gcp_apikeys_keygcp_app_engine_applicationgcp_artifact_registry_repositorygcp_audit_policygcp_bigquery_datasetgcp_bigquery_jobgcp_bigquery_tablegcp_bigtable_instancegcp_billing_accountgcp_billing_budgetgcp_cloud_assetgcp_cloud_identity_groupgcp_cloud_identity_group_membershipgcp_cloud_run_servicegcp_cloudfunctions_functiongcp_compute_addressgcp_compute_autoscalergcp_compute_backend_bucketgcp_compute_backend_servicegcp_compute_diskgcp_compute_disk_metric_read_opsgcp_compute_disk_metric_read_ops_dailygcp_compute_disk_metric_read_ops_hourlygcp_compute_disk_metric_write_opsgcp_compute_disk_metric_write_ops_dailygcp_compute_disk_metric_write_ops_hourlygcp_compute_firewallgcp_compute_forwarding_rulegcp_compute_global_addressgcp_compute_global_forwarding_rulegcp_compute_ha_vpn_gatewaygcp_compute_imagegcp_compute_instancegcp_compute_instance_groupgcp_compute_instance_metric_cpu_utilizationgcp_compute_instance_metric_cpu_utilization_dailygcp_compute_instance_metric_cpu_utilization_hourlygcp_compute_instance_templategcp_compute_machine_imagegcp_compute_machine_typegcp_compute_networkgcp_compute_node_groupgcp_compute_node_templategcp_compute_project_metadatagcp_compute_regiongcp_compute_resource_policygcp_compute_routegcp_compute_routergcp_compute_snapshotgcp_compute_ssl_policygcp_compute_subnetworkgcp_compute_target_https_proxygcp_compute_target_poolgcp_compute_target_ssl_proxygcp_compute_target_vpn_gatewaygcp_compute_url_mapgcp_compute_vpn_tunnelgcp_compute_zonegcp_dataproc_clustergcp_dns_managed_zonegcp_dns_policygcp_dns_record_setgcp_iam_policygcp_iam_rolegcp_kms_keygcp_kms_key_ringgcp_kms_key_versiongcp_kubernetes_clustergcp_kubernetes_node_poolgcp_logging_bucketgcp_logging_exclusiongcp_logging_log_entrygcp_logging_metricgcp_logging_sinkgcp_monitoring_alert_policygcp_monitoring_groupgcp_monitoring_notification_channelgcp_organizationgcp_projectgcp_project_organization_policygcp_project_servicegcp_pubsub_snapshotgcp_pubsub_subscriptiongcp_pubsub_topicgcp_redis_instancegcp_service_accountgcp_service_account_keygcp_sql_backupgcp_sql_databasegcp_sql_database_instancegcp_sql_database_instance_metric_connectionsgcp_sql_database_instance_metric_connections_dailygcp_sql_database_instance_metric_connections_hourlygcp_sql_database_instance_metric_cpu_utilizationgcp_sql_database_instance_metric_cpu_utilization_dailygcp_sql_database_instance_metric_cpu_utilization_hourlygcp_storage_bucketgcp_storage_objectgcp_tag_bindinggcp_vertex_ai_endpointgcp_vertex_ai_model
Table: gcp_compute_disk - Query Google Cloud Compute Engine Disks using SQL
Google Cloud Compute Engine Disks are persistent, high-performance block storage for Google Cloud's Virtual Machines (VMs). They are used to store data and serve as the primary storage for data used by VMs. These disks are automatically encrypted, durable, and offer up to 64 TB of space.
Table Usage Guide
The gcp_compute_disk table provides insights into disks within Google Cloud Compute Engine. As a system administrator, you can explore disk-specific details through this table, including their sizes, types, and associated instances. Utilize it to monitor and manage your storage resources effectively, ensuring optimal performance and cost-efficiency.
