\n \n \n\n \n\n \n\n \n\n \n \n\n \n\n\n\n\n\n
You can create custom images from source disks, images, snapshots, or images\nstored in Cloud Storage and use these images to create virtual machine (VM)\ninstances. Custom images are ideal for situations where you have created and\nmodified a persistent boot disk or specific image to a certain state and need to\nsave that state for creating VMs.
\n\nAlternatively, you can use the virtual disk import\ntool to import boot disk images\nto Compute Engine from your existing systems and add them to your custom\nimages list.
\n\n\n\n \n \n\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\nBefore you begin
\n- \n\n\n \n
- Read the Images document. \n\n\n\n
- \n \n If you haven\'t already, then set up authentication.\n Authentication is\n the process by which your identity is verified for access to Google Cloud services and APIs.\n To run code or samples from a local development environment, you can authenticate to\n Compute Engine by selecting one of the following options:
\n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n \n \nSelect the tab for how you plan to use the samples on this page:
\n \n \n\n \n\n \n\n \n \n \n\n \n\n \n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \n\n \n \n \n\n \n \n \nConsole
\n \n\n When you use the Google Cloud console to access Google Cloud services and\n APIs, you don\'t need to set up authentication.\n
\n \n\n \n \n \n\n \n \n\n \n \n\n \n \n\n \n \n \n \ngcloud
\n \n \n\n\n \n\n\n\n\n \n\n\n\n \n\n\n- \n\n \n \n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n \n
\n After installing the Google Cloud CLI,\n initialize it by running the following command:\n
\ngcloud init\n If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n\n\n\n\n\n\n \n\n\n\n\n \n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n\n \n\n\n\n\n \n \n - \n Set a default region and zone.
\n \n \n \n \n\n \n \n \n \nGo
\n \n \n \n\n\n To use the Go samples on this page in a local\n development environment, install and initialize the gcloud CLI, and\n then set up Application Default Credentials with your user credentials.\n
\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n \n\n\n\n\n \n\n\n\n\n\n\n\n \n \n- \n \n
- \n
\n Install the Google Cloud CLI.\n
\n \n \n\n\n\n\n\n\n \n\n\n\n \n\n\n \n \n \n \n - \n
If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n - \n
\n To initialize the gcloud CLI, run the following command:\n
\ngcloud init\n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n - \n \n
\n \n If you\'re using a local shell, then create local authentication credentials for your user\n account:\n \n
\ngcloud auth application-default login
You don\'t need to do this if you\'re using Cloud Shell.
\n \n \n \n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n \n signed in to the gcloud CLI with your federated identity.\n
\n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n \n\n
\n \n For more information, see\n \n \n Set up authentication for a local development environment.\n \n
\n\n \n \n\n \n \n \n \n\n \n \n \n \nJava
\n \n \n \n\n\n To use the Java samples on this page in a local\n development environment, install and initialize the gcloud CLI, and\n then set up Application Default Credentials with your user credentials.\n
\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n \n\n\n\n\n \n\n\n\n\n\n\n\n \n \n- \n \n
- \n
\n Install the Google Cloud CLI.\n
\n \n \n\n\n\n\n\n\n \n\n\n\n \n\n\n \n \n \n \n - \n
If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n - \n
\n To initialize the gcloud CLI, run the following command:\n
\ngcloud init\n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n - \n \n
\n \n If you\'re using a local shell, then create local authentication credentials for your user\n account:\n \n
\ngcloud auth application-default login
You don\'t need to do this if you\'re using Cloud Shell.
\n \n \n \n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n \n signed in to the gcloud CLI with your federated identity.\n
\n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n
\n \n For more information, see\n \n \n Set up authentication for a local development environment.\n \n
\n\n \n \n\n \n \n \n \n\n \n \n\n \n \n \n \nNode.js
\n \n \n \n\n\n To use the Node.js samples on this page in a local\n development environment, install and initialize the gcloud CLI, and\n then set up Application Default Credentials with your user credentials.\n
\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n \n\n\n\n\n \n\n\n\n\n\n\n\n \n \n- \n \n
- \n
\n Install the Google Cloud CLI.\n
\n \n \n\n\n\n\n\n\n \n\n\n\n \n\n\n \n \n \n \n - \n
If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n - \n
\n To initialize the gcloud CLI, run the following command:\n
\ngcloud init\n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n - \n \n
\n \n If you\'re using a local shell, then create local authentication credentials for your user\n account:\n \n
\ngcloud auth application-default login
You don\'t need to do this if you\'re using Cloud Shell.
