#!/usr/bin/env bash # vim:ts=4:sts=4:sw=4:et # shellcheck disable=SC1090 # # Author: Hari Sekhon # Date: 2020-08-13 19:38:39 +0100 (Thu, 13 Aug 2020) # # https://github.com/harisekhon/bash-tools # # License: see accompanying Hari Sekhon LICENSE file # # If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish # # https://www.linkedin.com/in/harisekhon # # Gather common GCP environment info for quickly surveying new client environments # # Requires: # # - GCloud CLI to be available and configured 'gcloud init' # (or just use Cloud Shell, will prompt you to set the project if it's not already) # - API services to be enabled (or to select Y to enable them when prompted) # - Billing to be enabled in order to enable API services # # Tested with Google Cloud SDK installed locally set -euo pipefail [ -n "${DEBUG:-}" ] && set -x srcdir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # shellcheck disable=SC1090 . "$srcdir/lib/utils.sh" # shellcheck disable=SC1090 . "$srcdir/lib/gcp.sh" # shellcheck disable=SC2034,SC2154 usage_description=" Lists GCP deployed resources in the current or specified GCP Project Make sure that you run this from an authorized network so things like kubectl don't hang Lists in this order (categories broadly reflect the GCP Console grouping of services): - GCloud SDK version - Auth, Organizations & Config: - Organizations - Auth Configurations - Current Configuration & Properties - Projects: - Project Names & IDs - Current Project - checks project is set to continue with the following - Services & APIs: - Enabled Services & API - collectors all available services to only show enabled services from this point onwards - Accounts & Secrets: - IAM Service Accounts - Secrets Manager secrets - Compute: - GCE Virtual Machines - App Engine instances - Cloud Functions - GKE Clusters - Kubernetes, for every GKE cluster: - cluster-info - master component statuses - nodes - namespaces - deployments, replicasets, replication controllers, statefulsets, daemonsets, horizontal pod autoscalers - services, ingresses - jobs, cronjobs - storage classes, persistent volumes, persistent volume claims - service accounts, resource quotas, network policies, pod security policies - container images running - container images running counts descending - pods # might be too much detail if you have high replica counts, so done last, comment if you're sure nobody has deployed pods outside deployments - Storage: - Cloud SQL instances - Cloud SQL backups enabled - Cloud Storage Buckets - Cloud Filestore - Cloud Memorystore Redis - BigTable clusters and instances - Datastore Indexes - Networks: - VPC Networks - Addresses - Proxies - Subnets - Routers - Routes - VPN Gateways - VPN Tunnels - Reservations - Firewall Rules & Forwarding Rules - DNS managed zones & verified domains - Big Data: - Dataproc clusters (all regions) - Dataproc jobs (all regions) - Dataflow jobs (all regions) - PubSub topics - Cloud IOT Registries (all regions) - Tools: - Cloud Source Repositories - Cloud Builds - Container Registry Images - Deployment Manager This is useful in so many ways. Aside from a general inventory / overview for a new client, you might be interested in tracking down a specific IP address by outputting this to a file and then running grepping for the IPs: ${0##*/} | tee output.txt && grep -E '[[:digit:]]+(\.[[:digit:]]+){3}' output.txt $gcp_info_noninteractive_help Can optionally specify a project id using the first argument, otherwise uses currently configured project $gcp_info_formatting_help " # used by usage() in lib/utils.sh # shellcheck disable=SC2034 usage_args="[]" help_usage "$@" check_bin gcloud if [ $# -gt 0 ]; then project_id="$1" shift || : export CLOUDSDK_CORE_PROJECT="$project_id" fi # GCloud SDK tools versions cat <