This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud services enable dataproc.googleapis.com sqladmin.googleapis.com \ | |
cloudkms.googleapis.com |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export PROJECT_ID=$(gcloud info --format='value(config.project)') | |
export REGION=us-central1 | |
export ZONE=us-central1-b |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud iam service-accounts create visualization-security-sa \ | |
--description="Used by products in visualization security" \ | |
--display-name="Visualization security service account" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bash -c 'array=( dataproc.worker cloudsql.editor cloudkms.cryptoKeyDecrypter ) | |
for i in "${array[@]}" | |
do | |
gcloud projects add-iam-policy-binding ${PROJECT_ID} \ | |
--member "serviceAccount:visualization-security-sa@${PROJECT_ID}.iam.gserviceaccount.com" \ | |
--role roles/$i | |
done' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export CLOUD_SQL_NAME=cloudsql-mysql | |
gcloud sql instances create ${CLOUD_SQL_NAME} \ | |
--tier=db-n1-standard-1 --region=${REGION} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud sql users set-password root \ | |
--host=% --instance ${CLOUD_SQL_NAME} --password mysql-root-password-99 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud kms keyrings create my-keyring --location global |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
gcloud kms keys create my-key \ | |
--location global \ | |
--keyring my-keyring \ | |
--purpose encryption |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "ranger-admin-password-99" | \ | |
gcloud kms encrypt \ | |
--location=global \ | |
--keyring=my-keyring \ | |
--key=my-key \ | |
--plaintext-file=- \ | |
--ciphertext-file=ranger-admin-password.encrypted |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
echo "ranger-db-admin-password-99" | \ | |
gcloud kms encrypt \ | |
--location=global \ | |
--keyring=my-keyring \ | |
--key=my-key \ | |
--plaintext-file=- \ | |
--ciphertext-file=ranger-db-admin-password.encrypted |
OlderNewer