\n \n \n \n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n \n signed in to the gcloud CLI with your federated identity.\n
\n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n
\n \n For more information, see\n \n \n Set up authentication for a local development environment.\n \n
\n\n \n \n\n \n \n \n \n\n \n \n\n \n \n\n \n\n \n \n \nPython
\n \n \n \n\n\n To use the Python samples on this page in a local\n development environment, install and initialize the gcloud CLI, and\n then set up Application Default Credentials with your user credentials.\n
\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n \n\n\n\n\n \n\n\n\n\n\n\n\n \n \n- \n \n
- \n
\n Install the Google Cloud CLI.\n
\n \n \n\n\n\n\n\n\n \n\n\n\n \n\n\n \n \n \n \n - \n
If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n - \n
\n To initialize the gcloud CLI, run the following command:\n
\ngcloud init\n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n - \n \n
\n \n If you\'re using a local shell, then create local authentication credentials for your user\n account:\n \n
\ngcloud auth application-default login
You don\'t need to do this if you\'re using Cloud Shell.
\n \n \n \n\n If an authentication error is returned, and you are using an external identity provider\n (IdP), confirm that you have\n \n signed in to the gcloud CLI with your federated identity.\n
\n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n
\n \n For more information, see\n \n \n Set up authentication for a local development environment.\n \n
\n\n \n \n\n \n \n \n \nREST
\n \n \n\n\n\n\n To use the REST API samples on this page in a local development environment,\n you use the credentials you provide to the gcloud CLI.\n
\n\n- \n \n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n \n
\n After installing the Google Cloud CLI,\n initialize it by running the following command:\n
\ngcloud init\n If you\'re using an external identity provider (IdP), you must first\n \n sign in to the gcloud CLI with your federated identity.\n
\n \n \n \n\n\n\n\n\n\n\n\n\n \n \n\n \n\n \n \n\n\n\n\n\n\n\n\n\n\n\n For more information, see\n Authenticate for using REST\n in the Google Cloud authentication documentation.\n
\n\n \n\n \n \n\n\n - \n\n \n \n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n \n \n
Create a custom image
\n\nThis section describes how to create a custom image on a Linux VM. For\ninformation about creating a Windows image, see Creating a Windows\nimage.
\n\nSelect an image storage location
\n\nWhen creating a custom image, you can specify the image's\nCloud Storage location, excluding dual-region\nlocations. By specifying the image storage location, you can meet your\nregulatory and compliance requirements for data locality as well as your high\navailability needs by ensuring redundancy across regions. To create, modify, and\ndelete images stored in Cloud Storage, you must have\nroles/compute.storageAdmin.
The storage location feature is optional. If you don't select a location,\nCompute Engine stores your image in the multi-region closest to the\nimage source. For example, when you create an image from a source disk that is\nlocated in us-central1 and if you don't specify a location for the custom\nimage, then Compute Engine stores the image in the us multi-region.
If the image is not available in a region where you are creating a\nVM, Compute Engine caches the image in that region the first time you\ncreate a VM.
\n\nTo see the location where an image is stored, use the\nimages describe\ncommand from gcloud compute:
\ngcloud compute images describe IMAGE_NAME \\\n --project=PROJECT_ID
Replace the following:
\n\n- \n
IMAGE_NAME: the name of your image.
\nPROJECT_ID: the project ID to which the image belongs.
\n
All of your existing images prior to this feature launch remain where they are,\nthe only change is that you can view the image location of all your images. If\nyou have an existing image you want to move, you must recreate it in the new\nlocation.
