Skip to content

GCP

Pricing

Administration

Services

Artifact Registry

Cloud Run

Compute Engine

GKE

IAM

Differences between iam_binding and iam_member:

  • binding revokes any other members from the role to which it applies
  • member just adds a member alongside existing members.

Networking

Logging

Filter by principal

bash
protoPayload.authenticationInfo.principalEmail="[email protected]"

Cookbook

gcloud login

bash
gcloud auth login
gcloud auth login --update-adc
gcloud config set account $ACCOUNT_NAME
gcloud config configurations list
gcloud config configurations activate $ACCOUNT_NAME

on colab

python
from google.colab import auth

auth.authenticate_user()

in docker

yaml
backend:
  build: backend
  ports:
    - 8000:8000
  environment:
    GOOGLE_APPLICATION_CREDENTIALS: /opt/application_default_credentials.json
  volumes:
    - ~/.config/gcloud/application_default_credentials.json:/opt/application_default_credentials.json

Set PROJECT_ID from environment variable

bash
GOOGLE_CLOUD_PROJECT=foo
GOOGLE_CLOUD_QUOTA_PROJECT=bar

Set up cloud-sql-proxy

bash
brew install --cask google-cloud-sdk
gcloud auth application-default login

# see Releases for other versions
URL="https://storage.googleapis.com/cloud-sql-connectors/cloud-sql-proxy/v2.6.1"
curl "$URL/cloud-sql-proxy.darwin.arm64" -o cloud-sql-proxy
chmod +x cloud-sql-proxy
sudo mv cloud-sql-proxy /usr/local/bin/

cloud-sql-proxy --port <INTERNAL> <INSTANCE_CONNECTION_NAME>

Get bearer token

bash
gcloud auth print-identity-token

Resources