burim:bash-gcp
Table of Contents
gcloud logging read 'protoPayload.metadata.vpcServiceControlsUniqueId="uniqueid"' --project=projectname --format=json
check rule hit counts
#!/bin/bash
# Check if the project ID and firewall rule name are provided as arguments
if [ $# -ne 2 ]; then
echo "Usage: $0 <project_id> <firewall_rule_name>"
exit 1
fi
PROJECT_ID=$1
FIREWALL_RULE_NAME=$2
# Get the firewall rule details using gcloud
FIREWALL_RULE_DETAILS=$(gcloud compute firewall-rules describe $FIREWALL_RULE_NAME --project $PROJECT_ID 2>/dev/null)
# Check if the firewall rule exists
if [ $? -ne 0 ]; then
echo "Firewall rule '$FIREWALL_RULE_NAME' not found in project '$PROJECT_ID'."
exit 1
fi
# Get the hit counts for the firewall rule
HIT_COUNTS=$(echo "$FIREWALL_RULE_DETAILS" | grep "packets: " | awk '{print $2}')
# Check if there are any hit counts
if [ -z "$HIT_COUNTS" ]; then
echo "Firewall rule '$FIREWALL_RULE_NAME' in project '$PROJECT_ID' has not been hit yet."
else
echo "Firewall rule '$FIREWALL_RULE_NAME' in project '$PROJECT_ID' has been hit $HIT_COUNTS times."
fi
query logs
#!/bin/bash
# Set the project ID where the logs are stored
PROJECT_ID="vpc01"
# Set the time range for the query (adjust as needed)
START_TIME="2023-08-02T00:00:00Z"
END_TIME="2023-08-02T23:59:59Z"
# List of domains to query for DNS logs
DOMAINS=("compute.googleapis.com" "cloudbuild.googleapis.com" "cloudfunctions.googleapis.com")
# Function to run the gcloud command for a specific domain
function run_query_for_domain() {
local domain="$1"
local query="resource.type=\"dns_query\" AND jsonPayload.queryName=\"$domain\""
# Run the gcloud command to query for DNS logs
local result=$(gcloud logging read "timestamp>=\"$START_TIME\" timestamp<=\"$END_TIME\" $query" --project="$PROJECT_ID" \
--format="table(timestamp, jsonPayload.destinationIP, jsonPayload.queryName, jsonPayload.sourceIP, resource.labels.project_id)" \
2>/dev/null) # Redirect error output to /dev/null to ignore empty results
# Check if the result is not empty before displaying
if [ -n "$result" ]; then
echo "Query results for domain: $domain"
echo "$result"
echo "--------------------------------------------------"
fi
}
# Run the gcloud command to query for DNS logs for each domain
for domain in "${DOMAINS[@]}"; do
run_query_for_domain "$domain"
done
read the projects from an INPUT file
#!/bin/bash
# Set your GCP organization ID
ORGANIZATION_ID="ORG_ID"
# Create an array to store the enabled services
enabled_services=()
# Function to get enabled services for a project
function get_enabled_services {
local project_id="$1"
local services=$(gcloud services list --project=${project_id} --enabled --format="value(NAME)")
while IFS= read -r service_name; do
enabled_services+=("$service_name")
done <<< "$services"
}
# Check if the input file is provided
if [ -z "$1" ]; then
echo "Error: Please provide the input txt file containing project IDs."
