mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-02 00:31:04 +00:00
Introduce a new Google provider landing page, complementary pages. (#2065)
* Introduce a new Google provider landing page, complementary pages. * Review fixes. * Link community tutorials, modules. * Review comments pt 2. * Review comments 3. Prioritize and tone. * Review comments 3.1. Then -> Next. * Paddy review comments. * Review comments.
This commit is contained in:
parent
14bac81a71
commit
c6ceb36ec7
230
website/docs/getting_started.html.markdown
Normal file
230
website/docs/getting_started.html.markdown
Normal file
@ -0,0 +1,230 @@
|
|||||||
|
---
|
||||||
|
layout: "google"
|
||||||
|
page_title: "Getting Started with the Google provider"
|
||||||
|
sidebar_current: "docs-google-provider-getting-started"
|
||||||
|
description: |-
|
||||||
|
Getting started with the Google Cloud Platform provider
|
||||||
|
---
|
||||||
|
|
||||||
|
# Getting Started with the Google Provider
|
||||||
|
|
||||||
|
## Before you begin
|
||||||
|
|
||||||
|
* Create a project in the [Google Cloud Console](https://console.cloud.google.com/)
|
||||||
|
and set up billing on that project. Any examples in this guide will be part of
|
||||||
|
the [GCP "always free" tier](https://cloud.google.com/free/).
|
||||||
|
* [Install Terraform](https://www.terraform.io/intro/getting-started/install.html)
|
||||||
|
and read the Terraform getting started guide that follows. This guide will
|
||||||
|
assume basic proficiency with Terraform - it is an introduction to the Google
|
||||||
|
provider.
|
||||||
|
|
||||||
|
## Configuring the Provider
|
||||||
|
|
||||||
|
First create a Terraform config file named `"main.tf"`. Inside, you'll
|
||||||
|
want to include the following configuration:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
provider "google" {
|
||||||
|
project = "{{YOUR GCP PROJECT}}"
|
||||||
|
region = "us-central1"
|
||||||
|
zone = "us-central1-c"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
* The `project` field should be your personal project id. The `project`
|
||||||
|
indicates the default GCP project all of your resources will be created in.
|
||||||
|
Most Terraform resources will have a `project` field.
|
||||||
|
* The `region` and `zone` are [locations](https://cloud.google.com/compute/docs/regions-zones/global-regional-zonal-resources)
|
||||||
|
for your resources to be created in.
|
||||||
|
* The `region` will be used to choose the default location for regional
|
||||||
|
resources. Regional resources are spread across several zones.
|
||||||
|
* The `zone` will be used to choose the default location for zonal resources.
|
||||||
|
Zonal resources exist in a single zone. All zones are a part of a region.
|
||||||
|
|
||||||
|
Not all resources require a location. Some GCP resources are global and are
|
||||||
|
automatically spread across all of GCP.
|
||||||
|
|
||||||
|
-> Want to try out another location? Check out the [list of available regions and zones](https://cloud.google.com/compute/docs/regions-zones/#available).
|
||||||
|
Instances created in zones outside the US are not part of the always free tier
|
||||||
|
and could incur charges.
|
||||||
|
|
||||||
|
## Creating a VM instance
|
||||||
|
A [Google Compute Engine VM instance](https://cloud.google.com/compute/docs/instances/) is
|
||||||
|
named `google_compute_instance` in Terraform. The `google` part of the name
|
||||||
|
identifies the provider for Terraform, `compute` indicates the GCP product
|
||||||
|
family, and `instance` is the resource name.
|
||||||
|
|
||||||
|
Google provider resources will generally, although not always, be named after
|
||||||
|
the name used in `gcloud`/the REST API. For example, a VM instance is called
|
||||||
|
[`instance` in the API](https://cloud.google.com/compute/docs/reference/rest/v1/instances).
|
||||||
|
Most resource field names will also correspond 1:1 with their `gcloud`/REST API
|
||||||
|
names.
