This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

unable to launch appengine on my vpc network

Posted on 05-09-2023 06:08 AM
nishitkumar
Bronze 3
Bronze 3
Reply posted on --/--/---- --:-- AM

I am trying to deploy my Node js application which will connect to CloudSQL database which is in our VPC network and have only private ip , but I am noticing that whenever I try to launch Appengine it gets launch on the default network with external ip , I want deploy my appengine on my vpc network so that I can connect to my CloudSQL database instance directly.

vpc name :- xyz and subnet name :- testing

nishitkumar_0-1683635633551.png

I tried to add this on my yaml file 

network:
  name: xyz
  subnetwork_name: testing
 
but I am getting this error while launching it  error :- ailed, details: Required 'compute.firewalls.list' permission for 'projects/core' , I have given permission but I am not able to launch it on my vpc network.

I have give all the permission to service account but still not able to launch.

please help I am stuck.

nishitkumar_0-1683696087601.png

 

 

 

0 3 468
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
Marramirez
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

Hi @nishitkumar,

Welcome to the Google Cloud Community!

Try to perform the following troubleshooting options:

  1. Make sure that you are using the correct gcloud app deploy syntax. See documentation here
  2. Make sure that your App Engine is properly connected to your VPC network. See documentation here
  3. Check your configuration, especially with the VPC network configuration. See reference here
  4. You can also get in touch with Google Cloud Support if the above options don't work.

In terms of your Service Account not having the compute.firewalls.list permission, follow the troubleshoot options below:

  1. Check for the roles that contain the compute.firewalls permission in this documentation.
  2. If none of the roles suit your needs, you can create a custom role. Follow this documentation in creating and managing custom roles.

let me know if it helped, thanks!

0 Likes

Posted on --/--/---- --:-- AM
nishitkumar
Bronze 3
Bronze 3
In response to Marramirez
Reply posted on --/--/---- --:-- AM

@Marramirez  for your second step of suggestion does that applies to app engine flex , do we need to create vpc access connector for appengine flex to access vpc and resources or is it just for appengine standard.

0 Likes

Posted on --/--/---- --:-- AM
knet
Staff
Reply posted on --/--/---- --:-- AM

Hi, for the App Engine Flexible Environment, you don't need to create VPC connectors. The App Engine instances in Flex already run inside the VPC network. 

0 Likes
Top Solution Authors
View all