Close httplib2 connections.
get(project, zone, family, x__xgafv=None)
Returns the latest image that is part of an image family, is not
close()
Close httplib2 connections.
get(project, zone, family, x__xgafv=None)
Returns the latest image that is part of an image family, is not
deprecated and is rolled out in the specified zone.
Args:
project: string, Project ID for this request. (required)
zone: string, The name of the zone for this request. (required)
family: string, Name of the image family to search for. (required)
x__xgafv: string, V1 error format.
Allowed values
1 - v1 error format
2 - v2 error format
Returns:
An object of the form:
{
"image": { # Represents an Image resource. # The latest image that is part of the specified image family in the
# requested location, and that is not deprecated.
#
# You can use images to create boot disks for your VM instances.
# For more information, read Images.
"architecture": "A String", # The architecture of the image. Valid values are
# ARM64 or X86_64.
"archiveSizeBytes": "A String", # Size of the image tar.gz archive stored in Google Cloud
# Storage (in bytes).
"creationTimestamp": "A String", # [Output Only] Creation timestamp inRFC3339
# text format.
"deprecated": { # Deprecation status for a public resource. # The deprecation status associated with this image.
"deleted": "A String", # An optional RFC3339 timestamp on or after which the state of this
# resource is intended to change to DELETED. This is only
# informational and the status will not change unless the client explicitly
# changes it.
"deprecated": "A String", # An optional RFC3339 timestamp on or after which the state of this
# resource is intended to change to DEPRECATED. This is only
# informational and the status will not change unless the client explicitly
# changes it.
"obsolete": "A String", # An optional RFC3339 timestamp on or after which the state of this
# resource is intended to change to OBSOLETE. This is only
# informational and the status will not change unless the client explicitly
# changes it.
"replacement": "A String", # The URL of the suggested replacement for a deprecated resource.
# The suggested replacement resource must be the same kind of resource as the
# deprecated resource.
"state": "A String", # The deprecation state of this resource. This can be ACTIVE,DEPRECATED, OBSOLETE, or DELETED.
# Operations which communicate the end of life date for an image, can useACTIVE. Operations which create a new resource using aDEPRECATED resource will return successfully, but with a
# warning indicating the deprecated resource and recommending its
# replacement. Operations which use OBSOLETE orDELETED resources will be rejected and result in an error.
"stateOverride": { # A rollout policy configuration. # The rollout policy for this deprecation. This policy is only enforced by
# image family views. The rollout policy restricts the zones where the
# associated resource is considered in a deprecated state. When the rollout
# policy does not include the user specified zone, or if the zone is rolled
# out, the associated resource is considered in a deprecated state.
#
# The rollout policy for this deprecation is read-only, except for
# allowlisted users. This field might not be configured. To view the latest
# non-deprecated image in a specific zone, use theimageFamilyViews.get method.
"defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is
# considered rolled out to any zone that is not explicitly stated.
"locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
#
# Currently only zone names are supported and must be represented
# as valid URLs, like: zones/us-central1-a.
#
# The value expects an RFC3339 timestamp on or after which the update is
# considered rolled out to the specified location.
"a_key": "A String",
},
},
},
"description": "A String", # An optional description of this resource. Provide this property when you
# create the resource.
"diskSizeGb": "A String", # Size of the image when restored onto a persistent disk (in GB).
"enableConfidentialCompute": True or False, # Whether this image is created from a confidential compute mode disk.
# [Output Only]: This field is not set by user, but from source disk.
"family": "A String", # The name of the image family to which this image belongs. The image
# family name can be from a publicly managed image family provided by
# Compute Engine, or from a custom image family you create. For example,centos-stream-9 is a publicly available image family.
# For more information, see Image
# family best practices.
#
# When creating disks, you can specify an image family instead of a specific
# image name. The image family always returns its latest image that is not
# deprecated. The name of the image family must comply with RFC1035.
"guestOsFeatures": [ # A list of features to enable on the guest operating system. Applicable
# only for bootable images. To see a list of available options, see theguestOSfeatures[].type parameter.
{ # Guest OS features.
