cloud engineer
Here’s how to list SQL instances within your GCP project.
gcloud sql instances list --project your-project-id |
gcloud sql instances list --project your-project-id
Output:
NAME DATABASE_VERSION LOCATION TIER PRIMARY_ADDRESS PRIVATE_ADDRESS STATUS database1 SQLSERVER_2017_STANDARD us-central1-a db-n1-standard-1 - 10.10.10.11 RUNNABLE database2 SQLSERVER_2017_STANDARD us-central1-c db-n1-standard-1 - 10.10.10.12 RUNNABLE |
NAME DATABASE_VERSION LOCATION TIER PRIMARY_ADDRESS PRIVATE_ADDRESS STATUS database1 SQLSERVER_2017_STANDARD us-central1-a db-n1-standard-1 - 10.10.10.11 RUNNABLE database2 SQLSERVER_2017_STANDARD us-central1-c db-n1-standard-1 - 10.10.10.12 RUNNABLE
Here’s another way to list projects in a shared VPC.
gcloud compute shared-vpc list-associated-resources your-shared-host |
gcloud compute shared-vpc list-associated-resources your-shared-host
Output:
project1 PROJECT project2 PROJECT project3 PROJECT ... |
project1 PROJECT project2 PROJECT project3 PROJECT ...
Here’s how to list AWS AMI (machine images) owned by yourself.
aws ec2 describe-images \ --query "Images[*].[Name,PlatformDetails]" \ --owners self \ --profile default \ --region us-east-1 \ --output text |
aws ec2 describe-images \ --query "Images[*].[Name,PlatformDetails]" \ --owners self \ --profile default \ --region us-east-1 \ --output text
Output:
icecast-0.1 Linux/UNIX jekyll-0.3 Linux/UNIX docker-0.1 Linux/UNIX |
icecast-0.1 Linux/UNIX jekyll-0.3 Linux/UNIX docker-0.1 Linux/UNIX
Specifying owners as self only display images owned by you.
I was getting this error when downloading a file from a S3 bucket.
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden |
fatal error: An error occurred (403) when calling the HeadObject operation: Forbidden
Turns out to be a permission issue. Use –acl bucket-owner-full-control.
# UPLOAD aws s3 cp file.txt s3://bucket-name/dir/ --acl bucket-owner-full-control upload: .\file.txt to s3://bucket-name/dir/fw.sh # DOWNLOAD aws s3 cp s3://bucket-name/dir/file.txt . --acl bucket-owner-full-control download: s3://bucket-name/dir/file.txt to .\file.txt |
# UPLOAD aws s3 cp file.txt s3://bucket-name/dir/ --acl bucket-owner-full-control upload: .\file.txt to s3://bucket-name/dir/fw.sh # DOWNLOAD aws s3 cp s3://bucket-name/dir/file.txt . --acl bucket-owner-full-control download: s3://bucket-name/dir/file.txt to .\file.txt
You need to do for both upload and download.
Here’s how to create a firewall from service account to service account.
gcloud compute firewall-rules create "firewall-name" \ --description="firewall-description" \ --priority "1000" \ --direction INGRESS \ --action allow \ --network "network-name" \ --source-service-accounts="service@account.net" \ --target-service-accounts="service@account.net" \ --rules tcp:9001 |
gcloud compute firewall-rules create "firewall-name" \ --description="firewall-description" \ --priority "1000" \ --direction INGRESS \ --action allow \ --network "network-name" \ --source-service-accounts="service@account.net" \ --target-service-accounts="service@account.net" \ --rules tcp:9001
Instead of source-range, it’s using source-service-accounts.