance when it is terminated. | `number` | `null` | no |
+| <a name="input_visible_core_count"></a> [visible\_core\_count](#input\_visible\_core\_count) | The number of physical cores to expose to an instance. | `number` | `null` | no |
 | <a name="input_zone"></a> [zone](#input\_zone) | The zone that the machine should be created in. If it is not provided, the provider zone is used. | `string` | `null` | no |
 
 ## Outputs

diff --git a/examples/gcp-linux-vm-spot/outputs.tf b/examples/gcp-linux-vm-spot/outputs.tf
@@ -1,45 +1,45 @@
 output "cpu_platform" {
-  value       = module.spot-vm.cpu_platform
+  value       = module.spot_vm.cpu_platform
   description = "The CPU platform of the VM instance"
 }
 
 output "current_status" {
-  value       = module.spot-vm.current_status
+  value       = module.spot_vm.current_status
   description = "Current status of the VM instance"
 }
 
 output "id" {
-  value       = module.spot-vm.id
+  value       = module.spot_vm.id
   description = "An identifier for the resource"
 }
 
 output "instance_id" {
-  value       = module.spot-vm.instance_id
+  value       = module.spot_vm.instance_id
   description = "The server-assigned unique identifier of this instance"
 }
 
 output "machine_type" {
-  value       = module.spot-vm.machine_type
+  value       = module.spot_vm.machine_type
   description = "Type of the machine created"
 }
 
 output "min_cpu_platform" {
-  value       = module.spot-vm.min_cpu_platform
+  value       = module.spot_vm.min_cpu_platform
   description = "Minimum CPU platform for the VM instance"
 }
 
 output "name" {
-  value       = module.spot-vm.name
+  value       = module.spot_vm.name
   description = "Unique name of the instance created"
 }
 
 output "self_link" {
-  value       = module.spot-vm.self_link
+  value       = module.spot_vm.self_link
   description = "The URI of the created resource"
 }
 
 output "boot_disk_size" {
-  value       = module.spot-vm.boot_disk_size
+  value       = module.spot_vm.boot_disk_size
   description = "Size of the boot disk of the instance"
 }
 

diff --git a/examples/gcp-linux-vm/main.tf b/examples/gcp-linux-vm/main.tf
@@ -1,4 +1,4 @@
-module "linux-vm" {
+module "linux_vm" {
   source              = "../../"
   project             = var.project
   boot_image_family   = "ubuntu-2004-lts"

diff --git a/examples/gcp-linux-vm/outputs.tf b/examples/gcp-linux-vm/outputs.tf
@@ -1,45 +1,45 @@
 output "cpu_platform" {
-  value       = module.linux-vm.cpu_platform
+  value       = module.linux_vm.cpu_platform
   description = "The CPU platform of the VM instance"
 }
 
 output "current_status" {
-  value       = module.linux-vm.current_status
+  value       = module.linux_vm.current_status
   description = "Current status of the VM instance"
 }
 
 output "id" {
-  value       = module.linux-vm.id
+  value       = module.linux_vm.id
   description = "An identifier for the resource"
 }
 
 output "instance_id" {
-  value       = module.linux-vm.instance_id
+  value       = module.linux_vm.instance_id
   description = "The server-assigned unique identifier of this instance"
 }
 
 output "machine_type" {
-  value       = module.linux-vm.machine_type
+  value       = module.linux_vm.machine_type
   description = "Type of the machine created"
 }
 
 output "min_cpu_platform" {
-  value       = module.linux-vm.min_cpu_platform
+  value       = module.linux_vm.min_cpu_platform
   description = "Minimum CPU platform for the VM instance"
 }
 
 output "name" {
-  value       = module.linux-vm.name
+  value       = module.linux_vm.name
   description = "Unique name of the instance created"
 }
 
 output "self_link" {
-  value       = module.linux-vm.self_link
+  value       = module.linux_vm.self_link
   description = "The URI of the created resource"
 }
 
 output "boot_disk_size" {
-  value       = module.linux-vm.boot_disk_size
+  value       = module.linux_vm.boot_disk_size
   description = "Size of the boot disk of the instance"
 }
 

diff --git a/examples/gcp-windows-vm/main.tf b/examples/gcp-windows-vm/main.tf
@@ -1,4 +1,4 @@
-module "windows-vm" {
+module "windows_vm" {
   source              = "../../"
   project             = var.project
   boot_image_family   = "windows-2019-core"

diff --git a/examples/gcp-windows-vm/outputs.tf b/examples/gcp-windows-vm/outputs.tf
@@ -1,45 +1,45 @@
 output "cpu_platform" {
-  value       = module.windows-vm.cpu_platform
+  value       = module.windows_vm.cpu_platform
   description = "The CPU platform of the VM instance"
 }
 
 output "current_status" {
-  value       = module.windows-vm.current_status
+  value       = module.windows_vm.current_status
   description = "Current status of the VM instance"
 }
 
 output "id" {
-  value       = module.windows-vm.id
+  value       = module.windows_vm.id
   description = "An identifier for the resource"
 }
 
 output "instance_id" {
-  value       = module.windows-vm.instance_id
+  value       = module.windows_vm.instance_id
   description = "The server-assigned unique identifier of this instance"
 }
 
