Create a basic GCP project with terraform
This guide is a walkthrough for creating a GCP project using terraform. It is the first part of the Deploy dash dashboard to GCP series where the goal is to create a basic dashboard application using Dash and deploying it on GCP’s Cloud Run.
This entire series consists of
- create a basic GCP project with terraform
- create a dashboard app with plot.ly’s Dash
- deploy the dashboard to GCP cloud run (Coming soon)
In this first part we’ll create a GCP project using terraform, no credit card or other payments are required for this specific guide.
TL;DR
This guide explains why and especially how to create an empty project on GCP using terraform. The code examples can be found on https://github.com/brunodd/gcp-dash-tf/tree/01-personal-gcp-project
Why terraform?
Terraform is an Infrastructure as Code (or IaC) software tool which supports all main cloud providers and many others. Instead of creating and managing infrastructure using the web console, definitions of the infrastructure are written in a configuration-like format. This has several advantages, some of which are described below:
- versioning: declaring infrastructure using plain text files allows for versioning using well-known tools such as git.
- built-in documentation: If no other documentation is ever written (which is not recommended!), you will always be able to see what systems, tools, configurations, etc are in place by inspecting the terraform configuration.
- reproducibility: Once your infrastructure is defined the way you want it to be, it will literally take only a single command to fully destroy or fully create the various components.
More information is freely available on medium, youtube or other platforms.
Getting started
Authenticate with a google account
Assuming you have a google account to work with (a gmail account will suffice), start by installing the gcloud command: https://cloud.google.com/sdk/docs/install. Then run 2 commands before being able to use terraform with GCP:
# Obtain local credentials for your account gcloud auth login
Log-in and grant access when prompted.
# Allow the terraform SDK to use your account credentials gcloud auth application-default login
Log-in and grant access when prompted again.
Define a project
Now that we have a locally authenticated google account, we can continue with defining a GCP project. As we proceed we’ll incorporate some best practices to make the project safer and the terraform configuration more readable. For now however, we’ll start with the basics.
Create a directory that will contain your project. In the root of that directory, create a dedicated directory for your infrastructure, containing a file called main.tf.
My directory structure looks like this
gcp_project |____infra | |____main.tf
In main.tf add the following
provider "google" {} resource "google_project" "my-demo" { name = "my-demo-project" project_id = "my-demo-project-asdf" # TODO: rename project_id (between 6 and 30 chars) }
Let’s go over the various parts of the file:
- provider “google” {} Terraform has support for many providers. This line lets terraform know we’re using google as the provider of the resources and data objects. These resources and data objects are the most important components of the terraform file.
- resource “google_project” “my-demo” This resource is a google_project, more information on this resource can be found in the documentation. In this case we’re defining a project called my-demo-project. If you want to try this along, be aware that the project name has to be globally unique. Therefor it is a good idea to change it and perhaps add a random suffix (e.g. terraform-test-project-hcle)
Install terraform
Install terraform by following the terraform documentation.
On my Macbook Pro with M1 chip, I installed using homebrew:
brew install hashicorp/tap/terraform
Create the project
Initialise the terraform working directory. This step downloads the resource objects from the specified provider;
terraform init
The final step before creating the project is to validate the actions that terraform will take. You do this with the command;
terraform plan
This will yield output similar to what’s below:
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + createTerraform will perform the following actions: # google_project.my-demo will be created + resource "google_project" "my-demo" { + auto_create_network = true + id = (known after apply) + name = "my-demo-project" + number = (known after apply) + project_id = "my-demo-project-asdfsd" + skip_delete = (known after apply) }Plan: 1 to add, 0 to change, 0 to destroy.
This tells us what we expected: A new project will be created. It will have the name my-demo-project and the project ID my-demo-project-asdfsd (which has to be globally unique). The name can be changed at a later time, the project_id is fixed.
Now that we’ve verified the actions, the final step is to apply the configuration with
terraform apply
This will start the project generation, which needs to be verified by entering yes when prompted. On my machine (MBP with M1 Pro chip) this takes 23s but YMMV. The output is the following
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols: + createTerraform will perform the following actions: # google_project.my-demo will be created + resource "google_project" "my-demo" { + auto_create_network = true + id = (known after apply) + name = "my-demo-project" + number = (known after apply) + project_id = "my-demo-project-asdfsd" + skip_delete = (known after apply) }Plan: 1 to add, 0 to change, 0 to destroy.Do you want to perform these actions? Terraform will perform the actions described above. Only 'yes' will be accepted to approve. Enter a value: yesgoogle_project.my-demo: Creating... google_project.my-demo: Still creating... [10s elapsed] google_project.my-demo: Still creating... [20s elapsed] google_project.my-demo: Creation complete after 23s [id=projects/my-demo-project-asdfsd]
Congratulations! You’ve just created a GCP project using terraform. To inspect it, navigate to https://console.cloud.google.com/home/dashboard?project=my-demo-project-asdfsd
Remember to replace the project id in the URL with the value for project_id you defined in main.tf.
Remark: destroyed project still ‘exists’ for 30 days, recreating it with same name will return Error 409: Requested entity already exists, alreadyExists.
This concludes the first part of the series. All code samples can be found on github via https://github.com/brunodd/gcp-dash-tf/tree/personal-gcp-projec. You can find the original article on Medium, you will find all the latest updates there.