Skip to content

Instantly share code, notes, and snippets.

@nov05

nov05/20260514_gsp480_tests.md

Last active May 14, 2026 05:31
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save nov05/496c8a6c958ce87c2ec36782927b20ec to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save nov05/496c8a6c958ce87c2ec36782927b20ec to your computer and use it in GitHub Desktop.
Download ZIP
Raw
20260514_gsp480_tests.md

🟢 How to Use a Network Policy on Google Kubernetes Engine (GSP480)

https://www.skills.google/games/7171/labs/44406

https://github.com/nov05/gcp-skills-boost/tree/dev/GSP480%20How%20to%20Use%20a%20Network%20Policy%20on%20Google%20Kubernetes%20Engine

✅ test result

...
+ enable_intranode_visibility = (known after apply)
+ enable_kubernetes_alpha = false
+ enable_l4_ilb_subsetting = (known after apply)
+ enable_legacy_abac = false
+ enable_multi_networking = false
+ enable_shielded_nodes = true
+ endpoint = (known after apply)
+ id = (known after apply)
+ initial_node_count = 3
+ label_fingerprint = (known after apply)
+ location = "us-east1-c"
+ logging_service = (known after apply)
+ master_version = (known after apply)
+ min_master_version = "1.35.3-gke.1993000"
+ monitoring_service = (known after apply)
+ name = "gke-demo-cluster"
+ network = (known after apply)
+ networking_mode = (known after apply)
+ node_locations = (known after apply)
+ node_version = (known after apply)
+ operation = (known after apply)
+ private_ipv6_google_access = (known after apply)
+ project = "qwiklabs-gcp-00-c44a5e7a0585"
+ self_link = (known after apply)
+ services_ipv4_cidr = (known after apply)
+ subnetwork = (known after apply)
+ terraform_labels = {
+ "goog-terraform-provisioned" = "true"
}
+ tpu_ipv4_cidr_block = (known after apply)

+ ip_allocation_policy {
+ cluster_ipv4_cidr_block = (known after apply)
+ cluster_secondary_range_name = "secondary-range"
+ services_ipv4_cidr_block = (known after apply)
+ services_secondary_range_name = (known after apply)
+ stack_type = "IPV4"
}

+ master_authorized_networks_config {
+ gcp_public_cidrs_access_enabled = (known after apply)
+ private_endpoint_enforcement_enabled = (known after apply)

+ cidr_blocks {
+ cidr_block = (known after apply)
+ display_name = "bastion"
}
}

+ node_config {
+ disk_size_gb = (known after apply)
+ disk_type = (known after apply)
+ effective_taints = (known after apply)
+ image_type = "COS_CONTAINERD"
+ labels = {
+ "status" = "poc"
}
+ local_ssd_count = (known after apply)
+ logging_variant = (known after apply)
+ machine_type = "n1-standard-1"
+ metadata = (known after apply)
+ min_cpu_platform = (known after apply)
+ oauth_scopes = [
+ "https://www.googleapis.com/auth/compute",
+ "https://www.googleapis.com/auth/devstorage.read_only",
+ "https://www.googleapis.com/auth/logging.write",
+ "https://www.googleapis.com/auth/monitoring",
]
+ preemptible = false
+ service_account = (known after apply)
+ spot = false
+ tags = [
+ "poc",
]
}

+ private_cluster_config {
+ enable_private_nodes = true
+ master_ipv4_cidr_block = "10.0.90.0/28"
+ peering_name = (known after apply)
+ private_endpoint = (known after apply)
+ public_endpoint = (known after apply)
}
}

Plan: 5 to add, 0 to change, 0 to destroy.

Do you want to perform these actions?
Terraform will perform the actions described above.
Only 'yes' will be accepted to approve.

Enter a value: yes

google_compute_network.gke-network: Creating...
google_compute_network.gke-network: Still creating... [10s elapsed]
google_compute_network.gke-network: Still creating... [20s elapsed]
google_compute_network.gke-network: Still creating... [30s elapsed]
google_compute_network.gke-network: Still creating... [40s elapsed]
google_compute_network.gke-network: Creation complete after 42s [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net]
google_compute_subnetwork.cluster-subnet: Creating...
google_compute_firewall.bastion-ssh: Creating...
google_compute_subnetwork.cluster-subnet: Still creating... [10s elapsed]
google_compute_firewall.bastion-ssh: Still creating... [10s elapsed]
google_compute_subnetwork.cluster-subnet: Still creating... [20s elapsed]
google_compute_firewall.bastion-ssh: Still creating... [20s elapsed]
google_compute_subnetwork.cluster-subnet: Creation complete after 21s [id=projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet]
google_compute_instance.gke-bastion: Creating...
google_compute_firewall.bastion-ssh: Creation complete after 21s [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/firewalls/bastion-ssh]
google_compute_instance.gke-bastion: Still creating... [10s elapsed]
google_compute_instance.gke-bastion: Provisioning with 'local-exec'...
google_compute_instance.gke-bastion (local-exec): Executing: ["/bin/bash" "-c" " READY=\"\"\n for i in $(seq 1 18); do\n if gcloud compute ssh student_04_c51a79d4799a@gke-demo-bastion --command uptime; then\n READY=\"yes\"\n break;\n fi\n echo \"Waiting for gke-demo-bastion to initialize...\"\n sleep 10;\n done\n\n if [[ -z $READY ]]; then\n echo \"gke-demo-bastion failed to start in time.\"\n echo \"Please verify that the instance starts and then re-run `terraform apply`\"\n exit 1\n fi\n\n gcloud compute --project qwiklabs-gcp-00-c44a5e7a0585 scp --zone us-east1-c --recurse ../manifests student_04_c51a79d4799a@gke-demo-bastion:\n"]
google_compute_instance.gke-bastion (local-exec): WARNING: The private SSH key file for gcloud does not exist.
google_compute_instance.gke-bastion (local-exec): WARNING: The public SSH key file for gcloud does not exist.
google_compute_instance.gke-bastion (local-exec): WARNING: You do not have an SSH key for gcloud.
google_compute_instance.gke-bastion (local-exec): WARNING: SSH keygen will be executed to generate a key.
google_compute_instance.gke-bastion (local-exec): This tool needs to create the directory [/home/student_04_c51a79d4799a/.ssh] before being able to generate SSH keys.

