Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Sort of related: using Claude code with the gcloud CLI, only allowing read only commands (and of course no ssh), and with supervision, is such a superpower. I don’t think I can go back to debugging my infra manually. It’s like all use of Claude code, not a fire and forget, you have to guide and correct it, but that’s so much faster and easier than dealing directly with the mess GCP APIs is


> only allowing read only commands

Out of curiosity, how do you do that? I have no experience with this tool, not I would ever thought to use it for infra, but you made me curious.


My assumption is by creating a service account with limited privileges and activating it for gcloud when running this.


Yes, in the meantime I figured out it's basically assigning it the Reader IAM role in GCP.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: