Protect from Delete GCP project
2 min readJun 25, 2021
Well, it’s simple command does the delete project. That can be catastrophic if you have wrongly typed project name. Well, Google helps you to recover/ undelete project for a month of timeframe. That too can be prevented with help of Lien. Let’s learn about same.
Delete Project Basic Command
Below is the simple command does the project delete on GCP.
gcloud projects delete one-click-tbd
Your project will be deleted.Do you want to continue (Y/n)? YDeleted [https://cloudresourcemanager.googleapis.com/v1/projects/one-click-tbd].You can undo this operation for a limited period by running the command below.
$ gcloud projects undelete one-click-tbdSee https://cloud.google.com/resource-manager/docs/creating-managing-projects for information on shutting down projects.
Setup LEIN for project
Below is the simple command does the project delete on GCP.
gcloud alpha resource-manager liens create \
--restrictions=resourcemanager.projects.delete \
--reason="Super important production system"Check that is applied:
gcloud alpha resource-manager liens listNAME ORIGIN REASON
p151505267786-la6de8a11-573d-4724-8219-ed5a8669d2d2 user@companydomain.com Super important production system
Error while Project deletion as LIEN created
Now try removing project it will throw error.
gcloud projects delete one-click-not-tobedeleted
Your project will be deleted.Do you want to continue (Y/n)? YERROR: (gcloud.projects.delete) FAILED_PRECONDITION: Precondition check failed.
- '@type': type.googleapis.com/google.rpc.PreconditionFailure
violations:
- description: A lien to prevent deletion was placed on the project by [xpn.googleapis.com].
Remove the lien to allow deletion.
subject: liens/p151505267786-la6de8a11-573d-4724-8219-ed5a8669d2d2
type: LIEN
- '@type': type.googleapis.com/google.rpc.Help
links:
- description: Troubleshooting project deletion
url: https://cloud.google.com/resource-manager/docs/troubleshooting-project-deletion
- '@type': type.googleapis.com/google.rpc.ErrorInfo
domain: cloudresourcemanager.googleapis.com
reason: PROJECT_DELETE_LIEN
Reference