|
||||||
|
|
||||||
|
If you look at the [`google_compute_instance documentation`](/docs/providers/google/r/compute_instance.html),
|
||||||
|
you'll see that `project` and `zone` (VM instances are a zonal resource) are
|
||||||
|
listed as optional. When present in a resource's config block, these values will
|
||||||
|
be used. If omitted, the provider defaults will be used instead.
|
||||||
|
|
||||||
|
Add the following to your config file:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
resource "google_compute_instance" "vm_instance" {
|
||||||
|
name = "terraform-instance"
|
||||||
|
machine_type = "f1-micro"
|
||||||
|
|
||||||
|
boot_disk {
|
||||||
|
initialize_params {
|
||||||
|
image = "debian-cloud/debian-9"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
network_interface {
|
||||||
|
# A default network is created for all GCP projects
|
||||||
|
network = "default"
|
||||||
|
access_config = {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
~> Note: Don't use `terraform apply` quite yet! You still need to add GCP
|
||||||
|
credentials. If you want to try out provisioning your VM instance before
|
||||||
|
continuing, follow the instructions in the "Adding credentials" section below.
|
||||||
|
|
||||||
|
## Linking GCP resources
|
||||||
|
|
||||||
|
Like this VM instance, nearly every GCP resource will have a `name` field. They
|
||||||
|
are used as a short way to identify resources, and a resource's display name in
|
||||||
|
the Cloud Console will be the one defined in the `name` field.
|
||||||
|
|
||||||
|
When linking resources in a Terraform config though, you'll primarily want to
|
||||||
|
use a different field, the `self_link` of a resource. Like `name`, nearly every
|
||||||
|
resource has a `self_link`. They look like:
|
||||||
|
|
||||||
|
```
|
||||||
|
{{API base url}}/projects/{{your project}}/{{location type}}/{{location}}/{{resource type}}/{{name}}
|
||||||
|
```
|
||||||
|
|
||||||
|
For example, the instance defined earlier in a project named `foo` will have
|
||||||
|
the `self_link`:
|
||||||
|
|
||||||
|
```
|
||||||
|
https://www.googleapis.com/compute/v1/projects/foo/zones/us-central1-c/instances/terraform-instance
|
||||||
|
```
|
||||||
|
|
||||||
|
A resource's `self_link` is a unique reference to that resource. When
|
||||||
|
linking two resources in Terraform, you can use Terraform interpolation to
|
||||||
|
avoid typing out the self link! Let's use a `google_compute_network` to
|
||||||
|
demonstrate.
|
||||||
|
|
||||||
|
Add this block to your config:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
resource "google_compute_network" "vpc_network" {
|
||||||
|
name = "terraform-network"
|
||||||
|
auto_create_subnetworks = "true"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
This will create [VPC network resource](/docs/providers/google/r/compute_network.html)
|
||||||
|
with a subnetwork in each region. Next, change the network of the
|
||||||
|
`google_compute_instance` from the `"default"` network to the new network.
|
||||||
|
|
||||||
|
```diff
|
||||||
|
network_interface {
|
||||||
|
- # A default network is created for all GCP projects
|
||||||
|
- network = "default"
|
||||||
|
+ network = "${google_compute_network.vpc_network.self_link}"
|
||||||
|
access_config = {
|
||||||
|
```
|
||||||
|
|
||||||
|
This means that when we create the VM instance, it will use
|
||||||
|
`"terraform-network"` instead of the default VPC network for the project. If you
|
||||||
|
run `terraform plan`, you will see that `"terraform-instance"` depends on
|
||||||
|
`"terraform-network"`.
|
||||||
|
|
||||||
|
Your configuration is complete. Before you can run `terraform apply` though,
|
||||||
|
Terraform needs GCP credentials.