google_compute_instance.gke-bastion (local-exec): Do you want to continue (Y/n)?
google_compute_instance.gke-bastion (local-exec): Generating public/private rsa key pair.
google_compute_instance.gke-bastion (local-exec): Your identification has been saved in /home/student_04_c51a79d4799a/.ssh/google_compute_engine
google_compute_instance.gke-bastion (local-exec): Your public key has been saved in /home/student_04_c51a79d4799a/.ssh/google_compute_engine.pub
google_compute_instance.gke-bastion (local-exec): The key fingerprint is:
google_compute_instance.gke-bastion (local-exec): SHA256:sL4+W9moOG7p1wy9NYrvWJAQTXR5qk6chcSw4fHmNQA student_04_c51a79d4799a@cs-1062445012628-default
google_compute_instance.gke-bastion (local-exec): The key's randomart image is:
google_compute_instance.gke-bastion (local-exec): +---[RSA 3072]----+
google_compute_instance.gke-bastion (local-exec): | EB+ .. |
google_compute_instance.gke-bastion (local-exec): | . *+o. . |
google_compute_instance.gke-bastion (local-exec): | +.+.oo |
google_compute_instance.gke-bastion (local-exec): | +.=o. |
google_compute_instance.gke-bastion (local-exec): | .==S |
google_compute_instance.gke-bastion (local-exec): | .*..+o |
google_compute_instance.gke-bastion (local-exec): | +.==+.. |
google_compute_instance.gke-bastion (local-exec): | +.=*= |
google_compute_instance.gke-bastion (local-exec): | +++*=o |
google_compute_instance.gke-bastion (local-exec): +----[SHA256]-----+
google_compute_instance.gke-bastion: Still creating... [20s elapsed]
google_compute_instance.gke-bastion (local-exec): Using OS Login user [student-04-c51a79d4799a] instead of requested user [student_04_c51a79d4799a]
google_compute_instance.gke-bastion: Still creating... [30s elapsed]
google_compute_instance.gke-bastion (local-exec): ssh: connect to host 34.24.238.231 port 22: Connection refused

google_compute_instance.gke-bastion (local-exec): Recommendation: To check for possible causes of SSH connectivity issues and get
google_compute_instance.gke-bastion (local-exec): recommendations, rerun the ssh command with the --troubleshoot option.

google_compute_instance.gke-bastion (local-exec): gcloud compute ssh gke-demo-bastion --project=qwiklabs-gcp-00-c44a5e7a0585 --zone=us-east1-c --troubleshoot

google_compute_instance.gke-bastion (local-exec): Or, to investigate an IAP tunneling issue:

google_compute_instance.gke-bastion (local-exec): gcloud compute ssh gke-demo-bastion --project=qwiklabs-gcp-00-c44a5e7a0585 --zone=us-east1-c --troubleshoot --tunnel-through-iap

google_compute_instance.gke-bastion (local-exec): ERROR: (gcloud.compute.ssh) [/usr/bin/ssh] exited with return code [255].
google_compute_instance.gke-bastion (local-exec): Waiting for gke-demo-bastion to initialize...
google_compute_instance.gke-bastion: Still creating... [40s elapsed]
google_compute_instance.gke-bastion (local-exec): Using OS Login user [student-04-c51a79d4799a] instead of requested user [student_04_c51a79d4799a]
google_compute_instance.gke-bastion (local-exec): Warning: Permanently added 'compute.6778228977676380121' (ED25519) to the list of known hosts.
google_compute_instance.gke-bastion (local-exec): 05:10:59 up 0 min, 0 users, load average: 0.96, 0.22, 0.07
google_compute_instance.gke-bastion (local-exec): Using OS Login user [student-04-c51a79d4799a] instead of requested user [student_04_c51a79d4799a]
google_compute_instance.gke-bastion: Still creating... [50s elapsed]
google_compute_instance.gke-bastion: Creation complete after 52s [id=projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instances/gke-demo-bastion]
google_container_cluster.primary: Creating...
google_container_cluster.primary: Still creating... [10s elapsed]
google_container_cluster.primary: Still creating... [20s elapsed]
google_container_cluster.primary: Still creating... [30s elapsed]
google_container_cluster.primary: Still creating... [40s elapsed]
google_container_cluster.primary: Still creating... [50s elapsed]
google_container_cluster.primary: Still creating... [1m0s elapsed]
google_container_cluster.primary: Still creating... [1m10s elapsed]
google_container_cluster.primary: Still creating... [1m20s elapsed]
google_container_cluster.primary: Still creating... [1m30s elapsed]
google_container_cluster.primary: Still creating... [1m40s elapsed]
google_container_cluster.primary: Still creating... [1m50s elapsed]
google_container_cluster.primary: Still creating... [2m0s elapsed]
google_container_cluster.primary: Still creating... [2m10s elapsed]
google_container_cluster.primary: Still creating... [2m20s elapsed]
google_container_cluster.primary: Still creating... [2m30s elapsed]
google_container_cluster.primary: Still creating... [2m40s elapsed]
google_container_cluster.primary: Still creating... [2m50s elapsed]
google_container_cluster.primary: Still creating... [3m0s elapsed]
google_container_cluster.primary: Still creating... [3m10s elapsed]
google_container_cluster.primary: Still creating... [3m20s elapsed]
google_container_cluster.primary: Still creating... [3m30s elapsed]
google_container_cluster.primary: Still creating... [3m40s elapsed]
google_container_cluster.primary: Still creating... [3m50s elapsed]
google_container_cluster.primary: Still creating... [4m0s elapsed]
google_container_cluster.primary: Still creating... [4m10s elapsed]
google_container_cluster.primary: Still creating... [4m20s elapsed]
google_container_cluster.primary: Still creating... [4m30s elapsed]
google_container_cluster.primary: Still creating... [4m40s elapsed]
google_container_cluster.primary: Still creating... [4m50s elapsed]
google_container_cluster.primary: Still creating... [5m0s elapsed]
google_container_cluster.primary: Still creating... [5m10s elapsed]
google_container_cluster.primary: Still creating... [5m20s elapsed]
google_container_cluster.primary: Still creating... [5m30s elapsed]
google_container_cluster.primary: Still creating... [5m40s elapsed]
google_container_cluster.primary: Still creating... [5m50s elapsed]
google_container_cluster.primary: Still creating... [6m0s elapsed]
google_container_cluster.primary: Still creating... [6m10s elapsed]
google_container_cluster.primary: Still creating... [6m20s elapsed]
google_container_cluster.primary: Still creating... [6m30s elapsed]
google_container_cluster.primary: Still creating... [6m40s elapsed]
google_container_cluster.primary: Creation complete after 6m42s [id=projects/qwiklabs-gcp-00-c44a5e7a0585/locations/us-east1-c/clusters/gke-demo-cluster]

