diff --git a/products/compute/api.yaml b/products/compute/api.yaml
index 7bd60a51e164..618045011a80 100644
--- a/products/compute/api.yaml
+++ b/products/compute/api.yaml
@@ -1108,13 +1108,14 @@ objects:
       - !ruby/object:Api::Type::Array
         name: 'healthChecks'
         item_type: Api::Type::String
-        required: true
         min_size: 1
         max_size: 1
         description: |
            The set of URLs to the HttpHealthCheck or HttpsHealthCheck resource
            for health checking this BackendService. Currently at most one health
-           check can be specified, and a health check is required.
+           check can be specified.
+
+           A health check must be specified unless the backend service uses an internet NEG as a backend.
 
            For internal load balancing, a URL to a HealthCheck resource must be specified instead.
       - !ruby/object:Api::Type::Integer
diff --git a/products/compute/terraform.yaml b/products/compute/terraform.yaml
index 0800e0dfa8a1..ec52417fd613 100644
--- a/products/compute/terraform.yaml
+++ b/products/compute/terraform.yaml
@@ -198,6 +198,12 @@ overrides: !ruby/object:Overrides::ResourceOverrides
         vars:
           backend_service_name: "backend-service"
           health_check_name: "health-check"
+      - !ruby/object:Provider::Terraform::Examples
+        name: "backend_service_network_endpoint"
+        primary_resource_id: "default"
+        vars:
+          backend_service_name: "backend-service"
+          neg_name: "network-endpoint"
     custom_code: !ruby/object:Provider::Terraform::CustomCode
       constants: 'templates/terraform/constants/backend_service.go.erb'
       encoder: 'templates/terraform/encoders/backend_service.go.erb'
diff --git a/templates/terraform/encoders/backend_service.go.erb b/templates/terraform/encoders/backend_service.go.erb
index 93ae452dfb7f..db47dca273af 100644
--- a/templates/terraform/encoders/backend_service.go.erb
+++ b/templates/terraform/encoders/backend_service.go.erb
@@ -32,5 +32,22 @@ if iapVal == nil {
 	obj["iap"] = iap
 }
 
+backendsRaw, ok := obj["backends"]
+if !ok {
+	return obj, nil
+}
+backends := backendsRaw.([]interface{})
+for _, backendRaw := range backends {
+	backend := backendRaw.(map[string]interface{})
+	backendGroup, ok := backend["group"]
+	if !ok {
+		continue
+	}
+	if strings.Contains(backendGroup.(string), "global/networkEndpointGroups") {
+		// Remove `max_utilization` from any backend that belongs to a global NEG. This field
+		// has a default value and causes API validation errors
+		backend["maxUtilization"] = nil
+	}
+}
 
 return obj, nil
diff --git a/templates/terraform/examples/backend_service_network_endpoint.tf.erb b/templates/terraform/examples/backend_service_network_endpoint.tf.erb
new file mode 100644
index 000000000000..53cb96620ee7
--- /dev/null
+++ b/templates/terraform/examples/backend_service_network_endpoint.tf.erb
@@ -0,0 +1,24 @@
+resource "google_compute_global_network_endpoint_group" "external_proxy" {
+  name                  = "<%= ctx[:vars]['neg_name'] %>"
+  network_endpoint_type = "INTERNET_FQDN_PORT"
+  default_port          = "443"
+}
+
+resource "google_compute_global_network_endpoint" "proxy" {
+  global_network_endpoint_group = google_compute_global_network_endpoint_group.external_proxy.id
+  fqdn                          = "test.example.com"
+  port                          = google_compute_global_network_endpoint_group.external_proxy.default_port
+}
+
+resource "google_compute_backend_service" "<%= ctx[:primary_resource_id] %>" {
+  name                            = "<%= ctx[:vars]['backend_service_name'] %>"
+  enable_cdn                      = true
+  timeout_sec                     = 10
+  connection_draining_timeout_sec = 10
+ 
+  custom_request_headers          = ["host: ${google_compute_global_network_endpoint.proxy.fqdn}"]
+
+  backend {
+    group = google_compute_global_network_endpoint_group.external_proxy.id
+  }
+}