|
||||||
|
|
||||||
|
## Adding credentials
|
||||||
|
In order to make requests against the GCP API, you need to authenticate to prove
|
||||||
|
that it's you making the request. The preferred method of provisioning resources
|
||||||
|
with Terraform is to use a [GCP service account](https://cloud.google.com/docs/authentication/getting-started),
|
||||||
|
a "robot account" that can be granted a limited set of IAM permissions.
|
||||||
|
|
||||||
|
From [the service account key page in the Cloud Console](https://pantheon.corp.google.com/apis/credentials/serviceaccountkey)
|
||||||
|
choose an existing account, or create a new one. Next, download the JSON key
|
||||||
|
file. Name it something you can remember, and store it somewhere secure on your
|
||||||
|
machine.
|
||||||
|
|
||||||
|
You supply the key to Terraform using the environment variable
|
||||||
|
`GOOGLE_CLOUD_KEYFILE_JSON`, setting the value to the location of the file.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
export GOOGLE_CLOUD_KEYFILE_JSON={{path}}
|
||||||
|
```
|
||||||
|
|
||||||
|
-> Remember to add this line to a startup file such as `bash_profile` or
|
||||||
|
`bashrc` to store your credentials across sessions!
|
||||||
|
|
||||||
|
## Provisioning your resources
|
||||||
|
By now, your config will look something like:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
provider "google" {
|
||||||
|
project = "{{YOUR GCP PROJECT}}"
|
||||||
|
region = "us-central1"
|
||||||
|
zone = "us-central1-c"
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_compute_instance" "vm_instance" {
|
||||||
|
name = "terraform-instance"
|
||||||
|
machine_type = "f1-micro"
|
||||||
|
|
||||||
|
boot_disk {
|
||||||
|
initialize_params {
|
||||||
|
image = "debian-cloud/debian-9"
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
network_interface {
|
||||||
|
# A default network is created for all GCP projects
|
||||||
|
network = "${google_compute_network.vpc_network.self_link}"
|
||||||
|
access_config = {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
resource "google_compute_network" "vpc_network" {
|
||||||
|
name = "terraform-network"
|
||||||
|
auto_create_subnetworks = "true"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
With a Terraform config and with your credentials configured, it's time to
|
||||||
|
provision your resources:
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
terraform apply
|
||||||
|
```
|
||||||
|
|
||||||
|
Congratulations! You've gotten started using the Google provider and provisioned
|
||||||
|
a virtual machine on Google Cloud Platform. The key concepts unique to GCP are:
|
||||||
|
|
||||||
|
* How a `project` contains resources
|
||||||
|
* and how to use a default `project` in your provider
|
||||||
|
* What a resource being global, regional, or zonal means on GCP
|
||||||
|
* and how to specify a default `region` and `zone`
|
||||||
|
* How GCP uses `name` and `self_link` to identify resources
|
||||||
|
* How to add GCP service account credentials to Terraform
|
||||||
|
|
||||||
|
Run `terraform destroy` to tear down your resources.
|
||||||
|
|
||||||
|
Afterwards, check out the [provider reference](/docs/providers/google/provider_reference.html) for more details on configuring
|
||||||
|
the provider block (including how you can eliminate it entirely!).
|
||||||
|
|
||||||
|
You can also check out the [GCP Community tutorials](https://cloud.google.com/community/tutorials/)
|
||||||
|
such as:
|
||||||
|
* [Getting started with Terraform on Google Cloud Platform](https://cloud.google.com/community/tutorials/getting-started-on-gcp-with-terraform)
|
||||||
|
* [Managing GCP Projects with Terraform](https://cloud.google.com/community/tutorials/managing-gcp-projects-with-terraform)
|
||||||
|
* [Modular Load Balancing with Terraform](https://cloud.google.com/community/tutorials/modular-load-balancing-with-terraform)
|
@ -1,108 +1,103 @@
|
|||||||
---
|
---
|
||||||
layout: "google"
|
layout: "google"
|
||||||
page_title: "Provider: Google Cloud"
|
page_title: "Provider: Google Cloud Platform"
|
||||||
sidebar_current: "docs-google-index"
|
sidebar_current: "docs-google-provider-x"
|
||||||
description: |-
|
description: |-
|
||||||
The Google Cloud provider is used to interact with Google Cloud services. The provider needs to be configured with the proper credentials before it can be used.
