Manage endpoints used to access published services
After you have created a Private Service Connect endpoint to access managed services, you can turn global access on or off. If you need to update other fields, delete the endpoint, and then create a new one.
Roles
The following IAM role provides the permissions needed to perform the tasks in this guide.
| Task | Roles |
|---|---|
| Update a Private Service Connect endpoint | Compute
Network Admin
( roles/compute.networkAdmin
) |
Configure global access
You can turn global access on or off after an endpoint is created .
Turn on global access
You can turn on global access when you create an endpoint , or you can turn on global access at any time after the endpoint is created. Turning on global access does not cause traffic disruption for existing connections.
Console
-
In the Google Cloud console, go to the Private Service Connectpage.
-
Click the Connected endpointstab.
-
Click the endpoint that you want to update.
-
Click Edit.
-
Select Enable global access.
-
Click Save.
gcloud
gcloud compute forwarding-rules update ENDPOINT_NAME \ --allow-psc-global-access \ --region= REGION
Turn off global access
You can turn off global access, which terminates any connections from regions other than the region where the endpoint is located.
Console
-
In the Google Cloud console, go to the Private Service Connectpage.
-
Click the Connected endpointstab.
-
Click the endpoint that you want to update.
-
Click Edit.
-
Clear Enable global access.
-
Click Save.
gcloud
gcloud compute forwarding-rules update ENDPOINT_NAME \ --no-allow-psc-global-access \ --region= REGION
