Google cloud How to list all service-accounts from all Projects in GCP

0 votes

I have requirement to get all the properties of a service account in google cloud. is it possible to list all the properties something like Select *.

otherwise i need the following information:

  • SA account name
  • Email address
  • Iam Role assigned
  • User managed Keys (if any)
  • account creation date
  • last used /authentication time.
  • Project name
  • account status (enable / disable)

I can get all the projects then all the service accounts in it but i dont know how to get all other values.

foreach ($project in gcloud projects list --format="value(projectId)")
{
  Write-Host "ProjectId: $project"
  foreach ($robot in  gcloud iam service-accounts list --project $project --format="value(email)")
  {
     Write-Host "    -> Robot $robot"
   
  }
}
Mar 14, 2022 in GCP by Rahul
 • 3,380 points 3,589 views

1 answer to this question.

0 votes

Your code sample suggests you want the answer in PowerShell. Here are some pointers:

Does:

 Project ID 

Account Name

Enabled| Disabled

Email

Keys 

Timestamps 

Doesn't:

Role Assignments

Last Used

PROJECTS=$(gcloud projects list --format="value(projectId)")

for PROJECT in ${PROJECTS}
do
  echo "Project: ${PROJECT}"
  # Extracts ACCOUNT_ID, EMAIL (==ACCOUNT_ID@...), DISABLED
  ROBOTS=$(\
    gcloud iam service-accounts list \
    --project=${PROJECT} \
    --format="csv[no-heading](displayName.encode(\"base64\"),email,email.split(\"@\").slice(0),disabled)")
  for ROBOT in ${ROBOTS}
  do
    # Parse results
    IFS=, read ENCODED_NAME EMAIL ACCOUNT_ID DISABLED <<< ${ROBOT}
    NAME=$(echo -e ${ENCODED_NAME} | base64 --decode)
    echo "  Service Account: ${NAME}"
    echo "    Disabled: ${DISABLED}"
    echo "    Email: ${EMAIL}"
    # Keys
    KEYS=$(\
        gcloud iam service-accounts keys list \
        --iam-account=${EMAIL} \
        --project=${PROJECT} \
        --format="value(name.scope(keys))")
    for KEY in ${KEYS}
    do
      echo "    Key: ${KEY}"
    done
    # Creation (Only searches back 30-days!)
    FILTER=""\
"logName=\"projects/${PROJECT}/logs/cloudaudit.googleapis.com%2Factivity\" "\
"resource.type=\"service_account\" "\
"protoPayload.methodName=\"google.iam.admin.v1.CreateServiceAccount\" "\
"protoPayload.request.account_id=\"${ACCOUNT_ID}\" "

    LOG=$(\
        gcloud logging read "${FILTER}" \
        --project=${PROJECT} \
        --format=json \
        --freshness=30d \
        --format="value(timestamp)")
    echo "    Created: ${LOG}"
  done
done

If you need to know more about Cloud Computing, We recommend joining Cloud Computing Course today.

answered Mar 14, 2022 by Korak
 • 5,820 points

Related Questions In GCP

0 votes
1 answer

Google cloud: How to list all service-accounts from all Projects in GCP

It's been noted by the commenters that ...READ MORE

answered Nov 10, 2022 in GCP by Tejashwini
 • 3,820 points 981 views
+2 votes
1 answer

How to list down all the projects in GCP Cloud?

Hi@akhtar, GCP Shell has a command named gcloud. ...READ MORE

answered Aug 23, 2020 in GCP by MD
 • 95,440 points 3,638 views
0 votes
1 answer

What are the service accounts in GCP? How to create one?

The special accounts associated with a project are called the Service Accounts. The ...READ MORE

answered Oct 9, 2019 in GCP by Sirajul
 • 59,230 points 675 views
0 votes
1 answer

Recreating a VM on a different GCP project: How can I transfer a disk snapshot across projects in Google Cloud Platform projects?

You could probably follow these steps to create ...READ MORE

answered Oct 16, 2019 in GCP by Sirajul
 • 59,230 points 5,185 views
0 votes
0 answers

How to test a Cloud Function in Google Cloud Platform (GCP)?

I've been looking everywhere for the answer ...READ MORE

Nov 9, 2022 in GCP by Ashwini
 • 5,430 points 272 views
+1 vote
1 answer

In GCP, how to list all the resources running under project?

For a specific organization, folder, or project, ...READ MORE

answered Nov 10, 2022 in GCP by Ashwini
 • 5,430 points
edited Sep 6, 2023 by Khan Sarfaraz 10,757 views
0 votes
1 answer

How to delete a project from Google Cloud Console

First of all, select the project you ...READ MORE

answered Apr 18, 2018 in GCP by kurt_cobain
 • 9,390 points 2,529 views
+2 votes
2 answers

How to download multiple files in Google Cloud Storage?

You can achieve this through the gsutil ...READ MORE

answered May 9, 2018 in GCP by kurt_cobain
 • 9,390 points 22,926 views
0 votes
1 answer

Google Cloud Platform: Logging in to GCP from command line

You have a couple of options here ...READ MORE

answered Apr 6, 2022 in GCP by Korak
 • 5,820 points 1,033 views
0 votes
1 answer

Google Cloud VPN - Egress from GCP to on-premise pricing clarification

IPSec traffic are charged as if the ...READ MORE

answered Mar 20, 2022 in GCP by Korak
 • 5,820 points 763 views
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.