|
The Google provider is used to configure your Google Cloud Platform infrastructure
|
||||||
---
|
---
|
||||||
|
|
||||||
# Google Cloud Provider
|
# Google Cloud Platform Provider
|
||||||
|
|
||||||
The Google Cloud provider is used to interact with
|
The Google provider is used to configure your [Google Cloud Platform](https://cloud.google.com/) infrastructure.
|
||||||
[Google Cloud services](https://cloud.google.com/). The provider needs
|
See the [Getting Started](/docs/providers/google/getting_started.html) page for an introduction to using the provider.
|
||||||
to be configured with the proper credentials before it can be used.
|
|
||||||
|
|
||||||
Use the navigation to the left to read about the available resources.
|
A typical provider configuration will look something like:
|
||||||
|
|
||||||
## Example Usage
|
|
||||||
|
|
||||||
```hcl
|
```hcl
|
||||||
// Configure the Google Cloud provider
|
|
||||||
provider "google" {
|
provider "google" {
|
||||||
credentials = "${file("account.json")}"
|
credentials = "${file("account.json")}"
|
||||||
project = "my-gce-project-id"
|
project = "my-project-id"
|
||||||
region = "us-central1"
|
region = "us-central1"
|
||||||
}
|
}
|
||||||
|
|
||||||
// Create a new instance
|
|
||||||
resource "google_compute_instance" "default" {
|
|
||||||
# ...
|
|
||||||
}
|
|
||||||
```
|
```
|
||||||
|
|
||||||
## Configuration Reference
|
See the [provider reference](/docs/providers/google/provider_reference.html)
|
||||||
|
for more details on authenticating or otherwise configuring the provider.
|
||||||
|
|
||||||
The following keys can be used to configure the provider.
|
Interested in the provider's latest features, or want to make sure you're up to date?
|
||||||
|
Check out the [changelog](https://github.com/terraform-providers/terraform-provider-google/blob/master/CHANGELOG.md)
|
||||||
|
for version information and release notes.
|
||||||
|
|
||||||
* `credentials` - (Optional) Contents of a file that contains your service
|
Take advantage of [Modules](https://www.terraform.io/docs/modules/index.html)
|
||||||
account private key in JSON format. You can download your existing
|
to simplify your config by browsing the [Module Registry for GCP modules](https://registry.terraform.io/browse?provider=google).
|
||||||
[Google Cloud service account file]
|
|
||||||
from the Google Cloud Console, or you can create a new one from the same page.
|
|
||||||
|
|
||||||
Credentials can also be specified using any of the following environment
|
The Google provider is jointly maintained by:
|
||||||
variables (listed in order of precedence):
|
|
||||||
|
|
||||||
* `GOOGLE_CREDENTIALS`
|
* The [Google Cloud Graphite Team](https://cloudplatform.googleblog.com/2017/03/partnering-on-open-source-Google-and-HashiCorp-engineers-on-managing-GCP-infrastructure.html) at Google
|
||||||
* `GOOGLE_CLOUD_KEYFILE_JSON`
|
* The Terraform team at [HashiCorp](https://www.hashicorp.com/)
|
||||||
* `GCLOUD_KEYFILE_JSON`
|
|
||||||
|
|
||||||
The [`GOOGLE_APPLICATION_CREDENTIALS`][adc]
|
If you have configuration questions, or general questions about using the provider, try checking out:
|
||||||
environment variable can also contain the path of a file to obtain credentials
|
|
||||||
from.
|
|
||||||
|
|
||||||
If no credentials are specified, the provider will fall back to using the
|
* The [Google Cloud Platform Community Slack](https://gcp-slack.appspot.com/) #terraform channel
|
||||||
[Google Application Default Credentials][adc].
