I am trying to delete a GCP project.
Now, it used to have a Google Assistant integration (~ 3 years ago) but now I don't need it anymore and I want to delete it.
When I try to delete the project -> it tells me it can't because it's liked to a Dataflow agent. It provides me with a link but when I follow it, there are no agents listed there. I browsed all available regions, but no agents are listed.
I went to Actions from GCP console, but I can't delete the Actions project either (same reason). When I go to my defined action, I am prompted to migrate to Actions Builder (but I get a generic error trying to do that). In any case, if I try to edit my action in Dataflow, it takes me to the same homepage which prompts me to create an agent - as it doesn't list any.
So I'm stumped - I can't delete my project because of an existing Dataflow agent but Dataflow doesn't list any agents in any region.
Can anyone with Dataflow/GCP experience provide any insight into anything I may try ? Thanks!
There are mainly two possible situations for the issue Failing to delete GCP project due to non-existent DialogFlow agent:
The agent has been deleted, but the lien was not deleted.
The agent was not deleted.
You can follow the steps below to solve the issue:
Delete the agents associated with the project and try again to delete the project. If this does not solve the issue then follow step2.
Even though you deleted the agent, the lien used by the agent is not deleted. Run this CLI command gcloud alpha resource-manager liens list to list liens and then run the gcloud alpha resource-manager liens delete LIEN_NAME command then you can try again to delete the project. For more information, you can refer to the google cloud documentation. If this does not solve the issue then follow step3.
Deactivate the Dialogflow API from the GCP console: Open APIs & Services dashboard then click on Dialogflow API then click on Disable API. After disabling the Dialogflow API, try again to delete the project.
Related
I am using a Spinnaker implementation set up on GCP using the spinnaker-for-gcp tools. My initial setup worked fine. However, we recently had to re-configure our GKE clusters (independently of Spinnaker). Consequently I deleted and re-added our gke-accounts. After doing that the Spinnaker UI appears to show the existing GKE-based applications but if I click on any of them there are no clusters or load balancers listed anymore! Here are the spinnaker-for-gcp commands that I executed:
$ hal config provider kubernetes account delete company-prod-acct
$ hal config provider kubernetes account delete company-dev-acct
$ ./add_gke_account.sh # for gke_company_us-central1_company-prod
$ ./add_gke_account.sh # for gke_company_us-west1-a_company-dev
$ ./push_and_apply.sh
When the above didn't work I did an experiment where I deleted the two account and added an account with a different name (but the same GKE cluster) and ran push_and_apply. As before, the output messages seem to indicate that everything worked, but the Spinnaker UI continued to show all the old account names, despite the fact that I deleted them and added new ones (which did not show up). And, as before, not details could be seen for any of the applications. Also note that hal config provider kubernetes account list did show the new account name and did not show the old ones.
Any ideas for what I can do, other than complete recreating our Spinnaker installation? Is there anything in particular that I should look for in the Spinnaker logs in GCP to provide more information?
Thanks in advance.
-Mark
The problem turned out to be that the data that was in my .kube/config file in Cloud Shell was obsolete. Removing that file, recreating it (via the appropriate kubectl commands) and then running the commands mentioned in my original description fixed the problem.
Note, though, that it took a lot of shell script and GCP log reading by our team to figure out the problem. Ultimately, what would have been nice would have been if the add_gke_account.sh or push_and_apply.sh scripts could have detected the issue, presumably by verifying that the expected changes did, in fact, correctly occur in the running spinnaker.
I was playing around with terraform to create an infrastructure for a couple of services on GCP. GCP organises all the infra in so called projects. I specified a project_id incrorrectly in terraform files(actually I set project_id to already existing in my GCP, but ptoject name was different). Terraform in plan phase was successful, but after apply it failed. Then I executed terraform destroy, set correct project_id(and name), executed terraform apply again, this time successfully. But when I opened the GCP console I saw that actually 2 projects were created in project list(one with correct name and id and another with some random name: smth like My Project 1234 as name and beaming-light-546562 as id). And now gcloud projects list command shows 3 projects(this random one, correct one and previously existing one).
The problem is that I can't remove that "random" project, neither from gcloud utility nor from gcp console. I get an error
<myuser_mail_address> does not have permission to access projects instance or poject doesn't exist
Also that random project is not linked to my billing account.
How can I remove that "random" project
EDIT
It seems strange that the project with id beaming-light-546562 can't be removed by me(the owner of an account) with reasons that I do not have permissions to do that. Also the name of an id: it is similar to technic docker is using for generating names of running containers. I do not recall that terraform has such a feature. Could it be gcp itself who generates such random names?
