Creating a GCP type provider in 6 ( well 7) easy steps
If you use GCP’s Deployment manager you may or may not have realised that you can extend the APi’s it can call by creating a type provider.
A Type Provider ( quoting the docs as it’s succinct enough ) exposes all resources of a third-party API to Deployment Manager as base types that you can use in your configurations.
The steps to registering and using a Type provider are fairly simple and as I had cause to do this for myself thought I’d jot down what the steps are so sharing that here.
- First declare your type .
- A type is an API that supports CRUD methods.
- Your API must have a document that describes your API . Deployment manager supports OpenAPI specification v 1.2 and 2.0 or Google Discovery documents.
3. If your API needs authentication read this section of the Deployment Manager docs
4. When testing use the gcloud CLI — So ensure this is set up
5. Decide on a name for your provider
6. Now you have a name, a descriptor document and any authentication details create your type provider
In my example I’m just going to create a Type provider using one of the existing Google API’s in one of my projects . Why? Well they’ve stood the API up already and this post is all about Type providers! I’ll come back one day and talk about my adventures with Cloud endpoints another time I didn’t want to derail this post!
So picking on compute engine the location of the discovery doc can be found here
And the URl for the discovery doc I will be using is :
I actually had some syntax related problems when initially trying this and while debugging I found https://developers.google.com/discovery/v1/reference/apis/getRest which is a nice page that lets you retrieve a particular version of a Google API . I liked it so am leaving it here for your delectation.
Why not have a look this will still be here while you do that 😀
I’m going to use the gcloud CLI and as I’m already authenticated I don’t need to worry about the authentication piece. ( I love the gcloud command it makes stuff so easy)
I’m going to call my type-provider my-compute-type
I’m going to register it in my project sharedresources so I set my working project to that by using the gcloud command :
$ gcloud config set project sharedresources
And to register my type provider :
$ gcloud alpha deployment-manager type-providers create my-compute-type -- api-options-file=config.yaml --descriptor-url=’https://www.googleapis.com/discovery/v1/apis/compute/beta/rest'
( The api-options-file I’m using is to map some input mappings to path parameters)
So now I have created a type provider how do I use it?
Just as you would any other Type with one caveat!
It’s more than likely you will want to share your shiny new type with other projects so to do this you need to ensure that the Google APIs service account of the project that wants to consume the types is granted the deploymentmanager.typeViewer role On the project where the type has been registered
This is the step 7
To do this you need to log onto the console , make sure you are in the project that you registered the type in. So in my case the project sharedresources . Navigate to the IAM menu and add the Google APIs service account for the project that will be calling the type and grant it the deploymentmanager.typeViewer role ( this can be found under other)
This however is kind of cumbersome and not that scalable so I actually have the following Project configuration in my GCP organization
The Google APIs service account that belongs to the projectcreation project has been granted the Deployment Manager Type viewer role at the organization level . This is so I do not need to explicitly grant it this permission on every project it needs to deploy resources via a deployment management configuration as the permission is inherited .
Create a config calling your newly registered type . So in my example my YAML config looks like this:
( ps. You really should use python but the YAML is clearer to see the salient bits of the configuration)
To deploy my configuration I use the following command
gcloud deployment-manager deployments create my-demo-project-instance --config=my-instance-config.yaml
This creates the deployment in my projectcreation project. The resources declared in the deployment in this case an instance is created in the targetproject project ( make sure the service account has permissions to create instances )
And there you have it.
Before I finish :
There are 5 pages of docs you really need to read assuming you already have a basic understanding of Deployment manager :
I also want to make a quick shout out to Adam & Kyle in the Deployment management team 😀 Thanks for the help in getting this to work as I wanted it to .