GCloud CLI

Owned by Roger Cruz
Last updated: Aug 25, 2020
4 min read

Intro

gcloud is the powerful and unified command-line tool for Google Cloud. Full documentation is available from https://cloud.google.com/sdk/gcloud. Read how to install it here: https://cloud.google.com/sdk/docs/quickstart-windows

It comes pre-installed on Cloud Shell. Notice gcloud supports tab-completion

 

Update GCLoud

 

gcloud components update

HTTP Logging

 

gcloud has a global parameter --log-http which can be useful for learning how it uses Google APIs.

gcloud pubsub topics publish topic-roger --message "Hello World!" --log-http ======================= ==== request start ==== uri: https://pubsub.googleapis.com/v1/projects/rogercruz/topics/topic-roger:publish?alt=json method: POST == headers start == b'accept': b'application/json' b'accept-encoding': b'gzip, deflate' b'authorization': b'Bearer ya29.a0AfH6SMBpKrEsDc8' b'content-length': b'62' b'content-type': b'application/json' b'user-agent': b'google-cloud-sdk gcloud/306.0.0 command/gcloud.pubsub.topics.publish invocation-id/52894c99f2314c08a46983dc2ad7a48e environment/None environment-version/None interactive/True from-script/False python/3.7.5 term/ (Windows NT 10.0.18362)' == headers end == == body start == {"messages": [{"attributes": {}, "data": "SGVsbG8gV29ybGQh"}]} == body end == ==== request end ==== ---- response start ---- status: 200 -- headers start -- -content-encoding: gzip alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control: private content-length: 48 content-type: application/json; charset=UTF-8 date: Thu, 20 Aug 2020 06:48:36 GMT server: ESF transfer-encoding: chunked vary: Origin, X-Origin, Referer x-content-type-options: nosniff x-frame-options: SAMEORIGIN x-xss-protection: 0 -- headers end -- -- body start -- { "messageIds": [ "454652481965261" ] } -- body end -- total round trip time (request+response): 0.281 secs ---- response end ---- ---------------------- messageIds: - '454652481965261'

 

--format

  • This is a useful argument to change how the data is displayed. Many formats are possible so review them here:

    If the service account is found, its email is displayed.

gcloud iam service-accounts describe rogercruz@acme.iam.gserviceaccount.com --format "(email)"

Initialization And Authorization

 

  • Intiialize gcloud. This is where you select your default project and ergion.

 

  • List the accounts whose credentials are stored on the local system:

 

 

More information on the default properties: https://cloud.google.com/compute/docs/gcloud-compute#default-properties.

If you do not set a default project, you will need to specify it with the --project [PROJECT_ID] for each gcloud command

 

Pub/Sub Service

 

The GCP help page on creating a pub/sub via gcloud is here: https://cloud.google.com/sdk/gcloud/reference/pubsub/topics/create

JSON Resource Keys

Google API’s return responses in JSON. You can find the resource keys in the JSON tree by using the --format=flattened More info here: gcloud topic resource-keys

Knowning the resource’s flatten name can help you when creating a filter expression for an API query.

 

Filtering

 

Some of the Google APIs allow you to specify a filter to search for specific resources. More info can be found here: gcloud topic filters

Use filter and format to find out if the ALPHA components are installed.

Create A Role

 

The permissions for the role can be specified in a YAML file

 

 

Assign Custom Role To Service Account

 

 

IAM

Service Accounts

gcloud iam service-accounts

Describes a specified service account. Note that the service account does not need to be an identity in your project. It can be in other projects you have access to.

Â