\n\nPrepare your VM for an image
\n\nYou can create an image from a disk even while it is attached to a running\nVM. However, your image is more reliable if you put the VM\nin a state that is easier for the image to capture. This section describes how\nto prepare your boot disk for the image.
\n\nMinimize writing data to the persistent disk
\n\nUse one of the following processes to reduce the disk writes:
\n\n- \n
Stop the VM\nso that it can shut down and stop writing any data to the persistent disk.
\nIf you can't stop your VM before you create the image, minimize the\namount of writes to the disk and sync your file system. To minimize\nwriting to your persistent disk, follow these steps:
\n\n- \n
- Pause apps or operating system processes that write data to\nthat persistent disk. \n
- Run an app flush to disk if necessary. For example, MySQL has a\n
FLUSH\nstatement. Other apps might have similar processes. \n - Stop your apps from writing to your persistent disk. \n
- Run
sudo sync. \n
\n
Disable the auto-delete option for the disk
\n\n\nBy default, the auto-delete option is enabled on the boot disks. Before creating\nan image from a disk, disable auto-delete to ensure that the disk is not\nautomatically deleted when you delete the VM.\n\nUse one of the following methods to disable auto-delete for the disk.
\nConsole
- \n
In the Google Cloud console, go to the VM instances page.
\n\n \nClick the name of the VM that you're using as the source for creating\nan image.
\n\nThe VM instance details page displays.
\nClick Edit.
\nIn the Boot disk section, for the Deletion rule, ensure that\nthe Keep disk option is selected.
\nClick Save.
\n
gcloud
In the Google Cloud CLI, use the\ngcloud compute instances set-disk-auto-delete command\nto disable the auto-delete option for the disk.
\ngcloud compute instances set-disk-auto-delete VM_NAME \\\n --no-auto-delete \\\n --disk=SOURCE_DISK\n
Replace the following:
\n\n- \n
VM_NAME: the name of your VM instance. \nSOURCE_DISK: the name of the disk from which you want to create the image. \n
Go
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nGo
\n \n \n \n\n \n \n Before trying this sample, follow the Go setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Go API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nJava
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nJava
\n \n \n \n\n \n \n Before trying this sample, follow the Java setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Java API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nNode.js
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nNode.js
\n \n \n \n\n \n \n Before trying this sample, follow the Node.js setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Node.js API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nPython
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nPython
\n \n \n \n\n \n \n Before trying this sample, follow the Python setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Python API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nREST
To set the auto-delete option of a disk, make a POST request to the\ninstances.setDiskAutoDelete method.
\nPOST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE/instances/VM_NAME/setDiskAutoDelete?autoDelete=false&deviceName=SOURCE_DISK\n
Replace the following:
\n\n- \n
PROJECT_ID: the project ID to which the source VM belongs. \nZONE: the zone where the source VM is located. \nVM_NAME: the name of the source VM. \nSOURCE_DISK: the device name of the disk from which\nyou want to create the image. \n
After you prepare the VM, create the image.
\n\nCreate the image
\n\n\nYou can create disk images from the following sources:\n\n- \n
- A persistent disk, even while that disk is attached to a VM \n
- A snapshot of a persistent disk \n
- Another image in your project \n
- An image that is shared from another project \n
- A compressed RAW image\nin Cloud Storage \n
You can create a disk image once every 10 minutes. If you want to issue\na burst of requests to create a disk image, you can issue at most 6 requests\nin 60 minutes. For more information, see\nSnapshot frequency limits.
\nConsole
- \n
In the Google Cloud console, go to the Create an image page.
\n\n \nSpecify the Name of your image.
\nSpecify the Source from which you want to create an image. This\ncan be a persistent disk, a snapshot, another image, or a disk.raw file\nin Cloud Storage.
\nIf you are creating an image from a disk attached to a running VM,\ncheck Keep instance running to confirm that you want to create the\nimage while the VM is running. You can prepare your VM\nbefore creating the image.
\nIn the Based on source disk location (default) drop-down list,\nspecify the location to store the image. For example, specify
usto\nstore the image in theusmulti-region, orus-central1to store it in\ntheus-central1region. If you don't make a selection,\nCompute Engine stores the image in the multi-region closest to\nyour image's source location. \nOptional: specify the properties for your image.
