Using PowerShell to manage GCP resources: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 66: | Line 66: | ||
: '''gcloud config set project “<Project_ID>”''' | : '''gcloud config set project “<Project_ID>”''' | ||
: Note: Replace <Project_ID> with the target GCP project ID | : Note: Replace <Project_ID> with the target GCP project ID | ||
== Network related commands == | |||
* List available networks: | |||
: '''Get-GceNetwork | select Name,AutoCreateSubnetworks,IPv4Range,GatewayIPv4''' | |||
* Create a new network inside a specific GCP project: | |||
: '''New-GceNetwork -Name "my-network" -IPv4Range <CIDR_Block> -Project "my-project"''' | |||
: Note 1: The above commands should be written as a single line | |||
: Note 2: Replace '''my-network''' with the relevant network name | |||
: Note 3: Replace '''<CIDR_Block>''' with the relevant value (such as 10.240.0.0/16) | |||
: Note 4: Replace '''my-project''' with the target GCP project ID | |||
* Delete a network inside a specific GCP project: | |||
: '''Remove-GceNetwork -Network "my-network" -Project "my-project"''' | |||
: Note 1: Replace '''my-network''' with the relevant network name | |||
: Note 2: Replace '''my-project''' with the target GCP project ID | |||
== Firewall rules related commands == | |||
* List all available Firewall rules inside a GCP project: | |||
: '''Get-GceFirewall -Project "my-project" | select Name,Direction,Priority,Allowed,Denied''' | |||
: Note: Replace '''my-project''' with the target GCP project ID | |||
* List settings of a specific Firewall rule inside a GCP project: | |||
: '''Get-GceFirewall "my-firewall" -Project "my-project"''' | |||
: Note 1: Replace '''my-firewall''' with the specific firewall rule name | |||
: Note 2: Replace '''my-project''' with the target GCP project ID | |||
* Create a new Web allow firewall rule: | |||
: '''New-GceFirewallProtocol tcp -Port 80 | Add-GceFirewall -Project "my-project" -Name "rule-name" -Network "my-network" -Description "Allow Web Traffic"''' | |||
: Note 1: The above commands should be written as a single line | |||
: Note 2: Replace '''80''' with the target port number | |||
: Note 3: Replace '''my-project''' with the target GCP project ID | |||
: Note 4: Replace '''rule-name''' with the target rule name | |||
: Note 5: Replace '''my-network''' with the relevant network name | |||
: Note 6: Replace '''"Allow Web Traffic"''' with a relevant rule description | |||
Revision as of 13:55, 12 March 2019
How to configure PowerShell for managing GCP resources (Windows platform)
- Login to the machine using privileged account.
- From command prompt, run the command below to invoke PowerShell:
- powershell
- Note: You need to run cmd.exe or PowerShell.exe as administrator.
- Run the command below to find out the current PowerShell version:
- $PSVersionTable.PSVersion
- In-case you currently have version older than 5.1, follow the article below to locate the download URL for upgrading to the latest version of PowerShell:
- https://docs.microsoft.com/en-us/powershell/scripting/setup/installing-windows-powershell?view=powershell-6
- Also, review the article below for PowerShell installation pre-requirements:
- https://docs.microsoft.com/en-us/powershell/scripting/setup/windows-powershell-system-requirements?view=powershell-5.1
- Run the below command to check if you have PowerShellGet installed on your system:
- Get-Module PowerShellGet -list | Select-Object Name,Version,Path
- In-case you don’t have PowerShellGet, run the commands below:
- Install-PackageProvider Nuget –Force
- Install-Module -Name PowerShellGet –Force
- For more information about installation or upgrade of PowerShellGet, see:
- https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
- Exit PowerShell console and command prompt.
- Install Google Cloud SDK, as instructed below:
- Run the following from command prompt to initialize the Cloud SDK:
- gcloud init --console-only
- Select a GCP project from the list
- Select a default Compute region and zone
How to configure PowerShell for managing GCP resources (CentOS platform)
- Login to the machine using privileged account.
- Run the command below to register the RedHat repository:
- curl https://packages.microsoft.com/config/rhel/7/prod.repo | sudo tee /etc/yum.repos.d/microsoft.repo
- Note: The above command should be written in a single line
- Run the command below to install PowerShell:
- sudo yum install -y powershell
- From command prompt, run the command below to invoke PowerShell:
- sudo pwsh
- Run the command below to find out the current PowerShell version:
- $PSVersionTable.PSVersion
- Run the below command to check if you have PowerShellGet installed on your system:
- Get-Module PowerShellGet -list | Select-Object Name,Version,Path
- In-case you don’t have PowerShellGet, run the commands below:
- Install-Module -Name PowerShellGet –Force
- For more information about installation or upgrade of PowerShellGet, see:
- https://docs.microsoft.com/en-us/powershell/gallery/installing-psget
- Install Google Cloud SDK, as instructed below:
- Run the following command to initialize the Cloud SDK:
- gcloud init --console-only
- Select a GCP project from the list
- Select a default Compute region and zone
- Run the command below to install Cloud SDK tools for PowerShell:
- Install-Module -Name GoogleCloud -Force'
- List all available cmdlets of Google Cloud PowerShell SDK:
- Get-Command -CommandType Cmdlet -Module GoogleCloud*
Common PowerShell commands for GCP
- Login to Google Cloud Platform:
- gcloud auth login --no-launch-browser
- List all active GCP accounts:
- gcloud auth list
- Change the active account:
- gcloud config set account <Account_Name>
- Note: Replace <Account_Name> with the target GCP account
- Lists all available GCP projects:
- Get-GcpProject | select Name,ProjectId
- Change the GCP project:
- gcloud config set project “<Project_ID>”
- Note: Replace <Project_ID> with the target GCP project ID
- List available networks:
- Get-GceNetwork | select Name,AutoCreateSubnetworks,IPv4Range,GatewayIPv4
- Create a new network inside a specific GCP project:
- New-GceNetwork -Name "my-network" -IPv4Range <CIDR_Block> -Project "my-project"
- Note 1: The above commands should be written as a single line
- Note 2: Replace my-network with the relevant network name
- Note 3: Replace <CIDR_Block> with the relevant value (such as 10.240.0.0/16)
- Note 4: Replace my-project with the target GCP project ID
- Delete a network inside a specific GCP project:
- Remove-GceNetwork -Network "my-network" -Project "my-project"
- Note 1: Replace my-network with the relevant network name
- Note 2: Replace my-project with the target GCP project ID
- List all available Firewall rules inside a GCP project:
- Get-GceFirewall -Project "my-project" | select Name,Direction,Priority,Allowed,Denied
- Note: Replace my-project with the target GCP project ID
- List settings of a specific Firewall rule inside a GCP project:
- Get-GceFirewall "my-firewall" -Project "my-project"
- Note 1: Replace my-firewall with the specific firewall rule name
- Note 2: Replace my-project with the target GCP project ID
- Create a new Web allow firewall rule:
- New-GceFirewallProtocol tcp -Port 80 | Add-GceFirewall -Project "my-project" -Name "rule-name" -Network "my-network" -Description "Allow Web Traffic"
- Note 1: The above commands should be written as a single line
- Note 2: Replace 80 with the target port number
- Note 3: Replace my-project with the target GCP project ID
- Note 4: Replace rule-name with the target rule name
- Note 5: Replace my-network with the relevant network name
- Note 6: Replace "Allow Web Traffic" with a relevant rule description