Examples
Basic info
Explore which Google Cloud Platform (GCP) compute disks are being used, their locations, and their respective sizes. This information can be beneficial for managing storage resources and optimizing costs.
select name, id, size_gb as disk_size_in_gb, type_name, zone_name, region_name, location_typefrom gcp_compute_disk;select name, id, size_gb as disk_size_in_gb, type_name, zone_name, region_name, location_typefrom gcp_compute_disk;List disks encrypted with Google-managed key
Explore which disks are encrypted using a Google-managed key to ensure compliance with your organization's data security policies. This can help in identifying potential security vulnerabilities and maintaining data privacy standards.
select name, id, zone_name, disk_encryption_key_typefrom gcp_compute_diskwhere disk_encryption_key_type = 'Google managed';select name, id, zone_name, disk_encryption_key_typefrom gcp_compute_diskwhere disk_encryption_key_type = 'Google managed';List disks that are not in use
Discover the segments that include unused disks in your Google Cloud Platform compute disk storage. This can be beneficial in identifying potential areas for cost optimization and resource management.
select name, id, usersfrom gcp_compute_diskwhere users is null;select name, id, usersfrom gcp_compute_diskwhere users is null;List regional disks
Explore which disks are regionally located in your Google Cloud Platform's compute engine. This is useful for understanding the distribution of your resources and ensuring data is stored in the appropriate geographical areas.
select name, region_namefrom gcp_compute_diskwhere location_type = 'REGIONAL';select name, region_namefrom gcp_compute_diskwhere location_type = 'REGIONAL';Count the number of disks per availability zone
Analyze the distribution of your storage resources by determining the total number of disks available in each zone. This information can be utilized to efficiently manage and balance your storage resources across different zones.
select zone_name, count(*)from gcp_compute_diskgroup by zone_nameorder by count desc;select zone_name, count(*)from gcp_compute_diskgroup by zone_nameorder by count(*) desc;List disks ordered by size
Analyze your Google Cloud Platform's compute disk storage to understand which disks are consuming the most space. This can help manage storage efficiently by identifying disks that may need to be resized or cleaned up.
select name, size_gbfrom gcp_compute_diskorder by size_gb desc;select name, size_gbfrom gcp_compute_diskorder by size_gb desc;Query examples
- compute_disk_1_year_count
- compute_disk_24_hours_count
- compute_disk_30_90_days_count
- compute_disk_30_days_count
- compute_disk_90_365_days_count
- compute_disk_attached_instances_count
- compute_disk_by_creation_month
- compute_disk_by_encryption_type
- compute_disk_by_location
- compute_disk_by_project
- compute_disk_by_type
- compute_disk_count
- compute_disk_customer_managed_encryption
- compute_disk_customer_supplied_encryption
- compute_disk_encryption
- compute_disk_encryption_table
- compute_disk_google_managed_encryption
- compute_disk_input
- compute_disk_overview
- compute_disk_read_throughput
- compute_disk_storage
- compute_disk_storage_by_creation_month
- compute_disk_storage_by_encryption_type
- compute_disk_storage_by_location
- compute_disk_storage_by_project
- compute_disk_storage_by_type
- compute_disk_storage_total
- compute_disk_tags
- compute_disk_type
- compute_disk_unattached_count
- compute_disk_write_throughput
- compute_disks_for_compute_instance
- compute_disks_for_kms_key
- compute_instances_for_compute_disk
- kms_keys_for_compute_disk
- source_compute_disks_for_compute_disk
- source_compute_images_for_compute_disk
- source_compute_snapshots_for_compute_disk
- target_compute_disks_for_compute_disk
- target_compute_images_for_compute_disk
- target_compute_snapshots_for_compute_disk
Control examples
- 4.7 Ensure VM disks for critical VMs are encrypted with Customer-Supplied Encryption Keys (CSEK)
- 4.7 Ensure VM disks for critical VMs are encrypted with Customer-Supplied Encryption Keys (CSEK)
- 4.7 Ensure VM disks for critical VMs are encrypted with Customer-Supplied Encryption Keys (CSEK)
- Ensure VM disks for critical VMs are encrypted with Customer-Supplied Encryption Keys (CSEK)
Schema for gcp_compute_disk
| Name | Type | Operators | Description |
|---|---|---|---|
| _ctx | jsonb | Steampipe context in JSON form, e.g. connection_name. | |
| akas | jsonb | Array of globally unique identifier strings (also known as) for the resource. | |
| creation_timestamp | timestamp with time zone | Timestamp when the disk was created. | |