"type": "A String", # The ID of a supported feature. To add multiple values, use commas to
# separate values. Set to one or more of the following values:
#
# - VIRTIO_SCSI_MULTIQUEUE
# - WINDOWS
# - MULTI_IP_SUBNET
# - UEFI_COMPATIBLE
# - GVNIC
# - SEV_CAPABLE
# - SUSPEND_RESUME_COMPATIBLE
# - SEV_LIVE_MIGRATABLE_V2
# - SEV_SNP_CAPABLE
# - TDX_CAPABLE
# - IDPF
# - SNP_SVSM_CAPABLE
#
#
# For more information, see
# Enabling guest operating system features.
},
],
"id": "A String", # [Output Only] The unique identifier for the resource. This identifier is
# defined by the server.
"imageEncryptionKey": { # Encrypts the image using acustomer-supplied
# encryption key.
#
# After you encrypt an image with a customer-supplied key, you must provide
# the same key if you use the image later (e.g. to create a disk from
# the image).
#
# Customer-supplied encryption keys do not protect access to metadata
# of the disk.
#
# If you do not provide an encryption key when creating the image, then the
# disk will be encrypted using an automatically generated key and you do not
# need to provide a key to use the image later.
"kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
# For example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
#
# The fully-qualifed key name may be returned for resource GET requests. For
# example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
# /cryptoKeyVersions/1
"kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS
# key. If absent, the Compute Engine default service account is used.
# For example:
#
# "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
"rawKey": "A String", # Specifies a 256-bit customer-supplied
# encryption key, encoded in RFC
# 4648 base64 to either encrypt or decrypt this resource. You can
# provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rawKey":
# "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
"rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit
# customer-supplied encryption key to either encrypt or decrypt this
# resource. You can provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rsaEncryptedKey":
# "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH
# z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD
# D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="
#
# The key must meet the following requirements before you can provide it to
# Compute Engine:
#
# 1. The key is wrapped using a RSA public key certificate provided by
# Google.
# 2. After being wrapped, the key must be encoded in RFC 4648 base64
# encoding.
#
# Gets the RSA public key certificate provided by Google at:
#
#
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
"sha256": "A String", # [Output only] TheRFC
# 4648 base64 encoded SHA-256 hash of the customer-supplied
# encryption key that protects this resource.
},
"kind": "compute#image", # [Output Only] Type of the resource. Always compute#image for
# images.
"labelFingerprint": "A String", # A fingerprint for the labels being applied to this image, which is
# essentially a hash of the labels used for optimistic locking. The
# fingerprint is initially generated by Compute Engine and changes after
# every request to modify or update labels. You must always provide an
# up-to-date fingerprint hash in order to update or change labels,
# otherwise the request will fail with error412 conditionNotMet.
#
# To see the latest fingerprint, make a get() request to
# retrieve an image.
"labels": { # Labels to apply to this image. These can be later modified by
# the setLabels method.
"a_key": "A String",
},
"licenseCodes": [ # Integer license codes indicating which licenses are attached to this image.
"A String",
],
"licenses": [ # Any applicable license URI.
"A String",
],
"locked": True or False, # A flag for marketplace VM disk created from the image, which is designed
# for marketplace VM disk to prevent the proprietary data on the disk from
# being accessed unwantedly. The flag will be inherited by the disk created
# from the image.
#
# The disk with locked flag set to true will be prohibited from performing
# the operations below:
#
# - R/W or R/O disk attach
# - Disk detach, if disk is created via create-on-create
# - Create images
# - Create snapshots
# - Create disk clone (create disk from the current disk)
#
#
#
# The image with the locked field set to true will be prohibited from
# performing the operations below:
#
# - Create images from the current image
# - Update the locked field for the current image
#
#
#
# The instance with at least one disk with locked flag set to true will be
# prohibited from performing the operations below:
#
# - Secondary disk attach
# - Create instant snapshot
# - Create machine images
# - Create instance template
# - Delete the instance with --keep-disk parameter set to true
"name": "A String", # Name of the resource; provided by the client when the resource is created.
