1

I'm trying to list every resource in a given Google Cloud project.

I was using the SearchAllResources endpoint so far. I'm now struggling to list cloudfunctions.googleapis.com/CloudFunction resources.

This resource is supported by the search according to the documentation

By digging around I've found the ListAssets endpoint that seems to return cloud functions:

# This one returned one result
➜ gcloud asset list --project=my-project --asset-types cloudfunctions.googleapis.com/CloudFunction | grep assetType    
assetType: cloudfunctions.googleapis.com/CloudFunction

# No result here, even after waiting a couple of hours
➜ gcloud asset search-all-resources --scope=projects/cloudskiff-dev-elie --asset-types cloudfunctions.googleapis.com/CloudFunction | grep assetType 
Listed 0 items.

I also tried without filter on asset types but it does not change the problem, cloud functions resources are not returned by the search all endpoint. I have several difference when I compare the two outputs: diff

That's not clear for me what are the purpose of these two endpoints. I can't find any clarification in GCP documentation. Also I don't get why we do not retrieve same set of resources. Any ideas ?

stanmarsh
  • 11
  • 2
  • Do you have result without the GREP? – guillaume blaquiere Oct 20 '21 at 18:13
  • Actually the ` | grep` is here only to have a more understandable output, this is not a grep issue. I have the same behavior with gRPC calls and CLI – stanmarsh Oct 21 '21 at 08:10
  • As stated in the [documentation](https://cloud.google.com/asset-inventory/docs/reference/rpc/google.cloud.asset.v1#google.cloud.asset.v1.AssetService.SearchAllResources), to use `SearchAllResources`: _"The caller must be granted the cloudasset.assets.searchAllResources permission on the desired scope"_ Could you please check you have this permission in the project you're searching? I've made a test on my project and both returns the same result. – Rogelio Monter Oct 22 '21 at 22:58
  • @RogelioMonter It does not change anything for me. Account used here has owner role on the whole project. I added `Cloud Asset Owner` but I have the same results. I also have the same behavior with `bigtableadmin.googleapis.com/Table`. https://imgur.com/a/9Y8sxCp – stanmarsh Oct 25 '21 at 08:27
  • @stanmarsh Could you please confirm if you got any result from the command `search-all-resources`? You've mentioned that you _even after waiting a couple of hours_ got zero results, are you referring that you waited too much time for the command to be completed? Did the command completed successfully or you have to abort it? – Rogelio Monter Nov 16 '21 at 21:46
  • @RogelioMonter By waiting a couple of hours I mean a couple of hours between two gloud cmd execution. To be clear the command exited quickly with success with no results. – stanmarsh Nov 26 '21 at 14:40

0 Answers0