查看資產

本文說明如何在 Cloud Shell 中使用 Cloud Asset Inventory 和 Google Cloud CLI 查看資產。

事前準備

您必須先啟用 Cloud Asset Inventory API 並設定權限,才能使用 Cloud Asset Inventory。

  1. Sign in to your Google Cloud account. If you're new to Google Cloud, create an account to evaluate how our products perform in real-world scenarios. New customers also get $300 in free credits to run, test, and deploy workloads.

  2. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  3. Enable the Cloud Asset Inventory API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

  4. In the Google Cloud console, on the project selector page, select or create a Google Cloud project.

    Roles required to select or create a project

    • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
    • Create a project: To create a project, you need the Project Creator (roles/resourcemanager.projectCreator), which contains the resourcemanager.projects.create permission. Learn how to grant roles.

    Go to project selector

  5. Enable the Cloud Asset Inventory API.

    Roles required to enable APIs

    To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains the serviceusage.services.enable permission. Learn how to grant roles.

    Enable the API

    6.
  6. 將下列角色授予使用者: 雲端資產擁有者 (roles/cloudasset.owner)。

    7. 查看資產

    在所選專案中建立 Compute Engine VM 執行個體,以便在 Cloud Asset Inventory 中查看:

    1. 前往 Google Cloud 控制台的「VM instances」(VM 執行個體) 頁面

      前往 VM 執行個體

    2. 點選「建立執行個體」

    3. 輸入執行個體的名稱。

    4. 點選「建立」

    列出專案中的所有 VM 執行個體:

    1. 在 Google Cloud 控制台中,按一下「啟用 Cloud Shell」

    2. 在 Cloud Shell 中執行下列指令:

      gcloud asset list \
    --project=PROJECT_ID \
    --asset-types=compute.googleapis.com/Instance \
    --content-type=resource

      PROJECT_ID 替換為要列出資產的專案 ID。

      在先前的程式碼範例中,資產類型為 compute.googleapis.com/Instance,僅用於列出 Compute Engine VM 執行個體。如要查看所有素材資源類型,請參閱「素材資源類型」。

      已設定 resource 內容類型。這表示回應中也應傳回 resource 中繼資料。如果未設定內容類型,系統只會傳回每個資產的基本資訊,例如資產名稱、上次更新時間,以及所屬專案。

    清除所用資源

    如要避免系統向您的 Google Cloud 帳戶收取本頁所用資源的費用,請按照下列步驟操作。

    1. 前往 Google Cloud 控制台的「VM instances」(VM 執行個體) 頁面

      前往 VM 執行個體

    2. 找出您建立的 VM 執行個體,然後按一下該列中的「More actions」(更多動作)

    3. 按一下「Delete」(刪除),然後確認刪除。

    後續步驟

    • 如要瞭解更多查看資產的相關選項,請參閱「列出資產」。