Apply complete! Resources: 5 added, 0 changed, 0 destroyed.
student_04_c51a79d4799a@cloudshell:~/gke-network-policy-demo (qwiklabs-gcp-00-c44a5e7a0585)$ gcloud compute ssh gke-demo-bastion
Linux gke-demo-bastion 5.10.0-41-cloud-amd64 #1 SMP Debian 5.10.251-3 (2026-04-30) x86_64

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Fetching cluster endpoint and auth data.
CRITICAL: ACTION REQUIRED: gke-gcloud-auth-plugin, which is needed for continued use of kubectl, was not found or is not executable. Install gke-gcloud-auth-plugin for use with kubectl by following https://cloud.google.com/kubernetes-engine/docs/how-to/cluster-access-for-kubectl#install_plugin
kubeconfig entry generated for gke-demo-cluster.
student-04-c51a79d4799a@gke-demo-bastion:~$ sudo apt-get install google-cloud-sdk-gke-gcloud-auth-plugin
echo "export USE_GKE_GCLOUD_AUTH_PLUGIN=True" >> ~/.bashrc
source ~/.bashrc
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
google-cloud-cli-gke-gcloud-auth-plugin
The following NEW packages will be installed:
google-cloud-cli-gke-gcloud-auth-plugin google-cloud-sdk-gke-gcloud-auth-plugin
0 upgraded, 2 newly installed, 0 to remove and 10 not upgraded.
Need to get 3919 kB of archives.
After this operation, 9868 kB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 https://packages.cloud.google.com/apt cloud-sdk-bullseye/main amd64 google-cloud-cli-gke-gcloud-auth-plugin amd64 568.0.0-0 [3914 kB]
Get:2 https://packages.cloud.google.com/apt cloud-sdk-bullseye/main all google-cloud-sdk-gke-gcloud-auth-plugin all 467.0.0-0 [5018 B]
Fetched 3919 kB in 1s (5739 kB/s)
Selecting previously unselected package google-cloud-cli-gke-gcloud-auth-plugin.
(Reading database ... 57997 files and directories currently installed.)
Preparing to unpack .../google-cloud-cli-gke-gcloud-auth-plugin_568.0.0-0_amd64.deb ...
Unpacking google-cloud-cli-gke-gcloud-auth-plugin (568.0.0-0) ...
Selecting previously unselected package google-cloud-sdk-gke-gcloud-auth-plugin.
Preparing to unpack .../google-cloud-sdk-gke-gcloud-auth-plugin_467.0.0-0_all.deb ...
Unpacking google-cloud-sdk-gke-gcloud-auth-plugin (467.0.0-0) ...
Setting up google-cloud-cli-gke-gcloud-auth-plugin (568.0.0-0) ...
Setting up google-cloud-sdk-gke-gcloud-auth-plugin (467.0.0-0) ...
student-04-c51a79d4799a@gke-demo-bastion:~$ echo $ZONE