# The name must be 1-63 characters long, and comply withRFC1035.
# Specifically, the name must be 1-63 characters long and match the regular
# expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first
# character must be a lowercase letter, and all following characters must be
# a dash, lowercase letter, or digit, except the last character, which cannot
# be a dash.
"params": { # Additional image params. # Input only. [Input Only] Additional params passed with the request, but not persisted
# as part of resource payload.
"resourceManagerTags": { # Resource manager tags to be bound to the image. Tag keys and values have
# the same definition as resource
# manager tags. Keys must be in the format `tagKeys/{tag_key_id}`, and
# values are in the format `tagValues/456`. The field is ignored (both PUT &
# PATCH) when empty.
"a_key": "A String",
},
},
"rawDisk": { # The parameters of the raw disk image.
"containerType": "A String", # The format used to encode and transmit the block device, which should beTAR. This is just a container and transmission format and not
# a runtime format. Provided by the client when the disk image is created.
"sha1Checksum": "A String", # [Deprecated] This field is deprecated.
# An optional SHA1 checksum of the disk image before unpackaging provided
# by the client when the disk image is created.
"source": "A String", # The full Google Cloud Storage URL where the raw disk image archive is
# stored.
# The following are valid formats for the URL:
#
# - https://storage.googleapis.com/bucket_name/image_archive_name
# - https://storage.googleapis.com/bucket_name/folder_name/image_archive_name
#
#
#
# In order to create an image, you must provide the full or partial URL of
# one of the following:
#
# - The rawDisk.source URL
# - The sourceDisk URL
# - The sourceImage URL
# - The sourceSnapshot URL
},
"rolloutOverride": { # A rollout policy configuration. # A rollout policy to apply to this image. When specified, the rollout policy
# overrides per-zone references to the image via the associated image family.
# The rollout policy restricts the zones where this image is accessible when
# using a zonal image family reference. When the rollout policy does not
# include the user specified zone, or if the zone is rolled out, this image
# is accessible.
#
# The rollout policy for this image is read-only, except for allowlisted
# users. This field might not be configured. To view the latest
# non-deprecated image in a specific zone, use theimageFamilyViews.get method.
"defaultRolloutTime": "A String", # An optional RFC3339 timestamp on or after which the update is
# considered rolled out to any zone that is not explicitly stated.
"locationRolloutPolicies": { # Location based rollout policies to apply to the resource.
#
# Currently only zone names are supported and must be represented
# as valid URLs, like: zones/us-central1-a.
#
# The value expects an RFC3339 timestamp on or after which the update is
# considered rolled out to the specified location.
"a_key": "A String",
},
},
"satisfiesPzi": True or False, # Output only. Reserved for future use.
"satisfiesPzs": True or False, # [Output Only] Reserved for future use.
"selfLink": "A String", # [Output Only] Server-defined URL for the resource.
"selfLinkWithId": "A String", # [Output Only] Server-defined URL for this resource's resource id.
"shieldedInstanceInitialState": { # Initial State for shielded instance, # Set the secure boot keys of shielded instance.
# these are public keys which are safe to store in public
"dbs": [ # The Key Database (db).
{
"content": "A String", # The raw content in the secure keys file.
"fileType": "A String", # The file type of source file.
},
],
"dbxs": [ # The forbidden key database (dbx).
{
"content": "A String", # The raw content in the secure keys file.
"fileType": "A String", # The file type of source file.
},
],
"keks": [ # The Key Exchange Key (KEK).
{
"content": "A String", # The raw content in the secure keys file.
"fileType": "A String", # The file type of source file.
