Google Cloud GCloud Cheat Sheet
Google Cloud Config
| PURPOSE | COMMAND |
|---|---|
| List projects | gcloud config list, gcloud config list project |
| List projects | gcloud config list, gcloud config list project |
| Show project info | gcloud compute project-info describe |
| Switch project | gcloud config set project <project-id> |
| Set the active account | gcloud config set account <ACCOUNT> |
| Set default region | gcloud config set compute/region us-west |
| Set default zone | gcloud config set compute/zone us-west1-b |
| List configurations | gcloud config configurations list |
| Activate configuration | gcloud config configurations activate |
Google Cloud IAM
| PURPOSE | COMMAND |
|---|---|
| get project roles | gcloud projects get-iam-policy |
| copy roles across org and projects | gcloud iam roles copy |
| get project roles | gcloud projects get-iam-policy |
| copy roles across org and projects | gcloud iam roles copy |
Google Cloud Auth
| PURPOSE | COMMAND |
|---|---|
| Display a list of credentialed accounts | gcloud auth list |
| Authenticate client using service account | gcloud auth activate-service-account --key-file <key-file> |
| Auth to GCP Container Registry | gcloud auth configure-docker |
| Print token for active account | gcloud auth print-access-token, gcloud auth print-refresh-token |
| Revoke previous generated credential | gcloud auth <application-default> revoke |
Google Cloud Storage
| PURPOSE | COMMAND |
|---|---|
| List all buckets and files | gsutil ls, gsutil ls -lh gs://<bucket-name> |
| Create bucket | gsutil mb gs://<bucket-name> |
| Download file | gsutil cp gs://<bucket-name>/<dir-path>/app.txt |
| Upload file | gsutil cp <filename> gs://<bucket-name>/<directory>/ |
| Delete file | gsutil rm gs://<bucket-name>/<filepath> |
| Move file | gsutil mv <src-filepath> gs://<bucket-name>/<directory>/<dest-filepath> |
| Copy folder | gsutil cp -r ./conf gs://<bucket-name>/ |
| Show disk usage | gsutil du -h gs://<bucket-name/<directory> |
| Make all files readable | gsutil -m acl set -R -a public-read gs://<bucket-name>/ |
| Create signed url with duration | gsutil signurl -d 1m |
Google Kubernetes Engine
| PURPOSE | COMMAND |
|---|---|
| create cluster | gcloud container clusters create cluster-name --num-nodes 1 |
| List all container clusters | gcloud container clusters list |
| Set kubectl context | gcloud container clusters get-credentials <cluster-name> |
| Set default cluster | gcloud config set container/cluster cluster-name |
| resize existing cluster | gcloud container clusters resize --num-nodes |
Google Cloud Compute Engine
| PURPOSE | COMMAND |
|---|---|
| List all instances | gcloud compute instances list , gcloud compute instance-templates list |
| Show instance info | gcloud compute instances describe "<instance-name>" --project "<project-name>" --zone "us-west2-a" |
| Stop an instance | gcloud compute instances stop instance-name |
| Start an instance | gcloud compute instances start instance-name |
| Create an instance | gcloud compute instances create vm1 --image image-1 --tags test --zone "<zone>" --machine-type f1-micro |
| Create premptible instance | gcloud compute instances create "preempt" --preemptible |
| SSH to instance | gcloud compute ssh --project "<project-name>" --zone "<zone-name>" "<instance-name>" |
| Images list | gcloud compute images list |
Virtual Private Network
| PURPOSE | COMMAND |
|---|---|
| List all networks | gcloud compute networks list |
| Detail of one network | gcloud compute networks describe <network-name> --format json |
| Create network | gcloud compute networks create <network-name> |
| Create subnet | gcloud compute networks subnets create subnet1 --network subnet-1 --range 10.0.0.0/24 |
| List all firewall rules | gcloud compute firewall-rules list |
| List all forwarding rules | gcloud compute forwarding-rules list |
| Describe one firewall rule | gcloud compute firewall-rules describe <rule-name> |
| Create firewall rule | gcloud compute firewall-rules create my-rule --network default --allow tcp:22 |
| Update firewall rule | gcloud compute firewall-rules update default --network default --allow tcp:80 |
Components
| PURPOSE | COMMAND |
|---|---|
| List down the components | gcloud components list |
| Update the components | gcloud components update |
| Install the components | gcloud components install <component-name> |
Deployment Manager
| PURPOSE | COMMAND |
|---|---|
| Create deployments | gcloud deployment-manager deployments create |
| Update deployments | gcloud deployment-manager deployments update |
GCP Certification Exam Practice Questions
- Questions are collected from Internet and the answers are marked as per my knowledge and understanding (which might differ with yours).
- GCP services are updated everyday and both the answers and questions might be outdated soon, so research accordingly.
- GCP exam questions are not updated to keep up the pace with GCP updates, so even if the underlying feature has changed the question might not be updated
- Open to further feedback, discussion and correction.
- You have a development project with appropriate IAM roles defined. You are creating a production project and want to have the same IAM roles on the new project, using the fewest possible steps. What should you do?
- Use gcloud iam roles copy and specify the production project as the destination project.
- Use gcloud iam roles copy and specify your organization as the destination organization.
- In the Google Cloud Platform Console, use the ‘create role from role’ functionality.
- In the Google Cloud Platform Console, use the ‘create role’ functionality and select all applicable permissions.
- Your team is working on GKE cluster named dev. You have downloaded and installed the gcloud command line interface (CLI) and SDK. You want to avoid having to specify this GKE config with each CLI command when managing this cluster. What should you do?
- Set the dev cluster as the default cluster using the gcloud container update dev
- Set the dev cluster as the default cluster using the gcloud config set container/cluster dev
- Set the dev cluster as the default cluster by adding the config to gke.default in ~/gcloud folder
- Set the dev cluster as the default cluster by adding the config to defaults.json in ~/gcloud folder
- You have a Kubernetes cluster with 1 node-pool. The cluster receives a lot of traffic and needs to grow. You decide to add a node. What should you do?
- Use “gcloud container clusters resize” with the desired number of nodes.
- Use “kubectl container clusters resize” with the desired number of nodes.
- Edit the managed instance group of the cluster and increase the number of VMs by 1.
- Edit the managed instance group of the cluster and enable autoscaling.
- You’re trying to provide temporary access to some files in a Cloud Storage bucket with 20 minutes availability. What is the best way to generate a signed URL?
- Create a service account and JSON key. Use the gsutil signurl -t 20m command and pass in the JSON key and bucket.
- Create a service account and JSON key. Use the gsutil signurl -d 20m command and pass in the JSON key and bucket.
- Create a service account and JSON key. Use the gsutil signurl -p 20m command and pass in the JSON key and bucket.
- Create a service account and JSON key. Use the gsutil signurl -m 20m command and pass in the JSON key and bucket.