student-04-c51a79d4799a@gke-demo-bastion:~$ export ZONE=$(gcloud compute project-info describe \
--format="value(commonInstanceMetadata.items[google-compute-default-zone])")
gcloud container clusters get-credentials gke-demo-cluster --zone $ZONE
Fetching cluster endpoint and auth data.
kubeconfig entry generated for gke-demo-cluster.
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl apply -f ./manifests/hello-app/
kubectl get pods
deployment.apps/hello-client-allowed created
deployment.apps/hello-client-blocked created
service/hello-server created
deployment.apps/hello-server created
NAME READY STATUS RESTARTS AGE
hello-client-allowed-6579cb8c85-hvmnz 0/1 ContainerCreating 0 1s
hello-client-blocked-5578b7c49c-g4q7p 0/1 ContainerCreating 0 1s
hello-server-6bdb69d547-j7zfj 0/1 Pending 0 1s
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl get pods
NAME READY STATUS RESTARTS AGE
hello-client-allowed-6579cb8c85-hvmnz 1/1 Running 0 6s
hello-client-blocked-5578b7c49c-g4q7p 1/1 Running 0 6s
hello-server-6bdb69d547-j7zfj 1/1 Running 0 6s
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=hello)
kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=not-hello)
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
^CHostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
^Cstudent-04-c51a79d4799a@gke-demo-bastion:~kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=not-hello)o)
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
^Cstudent-04-c51a79d4799a@gke-demo-bastion:~kubectl apply -f ./manifests/network-policy.yamlml
networkpolicy.networking.k8s.io/hello-server-allow-from-hello-client created
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=not-hello)
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
wget: download timed out
wget: download timed out
wget: download timed out
^Cstudent-04-c51a79d4799a@gke-demo-bastion:~kubectl delete -f ./manifests/network-policy.yamlml
networkpolicy.networking.k8s.io "hello-server-allow-from-hello-client" deleted from default namespace
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl create -f ./manifests/network-policy-namespaced.yaml
kubectl logs --tail 10 -f $(kubectl get pods -oname -l app=hello)
namespace/hello-apps created
networkpolicy.networking.k8s.io/hello-server-allow-from-hello-client created
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
wget: download timed out
wget: download timed out
^Cstudent-04-c51a79d4799a@gke-demo-bastion:~kubectl -n hello-apps apply -f ./manifests/hello-app/hello-client.yamlml
deployment.apps/hello-client-allowed created
deployment.apps/hello-client-blocked created
student-04-c51a79d4799a@gke-demo-bastion:~$ kubectl logs --tail 10 -f -n hello-apps $(kubectl get pods -oname -l app=hello -n hello-apps)
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
Hello, world!
Version: 1.0.0
Hostname: hello-server-6bdb69d547-j7zfj
student-04-c51a79d4799a@gke-demo-bastion:~$ exitit
make teardown
logout
Connection to 34.24.238.231 closed.
student_04_c51a79d4799a@cloudshell:~/gke-network-policy-demo (qwiklabs-gcp-00-c44a5e7a0585)$ make teardown
/home/student_04_c51a79d4799a/gke-network-policy-demo/teardown.sh
Your active configuration is: [cloudshell-4678]
Your active configuration is: [cloudshell-4678]
Your active configuration is: [cloudshell-4678]
Using OS Login user [student-04-c51a79d4799a] instead of requested user [student_04_c51a79d4799a]
deployment.apps "hello-client-allowed" deleted from default namespace
deployment.apps "hello-client-blocked" deleted from default namespace
service "hello-server" deleted from default namespace
deployment.apps "hello-server" deleted from default namespace
Updated [https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instances/gke-demo-bastion].
data.template_file.startup_script: Reading...
data.template_file.startup_script: Read complete after 0s [id=81c879ae9add315be94053e1ff96c5ef91c21951e03b3f13548ca68de85ec55f]
data.google_container_engine_versions.gke_version: Reading...
google_compute_network.gke-network: Refreshing state... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net]
google_compute_firewall.bastion-ssh: Refreshing state... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/firewalls/bastion-ssh]
google_compute_subnetwork.cluster-subnet: Refreshing state... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet]
google_compute_instance.gke-bastion: Refreshing state... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instances/gke-demo-bastion]
data.google_container_engine_versions.gke_version: Read complete after 6s [id=2026-05-14 05:22:56.704552629 +0000 UTC]
google_container_cluster.primary: Refreshing state... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/locations/us-east1-c/clusters/gke-demo-cluster]

Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
- destroy

Terraform will perform the following actions:

# google_compute_firewall.bastion-ssh will be destroyed
- resource "google_compute_firewall" "bastion-ssh" {
- creation_timestamp = "2026-05-13T22:09:51.901-07:00" -> null
- destination_ranges = [] -> null
- direction = "INGRESS" -> null
- disabled = false -> null
- id = "projects/qwiklabs-gcp-00-c44a5e7a0585/global/firewalls/bastion-ssh" -> null
- name = "bastion-ssh" -> null
- network = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
- priority = 1000 -> null
- project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- self_link = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/global/firewalls/bastion-ssh" -> null
- source_ranges = [
- "0.0.0.0/0",
] -> null
- source_service_accounts = [] -> null
- source_tags = [] -> null
- target_service_accounts = [] -> null
- target_tags = [
- "bastion",
] -> null

- allow {
- ports = [
- "22",
] -> null
- protocol = "tcp" -> null
}
}

# google_compute_instance.gke-bastion will be destroyed
- resource "google_compute_instance" "gke-bastion" {
- allow_stopping_for_update = true -> null
- can_ip_forward = false -> null
- cpu_platform = "Intel Haswell" -> null
- creation_timestamp = "2026-05-13T22:10:14.154-07:00" -> null
- current_status = "RUNNING" -> null
- deletion_protection = false -> null
- effective_labels = {
- "goog-terraform-provisioned" = "true"
} -> null
- enable_display = false -> null
- id = "projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instances/gke-demo-bastion" -> null
- instance_id = "6778228977676380121" -> null
- label_fingerprint = "vezUS-42LLM=" -> null
- labels = {} -> null
- machine_type = "g1-small" -> null
- metadata = {} -> null
- metadata_fingerprint = "VGjM1UpZgtc=" -> null
- name = "gke-demo-bastion" -> null
- project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- resource_policies = [] -> null
- self_link = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instances/gke-demo-bastion" -> null
- tags = [
- "bastion",
] -> null
- tags_fingerprint = "NfTTNVh6sLU=" -> null
- terraform_labels = {
- "goog-terraform-provisioned" = "true"
} -> null
- zone = "us-east1-c" -> null

