gcloud compute project-info describe - Get SSH-key usernames without associated keys

Question

I've been tasked with getting a list of all the project-level SSH keys throughout our projects and to remove those who have left our company.

In my brief search this afternoon, I've managed to get a list within a singular project using:

gcloud compute project-info describe --format="table(commonInstanceMetadata.items.ssh-keys)"

However, this provides a list of strings of usernames mixed with the ssh-rsa keys, like:

username1:ssh-rsa [proceeded by key]

username2:ssh-rsa [proceeded by key]

username2:ssh-rsa [proceeded by key]

Is there a way to separate these to get a list of just usernames without the rsa-ssh keys, similar to how the metadata is presented within the GCP console?

Answer 1

Edit1

Please try with the following command:

gcloud compute project-info describe --format="table(commonInstanceMetadata.items.ssh-keys)"  | cut -d ":" -f 1

It will give you something like

SSH-KEYS
username1
username2
username3

To format only with gcloud is a little hard, please try with regular expression like cut or sed.

Edit2

Also you can find interesting the following code, it gets all the metadata user information from all your projects.

#!/bin/bash
for project in $(gcloud projects list --format="value(projectId)")
   do
      echo "ProjectId: $project"
      for user in $(gcloud compute project-info describe --project=$project -- 
         format="table[no-heading](commonInstanceMetadata.items.ssh-keys)" | grep -v ecdsa-sha2-nistp256 | cut -d ":" -f 1)
      do
         echo " -> User $user"
   done
done

The output will be something like:

ProjectId: project-test-288915
 -> User myuser_super
ProjectId: project-test-274519
 -> User user1
 -> User user2