From ea6f31e0249b9b71e76edb3846be568d8a60d69b Mon Sep 17 00:00:00 2001
From: David Gleich <gleichda@google.com>
Date: Tue, 12 Apr 2022 15:31:42 +0200
Subject: [PATCH] Findings from code review

---
 .../network-dashboard/cloud-function/main.py              | 8 ++++----
 examples/cloud-operations/network-dashboard/main.tf       | 2 +-
 examples/cloud-operations/network-dashboard/variables.tf  | 3 +--
 3 files changed, 6 insertions(+), 7 deletions(-)

diff --git a/examples/cloud-operations/network-dashboard/cloud-function/main.py b/examples/cloud-operations/network-dashboard/cloud-function/main.py
index da6bdf0b..593d7b60 100644
--- a/examples/cloud-operations/network-dashboard/cloud-function/main.py
+++ b/examples/cloud-operations/network-dashboard/cloud-function/main.py
@@ -571,7 +571,7 @@ def get_l7_forwarding_rules_data(metrics_dict, forwarding_rules_dict,
     network_dict = get_networks(project)
 
     current_quota_limit = get_quota_current_limit(
-        f"projects/{project}", L4_FORWARDING_RULES_LIMIT_METRIC)
+        f"projects/{project}", L7_FORWARDING_RULES_LIMIT_METRIC)
     if current_quota_limit is None:
       print(f"Could not write number of L7 forwarding rules to metric for projects/{project} due to missing quotas")
       continue
@@ -774,7 +774,7 @@ def count_effective_limit(project_id, network_dict, usage_metric_name,
               get_limit_ppg(peered_network_link, limit_dict)))
     else:
       print(f"Ignoring projects/{peered_network['project_id']} for limits in peering group of project {project_id} as no limits are available." +
-            "This can happen due to the project belonging to a different organization")
+            "This can happen if you don't have permissions on the project, for example if the project is in another organization or a Google managed project")
 
   # Calculates effective limit: Step 3: Find minimum from the list created by Step 2
   limit_step3 = 0
@@ -1026,7 +1026,7 @@ def get_network_id(project_id, network_name):
     # TODO: log proper warning
     if err.resp.status == http.HTTPStatus.FORBIDDEN:
       print(f"Warning: error reading networks for {project_id}. " +
-            f"This can happen if this project is not belonging to you organization")
+            f"This can happen if you don't have permissions on the project, for example if the project is in another organization or a Google managed project")
     else:
       print(f"Warning: error reading networks for {project_id}: {err}")
     return 0
@@ -1070,7 +1070,7 @@ def get_quota_current_limit(project_link, metric_name):
     return results_list
   except exceptions.PermissionDenied as err:
     print(f"Warning: error reading quotas for {project_link}. " +
-          f"This can happen if this project is not belonging to you organization: {err}")
+          f"This can happen if you don't have permissions on the project, for example if the project is in another organization or a Google managed project")
   return None
 
 def customize_quota_view(quota_results):
diff --git a/examples/cloud-operations/network-dashboard/main.tf b/examples/cloud-operations/network-dashboard/main.tf
index 23ef3e2f..2102b370 100644
--- a/examples/cloud-operations/network-dashboard/main.tf
+++ b/examples/cloud-operations/network-dashboard/main.tf
@@ -17,7 +17,7 @@
 locals {
   project_id_list    = toset(var.monitored_projects_list)
   projects           = join(",", local.project_id_list)
-  monitoring_project = var.monitoring_project_id == "" ? module.project-monitoring.project_id : var.monitoring_project_id
+  monitoring_project = var.monitoring_project_id == "" ? module.project-monitoring[0].project_id : var.monitoring_project_id
 }
 
 ################################################
diff --git a/examples/cloud-operations/network-dashboard/variables.tf b/examples/cloud-operations/network-dashboard/variables.tf
index d7c5eda5..9d69469e 100644
--- a/examples/cloud-operations/network-dashboard/variables.tf
+++ b/examples/cloud-operations/network-dashboard/variables.tf
@@ -46,6 +46,7 @@ variable "schedule_cron" {
 variable "project_monitoring_services" {
   description = "Service APIs enabled in the monitoring project if it will be created."
   default = [
+    "cloudasset.googleapis.com",
     "cloudbilling.googleapis.com",
     "cloudbuild.googleapis.com",
     "cloudresourcemanager.googleapis.com",
@@ -56,8 +57,6 @@ variable "project_monitoring_services" {
     "iamcredentials.googleapis.com",
     "logging.googleapis.com",
     "monitoring.googleapis.com",
-    "oslogin.googleapis.com",
-    "servicenetworking.googleapis.com",
     "serviceusage.googleapis.com",
   ]
 }