- boot_disk {
- auto_delete = true -> null
- device_name = "persistent-disk-0" -> null
- force_attach = false -> null
- guest_os_features = [
- "UEFI_COMPATIBLE",
- "VIRTIO_SCSI_MULTIQUEUE",
- "GVNIC",
] -> null
- mode = "READ_WRITE" -> null
- source = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/disks/gke-demo-bastion" -> null

- initialize_params {
- architecture = "X86_64" -> null
- enable_confidential_compute = false -> null
- image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20260505" -> null
- labels = {} -> null
- provisioned_iops = 0 -> null
- provisioned_throughput = 0 -> null
- replica_zones = [] -> null
- resource_manager_tags = {} -> null
- resource_policies = [] -> null
- size = 10 -> null
- type = "pd-standard" -> null
}
}

- network_interface {
- internal_ipv6_prefix_length = 0 -> null
- name = "nic0" -> null
- network = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
- network_ip = "10.0.96.2" -> null
- queue_count = 0 -> null
- stack_type = "IPV4_ONLY" -> null
- subnetwork = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet" -> null
- subnetwork_project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- vlan = 0 -> null

- access_config {
- nat_ip = "34.24.238.231" -> null
- network_tier = "PREMIUM" -> null
}
}

- scheduling {
- automatic_restart = true -> null
- availability_domain = 0 -> null
- min_node_cpus = 0 -> null
- on_host_maintenance = "MIGRATE" -> null
- preemptible = false -> null
- provisioning_model = "STANDARD" -> null
}

- service_account {
- email = "852360341485-compute@developer.gserviceaccount.com" -> null
- scopes = [
- "https://www.googleapis.com/auth/cloud-platform",
- "https://www.googleapis.com/auth/compute.readonly",
- "https://www.googleapis.com/auth/devstorage.read_only",
- "https://www.googleapis.com/auth/userinfo.email",
] -> null
}

- shielded_instance_config {
- enable_integrity_monitoring = true -> null
- enable_secure_boot = false -> null
- enable_vtpm = true -> null
}
}

# google_compute_network.gke-network will be destroyed
- resource "google_compute_network" "gke-network" {
- auto_create_subnetworks = false -> null
- bgp_always_compare_med = false -> null
- bgp_best_path_selection_mode = "LEGACY" -> null
- delete_bgp_always_compare_med = false -> null
- delete_default_routes_on_create = false -> null
- enable_ula_internal_ipv6 = false -> null
- id = "projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
- mtu = 0 -> null
- name = "kube-net" -> null
- network_firewall_policy_enforcement_order = "AFTER_CLASSIC_FIREWALL" -> null
- network_id = "2684978372670973466" -> null
- numeric_id = "2684978372670973466" -> null
- project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- routing_mode = "REGIONAL" -> null
- self_link = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
}

# google_compute_subnetwork.cluster-subnet will be destroyed
- resource "google_compute_subnetwork" "cluster-subnet" {
- allow_subnet_cidr_routes_overlap = false -> null
- creation_timestamp = "2026-05-13T22:09:52.069-07:00" -> null
- gateway_address = "10.0.96.1" -> null
- id = "projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet" -> null
- ip_cidr_range = "10.0.96.0/22" -> null
- name = "kube-net-subnet" -> null
- network = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
- private_ip_google_access = true -> null
- private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS" -> null
- project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- purpose = "PRIVATE" -> null
- region = "us-east1" -> null
- self_link = "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet" -> null
- stack_type = "IPV4_ONLY" -> null
- subnetwork_id = 7789066212442958000 -> null

- secondary_ip_range {
- ip_cidr_range = "10.0.92.0/22" -> null
- range_name = "secondary-range" -> null
}
}

# google_container_cluster.primary will be destroyed
- resource "google_container_cluster" "primary" {
- autopilot_privileged_admission = [] -> null
- cluster_ipv4_cidr = "10.0.92.0/22" -> null
- datapath_provider = "ADVANCED_DATAPATH" -> null
- default_max_pods_per_node = 110 -> null
- deletion_protection = false -> null
- disable_l4_lb_firewall_reconciliation = false -> null
- effective_labels = {
- "goog-terraform-provisioned" = "true"
} -> null
- enable_autopilot = false -> null
- enable_cilium_clusterwide_network_policy = false -> null
- enable_fqdn_network_policy = false -> null
- enable_intranode_visibility = false -> null
- enable_kubernetes_alpha = false -> null
- enable_l4_ilb_subsetting = false -> null
- enable_legacy_abac = false -> null
- enable_multi_networking = false -> null
- enable_shielded_nodes = true -> null
- enable_tpu = false -> null
- endpoint = "34.73.176.163" -> null
- id = "projects/qwiklabs-gcp-00-c44a5e7a0585/locations/us-east1-c/clusters/gke-demo-cluster" -> null
- initial_node_count = 3 -> null
- label_fingerprint = "78cdf2f6" -> null
- location = "us-east1-c" -> null
- logging_service = "logging.googleapis.com/kubernetes" -> null
- master_version = "1.35.3-gke.1993000" -> null
- min_master_version = "1.35.3-gke.1993000" -> null
- monitoring_service = "monitoring.googleapis.com/kubernetes" -> null
- name = "gke-demo-cluster" -> null
- network = "projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net" -> null
- networking_mode = "VPC_NATIVE" -> null
- node_locations = [] -> null
- node_version = "1.35.3-gke.1993000" -> null
- project = "qwiklabs-gcp-00-c44a5e7a0585" -> null
- resource_labels = {} -> null
- self_link = "https://container.googleapis.com/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/clusters/gke-demo-cluster" -> null
- services_ipv4_cidr = "34.118.224.0/20" -> null
- subnetwork = "projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet" -> null
- terraform_labels = {
- "goog-terraform-provisioned" = "true"
} -> null

