DEV Community

Srinivasulu Paranduru for cloudteachable

Posted on • Edited on

1

How To Authenticate GCP Cloud Infra using Service Account with IAC Terraform

Authenticating your google cloud infra in terraform using service accounts

Step 1:How to create a service account to authenticate your google cloud
Login to google cloud console -> Search for IAM, then click on service accounts in the left side and follow as per the image for creating new service account

Step 1.1:

Image description

Step 1.2: Enter Service account name and Service account id will be automatically populated and then click on create and continue

Image description

Step 1.3:

Select Role as Owner as per the below picture

Image description

Image description

Step 1.4 Keep the values as it is and click on continue

Image description

Step 1.5: Select the service account created

Image description

Step 1.6: Click on keys

Image description

Step 1.7: Create new keys

Image description

Step 1.8:

Image description

Step 1.9: It will download json file with the key information, save it where needed it to be

Image description

Step 1.10: finally message after saving key in your system

Image description

Step 2:Provision Google cloud storage

List of files in my IAC code

GCP_Infra(Folder name)

  • storage.tf
  • provider.tf
  • svc.json [This is the key downloaded from Step 1.9 and renamed file]
  • variable.tf

Step 2.1: provider.tf file code snippet

terraform {
  required_providers {
    google = {
      source  = "hashicorp/google"
      version = "6.12.0"
    }
  }
}

provider "google" {
  # Configuration options  
  project     = "Project_ID"
  region      = "us-central1"
  zone        = "us-central1-c"
  credentials = "svc.json"
}

Enter fullscreen mode Exit fullscreen mode

Note : Replace Project_ID by taking the value from google console.
region, zone are to be updated as per your project needs

Step 2.2: storage.tf file code snippet

resource "google_storage_bucket" "my_bucket" {
  name          = "srinivas-letterkenny-ireland"
  location      = "US"
  force_destroy = true

  lifecycle_rule {
    action {
      type = "Delete"
    }

    condition {
      age = 30
    }
  }
}



Enter fullscreen mode Exit fullscreen mode

Step 2.3: variable.tf file code snippet

variable "gcp_project" {
  type    = string
}

variable "gcp_region" {
  type    = string
  default = "US"
}

variable "gcp_svc_key" {
  type    = string
  default = "svc.json"
}
Enter fullscreen mode Exit fullscreen mode

Step 3:Provision Google cloud VM
List of files in my IAC code

GCP_Infra(Folder name)

  • vm.tf
  • provider.tf
  • svc.json [This is the key downloaded from Step 1.9 and renamed file]
  • variable.tf

Step 3.1: vm.tf file code snippet

resource "google_compute_instance" "vm_instance" {
  name         = "terraform-instance"
  machine_type = "e2-micro"

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-11"
    }
  }

  network_interface {
    # A default network is created for all GCP projects
    network = "default"
    access_config {
    }
  }
}
Enter fullscreen mode Exit fullscreen mode

Note : provider.tf, svc.json and variable.tf can be copied from storage

Other ways to authenticate gcp cloud

Image description

Conclusion : How To Authenticate GCP Cloud Infra using Service Account with IAC Terraform. Shared terraform code for google cloud storage and vm.
💬 If you enjoyed reading this blog post and found it informative, please take a moment to share your thoughts by leaving a review and liking it 😀 and follow me in dev.to , linkedin

Do your career a big favor. Join DEV. (The website you're on right now)

It takes one minute, it's free, and is worth it for your career.

Get started

Community matters

Top comments (0)

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay