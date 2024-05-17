



Property Value Google Cloud Service Name Vertex AI Google Cloud Service Documentation /vertex-ai/docs Google Cloud REST Resource Name v1beta1.projects.locations.endpoints Google Cloud REST Resource Documentation /vertex-ai/docs/reference/rest/v1beta1/ projects. location.endpoints Configuration connector resource short name gcpvertexaiendpointgcpvertexaiendpointsvertexaiendpoint Configuration connector service name aiplatform.googleapis.com Configuration connector resource fully qualified name vertexaiendpoints.vertexai.cnrm.cloud.google.com Referenced by IAMPolicy/IAMPolicyMember No configuration connector Default average adjustment Interval seconds 600 Custom Resource Definition Properties Annotation Field cnrm.cloud.google.com/state-into-spec Specification Schema Description: String displayName: String EncryptionSpec: kmsKeyNameRef: external: string name: string namespace: string networkRef : external: string name: string namespace: string projectRef: external: string name: string namespace: string region: string resourceID: string field

explanation

option

string

Endpoint description.

display name

Required

string

Required. Display name of the endpoint. The name can be up to 128 characters and can consist of any UTF-8 characters.

Encryption specifications

option

object

Unchanged. Customer-managed encryption key specifications for endpoints. If set, this endpoint and all subresources of this endpoint will be protected by this key.

EncryptionSpec.kmsKeyNameRef

Required*

object

Required. Cloud KMS resource identifier for the customer-managed encryption key used to protect the resource. The format is projects/my-project/locations/my-region/keyRings/my-kr/cryptoKeys/my-key. The key must be in the same region where the compute resource is created.

EncryptionSpec.kmsKeyNameRef.external

option

string

Allowed values: `selfLink` field of the `KMSCryptoKey` resource.

EncryptionSpec.kmsKeyNameRef.name

option

string

The name of the reference. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

EncryptionSpec.kmsKeyNameRef.namespace

option

string

Namespace to refer to. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

network reference

option

object

option. The full name of the Google Compute Engine network to which the endpoint is peered. Private service access must already be configured for your network. If left unspecified, the endpoint will not be peered with any network. Only one of the fields can be set: network or enablePrivateServiceConnect. Format: project/{project_id}/global/networks/{network_name}.

networkRef.external

option

string

Allowed values: A string in the format `projects/{{project}}/global/networks/{{value}}`. Here {{value}} is the `name` field of the `ComputeNetwork` resource.

network reference name

option

string

The name of the reference. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

networkRef.Namespace

option

string

Namespace to refer to. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

Project reference

Required

object

Project to which this resource belongs.

Project reference external

option

string

Allowed values: `name` field of the `Project` resource.

project reference name

option

string

The name of the reference. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

projectRef.Namespace

option

string

Namespace to refer to. More information: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

region

Required

string

Unchanged. Region of the resource.

Resource ID

option

string

Unchanged. option. Name of the resource. Used for creation and retrieval. If unset, the value of “metadata.name” will be used as the default.

* Field is required if specifying a parent field

Status Schema Condition: – lastTransitionTime: string message: stringreason: string status: string type: stringownedGeneration: integerobservedState: createTime: string modelDeploymentMonitoringJob: string Field Condition

list (object)

Conditions represent the latest available observations about the current state of a resource.

conditions[]

object

conditions[].lastTransitionTime

string

The time the state last transitioned from one status to another.

conditions[].message

string

A human-readable message giving details about the last transition.

conditions[].reason

string

A unique one-word camelcased reason for the last transition of the condition.

conditions[].situation

string

Status is the status of a state. Can be True, False, or Unknown.

conditions[].type

string

Type is the type of condition.

observed generation

integer

ObservedGeneration is the generation of the resource that was last observed by the Config Connector controller. If this is equal to metadata.generation, it means that the currently reported status reflects the latest desired state of the resource.

observed condition

object

The observed state of the underlying GCP resources.

Observed state.Creation time

string

Output only. Timestamp when this endpoint was created.

Observed State.modelDeploymentMonitoringJob

string

Output only. The resource name of the model monitoring job associated with this endpoint, if monitoring is enabled via CreateModelDeploymentMonitoringJob. Format: “projects/{project}/locations/{location}/modelDeploymentMonitoringJobs/{model_deployment_monitoring_job}”.