- addons_config {
- dns_cache_config {
- enabled = true -> null
}
- gce_persistent_disk_csi_driver_config {
- enabled = true -> null
}
- network_policy_config {
- disabled = true -> null
}
}

- anonymous_authentication_config {
- mode = "LIMITED" -> null
}

- binary_authorization {
- enabled = false -> null
}

- cluster_autoscaling {
- auto_provisioning_locations = [] -> null
- autoscaling_profile = "BALANCED" -> null
- default_compute_class_enabled = false -> null
- enabled = false -> null

- auto_provisioning_defaults {
- disk_size = 0 -> null
- image_type = "COS_CONTAINERD" -> null
- oauth_scopes = [
- "https://www.googleapis.com/auth/devstorage.read_only",
- "https://www.googleapis.com/auth/logging.write",
- "https://www.googleapis.com/auth/monitoring",
- "https://www.googleapis.com/auth/service.management.readonly",
- "https://www.googleapis.com/auth/servicecontrol",
- "https://www.googleapis.com/auth/trace.append",
] -> null
- service_account = "default" -> null

- management {
- auto_repair = true -> null
- auto_upgrade = true -> null
- upgrade_options = [] -> null
}
}
}

- control_plane_endpoints_config {
- dns_endpoint_config {
- allow_external_traffic = false -> null
- enable_k8s_certs_via_dns = false -> null
- enable_k8s_tokens_via_dns = false -> null
- endpoint = "gke-ed1044053cb742e98ca9741dca862ce476aa-852360341485.us-east1-c.gke.goog" -> null
}
- ip_endpoints_config {
- enabled = true -> null
}
}

- database_encryption {
- state = "DECRYPTED" -> null
}

- default_snat_status {
- disabled = false -> null
}

- enterprise_config {
- cluster_tier = "STANDARD" -> null
}

- ip_allocation_policy {
- cluster_ipv4_cidr_block = "10.0.92.0/22" -> null
- cluster_secondary_range_name = "secondary-range" -> null
- services_ipv4_cidr_block = "34.118.224.0/20" -> null
- stack_type = "IPV4" -> null

- network_tier_config {
- network_tier = "NETWORK_TIER_DEFAULT" -> null
}

- pod_cidr_overprovision_config {
- disabled = false -> null
}
}

- logging_config {
- enable_components = [
- "SYSTEM_COMPONENTS",
- "WORKLOADS",
] -> null
}

- master_auth {
- cluster_ca_certificate = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMVENDQXBXZ0F3SUJBZ0lSQUtnMTNKOExNRkEra1o1U0dJTE9aUkV3RFFZSktvWklodmNOQVFFTEJRQXcKTHpFdE1Dc0dBMVVFQXhNa05tVTVPVFJoTnpRdE5UVXhPUzAwTjJZM0xUa3pZMk10WkRFNVpqY3dORE0xWldZNQpNQ0FYRFRJMk1EVXhOREEwTVRFd09Gb1lEekl3TlRZd05UQTJNRFV4TVRBNFdqQXZNUzB3S3dZRFZRUURFeVEyClpUazVOR0UzTkMwMU5URTVMVFEzWmpjdE9UTmpZeTFrTVRsbU56QTBNelZsWmprd2dnR2lNQTBHQ1NxR1NJYjMKRFFFQkFRVUFBNElCandBd2dnR0tBb0lCZ1FDdlJhRmVYTTN5cTVtaThITVFwaThxaGlMTXRZY1FCcHNlSVI0Zgo4MzE3ZDk5LzkrS0xBd2JCZmNTUEIrU1hjSFNYeVoxWTNtbU00M1Jma3BKYmFaNkxwRWlhc3RmNUNLOFMydjg0CjZPUWJnQTM2ZVIwWUdLTkNTN3YySXBjUFk5em5LV0puYjJLTlZlYzYvTjNmZnkvOGpmZ0wvK0pOOU80bFJSVUgKMldaNmhhRE5EVmpFcDJMeVdUQVMwQU00VUxjTWMvck1YNkwvYkZycjRUTVh5NE9ydFZhdlRyRFBZc3YzbWRNbwpueTRiVlpkZ00ya2hsVkNrbEc4US85dTZBVC9IUUdmRVczd0dpMGJMeFBCREJSSXVZS2ZFclJ0QWFNUXBFeWU5CmpOZXE1L2RrdHVqY3I3QnJ5eGs4NXlvOVg0TEQ4bW5weXJtL2pIWVlPNTJsRThVdktSbjkrUW1OSEY2MTB3SncKUjFuSUZmclhSbTJVbWt5bStMVGRHU3JsNXJSVzIxWitHZGlpalhDU1Y2RnFveVB6L1Vza042TXN2RlRlY1Yrbwppcitqejk4Rit0U2lUNW0vQTg1a2xGcE9JRUxYaWU4Nm5JY3llWlpKWnZOTnUzWktuMWZPUS9BOTVCQ2c4Q1hyCmFqck9WL2RwZk8yVFVUYWIyblJYNEFzR1dKMENBd0VBQWFOQ01FQXdEZ1lEVlIwUEFRSC9CQVFEQWdJRU1BOEcKQTFVZEV3RUIvd1FGTUFNQkFmOHdIUVlEVlIwT0JCWUVGQVJ3SW1wMlU0eUhLU0JoaWlrK2NWTDF3em9kTUEwRwpDU3FHU0liM0RRRUJDd1VBQTRJQmdRQ2llRmd6bWtBM05uRFZ5Z0taRUR6ME5pbnBkK29yZDNLNmdLTXdDalp4CjZtTDJrUWdNb2xZY2lUTTRBM3N4SkRJWDRkdXkxY1RZbUx1SWFtVFNhUjBtZCt4UFVHOGZnL1g0VDMvQTI5bGgKUXVVN1k4QWIwRUpCYWlHYWtNbCt6WDlYK2U3RE42T1lybDVpUDEvVE45cEZMdFR3aGdaU25xd3Vva0NKRkpQSgorYmVtNHdmd2RqaGR3K2NDYUZTdWkvNmt5VGM3UmdEbXpORjNGNndyWDM0MzhxZDdmUC9hZHk1N0l1VEZNWFFLCk1tRU1FaWNuWi9XU3NrMlpWdXp3SjJIV2ZsUnFac1ZnNVIvTFRIL2hJdU80eHhaUzd3MVZQTHMxQ2dESytSK3oKNUZsSEc0T21NM3ZuRVBGbkhoUlVPTHJMbmpiT1c0ckZUd3Z2SWswczRnb2ovNHdBQjBPWHJTM053aWZLUWJpOApRWGpEUExqbmhpWWtRbTUwWGFFb0pQbFpJN1JDSEFPQjc3MVJHVFErU2hlNE9jS3Y4YjZXMXdFMEY2WTd3MUMwCldDVnJ1ci85U3Q0cEhnSFZHL3FsRWRLYStqTkJkZHJ3ZVk1ZzlXUU54SmcvekFUVnVZNzE0cTRObTRnbVV1a3IKV05TaTFDU2t2TUNJdFF4bVFRQ1FEc0k9Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K" -> null

