public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-10-01 16:21:06 +00:00
Code Issues Projects Releases Wiki Activity

Introduce a new Google provider landing page, complementary pages. (#2065)

Browse Source 
* Introduce a new Google provider landing page, complementary pages.

* Review fixes.

* Link community tutorials, modules.

* Review comments pt 2.

* Review comments 3. Prioritize and tone.

* Review comments 3.1. Then -> Next.

* Paddy review comments.

* Review comments.
This commit is contained in:
Riley Karson 2018-09-21 12:49:32 -07:00 committed by GitHub
parent 14bac81a71
commit c6ceb36ec7
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 407 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

230
website/docs/getting_started.html.markdown Normal file
View File

@ -0,0 +1,230 @@
---
layout: "google"
page_title: "Getting Started with the Google provider"
sidebar_current: "docs-google-provider-getting-started"
description: |-
Getting started with the Google Cloud Platform provider
---
# Getting Started with the Google Provider
## Before you begin
* Create a project in the [Google Cloud Console](https://console.cloud.google.com/)
and set up billing on that project. Any examples in this guide will be part of
the [GCP "always free" tier](https://cloud.google.com/free/).
* [Install Terraform](https://www.terraform.io/intro/getting-started/install.html)
and read the Terraform getting started guide that follows. This guide will
assume basic proficiency with Terraform - it is an introduction to the Google
provider.
## Configuring the Provider
First create a Terraform config file named `"main.tf"`. Inside, you'll
want to include the following configuration:
```hcl
provider "google" {
project = "{{YOUR GCP PROJECT}}"
region = "us-central1"
zone = "us-central1-c"
}
```
* The `project` field should be your personal project id. The `project`
indicates the default GCP project all of your resources will be created in.
Most Terraform resources will have a `project` field.
* The `region` and `zone` are [locations](https://cloud.google.com/compute/docs/regions-zones/global-regional-zonal-resources)
for your resources to be created in.
* The `region` will be used to choose the default location for regional
resources. Regional resources are spread across several zones.
* The `zone` will be used to choose the default location for zonal resources.
Zonal resources exist in a single zone. All zones are a part of a region.
Not all resources require a location. Some GCP resources are global and are
automatically spread across all of GCP.
-> Want to try out another location? Check out the [list of available regions and zones](https://cloud.google.com/compute/docs/regions-zones/#available).
Instances created in zones outside the US are not part of the always free tier
and could incur charges.
## Creating a VM instance
A [Google Compute Engine VM instance](https://cloud.google.com/compute/docs/instances/) is
named `google_compute_instance` in Terraform. The `google` part of the name
identifies the provider for Terraform, `compute` indicates the GCP product
family, and `instance` is the resource name.
Google provider resources will generally, although not always, be named after
the name used in `gcloud`/the REST API. For example, a VM instance is called
[`instance` in the API](https://cloud.google.com/compute/docs/reference/rest/v1/instances).
Most resource field names will also correspond 1:1 with their `gcloud`/REST API
names.
If you look at the [`google_compute_instance documentation`](/docs/providers/google/r/compute_instance.html),
you'll see that `project` and `zone` (VM instances are a zonal resource) are
listed as optional. When present in a resource's config block, these values will
be used. If omitted, the provider defaults will be used instead.
Add the following to your config file:
```hcl
resource "google_compute_instance" "vm_instance" {
name = "terraform-instance"
machine_type = "f1-micro"
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
network_interface {
# A default network is created for all GCP projects
network = "default"
access_config = {
}
}
}
```
~> Note: Don't use `terraform apply` quite yet! You still need to add GCP
credentials. If you want to try out provisioning your VM instance before
continuing, follow the instructions in the "Adding credentials" section below.
## Linking GCP resources
Like this VM instance, nearly every GCP resource will have a `name` field. They
are used as a short way to identify resources, and a resource's display name in
the Cloud Console will be the one defined in the `name` field.
