Movatterモバイル変換

Skip to main content

Create an instance from a shared image

This document explains how to create a Compute Engine instance from acustom imagethat is shared by another project.

An instance contains a bootloader, a boot file system, and an OS image. You can createcustom images from source disks, images, snapshots, or images stored inCloud Storage and use these images to create instances. By default,a custom image belongs only to the project in which it was created.If another user hasshared an image with you,then you can use the image to create an instance.

Before you begin

When creating instances from images by using the Google Cloud CLI orthe Compute Engine API, there's a limit of 20 instances per second. If you needto create a higher number of instances per second,request a quota adjustment for theImages resource.
If you haven't already, set upauthentication. Authentication verifies your identity for access to Google Cloud services and APIs. To run code or samples from a local development environment, you can authenticate to Compute Engine by selecting one of the following options:
Select the tab for how you plan to use the samples on this page:
Console
When you use the Google Cloud console to access Google Cloud services and APIs, you don't need to set up authentication.
gcloud
1. Install the Google Cloud CLI. After installation,initialize the Google Cloud CLI by running the following command:
  gcloudinit
  If you're using an external identity provider (IdP), you must first sign in to the gcloud CLI with your federated identity.
  Note: If you installed the gcloud CLI previously, make sure you have the latest version by runninggcloud components update.
2. Set a default region and zone.
REST
To use the REST API samples on this page in a local development environment, you use the credentials you provide to the gcloud CLI.
For more information, see Authenticate for using REST in the Google Cloud authentication documentation.

Required roles

To get the permissions that you need to create an instance from a shared image, ask your administrator to grant you theCompute Instance Admin (v1) (roles/compute.instanceAdmin.v1) IAM role on the project. For more information about granting roles, seeManage access to projects, folders, and organizations.

This predefined role contains the permissions required to create an instance from a shared image. To see the exact permissions that are required, expand theRequired permissions section:

Required permissions

The following permissions are required to create an instance from a shared image:

compute.instances.create on the project
To use a shared image to create the instance: compute.images.useReadOnly on the image

You might also be able to get these permissions withcustom roles or otherpredefined roles.

Create an instance from a shared image

To create an instance from a shared image, follow these steps:

Console

In theGoogle Cloud console, go to theCreate an instance page.
Go to Create an instance
If prompted, select your project and clickContinue.
TheCreate an instance page appears and displays theMachine configuration pane.
In theMachine configuration pane, do the following:
1. In theName field, specify a name for your instance. For moreinformation, seeResource naming convention.
2. Optional: In theZone field, select a zone for this instance.
  The default selection isAny. If you don't change this defaultselection, then Google automatically chooses a zone for you based onmachine type and availability.
3. Select the machine family for your instance. TheGoogle Cloud console thendisplays the machine series that are available for your selectedmachine family. The following machine family options are available:
  - General purpose
  - Compute optimized
  - Memory optimized
  - Storage optimized
  - GPUs
4. In theSeries column, select the machine series for yourinstance.
  If you selectedGPUs as the machine family in the previous step,then select theGPU type that you want. The machine series isthen automatically selected for the selected GPU type.
5. In theMachine type section, select the machine type for yourinstance.
In the navigation menu, clickOS and storage. In theOperating system and storage pane that appears, configure your bootdisk by doing the following:
1. ClickChange. TheBoot disk pane appears and displays thePublic images tab.
2. ClickCustom images. TheCustom images tab appears.
3. To select the image project, clickChange, and then select theproject that contains the image.
4. In theImage list, select the image that you want to import.
5. In theBoot disk type list, select the type of the boot disk.
6. In theSize (GB) field, specify the size of the boot disk.
7. Optional: For Hyperdisk Balanced boot disks, specify values for theProvisioned IOPS andProvisioned throughput fields.
8. Optional: For advanced configuration options, expand theShow advanced configurations section.
9. To confirm your boot disk options and return to theOperating system and storage pane, clickSelect.
In the navigation menu, clickNetworking. In theNetworking panethat appears, do the following:
1. Go to theFirewall section.
2. To permit HTTP or HTTPS traffic to the instance, selectAllow HTTP traffic orAllow HTTPS traffic.
  TheCompute Engine adds a network tag to your instance andcreates the corresponding ingress firewall rule that allows allincoming traffic ontcp:80 (HTTP) ortcp:443 (HTTPS). Thenetwork tag associates the firewall rule with the instance. For moreinformation, seeFirewall rules overviewin theCloud Next Generation Firewall documentation.
Optional: Specify other configuration options. For more information, seeConfiguration options during instance creation.
To create and start the instance, clickCreate.

