Install gcloud command to interact with Google Cloud Platform from the command line.
Cloud Shell already has the
gcloudCLI pre-installed, so you can skip ahead to configure default zone and region.
Jump to the last section to configure default zone and region so you do not need to repeatedly specify it.
To install the
gcloudCLI on your local machine, follow the official installation guide for your platform and then follow the below steps to finish configuration.
If you are using Cloud Shell, jump to the last section to configure default zone and region so you do not need to repeatedly specify it.
Authenticate gcloud so that it can interact with Google Cloud Platform using your account.
gcloud auth login
gcloudso that you can run all the commands.
Set the default Project ID to your project.
gcloud config set project YOUR_PROJECT_ID
If you already have a project, run
gcloud projects listto list available projects. Find one and then set it as a default project.
In addition to authenticating gcloud, also authenticate Application Default Credentials (ADC). ADC is used by your application/microservices during local development to authenticate with cloud services.
gcloud auth application-default login
API calls to Google Cloud may be rate limited and subject to quotas. The quotas are typically tied to a Google Cloud Project. When you are running the application locally, and using the Application Default Credentials, the requests need to be associated with a project to account for usage quota. Typically, the Quota Project should be the same as the project that you are currently working with. In a larger organization, it can be a Project that's used for development purposes and not the production project.
When configuring the Application Default Credentials the first time, It will also configure a Quota Project to be the same as the default project you previously configured.
If needed, you can configure a different Quota Project:
gcloud auth application-default set-quota-project YOUR_PROJECT_ID
Application Default Credentials are used by client libraries when making calls to Google Cloud. This is different from the first gcloud Authenticate, which is for
gcloudto make calls to Google Cloud.
This will store the credential (OAuth refresh token) in a well-known location, such as
~/.config/gcloud/application_default_credentials.json. Google Cloud client libraries can automatically detect this file and use this credential.
A cloud resource can be Zonal, Regional, or Multi-Regional. For example, a VM is Zonal, because it can only live in a single availability zone. App Engine service is regional, because it's automatically distributed across multiple zones within a single Region. Cloud Storage can store your data in a Regional bucket, or a Multi-Regional bucket.
You can always specify the
regionwith each of the
gcloudcommand. If you primarily operate within a single zone or region, set the default
gcloud config set compute/region us-central1
gcloud config set compute/zone us-central1-c
gcloud config set run/region us-central1