turbot/gcp

steampipe plugin install gcpsteampipe plugin install gcp
On This Page
Get Involved

Table: gcp_compute_instance

A GCP Compute Instance is a virtual machine (VM) hosted on Google's infrastructure.

Examples

Instance count in each availability zone

select
zone_name,
count(*)
from
gcp_compute_instance
group by
zone_name
order by
count desc;

Count the number of instances by instance type

select
machine_type_name,
count(*) as count
from
gcp_compute_instance
group by
machine_type_name
order by
count desc;

List of instances without application label

select
name,
tags
from
gcp_compute_instance
where
tags -> 'application' is null;

List instances having deletion protection feature disabled

select
name,
deletion_protection
from
gcp_compute_instance
where
not deletion_protection;

List the disk stats attached to the instances

select
name,
count(d) as num_disks,
sum( (d ->> 'diskSizeGb') :: int ) as total_storage
from
gcp_compute_instance as i,
jsonb_array_elements(disks) as d
group by
name;

Find instances with IP in a given CIDR range

select
name,
nic ->> 'networkIP' as ip_address
from
gcp_compute_instance as i,
jsonb_array_elements(network_interfaces) as nic
where
(nic ->> 'networkIP') :: inet <<= '10.128.0.0/16' ;

Find instances that have been stopped for more than 30 days

select
name,
status,
last_stop_timestamp
from
gcp_compute_instance
where
status = 'TERMINATED'
and last_stop_timestamp < current_timestamp - interval '30 days' ;

Find the boot disk of each instance

select
vm.name as instance_name,
d.name as disk_name,
d.source_image
from
gcp_compute_instance as vm,
jsonb_array_elements(vm.disks) as vmd,
gcp_compute_disk as d
where
vmd ->> 'source' = d.self_link
and (vmd ->> 'boot') :: bool
and d.source_image like '%debian-10-buster-v20201014';

.inspect gcp_compute_instance

GCP Compute Instance

NameTypeDescription
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
can_ip_forwardbooleanAllows this instance to send and receive packets with non-matching destination or source IPs. This is required if you plan to use this instance to forward routes.
confidential_instance_configjsonbConfidential VM detail for the instance, if applicable. Confidential VMs, now in beta, is the first product in Google Cloud’s Confidential Computing portfolio.
cpu_platformtextThe CPU platform used by this instance.
creation_timestamptimestamp without time zoneTimestamp the instance was created.
deletion_protectionbooleanWhether the resource should be protected against deletion.
descriptiontextThe instance description.
disksjsonbAn Array of disks associated with this instance
display_devicejsonbDisplay device for the instance.
fingerprinttextSpecifies a fingerprint for this resource, which is essentially a hash of the instance's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update the instance. You must always provide an up-to-date fingerprint hash in order to update the instance.
guest_acceleratorsjsonbA list of the type and count of accelerator cardsattached to the instance.
hostnametextThe instance hostname.
iam_policyjsonbAn Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`.
idbigintThe instance id.
kindtextType of the resource. Always compute#instance for instances.
label_fingerprinttextA fingerprint for this request, which is essentially a hash of the label's contents and used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels.
labelsjsonbLabels that apply to this instance.
last_start_timestamptimestamp without time zoneTimestamp when the instance was last started.
last_stop_timestamptimestamp without time zoneTimestamp when the instance was last stopped.
last_suspended_timestamptimestamp without time zoneTimestamp when the instance was last suspended.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
machine_typetextFull or partial URL of the machine type resource for this instance, in the format: zones/zone/machineTypes/machine-type.
machine_type_nametextName of the machine type resource for this instance.
metadatajsonbThe metadata key/value pairs assigned to this instance.
min_cpu_platformtextSpecifies a minimum CPU platform for the VM instance.
nametextThe name of the instance.
network_interfacesjsonbAn array of network configurations for this instance.
network_tagsjsonbNetwork tags applied to this instance. Network tags are used to identify valid sources or targets for network firewalls.
private_ipv6_google_accesstextThe private IPv6 google access type for the instance.
projecttextThe GCP Project in which the resource is located.
reservation_affinityjsonbSpecifies the reservations that this instance can consume from.
resource_policiesjsonbResource policies applied to this instance.
schedulingjsonbThe scheduling options for this instance.
self_linktextServer-defined URL for this resource.
service_accountsjsonbA list of service accounts, with their specified scopes, authorized for this instance.
shielded_instance_configjsonbShielded instance configuration. Shielded VM provides verifiable integrity to prevent against malware and rootkits.
shielded_instance_integrity_policyjsonbShielded instance integrity policy. Shielded instance configuration. Shielded VM provides verifiable integrity to prevent against malware and rootkits.
start_restrictedbooleanWhether a VM has been restricted for start because Compute Engine has detected suspicious activity.
statustextThe status of the instance (PROVISIONING, STAGING, RUNNING, STOPPING, SUSPENDING, SUSPENDED, REPAIRING, and TERMINATED).
status_messagetextAn optional, human-readable explanation of the status.
tagsjsonbA map of tags for the resource.
titletextTitle of the resource.
zonetextThe zone in which the instance resides.
zone_nametextThe zone name in which the instance resides.