-
Notifications
You must be signed in to change notification settings - Fork 27
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add
gcp_organization_project
table (#663)
- Loading branch information
Showing
6 changed files
with
237 additions
and
16 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
--- | ||
title: "Steampipe Table: gcp_organization_project - Query Google Cloud Platform Projects using SQL" | ||
description: "Allows users to query Projects in Google Cloud Platform, specifically providing details about the project's ID, name, labels, and lifecycle state." | ||
--- | ||
|
||
# Table: gcp_organization_project - Query Google Cloud Platform Projects using SQL | ||
|
||
**Note: this table is a variant of the `gcp_project` table which does not filter on the GCP project attached to connection, and thus, will return all projects that the credentials used by the connection have access to. Using this table in aggregator connections can produce unexpected duplicate results.** | ||
|
||
A Google Cloud Platform Project acts as an organizational unit within GCP where resources are allocated. It is used to group resources that belong to the same logical application or business unit. Each project is linked to a billing account and can have users, roles, and permissions assigned to it. | ||
|
||
## Table Usage Guide | ||
|
||
The `gcp_organization_project` table provides insights into Projects within Google Cloud Platform. As a DevOps engineer, explore project-specific details through this table, including ID, name, labels, and lifecycle state. Utilize it to uncover information about projects, such as their associated resources, user roles, permissions, and billing details. | ||
|
||
## Examples | ||
|
||
### Basic info | ||
Explore which Google Cloud Platform projects are active, by looking at their lifecycle state and creation time. This can help you manage resources effectively and keep track of ongoing projects. | ||
|
||
```sql+postgres | ||
select | ||
name, | ||
project_id, | ||
project_number, | ||
lifecycle_state, | ||
create_time | ||
from | ||
gcp_organization_project; | ||
``` | ||
|
||
```sql+sqlite | ||
select | ||
name, | ||
project_id, | ||
project_number, | ||
lifecycle_state, | ||
create_time | ||
from | ||
gcp_organization_project; | ||
``` | ||
|
||
### Get access approval settings for all projects | ||
Explore the access approval settings across your various projects. This can help you understand and manage permissions and approvals more effectively. | ||
|
||
```sql+postgres | ||
select | ||
name, | ||
jsonb_pretty(access_approval_settings) as access_approval_settings | ||
from | ||
gcp_organization_project; | ||
``` | ||
|
||
```sql+sqlite | ||
select | ||
name, | ||
access_approval_settings | ||
from | ||
gcp_organization_project; | ||
``` | ||
|
||
### Get parent and organization ID for all projects | ||
Get the organization ID across your various projects. | ||
|
||
```sql+postgres | ||
select | ||
project_id, | ||
parent ->> 'id' as parent_id, | ||
parent ->> 'type' as parent_type, | ||
case when jsonb_array_length(ancestors) > 1 then ancestors -> -1 -> 'resourceId' ->> 'id' else null end as organization_id | ||
from | ||
gcp_project; | ||
``` | ||
|
||
```sql+sqlite | ||
select | ||
project_id, | ||
parent ->> 'id' as parent_id, | ||
parent ->> 'type' as parent_type, | ||
case when json_array_length(ancestors) > 1 then ancestors -> -1 -> 'resourceId' ->> 'id' else null end as organization_id | ||
from | ||
gcp_project; | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,142 @@ | ||
package gcp | ||
|
||
import ( | ||
"context" | ||
|
||
"github.com/turbot/go-kit/types" | ||
"github.com/turbot/steampipe-plugin-sdk/v5/grpc/proto" | ||
"github.com/turbot/steampipe-plugin-sdk/v5/plugin" | ||
"github.com/turbot/steampipe-plugin-sdk/v5/plugin/transform" | ||
"google.golang.org/api/cloudresourcemanager/v1" | ||
