Geekflare
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
By Chandan Kumar in Cloud Computing  |  Last updated: September 14, 2019
Share on:

Script to Monitor Google Cloud Unused External IP

gcp
Invicti Web Application Security Scanner – the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

Get notified when Google Cloud external static IP is not in used so you can release them to save money.

I was going through my Google Cloud Platform (GCP) bill and noticed this:

It’s not Google fault but me. I reserved a static IP but forgot to release after deleting the VM. It happens, and I guess it wouldn’t be just me.

I looked around the GCP console and couldn’t find any option to alert when static IP is not in use. Maybe a product feature request.

But, I am not going to repeat the mistake.

Thanks to Google Cloud SDK offering gcloud CLI which you can use in a script to do almost anything. I thought to write a script which will run every day and notify when any static IP is not in use. There are multiple ways to get notified, and the first convenient approach is email. But, I don’t run a mail server so I had to found some alternative.

Within a few minutes of search, I found Pushbullet. It is a notification system which can use to push the alert to Chrome, Firefox, Safari, Opera, Android, iOS, and Windows. Pretty much everything. What else I need?

You can guess Pushbullet is prerequisite now to get notified when you don’t have a mail server running on the server or wherever you want to run gcloud command.

If you decide to go to Pushbullet, then create a free account, set up where you want to get notified and go to Settings to generate an access token.

I assume you have the access token ready and working gcloud command on the server.

Here is the tiny script. Create a file with the below content, let’s say <span class="s1">gcp-unused-ip-monitor.sh</span>

#!/bin/bash

if gcloud compute addresses list | grep EXTERNAL | grep RESERVED ; then 
	curl -u $Access_TOKEN: https://api.pushbullet.com/v2/pushes -d type=note -d title="Google Cloud IP NOT_INUSE" -d body="Some external IP is not in use"
else :
fi

Don’t forget to update $Access_TOKEN with the actual value.

Save the file and make it executable by giving execute permission.

chmod 755 gcp-unused-ip-monitor.sh

Run the script manually to verify the alert. If you have any unused IP, you will get an alert.

Above notification is from Chrome where I’ve configured Pushbullet to alert. But as mentioned above, you can push the alert to mobile devices or another browser. Choose what you prefer.

Now, we have a working script, and next, we need to run this every day, automatically.

To schedule script to run every day, let’s use Crontab which is available on UNIX-based OS.

Edit crontab with crontab -e and add the following

0 0 * * * $PATH/gcp-unused-ip-monitor.sh > /dev/null

Update $PATH to the path where the script is located. Above cron entry will run the script every midnight. You can adjust the run time based on your preference.

How easy is it?

Once you have an alert, you can go to GCP console and review the NOT IN USE IP and release them.

I hope this tiny script save you some $$$.

Tagged as
Thanks to our Sponsors
More great readings on Cloud Computing
Power Your Business
Some of the tools and services to help your business grow.
  • Invicti
    Invicti uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities and generate actionable results within just hours.
    Try Invicti
  • Brightdata
    Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.
    Try Brightdata
  • Semrush
    Semrush is an all-in-one digital marketing solution with more than 50 tools in SEO, social media, and content marketing.
    Try Semrush
  • Intruder
    Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.
    Try Intruder