gcloud Commands
gcloud is the command-line interface (CLI) for the Google Cloud Platform (GCP). Gcloud commands allows users to interact with GCP resources and services, including managing virtual machines, deploying applications, configuring networking, and more.
With gcloud, users can manage their GCP resources from their local machine without using the web console. The gcloud CLI can be installed on Windows, Linux, and macOS machines.
gcloud provides a set of commands that can be used to perform various operations on GCP resources, such as creating and managing virtual machines, creating and managing storage buckets, and managing network configurations.
Users can also use gcloud to interact with services like Google Kubernetes Engine (GKE), Google Cloud Storage, and Google Cloud SQL. gcloud commands can be run in a terminal window or incorporated into scripts for automated workflows.
How to manage oauth2 credentials in GCP
The gcloud auth commands are used to add and remove access to the Google Cloud CLI. If you come from an AWS background, Google Auth works exactly the same as AWS SSO.
To manage OAuth2 credentials in Google Cloud Platform (GCP), you can use the Cloud Console or the gcloud command-line tool. Here are the general steps:
- Create a project in the GCP Console if you haven’t already done so.
- Go to the APIs & Services Dashboard and click on the “+CREATE CREDENTIALS” button.
- Select “OAuth client ID” from the dropdown menu.
- Choose your application type (Web application, Android, iOS, or Desktop app) and provide the required information.
- Once the OAuth2 client ID is created, you can view, edit, or delete it from the Credentials page in the Console.
- To use the client ID in your application, you’ll need to configure your application to use the OAuth2 flow appropriate for your application type. This will typically involve redirecting users to a Google sign-in page and obtaining an authorization code or token that can be used to make API requests on behalf of the user.
To manage OAuth2 credentials using the gcloud command-line tool, you can use the gcloud auth application-default command. This command sets up application default credentials for your local development environment. Here are the general steps:
- Install the gcloud command-line tool if you haven’t already done so.
- Open a terminal window and run the following command to authenticate with your GCP account:
gcloud auth login
Once you’ve authenticated, run the following command to set up application default credentials:
gcloud auth application-default login
This will generate a new OAuth2 client ID and store it locally.
To view or manage your application default credentials, run the following command:
gcloud auth application-default --help
This will show you the available options for managing your credentials.Note that application default credentials are typically used for local development and testing. In production, you should use a more secure authentication method, such as service accounts.
gcloud auth command list
gcloud auth
gcloud auth activate-refresh-token
gcloud auth activate-service-account
gcloud auth git-helper
gcloud auth list
gcloud auth login
gcloud auth print-access-token
gcloud auth print-refresh-token
gcloud auth revokeHow to manage gcloud components?
gcloud components are used to manage the tools and plugins associated with the gcloud CLI.
gcloud components
gcloud components list
gcloud components remove
gcloud components repositories
gcloud components repositories add
gcloud components repositories list
gcloud components repositories remove
gcloud components restore
gcloud components updateFor example:
Name: gcloud app Python Extensions ID: app-engine-python Size: 8.6 MiB Status: Not Installed Name: Appctl ID: appctl Size: 21.0 MiB Status: Not Installed Name: Artifact Registry Go Module Package Helper ID: package-go-module Size: < 1 MiB Status: Not Installed Name: Cloud Firestore Emulator ID: cloud-firestore-emulator Size: 40.2 MiB Status: Not Installed Name: Cloud SQL Proxy ID: cloud_sql_proxy Size: 7.8 MiB Status: Not Installed Name: Cloud Spanner Emulator ID: cloud-spanner-emulator Size: 27.2 MiB Status: Not Installed Name: Cloud Spanner Migration Tool ID: harbourbridge Size: 14.8 MiB Status: Not Installed Name: Google Container Registry's Docker credential helper ID: docker-credential-gcr Size: 1.8 MiB Status: Not Installed Name: Kustomize ID: kustomize Size: 4.3 MiB Status: Not Installed Name: Nomos CLI ID: nomos Size: 25.0 MiB Status: Not Installed Name: Terraform Tools ID: terraform-tools Size: 52.7 MiB Status: Not Installed Name: anthos-auth ID: anthos-auth Size: 19.2 MiB Status: Not Installed Name: config-connector ID: config-connector Size: 56.4 MiB Status: Not Installed Name: kubectl ID: kubectl Size: < 1 MiB Status: Not Installed Name: kubectl-oidc ID: kubectl-oidc Size: 19.2 MiB Status: Not Installed Name: pkg ID: pkg Size:
How to Create and Manipulate Compute Engine Resources.
The bulk of the gcloud commands are kept under gcloud compute group. This selection manages all GCP resources.
All commands start gcloud compute
Compute
firewall-policies
Manage Compute Engine organization firewall policies.
machine-images
Read and manage Compute Engine machine image resources.
network-firewall-policies
Manage Compute Engine network firewall policies.
reservations
Manage Compute Engine reservations.
resource-policies
Manage Compute Engine Resource Policies.
Disks
disk-types
Read Compute Engine virtual disk types.
disks
Read and manipulate Compute Engine disks.
Info
accelerator-types
Read Compute Engine accelerator types.
machine-types
Read Compute Engine virtual machine types.
operations
Read and manipulate Compute Engine operations.
regions
List Compute Engine regions.
zones
List Compute Engine zones.