) | ||
|
||
//// TABLE DEFINITION | ||
|
||
func tableGcpOrganizationProject(_ context.Context) *plugin.Table { | ||
return &plugin.Table{ | ||
Name: "gcp_organization_project", | ||
Description: "GCP Organization Project", | ||
List: &plugin.ListConfig{ | ||
Hydrate: listGCPOrganizationProjects, | ||
}, | ||
Columns: []*plugin.Column{ | ||
{ | ||
Name: "name", | ||
Description: "The name of the project.", | ||
Type: proto.ColumnType_STRING, | ||
}, | ||
{ | ||
Name: "project_id", | ||
Description: "An unique, user-assigned ID of the Project.", | ||
Type: proto.ColumnType_STRING, | ||
}, | ||
{ | ||
Name: "self_link", | ||
Description: "Server-defined URL for the resource.", | ||
Type: proto.ColumnType_STRING, | ||
Transform: transform.From(projectSelfLink), | ||
}, | ||
{ | ||
Name: "project_number", | ||
Description: "The number uniquely identifying the project.", | ||
Type: proto.ColumnType_INT, | ||
}, | ||
{ | ||
Name: "lifecycle_state", | ||
Description: "Specifies the project lifecycle state.", | ||
Type: proto.ColumnType_STRING, | ||
}, | ||
{ | ||
Name: "create_time", | ||
Description: "Creation time of the project.", | ||
Type: proto.ColumnType_TIMESTAMP, | ||
}, | ||
{ | ||
Name: "parent", | ||
Description: "An optional reference to a parent Resource.", | ||
Type: proto.ColumnType_JSON, | ||
}, | ||
{ | ||
Name: "labels", | ||
Description: "A list of labels attached to this project.", | ||
Type: proto.ColumnType_JSON, | ||
}, | ||
{ | ||
Name: "access_approval_settings", | ||
Description: "The access approval settings associated with this project.", | ||
Type: proto.ColumnType_JSON, | ||
Hydrate: getProjectAccessApprovalSettings, | ||
Transform: transform.FromValue(), | ||
}, | ||
{ | ||
Name: "ancestors", | ||
Description: "The ancestors of the project in the resource hierarchy, from bottom to top.", | ||
Type: proto.ColumnType_JSON, | ||
Hydrate: getProjectAncestors, | ||
Transform: transform.FromValue(), | ||
}, | ||
|
||
// Steampipe standard columns | ||
{ | ||
Name: "title", | ||
Description: ColumnDescriptionTitle, | ||
Type: proto.ColumnType_STRING, | ||
Transform: transform.FromField("Name"), | ||
}, | ||
{ | ||
Name: "tags", | ||
Description: ColumnDescriptionTags, | ||
Type: proto.ColumnType_JSON, | ||
Transform: transform.FromField("Labels"), | ||
}, | ||
{ | ||
Name: "akas", | ||
Description: ColumnDescriptionAkas, | ||
Type: proto.ColumnType_JSON, | ||
Hydrate: getProjectAka, | ||
Transform: transform.FromValue(), | ||
}, | ||
}, | ||
} | ||
} | ||
|
||
//// LIST FUNCTION | ||
|
||
func listGCPOrganizationProjects(ctx context.Context, d *plugin.QueryData, h *plugin.HydrateData) (interface{}, error) { | ||
// Create Service Connection | ||
service, err := CloudResourceManagerService(ctx, d) | ||
if err != nil { | ||
plugin.Logger(ctx).Error("gcp_organization_project.listGCPOrganizationProjects", "service_err", err) | ||
return nil, err | ||
} | ||
|
||
// Max limit is not documented | ||
pageSize := types.Int64(500) | ||
limit := d.QueryContext.Limit | ||
if d.QueryContext.Limit != nil { | ||
if *limit < *pageSize { | ||
pageSize = limit | ||
} | ||
} | ||
|
||
// List projects | ||
resp := service.Projects.List().PageSize(*pageSize) | ||
if err := resp.Pages(ctx, func(page *cloudresourcemanager.ListProjectsResponse) error { | ||
for _, project := range page.Projects { | ||
d.StreamListItem(ctx, project) | ||
|
||
// Check if context has been cancelled or if the limit has been hit (if specified) | ||
// if there is a limit, it will return the number of rows required to reach this limit | ||
if d.RowsRemaining(ctx) == 0 { | ||
page.NextPageToken = "" | ||
return nil | ||
} | ||
} | ||
return nil | ||
}); err != nil { | ||
plugin.Logger(ctx).Error("gcp_organization_project.listGCPOrganizationProjects", "api_err", err) | ||
return nil, err | ||
} | ||
|
||
return nil, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters