Configure a hub

This page provides information about how to create a hub to which VPC spokes in a different project can be attached.

Before you begin

Before you get started, review the following sections.

Create or select a project

To make it easier to configure Network Connectivity Center, start by identifying a valid project.

Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

Go to project selector

Make sure that billing is enabled for your Google Cloud project.

Install the Google Cloud CLI.

To initialize the gcloud CLI, run the following command:

gcloud init

In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

Go to project selector

Make sure that billing is enabled for your Google Cloud project.

Install the Google Cloud CLI.

To initialize the gcloud CLI, run the following command:

gcloud init

If you are using the Google Cloud CLI, set your project ID by using the gcloud config set command.
```
gcloud config set project PROJECT_ID
```
Replace PROJECT_ID with your unique project ID.

The gcloud CLI instructions on this page assume that you have set your project ID.

To confirm that you set the project ID correctly, use the gcloud config list command.
```
gcloud config list --format='text(core.project)'
```

Enable the Network Connectivity API

Before you can perform any tasks using Network Connectivity Center, you must enable the Network Connectivity API.

Console

To enable the Network Connectivity API:

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
Click Enable.

Alternatively, you can enable the API by using the Google Cloud console API Library, as described in Enabling APIs.

Get access

To work with Network Connectivity Center, you need the permissions described in Roles and permissions.

Identify resources

When you reference resources by using the gcloud CLI or the API, use the conventions described in the following table.

Convention	Supported for	Notes	Example
Full URI	All resources	You must use one of these methods to reference router appliance instances.	"https://www.googleapis.com/compute/projects/`PROJECT_ID`/zones/`ZONE`/instances/`INSTANCE_NAME`"
Relative resource name	All resources		"projects/`PROJECT_ID`/zones/`ZONE`/instances/`INSTANCE_NAME`"
Name	Regional and global resources	This method can be used for hubs, spokes, VPN tunnels, and VLAN attachments.	"`HUB_NAME`"

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Permissions

networkconnectivity.hubs.create to create a hub
networkconnectivity.hubs.delete to delete a hub
networkconnectivity.hubs.listSpokes to list spokes
Additionally, if you are working in the Google Cloud console:
- networkconnectivity.hubs.get
- networkconnectivity.hubs.list
- networkconnectivity.spokes.list
- compute.projects.get

Roles

Hub & Spoke Admin (roles/networkconnectivity.hubAdmin)
If you are working in the Google Cloud console, Compute Network Viewer (roles/compute.networkViewer)

Create a hub

To create a hub, follow these steps.

Console

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
In the project menu, select a project.
Click Create hub.
Complete the Basic configuration section of the form:
1. Enter a Hub name.
2. Optional: Enter a Description.
3. Optional: To add a label, click Add Item, and then enter a Key and Value.
4. Verify that the form displays the correct Project ID. If the project ID is incorrect, select a different project by using the menu at the top of the page.
Do one of the following:
- If you want to create a spoke that is attached to this hub, click Next step and complete the spoke-creation section of the form. For instructions, see Create a VPC spoke.
- If you don't want to create a spoke right now, click Create to finish creating your new hub.

gcloud

To create a hub, use the gcloud network-connectivity hubs create command.

  gcloud network-connectivity hubs create HUB_NAME \
    --description="DESCRIPTION" \
    --labels="KEY"="VALUE"

Replace the following values:

HUB_NAME: the name of the new hub
DESCRIPTION: optional text that describes the hub
KEY: the key in the key-value pair for the optional label text
VALUE: the value in the key-value pair for the optional label text

API

To create a hub, use the networkconnectivity.hubs.create method.

  POST https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs
  {
    "name":"HUB_NAME",
    "description":"DESCRIPTION",
    "labels": {
      "KEY": "VALUE"
    }
  }

Replace the following values:

PROJECT_ID: the project ID of the project that contains the new hub
HUB_NAME: the name of the new hub
DESCRIPTION: optional text that describes the hub
KEY: the key in the key-value pair for the optional label text
VALUE: the value in the key-value pair for the optional label text

For detailed information about additional hub commands, such as list, describe, and update, see Work with hubs and spokes.

Delete a hub

To delete a hub, follow these steps.

Before you can delete a hub, you must delete or reject all spokes attached to the hub. If the spoke is in a different project, you might not have permission to delete it. In that case, you must reject the spoke.

For steps to delete a spoke, see Delete a spoke.

Console

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
In the project menu, select a project.
Click the Hubs tab.
In the hub list, select the hub that you want to delete.
Click the Spoke tab. All the spokes that are attached to this hub are listed with their status.
From the list of active spokes, delete the active spokes. If you don't have permissions to delete the spoke, reject the spoke.
Click Delete hub.
In the confirmation dialog, do one of the following:
- Click Cancel if you don't want to delete the hub.
- Click Delete to delete the hub.

gcloud

To list all active spokes attached to the hub that you want to delete, use the gcloud network-connectivity hubs list-spokes command.
```
gcloud network-connectivity hubs list-spokes HUB_NAME \
   --filter="state:ACTIVE" 
```
Replace HUB_NAME with the name of the hub that you want to delete.
Delete the active spokes. If you don't have permissions to delete the spoke, reject the spoke.
To delete a hub, use the gcloud network-connectivity hubs delete command.
```
gcloud network-connectivity hubs delete HUB_NAME
```
Replace HUB_NAME with the name of the hub.

API

To list all active spokes attached to the hub that you want to delete, use the networkconnectivity.hubs.listSpokes method.
```
 GET https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs/HUB_NAME:listSpokes
```
Replace the following values:
- PROJECT_ID: the project ID of the project that contains the hub for which you want to list spokes
- HUB_NAME: the name of the hub for which you want to list spokes
Delete the active spokes. If you don't have permissions to delete the spoke, reject the spoke.
To delete the hub, use the networkconnectivity.hubs.delete method.
```
 DELETE https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs/HUB_NAME
```
Replace the following values:
- PROJECT_ID: the project ID of the project that contains the hub to delete
- HUB_NAME: the name of the hub to delete

What's next

To create hubs and spokes, see Work with hubs and spokes.
To view a list of partners whose solutions are integrated with Network Connectivity Center, see Network Connectivity Center partners.
To find solutions for common issues, see Troubleshooting.
To get details about API and gcloud commands, see APIs and reference.