- client_certificate_config {
- issue_client_certificate = false -> null
}
}

- master_authorized_networks_config {
- gcp_public_cidrs_access_enabled = false -> null
- private_endpoint_enforcement_enabled = true -> null

- cidr_blocks {
- cidr_block = "34.24.238.231/32" -> null
- display_name = "bastion" -> null
}
}

- monitoring_config {
- enable_components = [
- "SYSTEM_COMPONENTS",
- "STORAGE",
- "HPA",
- "POD",
- "DAEMONSET",
- "DEPLOYMENT",
- "STATEFULSET",
- "CADVISOR",
- "KUBELET",
- "DCGM",
- "JOBSET",
] -> null

- advanced_datapath_observability_config {
- enable_metrics = false -> null
- enable_relay = false -> null
}

- managed_prometheus {
- enabled = true -> null
}
}

- network_policy {
- enabled = false -> null
- provider = "PROVIDER_UNSPECIFIED" -> null
}

- node_config {
- disk_size_gb = 100 -> null
- disk_type = "pd-balanced" -> null
- effective_taints = [] -> null
- enable_confidential_storage = false -> null
- flex_start = false -> null
- image_type = "COS_CONTAINERD" -> null
- labels = {
- "status" = "poc"
} -> null
- local_ssd_count = 0 -> null
- logging_variant = "DEFAULT" -> null
- machine_type = "n1-standard-1" -> null
- metadata = {
- "disable-legacy-endpoints" = "true"
} -> null
- oauth_scopes = [
- "https://www.googleapis.com/auth/compute",
- "https://www.googleapis.com/auth/devstorage.read_only",
- "https://www.googleapis.com/auth/logging.write",
- "https://www.googleapis.com/auth/monitoring",
] -> null
- preemptible = false -> null
- resource_labels = {
- "goog-gke-node-pool-provisioning-model" = "on-demand"
} -> null
- resource_manager_tags = {} -> null
- service_account = "default" -> null
- spot = false -> null
- storage_pools = [] -> null
- tags = [
- "poc",
] -> null

- boot_disk {
- disk_type = "pd-balanced" -> null
- provisioned_iops = 0 -> null
- provisioned_throughput = 0 -> null
- size_gb = 100 -> null
}

- kubelet_config {
- allowed_unsafe_sysctls = [] -> null
- container_log_max_files = 0 -> null
- cpu_cfs_quota = false -> null
- eviction_max_pod_grace_period_seconds = 0 -> null
- image_gc_high_threshold_percent = 0 -> null
- image_gc_low_threshold_percent = 0 -> null
- insecure_kubelet_readonly_port_enabled = "FALSE" -> null
- max_parallel_image_pulls = 2 -> null
- pod_pids_limit = 0 -> null
- single_process_oom_kill = false -> null
}

- shielded_instance_config {
- enable_integrity_monitoring = true -> null
- enable_secure_boot = false -> null
}

- windows_node_config {}
}

- node_pool {
- initial_node_count = 3 -> null
- instance_group_urls = [
- "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instanceGroupManagers/gke-gke-demo-cluster-default-pool-24cb1ca7-grp",
] -> null
- managed_instance_group_urls = [
- "https://www.googleapis.com/compute/v1/projects/qwiklabs-gcp-00-c44a5e7a0585/zones/us-east1-c/instanceGroups/gke-gke-demo-cluster-default-pool-24cb1ca7-grp",
] -> null
- max_pods_per_node = 110 -> null
- name = "default-pool" -> null
- node_count = 3 -> null
- node_locations = [
- "us-east1-c",
] -> null
- version = "1.35.3-gke.1993000" -> null

