turbot/googleworkspace

steampipe plugin install googleworkspacesteampipe plugin install googleworkspace

Google Workspace + Steampipe

Google Workspace is a collection of cloud computing, productivity and collaboration tools, software and products developed and marketed by Google.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

For example:

select
summary,
hangout_link,
start_time,
end_time
from
googleworkspace_calendar_my_event
where
start_time > now()::timestamp
and end_time < ('now'::timestamp + interval '1 day');
+----------------+--------------------------------------+---------------------+---------------------+
| summary | hangout_link | start_time | end_time |
+----------------+--------------------------------------+---------------------+---------------------+
| Product Review | https://meet.google.com/ris-zooa-rxo | 2021-08-18 12:30:00 | 2021-08-18 13:00:00 |
+----------------+--------------------------------------+---------------------+---------------------+

Documentation

Get started

Install

Download and install the latest Google Workspace plugin:

steampipe plugin install googleworkspace

Credentials

ItemDescription
CredentialsGenerate your service account and credentials and delegate domain-wide authority to your service account. Enter the following OAuth 2.0 scopes for the services that the service account can access:
https://www.googleapis.com/auth/calendar.readonly,
https://www.googleapis.com/auth/contacts.readonly,
https://www.googleapis.com/auth/contacts.other.readonly,
https://www.googleapis.com/auth/directory.readonly,
https://www.googleapis.com/auth/drive.readonly,
https://www.googleapis.com/auth/gmail.readonly
RadiusEach connection represents a single Google Workspace account.
Resolution1. Credentials from the JSON file specified by the credential_file parameter in your steampipe config.
2. Credentials from the JSON file specified by the GOOGLE_APPLICATION_CREDENTIALS environment variable.

Configuration

Installing the latest googleworkspace plugin will create a config file (~/.steampipe/config/googleworkspace.spc) with a single connection named googleworkspace:

connection "googleworkspace" {
plugin = "googleworkspace"
# `impersonated_user_email` (required) - The email (string) of the user which should be impersonated.
# `impersonated_user_email` must be set, since the service account needs to impersonate a user with Admin API permissions to access the workspace resources.
#impersonated_user_email = "username@domain.com"
# `credential_file` (optional) - The path to a JSON credential file that contains service account credentials.
# If `credential_file` is not specified in a connection, credentials will be loaded from the path specified in
# the `GOOGLE_APPLICATION_CREDENTIALS` environment variable.
#credential_file = "/path/to/my/creds.json"
}

Get involved

Advanced configuration options

By default, the plugin uses the credential file path provided in the connection config. You can also specify static credentials using environment variables:

export GOOGLE_APPLICATION_CREDENTIALS=/path/to/my/creds.json