Assigned
Status Update
No update yet.
Comments
ha...@google.com
Te...@telus.com
Hello,
Thanks for reaching out to us!
The Product Engineering Team has been made aware of your feature request, and will address it in due course. Though we can't provide an ETA on feature requests nor guarantee their implementation, rest assured that your feedback is always taken very seriously, as it allows us to improve our products. Thank you for your trust and continued support to improve Google Cloud Platform products.
In case you want to report a new issue, please do not hesitate to create a new [Issue Tracker]
Thanks and Regards,
Onkar Mhetre
Google Cloud Support
ma...@google.com
ma...@google.com
Specifically, this happened to us. We have a GKE cluster with two similarly-sized node pools. One has E2 nodes and the other has C2D nodes. We wanted to temporarily double the size of our E2 nodepool and checked the quotas page first. The only quota in the entire GCP project that was above 20% was "CPUs" at 55%. We reasoned that since only half of our machines were in the nodepool we wanted to double, this would only raise us to around 80-85% of quota, which seemed safe for a temporary change. We were surprised to see our scale-up fail due to quota. (And then we clumsily tried to quickly scale down to get below quota using direct GCE ASG scaling rather than GKE autoscaler, which ended up deleting a bunch of our more active machines instead of the empty ones — perhaps user error, but a bigger impact than we had expected for what we thought was going to be a simple "scale up fast, let it scale down slowly once our temporary need was over".)
Had the human-readable label in the UI said "E2 and N1 CPUs" instead of "CPUs" we would not have made that mistake: we would have tried for a smaller scale-up or requested more quota first.
I assume that the "internal"/computer-readable name `CPUS` is unlikely to change for compatibility reasons, but hopefully the UI display name is less hardcoded?
Had the human-readable label in the UI said "E2 and N1 CPUs" instead of "CPUs" we would not have made that mistake: we would have tried for a smaller scale-up or requested more quota first.
I assume that the "internal"/computer-readable name `CPUS` is unlikely to change for compatibility reasons, but hopefully the UI display name is less hardcoded?
Description
Customer Pain: Customer would like to restrict the access on some GKE resource using IAM conditions, however, this is not currently supported [1].
This feature request aims to enable GKE resources to be added to the list of supported IAM conditions resource types [1]. This would assist and allow more fine grained control over GKE cluster access management for operational teams.
[1]https://cloud.google.com/iam/docs/conditions-overview#resources