Conectar uma TPU a uma rede VPC compartilhada

gcloud projects add-iam-policy-binding host-project-id \
--member=serviceAccount:service-your-service-project-number@gcp-sa-tpu.iam.gserviceaccount.com \
--role=roles/tpu.xpnAgent

gcloud compute tpus accelerator-types list --zone zone

gcloud compute tpus versions list --zone zone

gcloud compute tpus tpu-vm create tpu-name \
   --zone zone \
   --accelerator-type accelerator-type \
   --network projects/host-project-id/global/networks/host-network \
   --version tpu-image-version \
   --project your-service-project-id

$ gcloud compute tpus tpu-vm describe tpu-name --zone zone

acceleratorType: v3-8
apiVersion: V2
cidrBlock: 10.128.0.0/20
createTime: '2022-06-17T21:32:13.859274143Z'
health: HEALTHY
id: '0000000000000000000'
name: projects/my-project/locations/us-central1-b/nodes/my-tpu
networkConfig:
  enableExternalIps: true
  network: projects/my-project/global/networks/default
  subnetwork: projects/my-project/regions/us-central1/subnetworks/default
networkEndpoints:
- accessConfig:
    externalIp: 000.000.000.000
  ipAddress: 10.128.0.104
  port: 8470
runtimeVersion: tpu-vm-tf-2.8.0
schedulingConfig: {}
serviceAccount:
  email: 00000000000-compute@developer.gserviceaccount.com
  scope:
  - https://www.googleapis.com/auth/devstorage.read_write
  - https://www.googleapis.com/auth/logging.write
  - https://www.googleapis.com/auth/service.management
  - https://www.googleapis.com/auth/servicecontrol
  - https://www.googleapis.com/auth/cloud-platform
  - https://www.googleapis.com/auth/pubsub
shieldedInstanceConfig: {}
state: READY

gcloud compute tpus tpu-vm delete tpu-name --zone zone