- HTTP request
- Path parameters
- Request body
- Response body
- Authorization Scopes
- ConsumerProject
- RangeReservation
- Subnetwork
- SecondaryIpRange
- ValidationError
- Try it!
Service producers use this method to validate if the consumer provided network, project and requested range are valid. This allows them to use a fail-fast mechanism for consumer requests, and not have to wait for services.addSubnetwork operation completion to determine if user request is invalid.
HTTP request
POST https://servicenetworking.googleapis.com/v1/{parent=services/*}:validate
The URL uses gRPC Transcoding syntax.
Path parameters
Parameters | |
---|---|
parent |
Required. This is in a form services/{service} where {service} is the name of the private access management service. For example 'service-peering.example.com'. Authorization requires the following IAM permission on the specified resource
|
Request body
The request body contains data with the following structure:
JSON representation | |
---|---|
{ "consumerNetwork": string, "validateNetwork": boolean, "consumerProject": { object ( |
Fields | |
---|---|
consumerNetwork |
Required. The network that the consumer is using to connect with services. Must be in the form of projects/{project}/global/networks/{network} {project} is a project number, as in '12345' {network} is network name. |
validateNetwork |
The validations will be performed in the order listed in the ValidationError enum. The first failure will return. If a validation is not requested, then the next one will be performed. SERVICE_NETWORKING_NOT_ENABLED and NETWORK_NOT_PEERED checks are performed for all requests where validation is requested. NETWORK_NOT_FOUND and NETWORK_DISCONNECTED checks are done for requests that have validateNetwork set to true. |
consumerProject |
NETWORK_NOT_IN_CONSUMERS_PROJECT, NETWORK_NOT_IN_CONSUMERS_HOST_PROJECT, and HOST_PROJECT_NOT_FOUND are done when consumerProject is provided. |
rangeReservation |
RANGES_EXHAUSTED, RANGES_EXHAUSTED, and RANGES_DELETED_LATER are done when rangeReservation is provided. |
Response body
If successful, the response body contains data with the following structure:
JSON representation | |
---|---|
{ "isValid": boolean, "validationError": enum ( |
Fields | |
---|---|
isValid |
Indicates whether all the requested validations passed. |
validationError |
The first validation which failed. |
existingSubnetworkCandidates[] |
List of subnetwork candidates from the request which exist with the |
Authorization Scopes
Requires one of the following OAuth scopes:
https://www.googleapis.com/auth/service.management
https://www.googleapis.com/auth/cloud-platform
For more information, see the Authentication Overview.
ConsumerProject
Represents a consumer project.
JSON representation | |
---|---|
{ "projectNum": string } |
Fields | |
---|---|
projectNum |
Required. Project number of the consumer that is launching the service instance. It can own the network that is peered with Google or, be a service project in an XPN where the host project has the network. |
RangeReservation
Represents a range reservation.
JSON representation | |
---|---|
{
"ipPrefixLength": integer,
"secondaryRangeIpPrefixLengths": [
integer
],
"requestedRanges": [
string
],
"subnetworkCandidates": [
{
object ( |
Fields | |
---|---|
ipPrefixLength |
Required. The size of the desired subnet. Use usual CIDR range notation. For example, '30' to find unused x.x.x.x/30 CIDR range. The goal is to determine if one of the allocated ranges has enough free space for a subnet of the requested size. |
secondaryRangeIpPrefixLengths[] |
Optional. The size of the desired secondary ranges for the subnet. Use usual CIDR range notation. For example, '30' to find unused x.x.x.x/30 CIDR range. The goal is to determine that the allocated ranges have enough free space for all the requested secondary ranges. |
requestedRanges[] |
Optional. The name of one or more allocated IP address ranges associated with this private service access connection. If no range names are provided all ranges associated with this connection will be considered. If a CIDR range with the specified IP prefix length is not available within these ranges the validation fails. |
subnetworkCandidates[] |
Optional. List of subnetwork candidates to validate. The required input fields are |
Subnetwork
Represents a subnet that was created or discovered by a private access management service.
JSON representation | |
---|---|
{
"name": string,
"ipCidrRange": string,
"network": string,
"outsideAllocation": boolean,
"secondaryIpRanges": [
{
object ( |
Fields | |
---|---|
name |
Subnetwork name. See https://cloud.google.com/compute/docs/vpc/ |
ipCidrRange |
Subnetwork CIDR range in |
network |
In the Shared VPC host project, the VPC network that's peered with the consumer network. For example: |
outsideAllocation |
This is a discovered subnet that is not within the current consumer allocated ranges. |
secondaryIpRanges[] |
List of secondary IP ranges in this subnetwork. |
region |
GCP region where the subnetwork is located. |
SecondaryIpRange
JSON representation | |
---|---|
{ "rangeName": string, "ipCidrRange": string } |
Fields | |
---|---|
rangeName |
Name of the secondary IP range. |
ipCidrRange |
Secondary IP CIDR range in |
ValidationError
Enums | |
---|---|
VALIDATION_ERROR_UNSPECIFIED |
|
VALIDATION_NOT_REQUESTED |
In case none of the validations are requested. |
SERVICE_NETWORKING_NOT_ENABLED |
|
NETWORK_NOT_FOUND |
The network provided by the consumer does not exist. |
NETWORK_NOT_PEERED |
The network has not been peered with the producer org. |
NETWORK_PEERING_DELETED |
The peering was created and later deleted. |
NETWORK_NOT_IN_CONSUMERS_PROJECT |
The network is a regular VPC but the network is not in the consumer's project. |
NETWORK_NOT_IN_CONSUMERS_HOST_PROJECT |
The consumer project is a service project, and network is a shared VPC, but the network is not in the host project of this consumer project. |
HOST_PROJECT_NOT_FOUND |
The host project associated with the consumer project was not found. |
CONSUMER_PROJECT_NOT_SERVICE_PROJECT |
The consumer project is not a service project for the specified host project. |
RANGES_EXHAUSTED |
The reserved IP ranges do not have enough space to create a subnet of desired size. |
RANGES_NOT_RESERVED |
The IP ranges were not reserved. |
RANGES_DELETED_LATER |
The IP ranges were reserved but deleted later. |
COMPUTE_API_NOT_ENABLED |
The consumer project does not have the compute api enabled. |