Skip to content
/ gcpmetadataexplorer Public

A web-based interface for browsing and inspecting the GCP metadata server.

License

MIT license
5 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

UnitVectorY-Labs/gcpmetadataexplorer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

43 Commits
.github
.github
 
 
assets
assets
 
 
static
static
 
 
templates
templates
 
 
.clip4llm
.clip4llm
 
 
.dockerignore
.dockerignore
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

GitHub release License Active

gcpmetadataexplorer

A web-based interface for browsing and inspecting the GCP metadata server.

Overview

gcpmetadataexplorer is a web application designed for deployment on GCP to explore data available from the GCP metadata server. The metadata server can be accessed at http://metadata.google.internal/computeMetadata/v1 when running on a VM or container in GCP and is used to provide information about the instance, project, and service account. This application provides a user-friendly interface for browsing the metadata server and inspecting the data available including the various URLs for accessing metadata.

Application Interface

The purpose of this application is to provide a simple interface for developers to explore the GCP metadata server. This is not intended for use in a production envirionment. The GCP metadata server has several quirks when it comes to the query responses that are easily demonstrated with this application. The service can return responses in plain text or JSON format, depending on the query parameters. Recursive queries can also be made at multiple levels returning various subsets of data. The application allows for navigating this hierarchy showing what the various types of requests return as a response.

The metadata server is also capable of returning both GCP access tokens and identity tokens. This functionality is disabled by default due to the security implications of accidentally exposing these tokens. The application can be configured to allow access to these tokens through the interface but care should be taken to ensure that the application is not exposed to the public internet.

Usage

The latest gcpmetadataexplorer Docker image is available for deployment from GitHub Packages at ghcr.io/unitvectory-labs/gcpmetadataexplorer.

You can easily deploy this application locally to test it out with the following command:

docker run -p 8080:8080 -e ALLOW_TOKENS=false ghcr.io/unitvectory-labs/gcpmetadataexplorer:v0.2.1

However, running outside of GCP all you will get is the "Error: Failed to fetch metadata from the metadata server" error.

⚠️ Security Warning ⚠️

The GCP metadata server is a powerful API that must not be exposed to the public internet. Improper use of this application could pose serious security risks. To ensure security, take precautions such as using Identity-Aware Proxy (IAP) to restrict access.

Be aware of the potential security issues before enabling the ALLOW_TOKENS environment variable.

Configuration

The application is configurable through environment variables. Below are the available configurations:

  • ALLOW_TOKENS: Enables access to access tokens and identity tokens through the interface. This feature is disabled by default. Set to true to enable.

About

A web-based interface for browsing and inspecting the GCP metadata server.

Topics

gcp htmx

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

5 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 5

v0.2.1 Latest
Feb 15, 2025
+ 4 releases

Packages

 
 
 

Contributors 2

  •  
  •  

Languages