- management {
- auto_repair = true -> null
- auto_upgrade = true -> null
}

- network_config {
- create_pod_range = false -> null
- enable_private_nodes = true -> null
- pod_ipv4_cidr_block = "10.0.92.0/22" -> null
- pod_range = "secondary-range" -> null
- subnetwork = "projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet" -> null
}

- node_config {
- disk_size_gb = 100 -> null
- disk_type = "pd-balanced" -> null
- effective_taints = [] -> null
- enable_confidential_storage = false -> null
- flex_start = false -> null
- image_type = "COS_CONTAINERD" -> null
- labels = {
- "status" = "poc"
} -> null
- local_ssd_count = 0 -> null
- logging_variant = "DEFAULT" -> null
- machine_type = "n1-standard-1" -> null
- metadata = {
- "disable-legacy-endpoints" = "true"
} -> null
- oauth_scopes = [
- "https://www.googleapis.com/auth/compute",
- "https://www.googleapis.com/auth/devstorage.read_only",
- "https://www.googleapis.com/auth/logging.write",
- "https://www.googleapis.com/auth/monitoring",
] -> null
- preemptible = false -> null
- resource_labels = {
- "goog-gke-node-pool-provisioning-model" = "on-demand"
} -> null
- resource_manager_tags = {} -> null
- service_account = "default" -> null
- spot = false -> null
- storage_pools = [] -> null
- tags = [
- "poc",
] -> null

- boot_disk {
- disk_type = "pd-balanced" -> null
- provisioned_iops = 0 -> null
- provisioned_throughput = 0 -> null
- size_gb = 100 -> null
}

- kubelet_config {
- allowed_unsafe_sysctls = [] -> null
- container_log_max_files = 0 -> null
- cpu_cfs_quota = false -> null
- eviction_max_pod_grace_period_seconds = 0 -> null
- image_gc_high_threshold_percent = 0 -> null
- image_gc_low_threshold_percent = 0 -> null
- insecure_kubelet_readonly_port_enabled = "FALSE" -> null
- max_parallel_image_pulls = 2 -> null
- pod_pids_limit = 0 -> null
- single_process_oom_kill = false -> null
}

- shielded_instance_config {
- enable_integrity_monitoring = true -> null
- enable_secure_boot = false -> null
}

- windows_node_config {}
}

- upgrade_settings {
- max_surge = 1 -> null
- max_unavailable = 0 -> null
- strategy = "SURGE" -> null
}
}

- node_pool_auto_config {
- resource_manager_tags = {} -> null

- node_kubelet_config {
- insecure_kubelet_readonly_port_enabled = "FALSE" -> null
}
}

- node_pool_defaults {
- node_config_defaults {
- insecure_kubelet_readonly_port_enabled = "FALSE" -> null
- logging_variant = "DEFAULT" -> null
}
}

- notification_config {
- pubsub {
- enabled = false -> null
}
}

- pod_autoscaling {
- hpa_profile = "PERFORMANCE" -> null
}

- private_cluster_config {
- enable_private_endpoint = false -> null
- enable_private_nodes = true -> null
- master_ipv4_cidr_block = "10.0.90.0/28" -> null
- private_endpoint = "10.0.90.2" -> null
- private_endpoint_subnetwork = "projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/gke-gke-demo-cluster-a5dfd262-pe-subnet" -> null
- public_endpoint = "34.73.176.163" -> null

- master_global_access_config {
- enabled = false -> null
}
}

- rbac_binding_config {
- enable_insecure_binding_system_authenticated = true -> null
- enable_insecure_binding_system_unauthenticated = true -> null
}

- release_channel {
- channel = "STABLE" -> null
}

- secret_manager_config {
- enabled = false -> null
}

- security_posture_config {
- mode = "BASIC" -> null
- vulnerability_mode = "VULNERABILITY_MODE_UNSPECIFIED" -> null
}

- service_external_ips_config {
- enabled = false -> null
}
}

Plan: 0 to add, 0 to change, 5 to destroy.
cp-00-c44a5e7a0585/z.../us-east1-c/instances/gke-demo-bastion, 30s elapsed]
google_compute_instance.gke-bastion: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/z.../us-east1-c/instances/gke-demo-bastion, 40s elapsed]
google_compute_instance.gke-bastion: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/z.../us-east1-c/instances/gke-demo-bastion, 50s elapsed]
google_compute_instance.gke-bastion: Destruction complete after 51s
google_compute_subnetwork.cluster-subnet: Destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/regions/us-east1/subnetworks/kube-net-subnet]
google_compute_subnetwork.cluster-subnet: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/r...s/us-east1/subnetworks/kube-net-subnet, 10s elapsed]




google_compute_subnetwork.cluster-subnet: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/r...s/us-east1/subnetworks/kube-net-subnet, 20s elapsed]

google_compute_subnetwork.cluster-subnet: Destruction complete after 22s
google_compute_network.gke-network: Destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net]
google_compute_network.gke-network: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net, 10s elapsed]
google_compute_network.gke-network: Still destroying... [id=projects/qwiklabs-gcp-00-c44a5e7a0585/global/networks/kube-net, 20s elapsed]
google_compute_network.gke-network: Destruction complete after 21s

Destroy complete! Resources: 5 destroyed.
student_04_c51a79d4799a@cloudshell:~/gke-network-policy-demo (qwiklabs-gcp-00-c44a5e7a0585)$
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment