Project description

This Package helps to improve GCP project security and reduce billing from unused resources by performing some checks

This script is worked for individual GCP project not on organization or folder level

package installation

pip3 install gcpsecurity

Ensure google cloud platform API is enable for particular service on which you want to perform check

example,

Enable api for data proc
Enable api for app engine ...etc

How to use ??

step 1: Import classes to perform checks

    from gcpsecurity.gcp_data_proc import ExecuteCheckDp
    from gcpsecurity.gcp_gke import ExecuteCheckGke

step 2: Create GCP service account with project viewer permission
step 3: Initlize ExecuteCheck class with service account file path and project id

    dp = ExecuteCheckDp(servive_account_file_path=SERVICE_ACCOUNT_FILE_PATH, project_id=PROJECT_ID)
    gke = ExecuteCheckGke(servive_account_file_path=SERVICE_ACCOUNT_FILE_PATH, project_id=PROJECT_ID)


step 4: Call perform_check() method of ExecuteCheck classes object

        dp_result = dp.perform_check()
        gke_result = gke.perform_check()

step 5: Print results

        print(dp_result)
        print(gke_result)

Available services checks classes:

    compute engine checks ==> from gcpsecurity.gcp_vm import ExecuteCheckVm
    IAM checks            ==> from gcpsecurity.gcp_iam import ExecuteCheckIam
    VPC checks            ==> from gcpsecurity.gcp_vpc import ExecuteCheckVpc
    cloud storage         ==> from gcpsecurity.gcp_gcs import ExecuteCheckGcs
    cloud sql             ==> from gcpsecurity.gcp_cloud_sql import ExecuteCheckSql
    app engine            ==> from gcpsecurity.gcp_app_engine import ExecuteCheckGae
    data proc             ==> from gcpsecurity.gcp_data_proc import ExecuteCheckDp
    kubernetes engine     ==> gcpsecurity.gcp_gke import ExecuteCheckGke

Example script

    https://github.com/Aadeshkale/gcp-security/blob/master/main.py

** Notes :-

Script might take time to execute because it is make googleapis calls.
Service account file should have appropriate permissions to perform checks That is Project Viewer (You can set permissions as per service also)
To add other checks as per your use go to package gcpsecurity add checks in existing services scripts or add new scripts for new services reference :- https://github.com/Aadeshkale/gcp-security/tree/master/gcpsecurity

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

This version

0.0.6

Sep 15, 2020

0.0.4

Sep 14, 2020

0.0.3

Sep 11, 2020

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

gcpsecurity-0.0.6.tar.gz (12.4 kB view hashes)

Uploaded Sep 15, 2020 Source

Built Distribution

gcpsecurity-0.0.6-py3-none-any.whl (20.3 kB view hashes)

Uploaded Sep 15, 2020 Python 3

Hashes for gcpsecurity-0.0.6.tar.gz

Hashes for gcpsecurity-0.0.6.tar.gz
Algorithm	Hash digest
SHA256	`a6ed5342aa68f76a78bc1500d113868d58d13d449acb77d488989717117411b3`
MD5	`a5afd3fc0b8ce515a70fd6dbc45abcc7`
BLAKE2b-256	`0bbdb23a5fa85ab9bef4be0b23b871eb1376b66608a7cffbf72a21f86d7511ef`

Hashes for gcpsecurity-0.0.6-py3-none-any.whl

Hashes for gcpsecurity-0.0.6-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a944ca13dd259b79bfeecd9d9ca2b2ae861e8e6aa3ce18c5f62521a97f0a5fad`
MD5	`7d761306de9eb686dff296fbdc397c98`
BLAKE2b-256	`e1d8933ec2333cbed0a68065b4c86126a4fea72bcf17e6b9d7a99b77abc7d8cd`