Instances
commitments
Manage Compute Engine commitments.
diagnose
Debugging tools for Compute Engine virtual machine instances.
images
List, create, and delete Compute Engine images.
instance-groups
Read and manipulate Compute Engine instance groups.
instance-templates
Read and manipulate Compute Engine instances templates.
instances
Read and manipulate Compute Engine virtual machine instances.
snapshots
List, describe, and delete Compute Engine snapshots.
sole-tenancy
Read and manage Compute Engine sole-tenancy resources.
target-instances
Read and manipulate Compute Engine virtual target instances.
tpus
List, create, and delete Cloud TPUs.
Load Balancing
backend-buckets
Read and manipulate backend buckets.
backend-services
List, create, and delete backend services.
forwarding-rules
Read and manipulate traffic forwarding rules to network load balancers.
health-checks
Read and manipulate health checks for load balanced instances.
http-health-checks
Read and manipulate HTTP health checks for load balanced instances.
https-health-checks
Read and manipulate HTTPS health checks for load balanced instances.
security-policies
Read and manipulate Cloud Armor security policies.
ssl-certificates
List, create, and delete Compute Engine SSL certificate resources.
ssl-policies
List, create, delete and update Compute Engine SSL policies.
target-pools
Control Compute Engine target pools for network load balancing.
Networking
addresses
Read and manipulate Compute Engine addresses.
external-vpn-gateways
List, create, delete and update External VPN Gateways.
firewall-rules
List, create, update, and delete Compute Engine firewall rules.
interconnects
Read and manipulate Compute Engine interconnects.
network-endpoint-groups
Read and manipulate Compute Engine network endpoint groups.
networks
List, create, and delete Compute Engine networks.
packet-mirrorings
Manage Compute Engine packet mirroring resources.
public-advertised-prefixes
Manage public advertised prefix resources.
public-delegated-prefixes
Manage public delegated prefix resources.
routers
List, create, and delete Compute Engine routers.
routes
Read and manipulate routes.
service-attachments
Manage Compute Engine service attachment resources.
shared-vpc
Configure shared VPC.
target-grpc-proxies
Manage Compute Engine target gRPC proxy resources.
target-http-proxies
List, create, and delete target HTTP proxies.
target-https-proxies
List, create, and delete target HTTPS proxies.
target-ssl-proxies
List, create, and delete target SSL proxies.
target-tcp-proxies
List, create, and delete target TCP proxies.
target-vpn-gateways
Read and manipulate classic VPN gateways.
url-maps
List, create, and delete URL maps.
vpn-gateways
read and manipulate Highly Available VPN Gateways.
vpn-tunnels
Read and manipulate Compute Engine VPN tunnels.
Tools
os-config
Manage OS Config tasks for Compute Engine VM instances.
os-login
Create and manipulate Compute Engine OS Login resources.
project-info
Read and manipulate project-level data like quotas and metadata.
Available commands for gcloud compute:
Other
copy-files
*(DEPRECATED)* Copy files to and from Google Compute Engine virtual machines via scp.
start-iap-tunnel
Starts an IAP TCP forwarding tunnel.
Tools
config-ssh
Populate SSH config files with Host entries from each instance.
connect-to-serial-port
Connect to the serial port of an instance.
reset-windows-password
Reset and return a password for a Windows machine instance.
scp
Copy files to and from Google Compute Engine virtual machines via scp.
sign-url
Sign specified URL for use with Cloud CDN Signed URLs.
ssh
SSH into a virtual machine instance.Here are the general steps to create and manipulate Compute Engine resources using the gcloud command-line tool:
- Install the gcloud command-line tool if you haven’t already done so.
- Authenticate with your GCP account by running the following command and following the on-screen prompts:
gcloud auth login
Create a new Compute Engine instance by running the following command:
gcloud compute instances create INSTANCE-NAME --machine-type MACHINE-TYPE --image IMAGE-NAME --zone ZONE
Replace INSTANCE-NAME with a name for your instance, MACHINE-TYPE with the machine type you want to use (e.g., n1-standard-1), IMAGE-NAME with the name of the image you want to use (e.g., ubuntu-2004-lts), and ZONE with the zone you want to create the instance in (e.g., us-central1-a).
List your Compute Engine instances by running the following command:
gcloud compute instances list
This will show you a list of all your instances and their current status.
Connect to your instance by running the following command:
gcloud compute ssh INSTANCE-NAME --zone ZONE
Replace INSTANCE-NAME with the name of the instance you want to connect to and ZONE with the zone it’s in.
Stop or start an instance by running the following command:
gcloud compute instances stop INSTANCE-NAME --zone ZONE
or
gcloud compute instances start INSTANCE-NAME --zone ZONE
Replace INSTANCE-NAME with the name of the instance you want to stop or start, and ZONE with the zone it’s in.
Delete an instance by running the following command:
gcloud compute instances delete INSTANCE-NAME --zone ZONE Replace INSTANCE-NAME with the name of the instance you want to delete, and ZONE with the zone it's in.These are just a few examples of the many things you can do with the gcloud command-line tool and Compute Engine. You can find more information and examples in the gcloud documentation.
How to edit Google Cloud CLI properties?
The gcloud config command group lets you set, view and unset properties Google Cloud CLI uses.
Remember you can use gcloud info to learn about your current properties and environmental variables
gcloud config
gcloud config list
gcloud config set
gcloud config unset
Recent Comments