Deployment Manager IoT Core Type Provider creation

Question

Im attempting to create deployment which uses a Deployment Manager Type Provider for GCP IoT Core but constantly get issue:

$ gcloud deployment-manager deployments create test --config config.yaml 
The fingerprint of the deployment is 83pRfPUlfBoXQp6VhhpQ7w==
Waiting for create [operation-1512573397953-55fad7014e9e8-f4ceacbe-eb8f2b03]...failed.                            
ERROR: (gcloud.deployment-manager.deployments.create) Error in Operation [operation-1512573397953-55fad7014e9e8-f4ceacbe-eb8f2b03]: errors:
- code: RESOURCE_ERROR
  location: /deployments/test/resources/MyRegistry
  message: '{"ResourceType":"myproject/iotcore:projects.locations.registries","ResourceErrorCode":"401","ResourceErrorMessage":{"code":401,"message":"Request is missing required authentication credential. Expected OAuth 2 access token, login cookie or other valid authentication credential. See https://developers.google.com/identity/sign-in/web/devconsole-project.","status":"UNAUTHENTICATED","statusMessage":"Unauthorized","requestPath":"https://cloudiot.googleapis.com/v1/projects/myproject/locations/us-central1/registries","httpMethod":"POST"}}'

Here is content of config.yaml:

resources:
- name: MyRegistry
  type: myproject/iotcore:projects.locations.registries
  properties:
    parent: projects/myproject/locations/us-central1
    id:  myregistry

Here is content of cred.yaml:

credential:
  basicAuth:
    user: my_user@gmail.com
    password: my_password

And I perform following steps:

1. Authentication via gcloud.

   $ gcloud config set project myproject
   $ gcloud config set account my_user@gmail.com
   $ gcloud auth application-default login
   

2. Registration of new Deployment Manager Type Provider for IoT Core.

   $ gcloud beta deployment-manager type-providers create iotcore --descriptor-url=https://content.googleapis.com/discovery/v1/apis/cloudiot/v1/rest --api-options-file ./cred.yaml
   

3. Creating new deployment which uses iotcore Type Provider (see config.yaml file).

   $ gcloud deployment-manager deployments create test --config config.yaml
   

After this command I get issue described above UNAUTHENTICATED.

Also existing documentation is not very comprehensive with examples. I followed following manuals from Deployment Manager:

• Simple Github examples
• Adding an API as a Type Provider
• Calling a Type Provider in a Configuration

Moreover I tried to adjust for IoT Core more complex example which uses $.concat("Bearer ", $.googleOauth2AccessToken()) but with the same issue.

It would great if someone helps me get this simple example work or points to missed steps or issues.

Many thanks!

Answer 1

I seems like you need to use the action attribute instead of type. Try to change:

resources:
  - name: MyRegistry
    type: myproject/iotcore:projects.locations.registries

into:

resources:
  - name: MyRegistry
    action: myproject/iotcore:cloudiot.projects.locations.registries.create

I got a running example at: https://github.com/Ebolon/gcp-dm-cloudiot