 output "machine_type" {
-  value       = module.windows-vm.machine_type
+  value       = module.windows_vm.machine_type
   description = "Type of the machine created"
 }
 
 output "min_cpu_platform" {
-  value       = module.windows-vm.min_cpu_platform
+  value       = module.windows_vm.min_cpu_platform
   description = "Minimum CPU platform for the VM instance"
 }
 
 output "name" {
-  value       = module.windows-vm.name
+  value       = module.windows_vm.name
   description = "Unique name of the instance created"
 }
 
 output "self_link" {
-  value       = module.windows-vm.self_link
+  value       = module.windows_vm.self_link
   description = "The URI of the created resource"
 }
 
 output "boot_disk_size" {
-  value       = module.windows-vm.boot_disk_size
+  value       = module.windows_vm.boot_disk_size
   description = "Size of the boot disk of the instance"
 }
 

diff --git a/examples/local/main.tf b/examples/local/main.tf
diff --git a/examples/local/test.auto.tfvars b/examples/local/test.auto.tfvars
diff --git a/main.tf b/main.tf
@@ -64,16 +64,23 @@ resource "google_compute_instance" "instance" {
   # Guest Acceleration
   # TODO: Guest acceleration has been postponed until it is supported on Ice Lake. Currently supported on Cascade Lake. See issues for updates
 
-  #TODO: confidential_instance_config block only applies to AMD so the block has been omitted
+  # TODO: confidential_instance_config block only applies to AMD so the block has been omitted
 
   # Boot disk options
   deletion_protection = var.deletion_protection
 
   boot_disk {
+    auto_delete             = var.boot_disk_auto_delete
+    mode                    = var.boot_disk_mode
+    disk_encryption_key_raw = var.boot_disk_byo_encryption_key
+    source                  = var.boot_disk_source
+    #TODO: kms_key_self_link for using google kms encryption keys
+
     initialize_params {
-      image = data.google_compute_image.image.self_link
-      size  = var.boot_disk_size
-      type  = var.boot_disk_type
+      image  = data.google_compute_image.image.self_link
+      size   = var.boot_disk_size
+      type   = var.boot_disk_type
+      labels = var.boot_disk_labels
     }
   }
 
@@ -88,6 +95,7 @@ resource "google_compute_instance" "instance" {
   advanced_machine_features {
     enable_nested_virtualization = var.enable_nested_virtualization
     threads_per_core             = var.threads_per_core
+    visible_core_count           = var.visible_core_count
   }
 
   lifecycle {

diff --git a/outputs.tf b/outputs.tf
@@ -44,12 +44,12 @@ output "boot_disk_size" {
 }
 
 output "private_ip" {
-  value       = google_compute_instance.instance.network_interface.0.network_ip
+  value       = google_compute_instance.instance.network_interface[0].network_ip
   description = "Internal IP address of the instance"
 }
 
 output "public_ip" {
-  value       = google_compute_instance.instance.network_interface.0.access_config.*.nat_ip
+  value       = google_compute_instance.instance.network_interface[0].access_config.*.nat_ip
   description = "Public IP address of the instance"
 }
 

diff --git a/variables.tf b/variables.tf
@@ -22,12 +22,6 @@ variable "min_cpu_platform" {
 ########################
 ####    Required    ####
 ########################
-variable "boot_disk" {
-  type        = map(any)
-  description = "The boot disk for the instance"
-  default     = {}
-}
-
 variable "name" {
   type        = string
   description = "A unique name for the resource, required by GCE. Changing this forces a new resource to be created."
@@ -81,18 +75,6 @@ variable "project" {
   default     = ""
 }
 
-variable "service_account_email" {
-  type        = string
-  description = "Service account to attach to the instance"
-  default     = ""
-}
-
-variable "service_account_scopes" {
-  type        = list(string)
-  description = "Service account to attach to the instance"
-  default     = []
-}
-
 variable "service_account" {
   type = object({
     service_email = optional(string, null)
@@ -267,3 +249,40 @@ variable "enable_integrity_monitoring" {
   description = "Compare the most recent boot measurements to the integrity policy baseline and return a pair of pass/fail results depending on whether they match or not."
   default     = true
 }
+
+variable "boot_disk_auto_delete" {
+  type        = bool
+  description = "Whether the disk will be auto-deleted when the instance is deleted."
+  default     = true
+}
+
+variable "boot_disk_mode" {
+  type        = string
+  description = "The mode in which to attach this disk, either READ_WRITE or READ_ONLY."
+  default     = "READ_WRITE"
+}
+
+
+variable "boot_disk_source" {
+  type        = string
+  description = "The name or self_link of the existing disk (such as those managed by google_compute_disk) or disk image."
+  default     = "READ_WRITE"
+}
+
+variable "boot_disk_byo_encryption_key" {
+  type        = string
+  description = "A 256-bit [customer-supplied encryption key] (https://cloud.google.com/compute/docs/disks/customer-supplied-encryption), encoded in RFC 4648 base64 to encrypt this disk."
+  default     = null
+}
+
+variable "boot_disk_labels" {
+  type        = map(string)
+  description = "A set of key/value label pairs assigned to the disk. This field is only applicable for persistent disks."
+  default     = {}
+}
+
+variable "visible_core_count" {
+  type        = number
+  description = "The number of physical cores to expose to an instance."
+  default     = null
+}