Cloud Filestore NFS Share
A managed Cloud Filestore NFS share for GKE and Compute Engine, VPC-peered with no public exposure, optional per-client export rules for least-privilege access, and deletion protection on.
Verification
Live-testedReally deployed, verified, idempotent and destroyed in a cloud sandbox.
Conformance
- Static validation (fmt · validate · tflint)
- Security scan (Checkov)
- Plan tests (mocked: validation rules · outputs)
Provenance
- SHA-256 checksum
- Signature (pending)
Functional
- Live-tested — applied, verified, destroyed
Last verified 2026-06-30 · how we verify
Documentation
gcp-filestore
A managed Cloud Filestore NFS file share for GKE and Compute Engine
workloads. Connected to a VPC over private peering (no public exposure), with
optional per-client NFS export rules for least-privilege access and deletion
protection on by default. Works with Terraform and OpenTofu (>= 1.6),
Google provider >= 7.0, < 8.0.
Defaults:
tier = "BASIC_HDD"(the cheapest tier),NFS_V3- Private connectivity via
DIRECT_PEERINGto your VPC; no public IP deletion_protection_enabled = true
Cost: BASIC_HDD's minimum share is 1024 GB (1 TiB) — capacity cannot go lower, so even the smallest instance reserves 1 TiB at
$0.20/GB-month ($200/mo). This is the priciest-to-leave-running of the storage modules; tear it down when done.
Requirements
- Terraform or OpenTofu
>= 1.6 hashicorp/google>= 7.0, < 8.0- API:
file.googleapis.com
Verification
Static-validated (fmt, validate, tflint). Live apply/destroy testing pending cloud sandbox availability — see catalog status.
License
Commercial — IaC Bazaar EULA. © IaC Bazaar. Original work (not derived from a third-party module).
Usage code & full reference unlock after purchase
The complete copy-paste usage, the full input/output reference, and operational notes ship with your licence — shown here and bundled in the download.
- Usage
- Inputs
- Outputs
- Notes