exit 1
fi
# Read the project IDs from the input txt file
input_file="$1"
PROJECTS=$(cat "$input_file")
# Iterate through each project and fetch enabled services
for PROJECT in $PROJECTS
do
get_enabled_services "$PROJECT"
done
# Remove duplicates from the array
unique_services=($(echo "${enabled_services[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' '))
# Create a CSV file to store the output
output_file="enabled_services.csv"
echo "Enabled Services across all projects in the organization:" > "$output_file"
for SERVICE in "${unique_services[@]}"
do
echo "- $SERVICE" >> "$output_file"
done
echo "Output written to $output_file"
services across all projects
#!/bin/bash
# Set your GCP organization ID
ORGANIZATION_ID="ORG_ID"
# Create an array to store the enabled services
enabled_services=()
# Function to get enabled services for a project
function get_enabled_services {
local project_id="$1"
local services=$(gcloud services list --project=${project_id} --enabled --format="value(NAME)")
while IFS= read -r service_name; do
enabled_services+=("$service_name")
done <<< "$services"
}
# Get a list of all projects in the organization
# PROJECTS=$(gcloud projects list --filter="parent.id=${ORGANIZATION_ID}" --format="value(projectId)")
PROJECTS=$(gcloud projects list --format="value(projectId)")
# Iterate through each project and fetch enabled services
for PROJECT in $PROJECTS
do
get_enabled_services "$PROJECT"
done
# Remove duplicates from the array
unique_services=($(echo "${enabled_services[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' '))
# Create a CSV file to store the output
output_file="enabled_services.csv"
echo "Enabled Services across all projects in the organization:" > "$output_file"
for SERVICE in "${unique_services[@]}"
do
echo "- $SERVICE" >> "$output_file"
done
echo "Output written to $output_file"
apis across all projects
#!/bin/bash
# Set your GCP organization ID
ORGANIZATION_ID=""
# Create an array to store the enabled services
enabled_services=()
# Function to get enabled services for a project
function get_enabled_services {
local project_id="$1"
local services=$(gcloud services list --project=${project_id} --enabled --format="value(NAME)")
while IFS= read -r service_name; do
enabled_services+=("$service_name")
done <<< "$services"
}
# Get a list of all projects in the organization
PROJECTS=$(gcloud projects list --filter="parent.id=${ORGANIZATION_ID}" --format="value(projectId)")
# Iterate through each project and fetch enabled services
for PROJECT in $PROJECTS
do
get_enabled_services "$PROJECT"
done
# Remove duplicates from the array
unique_services=($(echo "${enabled_services[@]}" | tr ' ' '\n' | sort -u | tr '\n' ' '))
# Print the list of enabled services
echo "Enabled Services across all projects in the organization:"
for SERVICE in "${unique_services[@]}"
do
echo "- $SERVICE"
done
export to CSV
#!/bin/bash
projects_with_vpc=()
# Get a list of all projects
projects=$(gcloud projects list --format="value(projectId)")
# Iterate through each project to check if it has VPC networks
for project_id in $projects; do
# Check if the compute API is enabled for the project
api_status=$(gcloud services list --project="$project_id" --format="value(config.name)" --filter="config.name:compute.googleapis.com")
if [ "$api_status" == "compute.googleapis.com" ]; then
vpc_list=$(gcloud compute networks list --project="$project_id" --format="value(name)")
if [ -n "$vpc_list" ]; then
while IFS= read -r vpc_name; do
projects_with_vpc+=("$project_id|$vpc_name")
done <<< "$vpc_list"
fi
else
echo "API [compute.googleapis.com] not enabled on project \"$project_id\". Skipping..."
fi
done
# Output the list of projects with VPC networks to CSV file
csv_file="projects_with_vpc.csv"
echo "Project ID, VPC Name" > "$csv_file"
for project_vpc in "${projects_with_vpc[@]}"; do
project_id=$(echo "$project_vpc" | cut -d '|' -f 1)
vpc_name=$(echo "$project_vpc" | cut -d '|' -f 2)
echo "$project_id, $vpc_name" >> "$csv_file"
done
echo "Projects with VPC networks written to $csv_file."
first script
#!/bin/bash
projects_with_vpc=()
# Get a list of all projects
projects=$(gcloud projects list --format="value(projectId)")
# Iterate through each project to check if it has VPC networks
for project_id in $projects; do
vpc_list=$(gcloud compute networks list --project="$project_id" --format="value(name)")
if [ -n "$vpc_list" ]; then
while IFS= read -r vpc_name; do
projects_with_vpc+=("$project_id|$vpc_name")
done <<< "$vpc_list"
fi
done
# Output the list of projects with VPC networks and their VPC names
echo "Projects with VPC networks:"
for project_vpc in "${projects_with_vpc[@]}"; do
project_id=$(echo "$project_vpc" | cut -d '|' -f 1)
vpc_name=$(echo "$project_vpc" | cut -d '|' -f 2)
echo "- Project ID: $project_id, VPC Name: $vpc_name"
done
burim/bash-gcp.txt · Last modified: 2023/08/18 08:49 by burim