Created
January 12, 2022 16:52
-
-
Save cosimo/0b416b5ad41cd9b58ac2eeac8f3fa332 to your computer and use it in GitHub Desktop.
Random gcloud command line snippets
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # ============================================================================= | |
| # | |
| # Very random gcloud related snippets | |
| # | |
| # ============================================================================= | |
| set -e | |
| set -o nounset | |
| PROJECT_ID="$1" | |
| # ----------------------------------------------------------------------------- | |
| # Create a role of which you have a policy file dumped with: | |
| # `gcloud iam roles describe ...`. | |
| # | |
| # Before running this you need to enable the IAM API | |
| # https://console.cloud.google.com/apis/enableflow?project=${PROJECT_ID} | |
| # | |
| gcloud iam roles create SomeRole --project $PROJECT_ID --file ./SomeRole.yaml | |
| # ----------------------------------------------------------------------------- | |
| # Create a service account | |
| # | |
| gcloud iam service-accounts create --project="$PROJECT_ID" sa-name \ | |
| --display-name "Some Service Account" \ | |
| --description="Used by Blah to setup whatever infrastructure" | |
| # ----------------------------------------------------------------------------- | |
| # Create a new key for a service account | |
| # | |
| gcloud iam service-accounts keys create --project="$PROJECT_ID" \ | |
| --iam-account=sa-name@${PROJECT_ID}.iam.gserviceaccount.com \ | |
| output-file.json | |
| # ----------------------------------------------------------------------------- | |
| # List all keys used by a service account | |
| # | |
| gcloud iam service-accounts keys list --project="$PROJECT_ID" \ | |
| --iam-account="sa-name@${PROJECT_ID}.iam.gserviceaccount.com" | |
| # ----------------------------------------------------------------------------- | |
| # List all APIs that it's possible to enable for a project | |
| # | |
| gcloud services list --available --project="$PROJECT_ID" | tee gcloud_apis.txt | |
| # ----------------------------------------------------------------------------- | |
| # Enable a set of APIs in a project | |
| # | |
| # You can look up or search the API names in `gcloud_apis.txt` | |
| # | |
| gcloud services enable --project "$PROJECT_ID" \ | |
| compute.googleapis.com \ | |
| iam.googleapis.com \ | |
| secretmanager.googleapis.com \ | |
| pubsub.googleapis.com | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment