Skip to content

Headstart with Google Cloud Platform

Overview

Component

  1. Connect to GCP Resources:

Login default with ADC

gcloud auth application-default login
# Your browser has been opened to visit:

# https://accounts.google.com/o/oauth2/auth?---------------------------------------

# Credential saved to file: [--------------\gcloud\application_default_credentials.json]

# These credentials will be used by any library that requests Application Default Credential (ADC).

# Quota project "-----" was added to ADC which can be used by Google client libraries for billing and quota. Note that some services may still bill the project owning the resource.

Verify

gcloud auth list

Set your account

# E.g: declare YOUR_IAM_ACCOUNT_EMAIL=example@innotech.vn
gcloud config set account $YOUR_IAM_ACCOUNT_EMAIL

# Project
declare PROJECT_ID=$(gcloud config list --format='value(core.project)')
declare PROJECT_REGION=$(gcloud config list --format='value(compute.region)')
declare PROJECT_NUMBER=$(gcloud projects describe $PROJECT_ID --format='value(projectNumber)')

# Setting
gcloud config set account $SERVICE_ACCOUNT_EMAIL;
gcloud config set core/project $PROJECT_ID;
gcloud config set compute/zone $PROJECT_REGION;

# Verify
gcloud config list;

# Configuration
gcloud config set core/project $PROJECT_ID;
gcloud config set run/region $PROJECT_REGION;
gcloud config set gcloudignore/enabled true;
  1. Establish the connection and testing
# [Client] Copy JSON creds file from client to remote to $HOME of target user
# scp <LOCAL-JSON-KEYFILE-PATH> $TARGET_HOST_USER@$TARGET_HOST_IP:\$HOME/

# Make
declare DEFAULT_GCLOUD_SA_FILE_DIR=$HOME/.config/gcloud
mkdir -p $HOME/.config/gcloud
mv $HOME/<CREDENTIAL.JSON> $HOME/.config/gcloud

# Gcloud Variables
declare PROJECT_ID=
declare PROJECT_REGION=
declare GCLOUDSDK_CREDENTIAL_FILE=
declare SERVICE_ACCOUNT_EMAIL=

# Authentication
gcloud auth activate-service-account \
    $SERVICE_ACCOUNT_EMAIL \
    --key-file=$HOME/.config/gcloud/$GCLOUDSDK_CREDENTIAL_FILE \
    --project=$PROJECT_ID

# Required config service accounts
# https://cloud.google.com/sdk/gcloud/reference/auth/list
# List Accounts
gcloud auth list;

# Setting ADC:
# Ref: https://cloud.google.com/docs/authentication/application-default-credentials
bash -c "echo export GOOGLE_APPLICATION_CREDENTIALS=\$HOME/.config/gcloud/$GCLOUDSDK_CREDENTIAL_FILE \
    >> ~/.bashrc";