How to list Google services which support VPC Service Controls

VPC Service Controls allow you to address threats such as data theft, accidental data loss, and excessive access to data stored in Google Cloud Platform. However, not all Google services support VPC service controls. The supported services are documented on the human readable web page called supported products. In this blog I present you with a utility to list all
supported services.

How to list supported services

To list all Google services which support VPC service controls, type:

$ pip install list-vpc-sc-supported-services
$ list-vpc-sc-supported-service
{
  beta = [
    "adsdatahub.googleapis.com",
    "cloudbuild.googleapis.com",
    ...
    "lifesciences.googleapis.com",
    "transcoder.googleapis.com",
  ]
  ga = [
    "accessapproval.googleapis.com",
    "aiplatform.googleapis.com",
    ...
    "vpcaccess.googleapis.com",
  ]
  preview = [
    "networkmanagement.googleapis.com",
    ...
  ]
}

It will list all of the supported services and the level of their support: GA, Beta or Preview.

Updating Hashicorp template

As the utility prints out a Terraform style dictionary of string lists, you can use it to programmatically update
a Terraform template. Given a template called locals.tf:

locals {
  vpc_sc_services = {}
}

You can update it by installing hcledit and type:

hcledit attributes set locals.vpc_sc_services \
    "$(list-vpc-sc-supported-services)" \
     --file locals.tf \
     --update

Conclusion

This utility makes it easy to generate the list of services which support VPC service controls. The utility scrapes
a HTML web page, so be sure to inspect the result of the output. It would be nice if Google would provide an official
API.

references

Mark van Holsteijn is a senior software systems architect, and CTO of binx.io. He is passionate about removing waste in the software delivery process and keeping things clear and simple.
Share this article: Tweet this post / Post on LinkedIn