{"id":20657766,"url":"https://github.com/boltops-tools/terraform-workshop-google","last_synced_at":"2025-07-13T00:36:11.923Z","repository":{"id":91684915,"uuid":"282360097","full_name":"boltops-tools/terraform-workshop-google","owner":"boltops-tools","description":"Simple Terraform Workshop for Google Cloud","archived":false,"fork":false,"pushed_at":"2020-08-03T00:57:37.000Z","size":12,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-17T11:32:34.397Z","etag":null,"topics":["boltops","terraform"],"latest_commit_sha":null,"homepage":"","language":"HCL","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/boltops-tools.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-25T03:08:12.000Z","updated_at":"2020-08-03T00:57:39.000Z","dependencies_parsed_at":"2023-07-11T08:00:38.618Z","dependency_job_id":null,"html_url":"https://github.com/boltops-tools/terraform-workshop-google","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boltops-tools%2Fterraform-workshop-google","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boltops-tools%2Fterraform-workshop-google/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boltops-tools%2Fterraform-workshop-google/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/boltops-tools%2Fterraform-workshop-google/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/boltops-tools","download_url":"https://codeload.github.com/boltops-tools/terraform-workshop-google/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":242768074,"owners_count":20182098,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["boltops","terraform"],"created_at":"2024-11-16T18:23:02.253Z","updated_at":"2025-03-09T23:46:40.281Z","avatar_url":"https://github.com/boltops-tools.png","language":"HCL","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Simple Terraform Tutorial Workshop for Google Cloud\n\nIn this workshop, we'll create a Google Cloud Storage bucket with Terraform.  For simplicity, we'll use local storage for the statefile. Local storage should only be used for light testing. For real-world usage, you should use a remote backend.\n\n## Configure Google Cloud\n\nConfigure Google Cloud so Terraform can connect to it. The recommended way is to:\n\n1. set up the `~/.gcp/credentials.json`\n2. set up `GOOGLE_APPLICATION_CREDENTIALS`, `GOOGLE_PROJECT`, `GOOGLE_REGION`, and `GOOGLE_ZONE` environment variables\n\n## Example\n\nTo configure your `GOOGLE_APPLICATION_CREDENTIALS` you need to set up a service account. Follow the Google [Getting Started with Authentication](https://cloud.google.com/docs/authentication/getting-started).\n\nYou'll download a JSON credentials file that looks something like the following. This is just an example:\n\n~/.gcp/credentials.json\n\n```json\n{\n  \"type\": \"service_account\",\n  \"project_id\": \"project-123456\",\n  \"private_key_id\": \"06410f6eb4d7701419afbaceb21d9a239EXAMPLE\",\n  \"private_key\": \"-----BEGIN PRIVATE KEY-----\\n...==\\n-----END PRIVATE KEY-----\\n\",\n  \"client_email\": \"name@project-123456.iam.gserviceaccount.com\",\n  \"client_id\": \"109186985834EXAMPLE\",\n  \"auth_uri\": \"https://accounts.google.com/o/oauth2/auth\",\n  \"token_uri\": \"https://oauth2.googleapis.com/token\",\n  \"auth_provider_x509_cert_url\": \"https://www.googleapis.com/oauth2/v1/certs\",\n  \"client_x509_cert_url\": \"https://www.googleapis.com/robot/v1/metadata/x509/name%40project-123456.iam.gserviceaccount.com\"\n}\n```\n\nIn your `~/.bashrc` or `~/.profile`, use these lines to set environment variables:\n\n    export GOOGLE_APPLICATION_CREDENTIALS=~/.gcp/credentials.json\n    # The rest of the environment variables are used by the Google terraform provider. See: https://www.terraform.io/docs/providers/google/guides/provider_reference.html#project-1\n    export GOOGLE_PROJECT=$(cat ~/.gcp/credentials.json  | jq -r '.project_id')\n    export GOOGLE_REGION=us-central1\n    export GOOGLE_ZONE=us-central1-a\n\nNote, it makes use of the `jq` command to grab the `GOOGLE_PROJECT` from the `credentials.json` file. You can either install jq or just add the actual value of your google project id.\n\n## Test Google API Access\n\nTo check that GOOGLE_APPLICATION_CREDENTIALS is valid and is working you can use the [boltops-tools/google_check](https://github.com/boltops-tools/google_check) test script to check. Here are the summarized commands:\n\n    git clone https://github.com/boltops-tools/google_check\n    cd google_check\n    bundle\n    bundle exec ruby google_check.rb\n\nYou should see something like this:\n\n    $ bundle exec ruby google_check.rb\n    Listing gcs buckets as a test\n    my-gcs-bucket\n    Successfully connected to Google API with your GOOGLE_APPLICATION_CREDENTIALS\n    $\n\nNote, if there are no buckets in the project, then no buckets will be listed, but you'll still get a \"Successfully connected\" message\n\n## Deploy\n\n    terraform init\n    terraform apply\n\nExample with output:\n\n    $ terraform apply\n\n    An execution plan has been generated and is shown below.