\n\n- \n
- Family: the image family\nthis new image belongs to. \n
- Description: a description for your custom image. \n
- Label: a label to group\ntogether resources. \n
\nSpecify the encryption key. You can choose between a Google-owned and Google-managed encryption key,\na Cloud Key Management Service (Cloud KMS) key or a customer-\nsupplied encryption (CSEK)\nkey. If no encryption key is specified, images are encrypted\nusing a Google-owned and Google-managed encryption key.
\nClick Create to create the image.
\n
gcloud
In the Google Cloud CLI, use the\ngcloud compute images create command\nto create a custom image.
Create an image from a source disk:
\n\nThe --force flag is an optional flag that lets you create the\nimage from a running instance. By default, you cannot create images from running\ninstances. Specify this flag only if you are sure that you want to create\nthe image while the instance is running.
\ngcloud compute images create IMAGE_NAME \\\n --source-disk=SOURCE_DISK \\\n --source-disk-zone=ZONE \\\n [--family=IMAGE_FAMILY] \\\n [--storage-location=LOCATION] \\\n [--force]\n
Replace the following:
\n\n- \n
IMAGE_NAME: a name for the new image \n SOURCE_DISK: the disk from which you want to create\n the image \n ZONE: the zone where the disk is located \n IMAGE_FAMILY: Optional: a flag that specifies which\n image family this image\n belongs to \n LOCATION: Optional: a flag that lets you designate\n the region or multi-region where your image is stored. For example,\n specifyusto store the image in theus\n multi-region, orus-central1to store it in the\nus-central1region. If you don\'t make a selection,\n Compute Engine stores the image in the multi-region closest to\n your image\'s source location. \n
Create an image from a source image:
\n\n\ngcloud compute images create IMAGE_NAME \\\n --source-image=SOURCE_IMAGE \\\n [--source-image-project=IMAGE_PROJECT] \\\n [--family=IMAGE_FAMILY] \\\n [--storage-location=LOCATION]\n
Replace the following:
\n\n- \n
IMAGE_NAME: a name for the new image. \nSOURCE_IMAGE: the image from which you want to\ncreate the new image. \nIMAGE_PROJECT: Optional: the project the source\nimage is located in. Use this parameter if you want to copy an image from\nanother project. \nIMAGE_FAMILY: Optional: the\nimage family this new image\nbelongs to. \nLOCATION: Optional: lets you designate the region\nor multi-region where your image is stored. For example, specifyusto\nstore the image in theusmulti-region, orus-central1to store it in\ntheus-central1region. If you don't make a selection,\nCompute Engine stores the image in the multi-region closest to\nyour image's source location. \n
Create an image from a snapshot:
\n\n\n\n\ngcloud compute images create IMAGE_NAME \\\n --source-snapshot=SOURCE_SNAPSHOT \\\n [--storage-location=LOCATION]\n
Replace the following:
\n\n- \n
IMAGE_NAME: a name for the new image \n SOURCE_SNAPSHOT: the snapshot from which you want\n to create the image \n LOCATION: Optional: a flag that lets you designate\n the region or multi-region where your image is stored. For example,\n specifyusto store the image in theus\n multi-region, orus-central1to store it in the\nus-central1region. If you don\'t make a selection,\n Compute Engine stores the image in the multi-region closest to\n your image\'s source location. \n
View an image location:
\n\nUse the\ngcloud compute images describe command\nto view an image location.\n
\ngcloud compute images describe IMAGE_NAME
Replace IMAGE_NAME with the name of your image that\nyou want to review.