When linking resources in a Terraform config though, you'll primarily want to
use a different field, the `self_link` of a resource. Like `name`, nearly every
resource has a `self_link`. They look like:
```
{{API base url}}/projects/{{your project}}/{{location type}}/{{location}}/{{resource type}}/{{name}}
```
For example, the instance defined earlier in a project named `foo` will have
the `self_link`:
```
https://www.googleapis.com/compute/v1/projects/foo/zones/us-central1-c/instances/terraform-instance
```
A resource's `self_link` is a unique reference to that resource. When
linking two resources in Terraform, you can use Terraform interpolation to
avoid typing out the self link! Let's use a `google_compute_network` to
demonstrate.
Add this block to your config:
```hcl
resource "google_compute_network" "vpc_network" {
name = "terraform-network"
auto_create_subnetworks = "true"
}
```
This will create [VPC network resource](/docs/providers/google/r/compute_network.html)
with a subnetwork in each region. Next, change the network of the
`google_compute_instance` from the `"default"` network to the new network.
```diff
network_interface {
- # A default network is created for all GCP projects
- network = "default"
+ network = "${google_compute_network.vpc_network.self_link}"
access_config = {
```
This means that when we create the VM instance, it will use
`"terraform-network"` instead of the default VPC network for the project. If you
run `terraform plan`, you will see that `"terraform-instance"` depends on
`"terraform-network"`.
Your configuration is complete. Before you can run `terraform apply` though,
Terraform needs GCP credentials.
## Adding credentials
In order to make requests against the GCP API, you need to authenticate to prove
that it's you making the request. The preferred method of provisioning resources
with Terraform is to use a [GCP service account](https://cloud.google.com/docs/authentication/getting-started),
a "robot account" that can be granted a limited set of IAM permissions.
From [the service account key page in the Cloud Console](https://pantheon.corp.google.com/apis/credentials/serviceaccountkey)
choose an existing account, or create a new one. Next, download the JSON key
file. Name it something you can remember, and store it somewhere secure on your
machine.
You supply the key to Terraform using the environment variable
`GOOGLE_CLOUD_KEYFILE_JSON`, setting the value to the location of the file.
```bash
export GOOGLE_CLOUD_KEYFILE_JSON={{path}}
```
-> Remember to add this line to a startup file such as `bash_profile` or
`bashrc` to store your credentials across sessions!
## Provisioning your resources
By now, your config will look something like:
```hcl
provider "google" {
project = "{{YOUR GCP PROJECT}}"
region = "us-central1"
zone = "us-central1-c"
}
resource "google_compute_instance" "vm_instance" {
name = "terraform-instance"
machine_type = "f1-micro"
boot_disk {
initialize_params {
image = "debian-cloud/debian-9"
}
}
network_interface {
# A default network is created for all GCP projects
network = "${google_compute_network.vpc_network.self_link}"
access_config = {
}
}
}
resource "google_compute_network" "vpc_network" {
name = "terraform-network"
auto_create_subnetworks = "true"
}
```
With a Terraform config and with your credentials configured, it's time to
provision your resources:
```hcl
terraform apply
```
Congratulations! You've gotten started using the Google provider and provisioned
a virtual machine on Google Cloud Platform. The key concepts unique to GCP are:
* How a `project` contains resources
* and how to use a default `project` in your provider
* What a resource being global, regional, or zonal means on GCP
* and how to specify a default `region` and `zone`
* How GCP uses `name` and `self_link` to identify resources
* How to add GCP service account credentials to Terraform
Run `terraform destroy` to tear down your resources.
Afterwards, check out the [provider reference](/docs/providers/google/provider_reference.html) for more details on configuring
the provider block (including how you can eliminate it entirely!).
You can also check out the [GCP Community tutorials](https://cloud.google.com/community/tutorials/)
such as:
* [Getting started with Terraform on Google Cloud Platform](https://cloud.google.com/community/tutorials/getting-started-on-gcp-with-terraform)
* [Managing GCP Projects with Terraform](https://cloud.google.com/community/tutorials/managing-gcp-projects-with-terraform)
* [Modular Load Balancing with Terraform](https://cloud.google.com/community/tutorials/modular-load-balancing-with-terraform)

