steampipe plugin install gcp

Table: gcp_compute_resource_policy - Query GCP Compute Engine Resource Policies using SQL

Resource Policies in Google Cloud's Compute Engine are used to schedule operations for your instances. For example, they can be used to schedule periodic snapshot creation for persistent disk, VM start and stop schedules, and more. These policies help to automate routine tasks, which can increase operational efficiency and reduce the potential for error.

Table Usage Guide

The gcp_compute_resource_policy table offers insights into Resource Policies within Google Cloud's Compute Engine. As a cloud engineer, you can leverage this table to explore policy-specific details, including the scheduled operations, the frequency of these operations, and the instances to which they apply. Use this table to understand your resource scheduling policies, verify their configurations, and ensure they are operating as intended.

Examples

Basic info

Explore which GCP compute resource policies are currently active by assessing their status, providing a quick way to monitor and manage your resources effectively.

select
name,
status,
self_link
from
gcp_compute_resource_policy;
select
name,
status,
self_link
from
gcp_compute_resource_policy;

List policies used to schedule an instance

Explore which policies are used to schedule instances in your GCP Compute Engine. This can help you understand and manage your resource allocation more effectively.

select
p.name as policy_name,
i.name,
p.instance_schedule_policy
from
gcp_compute_resource_policy as p
join gcp_compute_instance as i on i.resource_policies ?| array [ p.self_link ]
where
p.instance_schedule_policy is not null;
select
p.name as policy_name,
i.name,
p.instance_schedule_policy
from
gcp_compute_resource_policy as p
join gcp_compute_instance as i on json_extract(i.resource_policies, p.self_link) is not null
where
p.instance_schedule_policy is not null;

List invalid policies

Explore which policies in your Google Cloud Platform compute resources are invalid. This can be beneficial for maintaining optimal resource management and troubleshooting potential issues.

select
name,
self_link,
status
from
gcp_compute_resource_policy
where
status = 'INVALID';
select
name,
self_link,
status
from
gcp_compute_resource_policy
where
status = 'INVALID';

Schema for gcp_compute_resource_policy

NameTypeOperatorsDescription
_ctxjsonbSteampipe context in JSON form.
akasjsonbArray of globally unique identifier strings (also known as) for the resource.
creation_timestamptimestamp with time zoneThe date and time, when the policy was created.
descriptiontextAn user-defined, human-readable description for this resource.
group_placement_policyjsonbResource policy for instances for placement configuration.
iam_policyjsonbAn Identity and Access Management (IAM) policy, which specifies access controls for Google Cloud resources. A `Policy` is a collection of `bindings`. A `binding` binds one or more `members` to a single `role`. Members can be user accounts, service accounts, Google groups, and domains (such as G Suite). A `role` is a named list of permissions; each `role` can be an IAM predefined role or a user-created custom role. For some types of Google Cloud resources, a `binding` can also specify a `condition`, which is a logical expression that allows access to a resource only if the expression evaluates to `true`.
idbigintThe unique identifier for the resource.
instance_schedule_policyjsonbResource policy for scheduling instance operations.
kindtextType of the resource. Always compute#resource_policies for resource policies.
locationtextThe GCP multi-region, region, or zone in which the resource is located.
nametext=The name of the resource, provided by the client when initially creating the resource.
projecttext=, !=, ~~, ~~*, !~~, !~~*The GCP Project in which the resource is located.
resource_statusjsonbThe system status of the resource policy.
self_linktextA server-defined fully-qualified URL for this resource.
snapshot_schedule_policyjsonbResource policy for persistent disks for creating snapshots.
sp_connection_nametext=, !=, ~~, ~~*, !~~, !~~*Steampipe connection name.
sp_ctxjsonbSteampipe context in JSON form.
statustext!=, =The status of resource policy creation. Possible values are: 'CREATING', 'DELETING', 'INVALID', and 'READY'.
titletextTitle of the resource.

Export

This table is available as a standalone Exporter CLI. Steampipe exporters are stand-alone binaries that allow you to extract data using Steampipe plugins without a database.

You can download the tarball for your platform from the Releases page, but it is simplest to install them with the steampipe_export_installer.sh script:

/bin/sh -c "$(curl -fsSL https://steampipe.io/install/export.sh)" -- gcp

You can pass the configuration to the command with the --config argument:

steampipe_export_gcp --config '<your_config>' gcp_compute_resource_policy