This topic describes the config-connector export command and how to use it to export Google Cloud resources into Config Connector YAML files which you can subsequently import into Config Connector.

Overview

With config-connector export you can export an existing Google Cloud resource. When you pass a resource's full name to config-connector export, config-connector generates a YAML manifest that you can import into Config Connector.

Before you begin

1. Install config-connector

Quick Start

In this quick start guide, you create a PubSubTopic with gcloud and then import it into Config Connector.

1. Create a topic named sample-topic with gcloud:

   gcloud pubsub topics create sample-topic
   

   You receive confirmation that the topic has been created.

   Created topic [projects/project-id/topics/sample-topic].
   

   In the output, project-id will be replaced with your Google Cloud project.

2. Get the topic's Google Cloud resource ID and save it into an environment variable with the following command:

   TOPIC_RESOURCE_ID=$(gcloud pubsub topics describe sample-topic --format "value(name)")
   

3. To identify a resource, config-connector export uses the full resource name. Save the resource name of the topic into an environment variable with the following command:

   TOPIC_RESOURCE_NAME="//pubsub.googleapis.com/${TOPIC_RESOURCE_ID}"
   

4. Export the topic with config-connector export by running the following command:

   config-connector export ${TOPIC_RESOURCE_NAME}
   

   The output is a Config Connector resource in YAML format.

   ---
   apiVersion: pubsub.cnrm.cloud.google.com/v1beta1
   kind: PubSubTopic
   metadata:
     annotations:
       cnrm.cloud.google.com/project-id: project_id
     name: sample-topic
   ...
   

   In the output, project-id will be replaced with your with your Google Cloud project.

5. You can pass this resource into Config Connector with kubectl apply -f -. To pass the resource directly, run the following command:

   config-connector export ${TOPIC_RESOURCE_NAME} | kubectl apply -f -  --namespace CC_NAMESPACE
   

   Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

   Config Connector acquires the resource.

6. Confirm that Config Connector is managing the resource with kubectl describe

   kubectl describe pubsubtopic sample-topic --namespace CC_NAMESPACE
   

   Replace CC_NAMESPACE with the namespace Config Connector manages resources from.

Command line options

The config-connector export command has the following options:

config-connector [--output FILENAME] [--oauth2-token TOKEN]
    [--iam-format policy | policymember | none] --verbose

• --iam-format: Specifies the kind of IAM resources output with your export. Options are policy (default), policymember, or none.
• --output: an optional output file path, disables standard output, when a file the result will contain all of the command output, when a directory, the directory will contain a new file for each resource in the output.
• --oauth2-token: An OAUTH2 token as the Google Cloud identity. By default, config-connector uses the Cloud SDK default credentials.
• --verbose: Enable verbose logging.

What's next

• Read about how Config Connector acquires existing Google Cloud resources