143
website/docs/index.html.markdown
View File

@ -1,108 +1,103 @@
---
layout: "google"
page_title: "Provider: Google Cloud"
sidebar_current: "docs-google-index"
page_title: "Provider: Google Cloud Platform"
sidebar_current: "docs-google-provider-x"
description: |-
The Google Cloud provider is used to interact with Google Cloud services. The provider needs to be configured with the proper credentials before it can be used.
The Google provider is used to configure your Google Cloud Platform infrastructure
---
# Google Cloud Provider
# Google Cloud Platform Provider
The Google Cloud provider is used to interact with
[Google Cloud services](https://cloud.google.com/). The provider needs
to be configured with the proper credentials before it can be used.
The Google provider is used to configure your [Google Cloud Platform](https://cloud.google.com/) infrastructure.
See the [Getting Started](/docs/providers/google/getting_started.html) page for an introduction to using the provider.
Use the navigation to the left to read about the available resources.
## Example Usage
A typical provider configuration will look something like:
```hcl
// Configure the Google Cloud provider
provider "google" {
credentials = "${file("account.json")}"
project = "my-gce-project-id"
project = "my-project-id"
region = "us-central1"
}
// Create a new instance
resource "google_compute_instance" "default" {
# ...
}
```
## Configuration Reference
See the [provider reference](/docs/providers/google/provider_reference.html)
for more details on authenticating or otherwise configuring the provider.
The following keys can be used to configure the provider.
Interested in the provider's latest features, or want to make sure you're up to date?
Check out the [changelog](https://github.com/terraform-providers/terraform-provider-google/blob/master/CHANGELOG.md)
for version information and release notes.
* `credentials` - (Optional) Contents of a file that contains your service
account private key in JSON format. You can download your existing
[Google Cloud service account file]
from the Google Cloud Console, or you can create a new one from the same page.
Take advantage of [Modules](https://www.terraform.io/docs/modules/index.html)
to simplify your config by browsing the [Module Registry for GCP modules](https://registry.terraform.io/browse?provider=google).
Credentials can also be specified using any of the following environment
variables (listed in order of precedence):
The Google provider is jointly maintained by:
* `GOOGLE_CREDENTIALS`
* `GOOGLE_CLOUD_KEYFILE_JSON`
* `GCLOUD_KEYFILE_JSON`
* The [Google Cloud Graphite Team](https://cloudplatform.googleblog.com/2017/03/partnering-on-open-source-Google-and-HashiCorp-engineers-on-managing-GCP-infrastructure.html) at Google
* The Terraform team at [HashiCorp](https://www.hashicorp.com/)
The [`GOOGLE_APPLICATION_CREDENTIALS`][adc]
environment variable can also contain the path of a file to obtain credentials
from.
If you have configuration questions, or general questions about using the provider, try checking out:
If no credentials are specified, the provider will fall back to using the
[Google Application Default Credentials][adc].
If you are running Terraform from a GCE instance, see [Creating and Enabling
Service Accounts for Instances][gce-service-account] for details.
* The [Google Cloud Platform Community Slack](https://gcp-slack.appspot.com/) #terraform channel
* [Terraform's community resources](https://www.terraform.io/docs/extend/community/index.html)
* [HashiCorp support](https://support.hashicorp.com) for Terraform Enterprise customers
On your computer, if you have made your identity available as the
Application Default Credentials by running [`gcloud auth application-default
login`][gcloud adc], the provider will use your identity.
## Features and Bug Requests
~> **Warning:** The gcloud method is not guaranteed to work for all APIs, and
[service accounts] or [GCE metadata] should be used if possible.
The Google provider's bugs and feature requests can be found in the [GitHub repo issues](https://github.com/terraform-providers/terraform-provider-google/issues).
Please avoid "me too" or "+1" comments. Instead, use a thumbs up [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/)
on enhancement requests. Provider maintainers will often prioritize work based on the
number of thumbs on an issue.
* `project` - (Optional) The ID of the project to apply any resources to. This
can also be specified using any of the following environment variables (listed
in order of precedence):
Community input is appreciated on outstanding issues! We love to hear what use
cases you have for new features, and want to provide the best possible