Sample YAML(s) Vertexai Endpoint Encryptionkey # Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the “License”). # You may not use this file except in accordance with the license. # A copy of the license is available at # # http://www.apache.org/licenses/LICENSE-2.0. # # Unless required by applicable law or agreed to in writing, # software distributed under the License is provided on an “as is'' basis and without any warranties, express or implied. There are no warranties or conditions of any kind. # Please refer to the License for the specific language governing permissions and limitations # under the License. apiVersion: vertexai.cnrm.cloud.google.com/v1beta1 Type: VertexAIEndpoint Metadata: Name: vertexaiendpoint-sample-encryptionkey Label: label-one: “value-one” spec: displayName: “vertexai-endpoint-encryptionkey” description: “Vertex AI Endpoint Example with Encryption Key” Region: us-central1 Encryption Specification: kmsKeyNameRef: Name: vertexaiendpoint-dep-encryptionkey projectRef: # Replace ${PROJECT_ID?} with your project ID. external: ${PROJECT_ID?} — # Replace ${PROJECT_ID?} and ${PROJECT_NUMBER?} below with your desired project # ID and project number. apiVersion: iam.cnrm.cloud.google.com/v1beta1 kind: IAMPolicyMember metadata: name: vertexaiendpoint-dep-encryptionkey spec: memberFrom:serviceIdentityRef: name: vertexaiendpoint-dep-encryptionkey role:roles/cloudkms.cryptoKeyEncrypterDecrypter # to vertex AI Requires a service agent to access the KMS key resourceRef: apiVersion: resourcemanager.cnrm.cloud.google.com/v1beta1 kind: outside the project:projects/${PROJECT_ID?} — apiVersion: kms.cnrm.cloud.google.com/ v1beta1 kind : KMSCryptoKey Metadata: Name: vertexaiendpoint-dep-encryptionkey Specification: keyRingRef: Name: vertexaiendpoint-dep-encryptionkey Purpose: ENCRYPT_DECRYPT — apiVersion: kms.cnrm.cloud.google.com/v1beta1 Type: KMSKeyRing Metadata: Name: vertexaiendpoint-dep-encryptionkey Specification: Location: us-central1 — apiVersion: serviceusage.cnrm.cloud.google.com/v1beta1 Type: ServiceIdentity Metadata: Name: vertexaiendpoint-dep-encryptionkey Annotation: cnrm.cloud.google .com/deletion-policy: “abandon” spec: projectRef: # Replace ${PROJECT_ID?} with your project ID. external: ${PROJECT_ID?} resourceID: aiplatform.googleapis.com Vertexai Endpoint Network # Copyright 2024 Google LLC # # Licensed under the Apache License, Version 2.0 (the “License”). # You may not use this file except in accordance with the license. # A copy of the license is available at # # http://www.apache.org/licenses/LICENSE-2.0. # # Unless required by applicable law or agreed to in writing, # software distributed under the License is provided on an “AS IS'' basis and without any warranties, express or implied. There are no warranties or conditions of any kind. # See the License for the specific language governing permissions and limitations # under the License. apiVersion: vertexai.cnrm.cloud.google.com/v1beta1 Type: VertexAIEndpoint Metadata: Name: vertexaiendpoint-sample-network Label: label-one: “value-one” spec: displayName: “vertexai-endpoint-network” description: “Vertex AI Endpoint Example with Network Peering” Region: us-central1 networkRef: name: vertexaiendpoint-dep-network projectRef: # Replace ${PROJECT_ID?} with your project ID. External: ${PROJECT_ID?} — apiVersion: compute.cnrm.cloud.google.com/v1beta1 Type: ComputeAddress Metadata: Name: vertexaiendpoint-dep-network Specification: Location: Global Purpose: VPC_PEERING addressType: INTERNAL prefixLength: 24 networkRef : Name: vertexaiendpoint-dep-network — apiVersion: compute.cnrm.cloud.google.com/v1beta1 Type: ComputeNetwork Metadata: Name: vertexaiendpoint-dep-network Specification: autoCreateSubnetworks: false — apiVersion: servicenetworking. cnrm. Cloud.google.com/v1beta1 Type: ServiceNetworkingConnection Metadata: Name: vertexaiendpoint-dep-network Specification: networkRef: Name: vertexaiendpoint-dep-network Service: “servicenetworking.googleapis.com” reservedPeeringRanges: – Name: vertexaiendpoint-dep-network Note: If you have problems instantiating resources, see Troubleshooting Config Connector.