\n    Resource actions are indicated with the following symbols:\n      + create\n\n    Terraform will perform the following actions:\n\n      # google_storage_bucket.this will be created\n      + resource \"google_storage_bucket\" \"this\" {\n          + bucket_policy_only = false\n          + force_destroy      = false\n          + id                 = (known after apply)\n          + location           = \"US\"\n          + name               = (known after apply)\n          + project            = (known after apply)\n          + self_link          = (known after apply)\n          + storage_class      = \"STANDARD\"\n          + url                = (known after apply)\n        }\n\n      # random_pet.this will be created\n      + resource \"random_pet\" \"this\" {\n          + id        = (known after apply)\n          + length    = 2\n          + separator = \"-\"\n        }\n\n    Plan: 2 to add, 0 to change, 0 to destroy.\n\n    Do you want to perform these actions?\n      Terraform will perform the actions described above.\n      Only 'yes' will be accepted to approve.\n\n      Enter a value:\n\nYou're prompted to confirm. Type `yes` and press enter:\n\n      Enter a value: yes\n\n    random_pet.this: Creating...\n    random_pet.this: Creation complete after 0s [id=whole-perch]\n    google_storage_bucket.this: Creating...\n    google_storage_bucket.this: Creation complete after 0s [id=bucket-whole-perch]\n\n    Apply complete! Resources: 2 added, 0 changed, 0 destroyed.\n\n    Outputs:\n\n    url = gs://bucket-whole-perch\n\nYou can see a bucket was created.\n\n## Explore\n\nIt is useful to explore some of the files that Terraform created. This helps understand what Terraform does and how it works.\n\nThe previous commands created a `.terraform` folder and a `terraform.tfstate` file.  They'll look something like this:\n\n    ├── .terraform\n    │   └── plugins\n    │       └── linux_amd64\n    │           ├── lock.json\n    │           ├── terraform-provider-google_v3.31.0_x5\n    │           └── terraform-provider-random_v2.3.0_x4\n    └── terraform.tfstate\n\nWhen you ran `terraform init`, terraform evaluated your Terraform code and detected that it needed to download the google and random provider plugins. This is how Terraform knows how to create the google resources.\n\nThen when you ran `terraform apply` it applied the changes and created the Google Storage Bucket. Since we did not configure a backend.tf, the state information is stored locally in the `terraform.tfstate`. Go ahead and check out the contents of the file. Here's a `cat` command with `jq` to check out the file:\n\n    cat terraform.tfstate | jq\n\nHere's also relevant part of the statefile.\n\n```json\n{\n...\n  \"resources\": [\n    {\n      \"mode\": \"managed\",\n      \"type\": \"google_storage_bucket\",\n      \"name\": \"this\",\n      \"provider\": \"provider.google\",\n      \"instances\": [\n        {\n          \"schema_version\": 0,\n          \"attributes\": {\n            \"bucket_policy_only\": false,\n            \"cors\": [],\n            \"default_event_based_hold\": false,\n            \"encryption\": [],\n            \"force_destroy\": false,\n            \"id\": \"bucket-whole-perch\",\n            \"labels\": null,\n            \"lifecycle_rule\": [],\n            \"location\": \"US\",\n            \"logging\": [],\n            \"name\": \"bucket-whole-perch\",\n            \"project\": \"foobar-123456\",\n            \"requester_pays\": false,\n            \"retention_policy\": [],\n            \"self_link\": \"https://www.googleapis.com/storage/v1/b/bucket-whole-perch\",\n            \"storage_class\": \"STANDARD\",\n            \"url\": \"gs://bucket-whole-perch\",\n            \"versioning\": [],\n            \"website\": []\n          },\n          \"private\": \"bnVsbA==\",\n          \"dependencies\": [\n            \"random_pet.this\"\n          ]\n        }\n      ]\n    },\n...\n```\n\nThis is how terraform keeps track of what has been created and how to the manage the resources. As such, this is a crucial file.  In real-world usage, the statefile is stored in a remote backend like a GCS bucket and versioned.\n\n## Cleanup\n\nLet's clean up and delete the resources now.\n\n    terraform destroy\n\nYou'll be prompted. Type `yes` to confirm.\n\nTake another look at the `terraform.tfstate` file.\n\n    cat terraform.tfstate | jq\n\nYou'll see something like this:\n\n```json\n{\n  \"version\": 4,\n  \"terraform_version\": \"0.12.29\",\n  \"serial\": 6,\n  \"lineage\": \"e52eac51-f848-081f-0f26-fd3711354740\",\n  \"outputs\": {},\n  \"resources\": []\n}\n```\n\nYou can see that the statefile also reflects that there are no resources.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboltops-tools%2Fterraform-workshop-google","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fboltops-tools%2Fterraform-workshop-google","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fboltops-tools%2Fterraform-workshop-google/lists"}