Go
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nGo
\n \n \n \n\n \n \n Before trying this sample, follow the Go setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Go API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nJava
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nJava
\n \n \n \n\n \n \n Before trying this sample, follow the Java setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Java API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nPython
\n\n\n\n\n\n\n\n\n \n \n\n\n\n\n\n \n \n \n \n \n\n\n\n\n \n\n\n\n \n\n\n\n\n\n\n\n \n \n \n\n\n\n \n\n\nPython
\n \n \n \n\n \n \n Before trying this sample, follow the Python setup instructions in the\n Compute Engine quickstart using\n client libraries.\n \n \n \n For more information, see the\n Compute Engine Python API\n reference documentation.\n \n
\n\n To authenticate to Compute Engine, set up Application Default Credentials.\n For more information, see\n \n Set up authentication for a local development environment.\n \n
\n \n\n\n\n\n\n\n \n \n \n \n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n \n \nREST
Make a POST request to the\nimages().insert method,\na URL in the request body that points to the source object from which\nyou want to create the image. Specify URLs to your resources using your\nown project ID and resource names.
Create an image from a persistent disk:
\n\n\nPOST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images\n\n{\n "name": "IMAGE_NAME",\n "sourceDisk": "/zones/ZONE/disks/SOURCE_DISK",\n ("storageLocations": "LOCATION",)\n ("forceCreate": "TRUE")\n}\nReplace the following:
\n\n- \n
PROJECT_ID: the project ID to which the image belongs. \nIMAGE_NAME: a name for the new image that you want\nto create. \nZONE: the zone where the source disk is located. \nSOURCE_DISK: the disk from which you want to create\nthe image. \nLOCATION: Optional: the storage location of your\nimage. For example, specifyusto store the image in theus\nmulti-region, orus-central1to store it in theus-central1region.\nIf you don't make a selection, Compute Engine stores the\nimage in the multi-region closest to your image's source location. \n
The optional forceCreate parameter lets you create the image from a\nrunning VM. Specify TRUE only if you are sure that you want to\ncreate the image from a running VM. The forceCreate default setting\nis FALSE.
Create an image from another image:
\n\n\nPOST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images\n\n{\n "name": "IMAGE_NAME",\n "sourceImage": "/global/images/SOURCE_IMAGE",\n ("storageLocations": "LOCATION")\n}\nReplace the following:
\n\n- \n
PROJECT_ID: the project to which the image\nbelongs. \nIMAGE_NAME: a name for the new image that you\nwant to create. \nSOURCE_IMAGE: the image from which you want to\ncreate the image. \nLOCATION: Optional: the storage location of your\nimage. For example, specifyusto store the image in the\nusmulti-region, orus-central1to store it in theus-central1\nregion. If you don't make a selection, Compute Engine stores\nthe image in the multi-region closest to your image's source location. \n
Create an image from a snapshot:
\n\n\nPOST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images\n{\n "name": "IMAGE_NAME",\n "sourceSnapshot": "(/SOURCE_PROJECT_ID)/global/snapshots/SOURCE_SNAPSHOT",\n ("storageLocations": "LOCATION")\n}\nReplace the following:
\n\n- \n
PROJECT_ID: the project to which the image belongs. \nIMAGE_NAME: a name for the new image that you want\nto create. \nSOURCE_PROJECT_ID: Optional: the project the\nsnapshot is located in. You must have permission to access the snapshot\nresource in that project. \nSOURCE_SNAPSHOT: the snapshot from which you want\nto create the image. \nLOCATION: Optional: the storage location of your\nimage. For example, specifyusto store the image in theus\nmulti-region, orus-central1to store it in theus-central1region.\nIf you don't make a selection, Compute Engine stores the\nimage in the multi-region closest to your image's source location. \n
For more information about adding images, see the\nimages reference.
\n\nShare the image
\n\nAfter creating a custom image, you can share it across\nprojects. If you allow users from another project to use your custom\nimages, then they can access these images by specifying the image\nproject in\ntheir request.
\n\nEnable guest operating system features
\n\nUse guest operating system (OS) features to configure the following networking,\nsecurity, storage, and OS options on custom images. Custom images\nwith these configured features are used as boot disks.
\ngcloud
Use the gcloud compute images\ncreate command with the\n--guest-os-features flag to create a new custom image from an existing\ncustom image.
