Review proposed VPC spokes

As a hub administrator, you can review and subsequently accept or reject pending VPC spokes that a spoke administrator has proposed from a different project from the hub.

After a spoke is accepted or rejected, you can reject it or accept it as many times as necessary by running the commands described on this page.

Permissions required for this task

To perform this task, you must have been granted the following permissions or the following IAM roles.

Permissions

networkconnectivity.hubs.listSpokes to list spokes
networkconnectivity.groups.acceptSpoke on the hub to accept a spoke
networkconnectivity.groups.rejectSpoke on the hub to reject a spoke

Roles

roles/networkconnectivity.hubAdmin

View proposals pending review

To view spoke proposals that are pending review for a hub, follow these steps.

Console

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
In the project menu, select the project that contains the hub for which you want to list the existing spokes.
In the Hub tab, select the hub.
Click the Spoke tab. All the spokes attached to that hub are listed.
To view the status for a specific spoke, click the spoke name. The proposed spokes that are pending review have an Inactive, pending status.

gcloud

Run the gcloud network-connectivity hubs list-spokes command.

gcloud network-connectivity hubs list-spokes HUB_NAME \
    --filter="reasons:PENDING_REVIEW"

Replace HUB_NAME with the name of the hub for which you want to review the proposed spokes, such as my-hub.

API

To view spoke proposals that are pending review for a hub, use the networkconnectivity.hubs.listSpokes method.

  GET https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs/HUB_NAME:listSpokes?filter=reasons=PENDING_REVIEW

Replace the following values:

PROJECT_ID: the project ID of the project that contains the spokes to list
HUB_NAME: the name of the hub for which you want to view spoke proposals pending review

Accept a spoke proposal

To accept a proposed spoke to connect to a hub, follow these steps.

Console

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
In the project menu, select the project that contains the hub for which you want to list the existing spokes.
In the Hub tab, select the hub.
Click the Spoke tab. All the spokes attached to that hub are listed.
To view details for a specific spoke, click the spoke name.
Click Accept.

The Network Connectivity Center page updates to show details about the spokes that you accepted and the spoke status changes to Active.

You can also select multiple spokes for a bulk accept. However, as the hub administrator, before accepting a spoke, you must check the VPC spoke filters for each spoke by clicking the individual spoke name and checking the spoke details.

gcloud

Run the gcloud network-connectivity hubs accept-spoke command.

gcloud network-connectivity hubs accept-spoke HUB_NAME
  --spoke=SPOKE_URI

Replace the following:

HUB_NAME: the name of the hub that is receiving the spoke proposal
SPOKE_URI: the URI of the spoke that you want to accept into the hub

API

To accept a proposed spoke, use the networkconnectivity.hubs.acceptSpoke method.

  POST https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs/HUB_NAME:acceptSpoke

  {
  "spokeUri": SPOKE_URI
  }

Replace the following:

PROJECT_ID: the ID of the project that contains the hub
HUB_NAME: the name of the hub that is receiving the spoke proposal
SPOKE_URI: the URI of the spoke that you want to accept into the hub

Reject a spoke proposal

To reject a proposed spoke from connecting to a hub, follow these steps.

Console

In the Google Cloud console, go to the Network Connectivity Center page.

Go to Network Connectivity Center
In the project menu, select the project that contains the hub for which you want to list the existing spokes.
In the Hub tab, select the hub.
Click the Spoke tab. All the spokes attached to that hub are listed.
To view details for a specific spoke, click the spoke name.
Click Reject.
In the Reject spoke? dialog, confirm the rejection and optionally, provide a reason for the rejection.
Click Reject again. The Network Connectivity Center page updates to show details about the spokes that you rejected, and the spoke status shows as Inactive, rejected.

gcloud

Run the gcloud network-connectivity hubs reject-spoke command.

gcloud network-connectivity hubs reject-spoke HUB_NAME \
    --spoke=SPOKE_URI \
    --details=REJECT_REASON

Replace the following:

HUB_NAME: the name of the hub that contains the spoke that you want to reject
SPOKE_URI: the URI of the VPC spoke that you want to reject
REJECT_REASON: Optional: the reason for which you rejected the spoke

API

To reject a proposed spoke, use the networkconnectivity.hubs.rejectSpoke method.

  POST https://networkconnectivity.googleapis.com/v1/projects/PROJECT_ID/locations/global/hubs/HUB_NAME:rejectSpoke

  {
  "spokeUri": SPOKE_URI,
  "requestId": REQUEST_ID,
  "details": SPOKE_DETAILS
  }

Replace the following:

PROJECT_ID: the ID of the project that contains the hub
HUB_NAME: the name of the hub that contains the spoke that you want to reject
SPOKE_URI: the URI of the spoke that you want to reject from the hub
REQUEST_ID: Optional: the request ID to identify requests
SPOKE_DETAILS: Optional: the additional details that you provide, such as, reason for rejection

What's next

To create hubs and spokes, see Work with hubs and spokes.
To view a list of partners whose solutions are integrated with Network Connectivity Center, see Network Connectivity Center partners.
To find solutions for Router appliance issues, see Troubleshooting.
To get details about API and gcloud commands, see APIs and reference.