I tried to recreate the error i.e, I created a sample project(via console) and deleted the same sample project in cloud shell using this command
gcloud projects delete <project ID> and again tried to delete the same sample project in cloud shell and got this error message:
You can cross verify if the reason listed in the image i.e PROJECT_DELETE_INACTIVE is present in the output of your gcloud projects delete <project ID> command.This means that the project is inactive and the project becomes inactive when it's deleted.
From this document :
The project takes approximately 30-days for complete deletion, At the end of the 30-day period, the project and all its resources are deleted and cannot be recovered.
Edit:
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
3 new projects suddenly appeared in my Google Cloud. I don't know where they came from, and I can't delete them.
Following the delete instructions: https://cloud.google.com/go/getting-started#delete-the-project
When I select each of the projects to delete, the delete button disables, and shows the float over message:
You need permissions for this action.
Required permission(s): resourcemanager.projects.delete
All my other projects are fine, and I can delete them.
The three new projects that suddenly appeared are:
My Project 64342 brave-watch-314519
My Project 82497 beaming-light-336511
You can see this project you-can-see-this-project
Screenshot:
How do I give myself permission to delete them?
Note 1: I am the only owner/user of this Google Cloud account.
Note 2: I also tried going to IAM -> Roles, but got the error:
Many thanks.
It seems to be a known issue with GCP. Leaving “Google Groups” related to GCP is a fix to this issue. You can track this Public Issue for more information.
You might have been added into a project through a group, so it appears in the project list. However, you have not been granted permission to modify the IAM of that project, so you can't remove the group from the permission list.
As a workaround, you can leave "Google Groups" related to GCP and reload the GCP console webpage so that all your unknown/inaccessible projects will disappear from the projects list. You can find what groups you're a member of, using this Google Groups link.
NOTE : You can leave the groups in order to lose the access, but there could be a situation where your email is added to a single role/permission and you would not be able to remove yourself from the IAM list.
I have project OWNER right, but can not remove image from console,
Delete is disabled and there is tag "you do not have pemission to delete this image".
By gcloud everithing works.
I remove buckets - _cloudbuild and artifacts.appspot.com but it was restored after first image build.
How can i resolve this situation?
If everything works correctly using gcloud means that the GCP API is not the issue. Maybe is a glitch in the console.
First ensure that your Cloud Console session corresponds to the user with owner permissions (could be that you've sign up in gcloud with a different account).
If that is correct, I'd file a support request or create an issue tracker case.
This seems like a case that needs to be addressed by the GCP team and StackOverflow is not the best channel to get support for that.
Hope that helps.
According to Google's notice:
Project owners and editors are currently unable to edit tags or delete
images in the Container Registry UI. The workarounds are to either use
the command line or grant the Storage Object Viewer IAM role. A fix is
expected by December 5th.
I'll put the link to the docs, so that other people know what to do until the issue is fixed:
I use this command to delete images while the Console does not work:
gcloud container images delete [HOSTNAME]/[PROJECT-ID]/[IMAGE]:[TAG] --force-delete-tags
I'm attempting to create an integration between Bitbucket Repo and Google Cloud Build to automatically build and test upon pushes to certain branches and report status back (for that lovely green tick mark). I've got the first part working, but the second part (reporting back) has thrown up a bit of a stumbling block.
Per https://cloud.google.com/cloud-build/docs/send-build-notifications, Cloud Build is supposed to automatically publish update messages to a Pub/Sub topic entitled "cloud-builds". However, trying to find it (both through the web interface and via gcloud command line tool) has turned up nothing. Copious amounts of web searching has turned up https://github.com/GoogleCloudPlatform/google-cloud-visualstudio/issues/556, which seems to suggest that the topic referenced in that doc is now being filtered out of results; however, that issue seems to be specific to the visual studio tools and not GCP as a whole. Moreover, https://cloud.google.com/cloud-build/docs/configure-third-party-notifications suggests that it's still accessible, but perhaps only to Cloud Functions? And maybe only manually via the command line, since the web interface for Cloud Functions also does not display this phantom "cloud-builds" topic?
Any guidance as to where I can go from here? Near as I can tell, the two possibilities are that something is utterly borked in my GCP project and the Pub/Sub topic is either not visible just for me or has somehow been deleted, or I'm right and this topic just isn't accessible anymore.
I was stuck with the same issue, after a while I created the cloud-builds topic manually and created a cloud function that subscribed to that topic.
Build details are pushed to the topic as expected after that, and my cloud function gets triggered with new events.
You can check the existence of the cloud-builds topic an alternate way from the UI, by downloading the gcloud command line tool and, after running gcloud init, running gcloud pubsub topics list to list all topics for the configured project. If the topic projects/{your project}/topics/cloud-builds is not listed, I would suggest filing a bug to the cloud build team here.
Creating the cloud-builds topic manually won't work since it's a special topic that Google managed.
In this case, you have to go to the API central and disable the CloudBuild API, and then enable it again, the cloud-builds topic will be created for you. Enable and disable Cloud Build API