gcloud

In the Google Cloud console, activate Cloud Shell.
Activate Cloud Shell
At the bottom of the Google Cloud console, aCloud Shell session starts and displays a command-line prompt. Cloud Shell is a shell environment with the Google Cloud CLI already installed and with values already set for your current project. It can take a few seconds for the session to initialize.
Create an instance by using thegcloud compute instances create command,and use the--image and--image-project flags to specify the imagename and the project where the image resides:
```
gcloud compute instances createINSTANCE_NAME \--image=IMAGE \--image-project=IMAGE_PROJECT
```
Replace the following:
- INSTANCE_NAME: thenamefor the new instance
- IMAGE: the name of the image
- IMAGE_PROJECT: the project to which theimage belongs
If the command is successful, thengcloud responds with the propertiesof the new instance, like in the following example:
```
Created [https://compute.googleapis.com/compute/v1/projects/myproject/zones/us-central1-b/instances/example-instance].NAME                 ZONE           MACHINE_TYPE   PREEMPTIBLE  INTERNAL_IP  EXTERNAL_IP    STATUSexample-instance     us-central1-b  e2-standard-2               10.240.0.4   104.198.53.60  RUNNING
```

Terraform

The process for creating an instance with a shared image in Terraform is thesame as if you were creating an instance with a publicly available image.

In the Google Cloud console, go to theVM instances page.
Go to VM Instances
ClickCreate instance.
Specify the parameters you want.
At the top or bottom of the page, clickEquivalent code, and then click theTerraform tab to view the Terraform code.

REST

The process for creating an instance with a shared image in the API is the same asif you were creating an instance with a publicly available image.

To create the instance from a shared image, use theinstances.insert method.

POST https://compute.googleapis.com/compute/v1/projects/PROJECT_ID/zones/ZONE/instances{   "machineType":"zones/MACHINE_TYPE_ZONE/machineTypes/MACHINE_TYPE",   "name":"VM_NAME",      "disks":[      {         "initializeParams":{            "sourceImage":"projects/IMAGE_PROJECT/global/images/IMAGE"         },         "boot":true      }   ],         "networkInterfaces":[      {         "network":"global/networks/NETWORK_NAME"      }   ],        "shieldedInstanceConfig":{      "enableSecureBoot":"ENABLE_SECURE_BOOT"   }}

Replace the following:

PROJECT_ID: ID of the project to create the VM in
ZONE: zone to create the VM in
MACHINE_TYPE_ZONE: zone containing the machine type to use for the new VM
MACHINE_TYPE: machine type,predefined orcustom, for the new VM
VM_NAME:name of the new VM
IMAGE_PROJECT: name of the project that contains the shared image
IMAGE: specify one of the following:
- IMAGE: name of the shared image. For example,"sourceImage": "projects/finance-project-1234/global/images/finance-debian-image-v2".
- IMAGE_FAMILY: if the shared image is created as part of acustom image family, specify that custom image family.
  This creates the VM from the most recent, non-deprecated OS image in your custom image family. For example, if you specify"sourceImage": "projects/finance-project-1234/global/images/family/finance-debian-family", Compute Engine creates a VM from the latest version of the OS image in the customfinance-debian-family image family.
NETWORK_NAME: the VPC network that you want to use for the VM. You can specifydefault to use your default network.
ENABLE_SECURE_BOOT: Optional: If you chose an image that supportsShielded VM features, Compute Engine, by default, enables thevirtual trusted platform module (vTPM) andintegrity monitoring. Compute Engine does not enableSecure Boot by default.
If you specifytrue forenableSecureBoot, Compute Engine creates a VM with all three Shielded VM features enabled. After Compute Engine starts your VM, tomodify Shielded VM options, you must stop the VM.

What's next

Learn more aboutcustom imagesandhow to share them.
Learn how tocheck the status of an instanceto see when it is ready to use.
Learn how toconnect to your instance.

Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.

Last updated 2025-12-15 UTC.

[8]ページ先頭

©2009-2025 Movatter.jp