},
],
"pk": { # The Platform Key (PK).
"content": "A String", # The raw content in the secure keys file.
"fileType": "A String", # The file type of source file.
},
},
"sourceDisk": "A String", # URL of the source disk used to create this image.
# For example, the following are valid values:
#
# - https://www.googleapis.com/compute/v1/projects/project/zones/zone/disks/disk
# - projects/project/zones/zone/disks/disk
# - zones/zone/disks/disk
#
#
#
# In order to create an image, you must provide the full or partial URL of
# one of the following:
#
# - The rawDisk.source URL
# - The sourceDisk URL
# - The sourceImage URL
# - The sourceSnapshot URL
"sourceDiskEncryptionKey": { # Thecustomer-supplied
# encryption key of the source disk. Required if the source disk is
# protected by a customer-supplied encryption key.
"kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
# For example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
#
# The fully-qualifed key name may be returned for resource GET requests. For
# example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
# /cryptoKeyVersions/1
"kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS
# key. If absent, the Compute Engine default service account is used.
# For example:
#
# "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
"rawKey": "A String", # Specifies a 256-bit customer-supplied
# encryption key, encoded in RFC
# 4648 base64 to either encrypt or decrypt this resource. You can
# provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rawKey":
# "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
"rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit
# customer-supplied encryption key to either encrypt or decrypt this
# resource. You can provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rsaEncryptedKey":
# "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH
# z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD
# D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="
#
# The key must meet the following requirements before you can provide it to
# Compute Engine:
#
# 1. The key is wrapped using a RSA public key certificate provided by
# Google.
# 2. After being wrapped, the key must be encoded in RFC 4648 base64
# encoding.
#
# Gets the RSA public key certificate provided by Google at:
#
#
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
"sha256": "A String", # [Output only] TheRFC
# 4648 base64 encoded SHA-256 hash of the customer-supplied
# encryption key that protects this resource.
},
"sourceDiskId": "A String", # [Output Only]
# The ID value of the disk used to create this image. This value may be used
# to determine whether the image was taken from the current or a previous
# instance of a given disk name.
"sourceImage": "A String", # URL of the source image used to create this image.
# The following are valid formats for the URL:
#
# - https://www.googleapis.com/compute/v1/projects/project_id/global/
# images/image_name
# - projects/project_id/global/images/image_name
#
#
#
# In order to create an image, you must provide the full or partial URL of
# one of the following:
#
# - The rawDisk.source URL
# - The sourceDisk URL
# - The sourceImage URL
# - The sourceSnapshot URL
"sourceImageEncryptionKey": { # The customer-supplied encryption key of the source image. Required if the
# source image is protected by a customer-supplied encryption key.
"kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
# For example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
#
# The fully-qualifed key name may be returned for resource GET requests. For
# example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
# /cryptoKeyVersions/1
"kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS
# key. If absent, the Compute Engine default service account is used.
# For example:
#
# "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
"rawKey": "A String", # Specifies a 256-bit customer-supplied
# encryption key, encoded in RFC
# 4648 base64 to either encrypt or decrypt this resource. You can
# provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rawKey":
# "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
"rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit
# customer-supplied encryption key to either encrypt or decrypt this
# resource. You can provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rsaEncryptedKey":
# "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH
# z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD
# D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="
#
# The key must meet the following requirements before you can provide it to
# Compute Engine:
#
# 1. The key is wrapped using a RSA public key certificate provided by
# Google.
# 2. After being wrapped, the key must be encoded in RFC 4648 base64
# encoding.
#
# Gets the RSA public key certificate provided by Google at:
#
#
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
"sha256": "A String", # [Output only] TheRFC
# 4648 base64 encoded SHA-256 hash of the customer-supplied
# encryption key that protects this resource.
},
"sourceImageId": "A String", # [Output Only]
# The ID value of the image used to create this image. This value may be used
# to determine whether the image was taken from the current or a previous
# instance of a given image name.
"sourceSnapshot": "A String", # URL of the source snapshot used to create this image.
