32

Is it possible to list, through the Google Cloud Platform (GCP) SDK CLI (gcloud), all active resources under a given GCP project?

Mike
  • 1,080
  • 1
  • 9
  • 25
bsam
  • 880
  • 1
  • 8
  • 18

3 Answers3

28

You can use search-all-resources to search all the resources across services (or APIs) and projects for a given organization, folder, or project.

To search all the resources in a project with number 123:

$ gcloud asset search-all-resources --scope=projects/123

See the other post for more details: How to find, list, or search resources across services (APIs) and projects in Google Cloud Platform?

Circy
  • 1,058
  • 11
  • 15
  • 1
    Given progression of time, running `gcloud alpha resources list` spits an error: ERROR: (gcloud.alpha) Invalid choice: 'resources'. However, `gcloud beta asset search-all-resources` does work. – Jari Turkia Nov 08 '20 at 15:10
  • 4
    "gcloud alpha resources list" is deprecated. – Circy Jan 29 '21 at 19:31
6

IIUC there's no general-purpose type for "things that live in projects" so you'd need to enumerate all the types (that interest you) specifically.

Also, some resources (e.g. keys) are owned by service accounts that are owned by projects.

for PROJECT in $(\
  gcloud projects list \
  --format="value(projectId)")
do
  echo "Project: ${PROJECT}"
  echo "Services"
  gcloud services list --project=${PROJECT}
  echo "Kubernetes Clusters"
  gcloud container clusters list --project=${PROJECT}
  echo "Compute Engine instances"
  gcloud compute instances list --project=${PROJECT}
  echo "Service Accounts"
  for ACCOUNT in $(\
    gcloud iam service-accounts list \
    --project=${PROJECT} \
    --format="value(email)")
  do
    echo "Service Account keys: ${ACCOUNT}"
    gcloud iam service-accounts keys list --iam-account=${ACCOUNT} --project=${PROJECT}
  done
done

Various challenges with this approach though:

  • Some enumerations may require more details (e.g. regions|zones)
  • You'd need to be exhaustive (it won't list what you don't request)
  • it gets nested|messy quickly
  • Some services prompt if they're not enabled (e.g. Compute Engine)

NB

  • You can apply --filter=... to each of the above commands
  • You could wrap the entire loop into one that enumerates gcloud auth list accounts
DazWilkin
  • 32,823
  • 5
  • 47
  • 88
0

If you want to list the resources on basis of their state then you can use --filter= option and this will the active state resources

Use Case:- If you want to list all the projects with pending deletion state then you will use:

gcloud  projects  list --filter='lifecycleState:DELETE_REQUESTED'
Tyler2P
  • 2,324
  • 26
  • 22
  • 31
Fahad Khan
  • 21
  • 3