VPC Service Controls allow you to address threats such as data theft, accidental data loss, and excessive access to data stored in Google Cloud Platform. However, not all Google services support VPC service controls. The supported services are documented on the human readable web page called supported products. In this blog I present you with a utility to list all
supported services.
How to list supported services
To list all Google services which support VPC service controls, type:
$ pip install list-vpc-sc-supported-services
$ list-vpc-sc-supported-service
{
beta = [
"adsdatahub.googleapis.com",
"cloudbuild.googleapis.com",
...
"lifesciences.googleapis.com",
"transcoder.googleapis.com",
]
ga = [
"accessapproval.googleapis.com",
"aiplatform.googleapis.com",
...
"vpcaccess.googleapis.com",
]
preview = [
"networkmanagement.googleapis.com",
...
]
}
It will list all of the supported services and the level of their support: GA, Beta or Preview.
Updating Hashicorp template
As the utility prints out a Terraform style dictionary of string lists, you can use it to programmatically update
a Terraform template. Given a template called locals.tf
:
locals {
vpc_sc_services = {}
}
You can update it by installing hcledit and type:
hcledit attributes set locals.vpc_sc_services
"$(list-vpc-sc-supported-services)"
--file locals.tf
--update
Conclusion
This utility makes it easy to generate the list of services which support VPC service controls. The utility scrapes
a HTML web page, so be sure to inspect the result of the output. It would be nice if Google would provide an official
API.
references
- PyPI
- github.com/binxio
Photo by Vania Shows on Unsplash