|
* [Terraform's community resources](https://www.terraform.io/docs/extend/community/index.html)
|
||||||
If you are running Terraform from a GCE instance, see [Creating and Enabling
|
* [HashiCorp support](https://support.hashicorp.com) for Terraform Enterprise customers
|
||||||
Service Accounts for Instances][gce-service-account] for details.
|
|
||||||
|
|
||||||
On your computer, if you have made your identity available as the
|
## Features and Bug Requests
|
||||||
Application Default Credentials by running [`gcloud auth application-default
|
|
||||||
login`][gcloud adc], the provider will use your identity.
|
|
||||||
|
|
||||||
~> **Warning:** The gcloud method is not guaranteed to work for all APIs, and
|
The Google provider's bugs and feature requests can be found in the [GitHub repo issues](https://github.com/terraform-providers/terraform-provider-google/issues).
|
||||||
[service accounts] or [GCE metadata] should be used if possible.
|
Please avoid "me too" or "+1" comments. Instead, use a thumbs up [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/)
|
||||||
|
on enhancement requests. Provider maintainers will often prioritize work based on the
|
||||||
|
number of thumbs on an issue.
|
||||||
|
|
||||||
* `project` - (Optional) The ID of the project to apply any resources to. This
|
Community input is appreciated on outstanding issues! We love to hear what use
|
||||||
can also be specified using any of the following environment variables (listed
|
cases you have for new features, and want to provide the best possible
|
||||||
in order of precedence):
|
experience for you using the Google provider.
|
||||||
|
|
||||||
* `GOOGLE_PROJECT`
|
If you have a bug or feature request without an existing issue
|
||||||
* `GOOGLE_CLOUD_PROJECT`
|
|
||||||
* `GCLOUD_PROJECT`
|
|
||||||
* `CLOUDSDK_CORE_PROJECT`
|
|
||||||
|
|
||||||
* `region` - (Optional) The region to operate under, if not specified by a given resource.
|
* and an existing resource or field is working in an unexpected way, [file a bug](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=bug.md).
|
||||||
This can also be specified using any of the following environment variables (listed in order of
|
|
||||||
precedence):
|
|
||||||
|
|
||||||
* `GOOGLE_REGION`
|
* and you'd like the provider to support a new resource or field, [file an enhancement/feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md).
|
||||||
* `GCLOUD_REGION`
|
|
||||||
* `CLOUDSDK_COMPUTE_REGION`
|
|
||||||
|
|
||||||
* `zone` - (Optional) The zone to operate under, if not specified by a given resource.
|
The provider maintainers will often use the assignee field on an issue to mark
|
||||||
This can also be specified using any of the following environment variables (listed in order of
|
who is working on it.
|
||||||
precedence):
|
|
||||||
|
|
||||||
* `GOOGLE_ZONE`
|
* An issue assigned to an individual maintainer indicates that maintainer is working
|
||||||
* `GCLOUD_ZONE`
|
on the issue
|
||||||
* `CLOUDSDK_COMPUTE_ZONE`
|
* An issue assigned to the `modular-magician` indicates the feature is being
|
||||||
|
autogenerated by [Magic Modules](https://github.com/GoogleCloudPlatform/magic-modules)
|
||||||
|
in the immediate future, so direct contributions to that resource are discouraged.
|
||||||
|
* An issue assigned to `hashibot` indicates a member of the community has taken on
|
||||||
|
the issue!
|
||||||
|
|
||||||
|
## Contributing
|
||||||
|
|
||||||
## Beta Features
|
If you'd like to help extend the Google provider, we gladly accept community
|
||||||
|
contributions! Check out the [provider README](https://github.com/terraform-providers/terraform-provider-google)
|
||||||
|
for instructions about getting started developing, the [HashiCorp contribution guidelines](https://github.com/hashicorp/terraform/blob/master/.github/CONTRIBUTING.md)
|
||||||
|
for a Terraform provider development overview, and the [Google provider contribution guidelines](https://github.com/terraform-providers/terraform-provider-google/blob/master/.github/CONTRIBUTING.md)
|
||||||
|
for our provider-specific advice.