\ngcloud compute images create IMAGE_NAME \\\n --source-image=SOURCE_IMAGE \\\n [--source-image-project=IMAGE_PROJECT] \\\n --guest-os-features="FEATURES,..." \\\n [--storage-location=LOCATION]\n
Replace the following:
\n\n- \n
IMAGE_NAME: the name for the new image \nSOURCE_IMAGE: an image to base the new image on \n
\n\nIMAGE_PROJECT: Optional: the project containing\nthe source imageUse this parameter to copy an image from another\nproject.
\n
\n\nFEATURES: guest OS tags to enable features for VMs\nthat you create from imagesTo add multiple values, use commas to separate values. Set to one or\nmore of the following values:
\n\n- \n
- \n
\n\nVIRTIO_SCSI_MULTIQUEUE. Use on local SSD devices as an alternative to\n NVMe. For more information about images that support SCSI, see\n Choosing an interface.For Linux images, you can enable multi-queue SCSI on local SSD devices on images with kernel\n versions 3.17 or later. For Windows images, you can enable multi-queue SCSI on local SSD\n devices on images with Compute Engine Windows driver\n \n version 1.2.\n
\n \n - \n
WINDOWS. Tag Windows Server custom boot images as Windows images.\n \n - \n
MULTI_IP_SUBNET. Configure interfaces with a netmask other than\n/32. For more information about multiple network interfaces and how they work, see\n \n Multiple network interfaces overview and examples.\n \n - \n
UEFI_COMPATIBLE. Boot with\n \n UEFI firmware and the following\n \n Shielded VM features:\n- \n
- \n \n Secure Boot: disabled by default\n \n
- \n \n Virtual Trusted Platform Module (vTPM): enabled by default\n \n
- \n \n Integrity monitoring: enabled by default\n \n
\n - \n
GVNIC. Support higher network bandwidths of up to\n \n 50 Gbps to 100 Gbps speeds. For\n more information, see\n \n Using Google Virtual NIC.\n \n - \n
IDPF. Support Intel Infrastructure Data Path\n Function (IDPF) network interfaces. \n \n \n - \n
SEV_CAPABLEorSEV_SNP_CAPABLE. Use these tags if you want to\n use your image on a\n \n Confidential VM instance with AMD Secure Encrypted Virtualization (SEV) or AMD\n Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) support. To check if your kernel\n supports AMD SEV or AMD SEV-SNP, see\n \n Linux kernel details.\n \n - \n
SEV_LIVE_MIGRATABLE_V2. Use this tag if you want to use your image on a\n \n Confidential VM instance that supports\n \n live migration on AMD SEV. To check if your kernel supports live migration, see\n \n Linux kernel details.\n \n - \n
TDX_CAPABLE. Use this tag if you want to use your image on a\n \n Confidential VM instance with Intel Trust Domain Extensions (TDX) support. To\n check if your kernel supports Intel TDX, see\n \n Linux kernel details.\n \n
\n \n- \n
LOCATION: Optional: region or multi-region in\nwhich to store the image
For example, specify us to store the image\nin the us multi-region, or us-central1 to store it in the\nus-central1 region. If you don't make a selection,\nCompute Engine stores the image in the multi-region closest to\nyour image's source location.
REST
Use the images().insert method\nwith the guestOsFeatures flag to create a new custom image from an\nexisting custom image.
\n\nPOST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/global/images\n\n{\n "name": "IMAGE_NAME",\n "sourceImage": "(projects/IMAGE_PROJECT)/global/images/SOURCE_IMAGE",\n ("storageLocations": "LOCATION",)\n "guestOsFeatures": [\n {\n "type": "FEATURES"\n }\n ]\n}\nReplace the following:
\n\n- \n
PROJECT_ID: the ID of the project in which to\ncreate the new image \nIMAGE_NAME: a name for the new image \n
\n\nIMAGE_PROJECT: Optional: the project containing\nthe source imageUse this parameter to copy an image from another\nproject.
