I have a google cloud deployment manager template which creates a VM and firewall rules to a network, the network is created outside of the deployment. If two users both deploy the same template, assume they use the same virtual network. If the user A deletes the deployment A, the firewall rules are also deleted since this resource was created by the deployment, however the user B's VM depends on the firewall rules to function properly. Is there a way to share the resource created by another deployment in template, and if the resource (the firewall rules in this case) is still used by another deployment, the delete operation will fail because the resource reference counter is bigger than one.
Asked
Active
Viewed 76 times
0
-
While [deleting](https://cloud.google.com/deployment-manager/docs/deployments/deleting-deployments#deleting_deployments) the deployment A, you might need to set the [delete policy](https://cloud.google.com/deployment-manager/docs/deployments/deleting-deployments#delete-policy) as 'ABANDON'. By setting this policy as 'ABANDON', the underlying resources(in you case firewall rules created by deployment A ) are not getting deleted. – Digil Sep 20 '19 at 01:17
1 Answers
0
Short answer is no. Each DM manifest is self contained, it does not reference or depend on other manifests. For resources with dependencies, the API that DM is calling will serve an error, otherwise the API call will complete successfully. It is generally a better practice to ensure a single resource is managed by a single manifest.
As an example for your use case, you may consider using a single deployment manifest where you can add and remove VMs as needed and simply update the current manifest
Patrick W
- 4,603
- 1
- 12
- 26