https://github.com/sylvioneto/gcp-cloud-foundation
This project helps you to create a foundation infrastructure for your GCP project
https://github.com/sylvioneto/gcp-cloud-foundation
cloud gcp google terraform
Last synced: about 1 year ago
JSON representation
This project helps you to create a foundation infrastructure for your GCP project
- Host: GitHub
- URL: https://github.com/sylvioneto/gcp-cloud-foundation
- Owner: sylvioneto
- Created: 2022-08-18T13:40:38.000Z (almost 4 years ago)
- Default Branch: main
- Last Pushed: 2022-08-26T17:09:16.000Z (almost 4 years ago)
- Last Synced: 2025-02-09T07:15:55.267Z (over 1 year ago)
- Topics: cloud, gcp, google, terraform
- Language: HCL
- Homepage:
- Size: 15.6 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# GCP - Cloud Foundation
## Description
This project demonstrates how to create a foundation for your GCP project so that you can start building your systems following the best practices.
Resources created:
- VPC
- Firewall rules
- Subnets
- NAT
- Docker repository
## Deploy
1. Create a new project and select it.
2. Open Cloud Shell and ensure the var below is set, otherwise set it with `gcloud config set project` command
```
echo $GOOGLE_CLOUD_PROJECT
```
3. Create a bucket to store your project's Terraform state
```
gsutil mb gs://$GOOGLE_CLOUD_PROJECT-tf-state
```
4. Enable the necessary APIs
```
gcloud services enable cloudbuild.googleapis.com \
compute.googleapis.com \
container.googleapis.com \
cloudresourcemanager.googleapis.com \
containersecurity.googleapis.com \
datamigration.googleapis.com \
servicenetworking.googleapis.com \
artifactregistry.googleapis.com \
sqladmin.googleapis.com \
vpcaccess.googleapis.com
```
5. Give permissions to Cloud Build for creating the resources
```
PROJECT_NUMBER=$(gcloud projects describe $GOOGLE_CLOUD_PROJECT --format='value(projectNumber)')
gcloud projects add-iam-policy-binding $GOOGLE_CLOUD_PROJECT --member=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com --role=roles/editor
gcloud projects add-iam-policy-binding $GOOGLE_CLOUD_PROJECT --member=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com --role=roles/compute.networkAdmin
gcloud projects add-iam-policy-binding $GOOGLE_CLOUD_PROJECT --member=serviceAccount:$PROJECT_NUMBER@cloudbuild.gserviceaccount.com --role=roles/iam.securityAdmin
```
6. Clone this repo into the Cloud Shell VM
```
git clone https://github.com/sylvioneto/gcp-cloud-foundation
cd gcp-cloud-foundation
```
7. Execute Terraform using Cloud Build
```
gcloud builds submit ./terraform --config cloudbuild.yaml
```
8. (Optional) Customize [terraform.tfvars](./terraform/terraform.tfvars) according to your needs.
## Destroy
1. Execute Terraform using Cloud Build
```
gcloud builds submit ./terraform --config cloudbuild_destroy.yaml
```