\nSOURCE_IMAGE: the image to base the new image on \n
\n\nLOCATION: Optional: a region or multi-region in\nwhich to store the imageFor example, specify
usto store the image in\ntheusmulti-region, orus-central1to store it in theus-central1\nregion. If you don't make a selection, Compute Engine stores the\nimage in the multi-region closest to your image's source location. \n
\n\nFEATURES: guest OS tags to enable features for VMs\nthat you create from imagesTo add multiple values, use commas to separate values. Set to one or\nmore of the following values:
\n\n- \n
- \n
\n\nVIRTIO_SCSI_MULTIQUEUE. Use on local SSD devices as an alternative to\n NVMe. For more information about images that support SCSI, see\n Choosing an interface.For Linux images, you can enable multi-queue SCSI on local SSD devices on images with kernel\n versions 3.17 or later. For Windows images, you can enable multi-queue SCSI on local SSD\n devices on images with Compute Engine Windows driver\n \n version 1.2.\n
\n \n - \n
WINDOWS. Tag Windows Server custom boot images as Windows images.\n \n - \n
MULTI_IP_SUBNET. Configure interfaces with a netmask other than\n/32. For more information about multiple network interfaces and how they work, see\n \n Multiple network interfaces overview and examples.\n \n - \n
UEFI_COMPATIBLE. Boot with\n \n UEFI firmware and the following\n \n Shielded VM features:\n- \n
- \n \n Secure Boot: disabled by default\n \n
- \n \n Virtual Trusted Platform Module (vTPM): enabled by default\n \n
- \n \n Integrity monitoring: enabled by default\n \n
\n - \n
GVNIC. Support higher network bandwidths of up to\n \n 50 Gbps to 100 Gbps speeds. For\n more information, see\n \n Using Google Virtual NIC.\n \n - \n
IDPF. Support Intel Infrastructure Data Path\n Function (IDPF) network interfaces. \n \n \n - \n
SEV_CAPABLEorSEV_SNP_CAPABLE. Use these tags if you want to\n use your image on a\n \n Confidential VM instance with AMD Secure Encrypted Virtualization (SEV) or AMD\n Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP) support. To check if your kernel\n supports AMD SEV or AMD SEV-SNP, see\n \n Linux kernel details.\n \n - \n
SEV_LIVE_MIGRATABLE_V2. Use this tag if you want to use your image on a\n \n Confidential VM instance that supports\n \n live migration on AMD SEV. To check if your kernel supports live migration, see\n \n Linux kernel details.\n \n - \n
TDX_CAPABLE. Use this tag if you want to use your image on a\n \n Confidential VM instance with Intel Trust Domain Extensions (TDX) support. To\n check if your kernel supports Intel TDX, see\n \n Linux kernel details.\n \n
\n \n- \n
Avoid sensitive information in UEFI variables
\n\nUnified Extensible Firmware Interface (UEFI) variables are key-value pair variables\nused by the UEFI firmware during boot time to boot the operating system of a VM.\nUnlike physical machines, where the variables are stored on a hardware chip,\nCompute Engine virtualizes storage of these variables. As such, in\nmany operating systems, all applications and users can reach these variables and\naccess this information.
\n\nBecause of this reason, Google strongly recommends that you don't write or store\nsensitive or personal identifiable information such as passwords or private keys\nto UEFI variables.
\n\nConsiderations for Arm images
\n\nGoogle offers the C4A and Tau T2A\nmachine series, which run on Arm CPU platforms. You can start a VM with one of\nthese machine series and then use that source VM to create an Arm image. The\nprocess for creating a custom Arm image is identical to creating an x86 image.
\n\nTo help your users differentiate between Arm and x86 images, Arm images will\nhave an architecture field set to ARM64. Possible values for this\nfield are:
- \n
ARCHITECTURE_UNSPECIFIED\nX86_64\nARM64\n
Image users can then filter on this field to find x86 or Arm-based images.
\n\nWhat\'s next
\n\n- \n
- Share your private image\nwith other projects. \n
- Learn how to import disks, images, and VM instances. \n
- Learn how to\nexport an image to Cloud Storage. \n
- Learn how to\nstart a VM from a custom image. \n
- Learn how to set the image version in an image family. \n
- Learn how to deprecate a custom image. \n
- Learn how to delete a custom image. \n