Google Cloud CLI Skill

Installation

The skill invokes the gcloud CLI. Install and initialize:

• Linux/macOS: curl https://sdk.cloud.google.com | bash then restart shell and run gcloud init
• Windows: Download Google Cloud SDK installer or use PowerShell to download and run

Verify: gcloud --version. Configure: gcloud init

Cheat Sheet & Best Practices

Config: gcloud config set project <id>; gcloud config list; gcloud config configurations create/activate <name> — switch projects.

Auth: gcloud auth login; use --impersonate-service-account for SA; --access-token-file for CI.

Hacks: Use --format="table(name,zone,status)" or --format=json + jq to cut output. Use --flags-file=file.yaml for long or repeated flags. Use named configurations for dev/staging/prod. Run gcloud components update periodically.

Certifications & Training

Free: Google Cloud Learn and Google Skills — Innovators Program (35 credits/month). Certs: Cloud Digital Leader, Cloud Engineer (associate), Cloud Architect/DevOps (professional). Skill data: Config, auth, compute/storage/IAM; no exposed service-account keys.

Hooks & Workflows

Suggested hooks: Pre-deploy: gcloud config get-value project. Use when devops is routed for GCP tasks (contextual: gcp_project).

Workflows: Use with devops (contextual: gcp_project). Flow: detect GCP → load gcloud-cli → run CLI via skill script.

Overview

Google Cloud Platform CLI operations. 90%+ context savings.

Requirements

• gcloud CLI installed
• GOOGLE_PROJECT_ID environment variable
• Authenticated via gcloud auth

Tools (Progressive Disclosure)

Compute

Tool	Description	Confirmation
instances-list	List VM instances	No
instances-create	Create VM	Yes
instances-delete	Delete VM	REQUIRED

Storage

Tool	Description	Confirmation
storage-ls	List buckets/objects	No
storage-cp	Copy objects	Yes
storage-rm	Delete objects	Yes

IAM

Tool	Description
iam-list	List IAM policies
service-accounts	List service accounts

Logging

Tool	Description
logs-read	Read logs
logs-tail	Tail logs in real-time

BLOCKED

Tool	Status
projects delete	BLOCKED
iam-policy delete	BLOCKED

Agent Integration

• devops (primary): Cloud operations
• gcp-cloud-agent (primary): GCP specific
• cloud-integrator (secondary): Multi-cloud

Security

⚠️ Never expose service account keys ⚠️ Resource deletion requires confirmation

Memory Protocol (MANDATORY)

Before starting: Read .claude/context/memory/learnings.md

After completing:

• New pattern -> .claude/context/memory/learnings.md
• Issue found -> .claude/context/memory/issues.md
• Decision made -> .claude/context/memory/decisions.md

ASSUME INTERRUPTION: If it's not in memory, it didn't happen.