Search code examples
google-cloud-platformgoogle-deployment-manager

How to create a Network Endpoint Group via GCP Deployment Manager

I am trying to use the Google Cloud Deployment Manager to create a Network Endpoint Group for my App Engine Load Balancer. I can't find an existing resource type for it so I am trying to use a custom type provider (deploymentmanager.v2beta.typeProvider). The main problem I am facing is that I want to create one with networkEndpointType: SERVERLESS but the API only supports zonal.

Here is the API: https://cloud.google.com/compute/docs/reference/rest/beta/networkEndpointGroups/insert

Here is the deployment manager script:

resources:
- name: network-endpoint-group
  type: deploymentmanager.v2beta.typeProvider
  properties:
    descriptorUrl: https://www.googleapis.com/discovery/v1/apis/compute/v1/rest
    options:
      inputMappings:
      - fieldName: name
        location: PATH
        methodMatch: ^(GET|DELETE|PUT|POST)$
        value: $.resource.properties.name
      - fieldName: Authorization
        location: HEADER
        value: >
          $.concat("Bearer ", $.googleOauth2AccessToken())

- name: neg_create
  action: {{ env["project"] }}/network-endpoint-group:compute.networkEndpointGroups.insert
  properties:
    name: my-network-endpoint-group
    project: {{ env["project"] }}
    zone: us-east1-b
    appEngine:
      service: my-service
    networkEndpointType: SERVERLESS
  metadata:
    runtimePolicy:
    - CREATE
    dependsOn:
    - network-endpoint-group

If I run it as it is above, then I get:

Network endpoint of type SERVERLESS is only allowed in regional

If I remove the zone property then I get:

object has missing required properties (["zone"])

I haven't found much documentation about how to create them via deployment manager or how to create regional NEGs via the API.

Can someone provide guidance on how to create a Network Endpoint Group via GCP Deployment Manager or provide a reference for why it isn't supported?

Solution

  • I feel like a dummy for using the wrong API. Apparently, there is a regional set of endpoints. I would delete this question but due to the general lack of documentation on how to do this sort of thing, I'll leave it around.

    Here is the API I needed to use: https://cloud.google.com/compute/docs/reference/rest/beta/regionNetworkEndpointGroups/insert

    And this is what it looks like in deployment manager:

    resources:
- name: network-endpoint-group
  type: deploymentmanager.v2beta.typeProvider
  properties:
    descriptorUrl: https://www.googleapis.com/discovery/v1/apis/compute/v1/rest
    options:
      inputMappings:
      - fieldName: name
        location: PATH
        methodMatch: ^(GET|DELETE|PUT|POST)$
        value: $.resource.properties.name
      - fieldName: Authorization
        location: HEADER
        value: >
          $.concat("Bearer ", $.googleOauth2AccessToken())

- name: neg_create
  action: {{ env["project"] }}/network-endpoint-group:compute.regionNetworkEndpointGroups.insert
  properties:
    name: my-network-endpoint-group
    project: {{ env["project"] }}
    region: us-east1
    appEngine:
      service: my-service
    networkEndpointType: SERVERLESS
  metadata:
    runtimePolicy:
    - CREATE
    dependsOn:
    - network-endpoint-group