# The following are valid formats for the URL:
#
# - https://www.googleapis.com/compute/v1/projects/project_id/global/
# snapshots/snapshot_name
# - projects/project_id/global/snapshots/snapshot_name
#
#
#
# In order to create an image, you must provide the full or partial URL of
# one of the following:
#
# - The rawDisk.source URL
# - The sourceDisk URL
# - The sourceImage URL
# - The sourceSnapshot URL
"sourceSnapshotEncryptionKey": { # The customer-supplied encryption key of the source snapshot. Required if
# the source snapshot is protected by a customer-supplied encryption key.
"kmsKeyName": "A String", # The name of the encryption key that is stored in Google Cloud KMS.
# For example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
#
# The fully-qualifed key name may be returned for resource GET requests. For
# example:
#
# "kmsKeyName": "projects/kms_project_id/locations/region/keyRings/
# key_region/cryptoKeys/key
# /cryptoKeyVersions/1
"kmsKeyServiceAccount": "A String", # The service account being used for the encryption request for the given KMS
# key. If absent, the Compute Engine default service account is used.
# For example:
#
# "kmsKeyServiceAccount": "name@project_id.iam.gserviceaccount.com/
"rawKey": "A String", # Specifies a 256-bit customer-supplied
# encryption key, encoded in RFC
# 4648 base64 to either encrypt or decrypt this resource. You can
# provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rawKey":
# "SGVsbG8gZnJvbSBHb29nbGUgQ2xvdWQgUGxhdGZvcm0="
"rsaEncryptedKey": "A String", # Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit
# customer-supplied encryption key to either encrypt or decrypt this
# resource. You can provide either the rawKey or thersaEncryptedKey.
# For example:
#
# "rsaEncryptedKey":
# "ieCx/NcW06PcT7Ep1X6LUTc/hLvUDYyzSZPPVCVPTVEohpeHASqC8uw5TzyO9U+Fka9JFH
# z0mBibXUInrC/jEk014kCK/NPjYgEMOyssZ4ZINPKxlUh2zn1bV+MCaTICrdmuSBTWlUUiFoD
# D6PYznLwh8ZNdaheCeZ8ewEXgFQ8V+sDroLaN3Xs3MDTXQEMMoNUXMCZEIpg9Vtp9x2oe=="
#
# The key must meet the following requirements before you can provide it to
# Compute Engine:
#
# 1. The key is wrapped using a RSA public key certificate provided by
# Google.
# 2. After being wrapped, the key must be encoded in RFC 4648 base64
# encoding.
#
# Gets the RSA public key certificate provided by Google at:
#
#
# https://cloud-certs.storage.googleapis.com/google-cloud-csek-ingress.pem
"sha256": "A String", # [Output only] TheRFC
# 4648 base64 encoded SHA-256 hash of the customer-supplied
# encryption key that protects this resource.
},
"sourceSnapshotId": "A String", # [Output Only]
# The ID value of the snapshot used to create this image. This value may be
# used to determine whether the snapshot was taken from the current or a
# previous instance of a given snapshot name.
"sourceType": "RAW", # The type of the image used to create this disk. The
# default and only valid value is RAW.
"status": "A String", # [Output Only] The status of the image. An image can be used to create other
# resources, such as instances, only after the image has been successfully
# created and the status is set to READY. Possible
# values are FAILED, PENDING, orREADY.
"storageLocations": [ # Cloud Storage bucket storage location of the image (regional or
# multi-regional).
"A String",
],
"userLicenses": [ # A list of publicly visible user-licenses. Unlike regular licenses, user
# provided licenses can be modified after the disk is created. This includes
# a list of URLs to the license resource. For example, to provide a debian
# license:
#
# https://www.googleapis.com/compute/v1/projects/debian-cloud/global/licenses/debian-9-stretch
"A String",
],
},
}