| description | text | An optional description of this resource. Provide this property when you create the resource. | |
| disk_encryption_key | jsonb | Specifies the encryption configuration used to encrypt stored data. | |
| disk_encryption_key_type | text | The type of encryption key used to encrypt storage data. Valid values are Google managed | Customer managed | Customer supplied. | |
| guest_os_features | jsonb | A list of features to enable on the guest operating system. Applicable only for bootable images. | |
| iam_policy | jsonb | An Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`. | |
| id | bigint | The unique identifier for the resource. This identifier is defined by the server. | |
| kind | text | Type of the resource. Always compute#disk for disks. | |
| labels | jsonb | A map of labels assigned to bucket | |
| last_attach_timestamp | timestamp with time zone | Timestamp when the disk was last attached. | |
| last_detach_timestamp | timestamp with time zone | Timestamp when the disk was last detached. | |
| license_codes | jsonb | Integer license codes indicating which licenses are attached to this disk. | |
| licenses | jsonb | A list of publicly visible licenses. | |
| location | text | The GCP multi-region, region, or zone in which the resource is located. | |
| location_type | text | Location type where the disk resides. | |
| name | text | !=, = | Name of the resource. |
| physical_block_size_bytes | bigint | Physical block size of the persistent disk, in bytes. If not present in a request, a default value is used. | |
| project | text | The GCP Project in which the resource is located. | |
| region | text | URL of the region where the disk resides. Only applicable for regional resources. | |
| region_name | text | Name of the region where the disk resides. Only applicable for regional resources. | |
| replica_zones | jsonb | URLs of the zones where the disk should be replicated to. Only applicable for regional resources. | |
| resource_policies | jsonb | Resource policies applied to this disk for automatic snapshot creations. | |
| self_link | text | Server-defined fully-qualified URL for this resource. | |
| size_gb | double precision | Size, in GB, of the persistent disk. | |
| source_disk | text | The source disk used to create this disk. You can provide this as a partial or full URL to the resource. | |
| source_disk_id | text | The unique ID of the disk used to create this disk. This value identifies the exact disk that was used to create this persistent disk. | |
| source_image | text | The source image used to create this disk. If the source image is deleted, this field will not be set. | |
| source_image_encryption_key | text | The customer-supplied encryption key of the source image. Required if the source image is protected by a customer-supplied encryption key. | |
| source_image_id | text | The ID value of the image used to create this disk. This value identifies the exact image that was used to create this persistent disk. | |
| source_snapshot | text | The source snapshot used to create this disk. | |
| source_snapshot_encryption_key | text | The customer-supplied encryption key of the source snapshot. Required if the source snapshot is protected by a customer-supplied encryption key. | |
| source_snapshot_id | text | The unique ID of the snapshot used to create this disk. This value identifies the exact snapshot that was used to create this persistent disk. | |
| status | text | !=, = | The status of disk creation. CREATING: Disk is provisioning. RESTORING: Source data is being copied into the disk. FAILED: Disk creation failed. READY: Disk is ready for use. DELETING: Disk is deleting. |
| tags | jsonb | A map of tags for the resource. | |
| title | text | Title of the resource. | |
| type | text | URL of the disk type resource describing which disk type to use to create the disk. Provide this when creating the disk. For example: projects/project/zones/zone/diskTypes/pd-standard or pd-ssd | |
| type_name | text | Type of the disk. For example: pd-standard or pd-ssd | |
| users | jsonb | Links to the users of the disk (attached instances) in form: projects/project/zones/zone/instances/instance | |
| zone | text | URL of the zone where the disk resides. | |
| zone_name | text | The zone name in which the disk resides. |
Export
This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.
You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:
/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcpYou can pass the configuration to the command with the --config argument:
steampipe_export_gcp --config '<your_config>' gcp_compute_disk