📋 Cheat Sheets
· 3 min read

Google Cloud (gcloud) CLI Cheat Sheet — Commands You'll Actually Use

Some links in this article are affiliate links. We earn a commission at no extra cost to you when you purchase through them. Full disclosure.

Click any command to expand the explanation and examples. Using multiple clouds? See our AWS CLI cheat sheet and AWS vs GCP vs Azure comparison.

🔧 Setup & Config

gcloud init / auth setup
# Initial setup (interactive)
gcloud init

Login


gcloud auth login
gcloud auth application-default login   # For local dev with client libraries


Check current config


gcloud config list


Set project


gcloud config set project my-project-id


Set region/zone


gcloud config set compute/region europe-west1
gcloud config set compute/zone europe-west1-b


Switch between configurations


gcloud config configurations create staging
gcloud config configurations activate staging
gcloud config configurations list

gcloud info / projects setup
# Current project and account
gcloud config get-value project
gcloud config get-value account

List projects


gcloud projects list


Describe a project


gcloud projects describe my-project-id


Set project for single command


gcloud compute instances list —project other-project

🖥️ Compute Engine — VMs

gcloud compute instances compute
# List instances
gcloud compute instances list

Create instance


gcloud compute instances create my-vm 

—machine-type=e2-medium 

—zone=europe-west1-b 

—image-family=debian-12 

—image-project=debian-cloud


SSH into instance


gcloud compute ssh my-vm —zone=europe-west1-b


Start / stop / delete


gcloud compute instances start my-vm —zone=europe-west1-b
gcloud compute instances stop my-vm —zone=europe-west1-b
gcloud compute instances delete my-vm —zone=europe-west1-b


Describe (get details)


gcloud compute instances describe my-vm —zone=europe-west1-b

Firewall rules compute
# List rules
gcloud compute firewall-rules list

Allow HTTP


gcloud compute firewall-rules create allow-http 

—allow=tcp:80 

—target-tags=http-server


Allow SSH from specific IP


gcloud compute firewall-rules create allow-ssh 

—allow=tcp:22 

—source-ranges=1.2.3.4/32


Delete rule


gcloud compute firewall-rules delete allow-http

📦 Cloud Storage

gcloud storage / gsutil storage
# List buckets
gcloud storage ls

List objects


gcloud storage ls gs://my-bucket/
gcloud storage ls gs://my-bucket/** —recursive


Copy files


gcloud storage cp file.txt gs://my-bucket/
gcloud storage cp gs://my-bucket/file.txt ./
gcloud storage cp -r ./dist gs://my-bucket/


Sync (like rsync)


gcloud storage rsync ./dist gs://my-bucket/ —delete-unmatched-destination-objects


Create bucket


gcloud storage buckets create gs://my-new-bucket —location=europe-west1


Delete


gcloud storage rm gs://my-bucket/file.txt
gcloud storage rm gs://my-bucket/** —recursive


Make public


gcloud storage objects update gs://my-bucket/file.txt —add-acl-grant=entity=allUsers,role=READER

🚀 Cloud Run — Serverless Containers

gcloud run run
# Deploy from source (builds automatically)
gcloud run deploy my-service --source . --region=europe-west1

Deploy from container image


gcloud run deploy my-service —image=gcr.io/my-project/my-app —region=europe-west1


List services


gcloud run services list


Get URL


gcloud run services describe my-service —region=europe-west1 —format=‘value(status.url)‘


Set environment variables


gcloud run services update my-service —set-env-vars=“KEY=value,DB=prod” —region=europe-west1


View logs


gcloud run services logs read my-service —region=europe-west1


Allow unauthenticated access


gcloud run services add-iam-policy-binding my-service 

—member=“allUsers” —role=“roles/run.invoker” —region=europe-west1


Delete


gcloud run services delete my-service —region=europe-west1

👤 IAM

gcloud iam iam
# List service accounts
gcloud iam service-accounts list

Create service account


gcloud iam service-accounts create deploy-bot —display-name=“Deploy Bot”


Create key for service account


gcloud iam service-accounts keys create key.json —iam-account=deploy-bot@my-project.iam.gserviceaccount.com


Grant role to user


gcloud projects add-iam-policy-binding my-project 

—member=“user:alice@example.com

—role=“roles/editor”


Grant role to service account


gcloud projects add-iam-policy-binding my-project 

—member=“serviceAccount:deploy-bot@my-project.iam.gserviceaccount.com

—role=“roles/storage.admin”


View IAM policy


gcloud projects get-iam-policy my-project

📊 Logging

gcloud logging logs
# Read recent logs
gcloud logging read "resource.type=cloud_run_revision" --limit=50

Filter by severity


gcloud logging read “severity>=ERROR” —limit=20


Filter by time


gcloud logging read “timestamp>=“2026-03-14T00:00:00Z"" —limit=50


Stream logs (live tail)


gcloud logging tail “resource.type=cloud_run_revision”


Logs for specific service


gcloud logging read “resource.type=cloud_run_revision AND resource.labels.service_name=my-service” —limit=20

Quick access: Raycast lets you search commands, snippets, and cheat sheets instantly from your keyboard. Free for Mac.

Related: aws cli cheat sheet · azure cli cheat sheet · aws vs gcp vs azure

You might also like

AWS CLI Cheat Sheet — Every Command You'll Actually Use

Interactive AWS CLI cheat sheet covering S3, EC2, Lambda, IAM, CloudFormation, and more. Stop digging through AWS docs.

Azure CLI Cheat Sheet — Commands You'll Actually Use

Interactive Azure CLI (az) cheat sheet covering VMs, storage, App Service, resource groups, and identity. Stop digging through Microsoft docs.

Terraform Cheat Sheet — Commands, Syntax, and Common Patterns

Interactive Terraform cheat sheet covering CLI commands, HCL syntax, state management, modules, and common infrastructure patterns. Bookmark this.

Claude Code Cheat Sheet: Every Command and Shortcut (2026)

Quick reference for Claude Code commands, slash commands, keyboard shortcuts, permission settings, and context management.