experience for you using the Google provider.
* `GOOGLE_PROJECT`
* `GOOGLE_CLOUD_PROJECT`
* `GCLOUD_PROJECT`
* `CLOUDSDK_CORE_PROJECT`
If you have a bug or feature request without an existing issue
* `region` - (Optional) The region to operate under, if not specified by a given resource.
This can also be specified using any of the following environment variables (listed in order of
precedence):
* and an existing resource or field is working in an unexpected way, [file a bug](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=bug.md).
* `GOOGLE_REGION`
* `GCLOUD_REGION`
* `CLOUDSDK_COMPUTE_REGION`
* and you'd like the provider to support a new resource or field, [file an enhancement/feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md).
* `zone` - (Optional) The zone to operate under, if not specified by a given resource.
This can also be specified using any of the following environment variables (listed in order of
precedence):
The provider maintainers will often use the assignee field on an issue to mark
who is working on it.
* `GOOGLE_ZONE`
* `GCLOUD_ZONE`
* `CLOUDSDK_COMPUTE_ZONE`
* An issue assigned to an individual maintainer indicates that maintainer is working
on the issue
* An issue assigned to the `modular-magician` indicates the feature is being
autogenerated by [Magic Modules](https://github.com/GoogleCloudPlatform/magic-modules)
in the immediate future, so direct contributions to that resource are discouraged.
* An issue assigned to `hashibot` indicates a member of the community has taken on
the issue!
## Contributing
## Beta Features
If you'd like to help extend the Google provider, we gladly accept community
contributions! Check out the [provider README](https://github.com/terraform-providers/terraform-provider-google)
for instructions about getting started developing, the [HashiCorp contribution guidelines](https://github.com/hashicorp/terraform/blob/master/.github/CONTRIBUTING.md)
for a Terraform provider development overview, and the [Google provider contribution guidelines](https://github.com/terraform-providers/terraform-provider-google/blob/master/.github/CONTRIBUTING.md)
for our provider-specific advice.
Some Google Provider resources contain Beta features; Beta GCP Features have no
## GCP API Versions
The Google provider supports generally available (GA) and Beta GCP features. We
are focusing on filling out general GA feature coverage and on adding support
for beta features that customers request. So if you need us to support a feature
whether GA or beta, please [file a feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md)!
If you're interested in using Alpha GCP features, you should still [file a feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md)
or thumbs up [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/)
the existing request if one exists. By filing and reacting to requests, we can
gauge your interest in yet-to-be-supported GCP features and make sure that we
prioritize support for them when they enter Beta.
### Beta Features
Some resources contain Beta features; Beta GCP Features have no
deprecation policy, and no SLA, but are otherwise considered to be feature-complete
with only minor outstanding issues after their Alpha period. Beta is when a GCP feature
is publicly announced, and is when they generally become publicly available. For
more information see [the official documentation](https://cloud.google.com/terms/launch-stages).
with only minor outstanding issues after their Alpha period. Beta is when GCP
features are publicly announced, and is when they generally become publicly
available. For more information see [the official documentation on GCP launch stages](https://cloud.google.com/terms/launch-stages).
Terraform resources that support beta features will always use the Beta APIs to provision
the resource. Importing a resource that supports beta features will always import those
features, even if the resource was created in a matter that was not explicitly beta.
[Google Cloud service account file]: https://console.cloud.google.com/apis/credentials/serviceaccountkey
[adc]: https://cloud.google.com/docs/authentication/production
[gce-service-account]: https://cloud.google.com/compute/docs/authentication
[gcloud adc]: https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login
[service accounts]: https://cloud.google.com/docs/authentication/getting-started
[GCE metadata]: https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions
Terraform resources that support Beta features will always use the Beta APIs to provision
the resource. Importing a resource that supports Beta features will always import those
features, even if the resource was created in a matter that was not explicitly Beta.

