Managing resources with the resourceID field


This page explains how to manage resources with the resourceID field.

Config Connector lets you explicitly specify the resource ID of a Google Cloud resource using the immutable but optional resourceID field to create or acquire the resource. "Immutable, but optional" means that you can choose to specify or not specify the resourceID field, but you can't make any changes to the value of the resourceID field after applying the manifest to your cluster.

The resourceID field increases the flexibility of naming a Google Cloud resource that has a user-specified resource ID. Using the resourceID field in your Config Connector resources, you can define multiple Config Connector resources of the same kind with the same Google Cloud resource name under different projects, folders, organizations or parent resources within the same namespace. The Google Cloud resource name is also not restricted by the naming convention of a Kubernetes object name. In addition, the resourceID field enables the acquisition of a Google Cloud resource that has a service-generated resource ID.

Config Connector makes the namespace the "owner" of a resource to prevent it from being taken by another owner. However, if you are using the resourceID field, there can be multiple resources with the same Google Cloud resource name, created under the same namespace. These resources create conflicts that Config Connector cannot manage. You need to resolve any conflicts manually.

Types of resource IDs

In Config Connector, resource IDs can be user-specified or service-generated.

User-specified resource IDs
A resource ID that is determined, specified, and passed in by the user before the resource creation. You can create or acquire a resource that has a user-specified resource ID with the resourceID field.
Service-generated resource IDs
A resource ID that is generated by the service during the resource creation. It can be retrieved by the user after the resource is successfully created. You can acquire a resource that has a service-generated resource ID with the resourceID field. Leave the field unspecified if you want to create a new resource that has a service-generated resource ID. See the list of Resources with a service-generated resource ID.

Specifying the resourceID field

You can specify the resourceID field in the resource's spec.

The following manifest describes how to specify the resourceID field for a Pub/Sub topic. The name of the Config Connector resource is pubsub-topic-sample and the name of the Pub/Sub topic is pubsub-topic-id.

apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
kind: PubSubTopic
metadata:
  name: pubsub-topic-sample
spec:
  resourceID: pubsub-topic-id

Creating a resource with the resourceID field

Creating a BigQuery dataset

In this example, you create a new BigQuery dataset using Config Connector with the resourceID field. The value of the resourceID field should follow the naming convention for the datasetId field of the BigQuery dataset.

  1. Copy the following contents into a file named bigquery-dataset.yaml.

      apiVersion: bigquery.cnrm.cloud.google.com/v1beta1
      kind: BigQueryDataset
      metadata:
        name: bigquerydataset-sample-for-creation
      spec:
        resourceID: bigquerydataset_sample_with_resourceid
        defaultTableExpirationMs: 3600000
        description: "BigQuery Dataset Sample with the ResourceID Field"
        friendlyName: bigquerydataset-sample-with-resourceid
        location: US
    
  2. Apply the YAML file to your cluster.

    kubectl apply --namespace CC_NAMESPACE -f bigquery-dataset.yaml

    Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

  3. Use kubectl describe to see details on the dataset.

    kubectl describe --namespace CC_NAMESPACE bigquerydataset bigquerydataset-sample-for-creation

    Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

Acquiring a resource with the resourceID field

When you manage a Google Cloud resource with the resourceID field, Config Connector acquires the resource if:

  • The resource has a user-specified resource ID, and the values in the manifest and the resource name match an existing resource; Or,
  • The resource has a service-generated resource ID.

Acquiring a folder

To acquire a folder using Config Connector with the resourceID field, complete the following steps:

  1. Copy the following contents into a file named folder.yaml.

        apiVersion: resourcemanager.cnrm.cloud.google.com/v1beta1
        kind: Folder
        metadata:
          annotations:
            cnrm.cloud.google.com/organization-id: ORG_ID
            # Remove the deletion-policy annotation if it is safe to delete the
            # folder when the resource is deleted from your cluster.
            cnrm.cloud.google.com/deletion-policy: "abandon"
          name: folder-sample-for-acquisition
        spec:
          resourceID: ACQUIRED_FOLDER_ID
          displayName: ACQUIRED_FOLDER_DISPLAY_NAME
    

    Replace the following:

    • ORG_ID with the numeric ID for your organization.
    • ACQUIRED_FOLDER_ID with the numeric ID for the folder to be acquired.
    • ACQUIRED_FOLDER_DISPLAY_NAME with the display name for the folder to be acquired.
  2. Apply the YAML file to your cluster.

    kubectl apply --namespace CC_NAMESPACE -f folder.yaml

    Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

  3. Use kubectl describe to see details on the folder.

    kubectl describe --namespace CC_NAMESPACE folder folder-sample-for-acquisition

    Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

What's next

Review the Resource reference to learn about the resources Config Connector supports.