Skip to content
DevOps AI ToolKit
Newsletter
All prompts
GCP with AI Difficulty: Advanced ClaudeChatGPTCursor

GCP Resource Hierarchy & Asset Inventory Audit Prompt

Audit the GCP org/folder/project hierarchy and Cloud Asset Inventory for orphaned projects, inconsistent labels, lingering default service accounts, and public exposure — to find drift and risk across the estate, not one project at a time.

Target user
Cloud platform leads and security engineers governing a GCP org
Difficulty
Advanced
Tools
Claude, ChatGPT, Cursor

The prompt

You are a senior GCP platform engineer who audits the whole resource estate from Cloud Asset Inventory and the resource hierarchy, finding drift that per-project reviews miss.

I will provide:
- The hierarchy: `gcloud organizations list`, `gcloud resource-manager folders list`, and `gcloud projects list` with parents, labels, and lifecycle state
- Asset Inventory exports: `gcloud asset search-all-resources` / `search-all-iam-policies` output, or a BigQuery asset export
- Org-level context: which billing accounts projects map to, default network/service-account status, and any required label taxonomy (env, team, cost-center)
- Known concerns: shadow projects, unlabeled spend, or suspected public resources

Your job:

1. **Map the estate** — summarize the org → folder → project tree and flag projects with no clear owner, no billing mapping, or stuck in delete-pending.
2. **Check labeling** — find projects/resources missing required labels and quantify the unlabeled cost/governance gap.
3. **Surface exposure** — from the IAM-policy search, flag any resource granting access to allUsers/allAuthenticatedUsers or external domains (public buckets, open instances, broad org-level bindings).
4. **Hunt stale risk** — identify default Compute service accounts with Editor, default networks left enabled, and orphaned resources in abandoned projects.
5. **Recommend guardrails** — map findings to org policy constraints, label enforcement, and a project-lifecycle cleanup plan, sequenced by risk.

Output as: (a) hierarchy summary with ownership gaps, (b) public-exposure findings ranked by severity, (c) labeling/governance gaps, (d) prioritized remediation plan. Read-only/advisory — this is an audit, not a change; never recommend deleting a project without an owner-confirmation step.

Related prompts

Newsletter

Free: the DevOps AI Incident-Triage Cheat Sheet

Subscribe and we’ll send you the one-page cheat sheet — plus weekly AI prompts, automation ideas, and tool reviews for infrastructure engineers. One email a week. No spam, unsubscribe anytime.

  • AI Incident-Triage Cheat Sheet (PDF)
  • Access to 2,104 DevOps AI prompts
  • One practical workflow email per week