shared VPC GPC

Author: mletalie

modules/osd-create-cluster-ccs.adoc

@@ -65,7 +65,7 @@ The project name must be 10 characters or less.
   ** IAM Security Admin
   ** Service Account Admin
   ** Service Account Key Admin
-  ** Service Account User  
+  ** Service Account User
   ** Organization Policy Viewer
   ** Service Management Administrator
   ** Service Usage Admin
@@ -204,14 +204,34 @@ The *Use a PrivateLink* option cannot be changed after a cluster is created.
 +
 .. If you are installing into an existing VPC and you want to enable an HTTP or HTTPS proxy for your cluster, select *Configure a cluster-wide proxy*.
 endif::osd-on-aws[]
+
 ifdef::osd-on-gcp[]
 . Optional: To install the cluster in an existing GCP Virtual Private Cloud (VPC):
 .. Select *Install into an existing VPC*.
 .. If you are installing into an existing VPC and you want to enable an HTTP or HTTPS proxy for your cluster, select *Configure a cluster-wide proxy*.
 endif::osd-on-gcp[]
-
++
 . Click *Next*.
 
+ifdef::osd-on-gcp[]
+. Optional: To install the cluster into a GCP shared VPC:
++
+[IMPORTANT]
+====
+To install a cluster into a shared VPC, the shared VPC administrator must enable a project as a host project in their Google Cloud console.
+====
+
+.. Select *Install into GCP shared VPC*.
+.. Specify the **Host project ID**. If the specified host project ID is incorrect, cluster creation will fail.
++
+
+[IMPORTANT]
+====
+Once you complete the steps cluster creation wizard, you must contact the VPC administrator of the host project, who must grant the service account the following permissions:**Computer Network Administrator**, **Compute Security Administrator**, and **DNS Administrator**. The administrator has 30 days to grant the listed permissions before the cluster creation fails,
+For information about shared GPC VPC, see link:https://cloud.google.com/vpc/docs/shared-vpc[Shared VPC in Google Cloud].
+====
+endif::osd-on-gcp[]
++
 . If you opted to install the cluster in an existing
 ifdef::osd-on-aws[]
 AWS