95
website/docs/provider_reference.html.markdown Normal file
View File

@ -0,0 +1,95 @@
---
layout: "google"
page_title: "google provider reference"
sidebar_current: "docs-google-provider-reference"
description: |-
The Google provider is used to configure your GCP project, location, and creds
---
# `google` provider reference
The `google` provider block is used to configure default values for your GCP
project and location (`zone` and `region`), and add your credentials.
-> You can avoid using a provider block by using environment variables. Every
field of the `google` provider is optional. If you want to share configs between
environments and deploy to different projects, try it out!
## Example Usage
```hcl
provider "google" {
credentials = "${file("account.json")}"
project = "my-project-id"
region = "us-central1"
zone = "us-central1-c"
}
```
## Configuration Reference
The following keys can be used to configure the provider.
* `credentials` - (Optional) The path or contents of a file that contains your
service account private key in JSON format. You can download your existing
[Google Cloud service account file] from the Google Cloud Console, or you can
create a new one from the same page.
Credentials can also be specified using any of the following environment
variables (listed in order of precedence):
* `GOOGLE_CREDENTIALS`
* `GOOGLE_CLOUD_KEYFILE_JSON`
* `GCLOUD_KEYFILE_JSON`
The [`GOOGLE_APPLICATION_CREDENTIALS`][adc]
environment variable can also contain the path of a file to obtain credentials
from.
If no credentials are specified, the provider will fall back to using the
[Google Application Default Credentials][adc].
If you are running Terraform from a GCE instance, see [Creating and Enabling
Service Accounts for Instances][gce-service-account] for details.
On your computer, if you have made your identity available as the
Application Default Credentials by running [`gcloud auth application-default
login`][gcloud adc], the provider will use your identity.
-> [Service accounts][service accounts] are the recommended way
to manage GCP credentials. [GCE metadata] is also acceptable, although it can
only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions).
Credentials obtained through `gcloud` are not guaranteed to work for all APIs.
* `project` - (Optional) The ID of the project to apply any resources to. This
can also be specified using any of the following environment variables (listed
in order of precedence):
* `GOOGLE_PROJECT`
* `GOOGLE_CLOUD_PROJECT`
* `GCLOUD_PROJECT`
* `CLOUDSDK_CORE_PROJECT`
-> `GOOGLE_PROJECT` is the recommended environment variable to use if
you choose to add your project using environment variables.
* `region` - (Optional) The region to operate under, if not specified by a given resource.
This can also be specified using any of the following environment variables (listed in order of
precedence):
* `GOOGLE_REGION`
* `GCLOUD_REGION`
* `CLOUDSDK_COMPUTE_REGION`
* `zone` - (Optional) The zone to operate under, if not specified by a given resource.
This can also be specified using any of the following environment variables (listed in order of
precedence):
* `GOOGLE_ZONE`
* `GCLOUD_ZONE`
* `CLOUDSDK_COMPUTE_ZONE`
[Google Cloud service account file]: https://console.cloud.google.com/apis/credentials/serviceaccountkey
[adc]: https://cloud.google.com/docs/authentication/production
[gce-service-account]: https://cloud.google.com/compute/docs/authentication
[gcloud adc]: https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login
[service accounts]: https://cloud.google.com/docs/authentication/getting-started
[GCE metadata]: https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions

15
website/google.erb
View File

@ -6,8 +6,19 @@
<a href="/docs/providers/index.html">All Providers</a>
</li>
<li<%= sidebar_current("docs-google-index") %>>
<a href="/docs/providers/google/index.html">Google Provider</a>
<li<%= sidebar_current("docs-google-provider") %>>
<a href="/docs/providers/google/index.html">Google Provider</a>
<ul class="nav nav-visible">
<li<%= sidebar_current("docs-google-provider-x") %>>
<a href="/docs/providers/google/index.html">Provider Info</a>
</li>
<li<%= sidebar_current("docs-google-provider-getting-started") %>>
<a href="/docs/providers/google/getting_started.html">Getting Started</a>
</li>
<li<%= sidebar_current("docs-google-provider-reference") %>>
<a href="/docs/providers/google/provider_reference.html">google provider reference</a>
</li>
</ul>
</li>
<li<%= sidebar_current("docs-google-datasource") %>>