I was playing around with private service connect in gcp, and I attached an endpoint with an IP to enable private access to all google apis. I wanted to tear this down and build up this configuration in terraform, however I am unable to delete the entry in my GCP Networking Service Directory. It states this type of connection cannot be deleted. Does this mean I am unable to delete my VPC and recreate it? It seems like all of the resources cannot be deleted, and my VPC won't delete due to a forwarding rule. I am getting the following error messages:
"This type of service cannot be deleted"
"This type of namespace cannot be deleted"
"Endpoints belonging to non-user-defined service cannot be deleted"
And this error message when attempting to delete the vpc:
"The address resource 'projects/x/global/addresses/endpoints' is already being used by 'projects/x/global/forwardingRules/endpoint'"
Deleting a Private Service Connect endpoint:
To perform this task, you must have following permissions or all the following IAM roles.
Permissions:
compute.globalForwardingRules.pscDelete
compute.globalForwardingRules.delete
servicedirectory.namespaces.delete
dns.managedZones.delete
Roles:
All the following roles:
Compute Network Admin (roles/compute.networkAdmin),
Service Directory Editor (roles/servicedirectory.editor), and
DNS Administrator (roles/dns.admin)
Using Console:
Go to Console -> Network Services -> Private Service Connect -> Click the “Connected endpoints” tab -> Select the Private Service Connect endpoint you want to delete, and click Delete.
Using gcloud:
Run the following command in the cloud shell.
gcloud compute forwarding-rules delete **ENDPOINT_NAME** --global
For more information refer to the documentation deleting a Private Service Connect endpoint.