Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit d03b4a2

Browse files
lavishshethlavishsheth
authored
Create Configure Service Accounts and IAM for Google Cloud: Challenge Lab
1 parent e1aa696 commit d03b4a2

File tree

1 file changed

+95
-0
lines changed

1 file changed

+95
-0
lines changed

Configure Service Accounts and IAM for Google Cloud: Challenge Lab

Lines changed: 95 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,95 @@
1+
T1:
2+
export ZONE=
3+
export PROJECTID=$(gcloud config get-value project)
4+
gcloud auth login
5+
6+
7+
T2:
8+
gcloud iam service-accounts create devops --display-name devops
9+
10+
gcloud config configurations activate default
11+
12+
gcloud iam service-accounts list --filter "displayName=devops"
13+
14+
SA=$(gcloud iam service-accounts list --format="value(email)" --filter "displayName=devops")
15+
16+
gcloud projects add-iam-policy-binding $PROJECTID --member serviceAccount:$SA --role=roles/iam.serviceAccountUser
17+
18+
gcloud projects add-iam-policy-binding $PROJECTID --member serviceAccount:$SA --role=roles/compute.instanceAdmin
19+
20+
gcloud compute instances create vm-2 \
21+
--service-account=$SA \
22+
--zone=$ZONE
23+
24+
cat > role-definition.yaml <<EOF
25+
title: Custom Role
26+
description: Custom role with cloudsql.instances.connect and cloudsql.instances.get permissions
27+
includedPermissions:
28+
- cloudsql.instances.connect
29+
- cloudsql.instances.get
30+
EOF
31+
32+
33+
gcloud iam roles create customRole --project=$PROJECTID --file=role-definition.yaml
34+
35+
gcloud iam service-accounts create bigquery-qwiklab --display-name bigquery-qwiklab
36+
37+
SSA=$(gcloud iam service-accounts list --format="value(email)" --filter "displayName=bigquery-qwiklab")
38+
39+
gcloud projects add-iam-policy-binding $PROJECTID --member=serviceAccount:$SSA --role=roles/bigquery.dataViewer
40+
41+
gcloud projects add-iam-policy-binding $PROJECTID --member=serviceAccount:$SSA --role=roles/bigquery.user
42+
43+
44+
gcloud compute instances create bigquery-instance --service-account=$SSA --scopes=https://www.googleapis.com/auth/bigquery --zone=$ZONE
45+
46+
47+
T3
48+
export PROJECT_ID=$(gcloud config get-value project)
49+
50+
sudo apt-get update
51+
52+
sudo apt-get install -y git python3-pip
53+
54+
pip3 install --upgrade pip
55+
56+
pip3 install google-cloud-bigquery
57+
58+
pip3 install pyarrow
59+
60+
pip3 install pandas
61+
62+
pip3 install db-dtypes
63+
64+
65+
echo "
66+
from google.auth import compute_engine
67+
from google.cloud import bigquery
68+
credentials = compute_engine.Credentials(
69+
service_account_email='bigquery-qwiklab@$PROJECT_ID.iam.gserviceaccount.com')
70+
query = '''
71+
SELECT name, SUM(number) as total_people
72+
FROM "bigquery-public-data.usa_names.usa_1910_2013"
73+
WHERE state = 'TX'
74+
GROUP BY name, state
75+
ORDER BY total_people DESC
76+
LIMIT 20
77+
'''
78+
client = bigquery.Client(
79+
project='$PROJECT_ID',
80+
credentials=credentials)
81+
print(client.query(query).to_dataframe())
82+
" > query.py
83+
84+
85+
pip3 install --upgrade pip
86+
87+
pip3 install google-cloud-bigquery
88+
89+
pip3 install pyarrow
90+
91+
pip3 install pandas
92+
93+
pip3 install db-dtypes
94+
95+
python3 query.py

0 commit comments

Comments
 (0)