|
||||||
|
|
||||||
Some Google Provider resources contain Beta features; Beta GCP Features have no
|
## GCP API Versions
|
||||||
|
|
||||||
|
The Google provider supports generally available (GA) and Beta GCP features. We
|
||||||
|
are focusing on filling out general GA feature coverage and on adding support
|
||||||
|
for beta features that customers request. So if you need us to support a feature
|
||||||
|
whether GA or beta, please [file a feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md)!
|
||||||
|
|
||||||
|
If you're interested in using Alpha GCP features, you should still [file a feature request](https://github.com/terraform-providers/terraform-provider-google/issues/new?template=enhancement.md)
|
||||||
|
or thumbs up [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/)
|
||||||
|
the existing request if one exists. By filing and reacting to requests, we can
|
||||||
|
gauge your interest in yet-to-be-supported GCP features and make sure that we
|
||||||
|
prioritize support for them when they enter Beta.
|
||||||
|
|
||||||
|
### Beta Features
|
||||||
|
Some resources contain Beta features; Beta GCP Features have no
|
||||||
deprecation policy, and no SLA, but are otherwise considered to be feature-complete
|
deprecation policy, and no SLA, but are otherwise considered to be feature-complete
|
||||||
with only minor outstanding issues after their Alpha period. Beta is when a GCP feature
|
with only minor outstanding issues after their Alpha period. Beta is when GCP
|
||||||
is publicly announced, and is when they generally become publicly available. For
|
features are publicly announced, and is when they generally become publicly
|
||||||
more information see [the official documentation](https://cloud.google.com/terms/launch-stages).
|
available. For more information see [the official documentation on GCP launch stages](https://cloud.google.com/terms/launch-stages).
|
||||||
|
|
||||||
Terraform resources that support beta features will always use the Beta APIs to provision
|
Terraform resources that support Beta features will always use the Beta APIs to provision
|
||||||
the resource. Importing a resource that supports beta features will always import those
|
the resource. Importing a resource that supports Beta features will always import those
|
||||||
features, even if the resource was created in a matter that was not explicitly beta.
|
features, even if the resource was created in a matter that was not explicitly Beta.
|
||||||
|
|
||||||
[Google Cloud service account file]: https://console.cloud.google.com/apis/credentials/serviceaccountkey
|
|
||||||
[adc]: https://cloud.google.com/docs/authentication/production
|
|
||||||
[gce-service-account]: https://cloud.google.com/compute/docs/authentication
|
|
||||||
[gcloud adc]: https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login
|
|
||||||
[service accounts]: https://cloud.google.com/docs/authentication/getting-started
|
|
||||||
[GCE metadata]: https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions
|
|
||||||
|
95
website/docs/provider_reference.html.markdown
Normal file
95
website/docs/provider_reference.html.markdown
Normal file
@ -0,0 +1,95 @@
|
|||||||
|
---
|
||||||
|
layout: "google"
|
||||||
|
page_title: "google provider reference"
|
||||||
|
sidebar_current: "docs-google-provider-reference"
|
||||||
|
description: |-
|
||||||
|
The Google provider is used to configure your GCP project, location, and creds
|
||||||
|
---
|
||||||
|
|
||||||
|
# `google` provider reference
|
||||||
|
The `google` provider block is used to configure default values for your GCP
|
||||||
|
project and location (`zone` and `region`), and add your credentials.
|
||||||
|
|
||||||
|
-> You can avoid using a provider block by using environment variables. Every
|
||||||
|
field of the `google` provider is optional. If you want to share configs between
|
||||||
|
environments and deploy to different projects, try it out!
|
||||||
|
|
||||||
|
## Example Usage
|
||||||
|
|
||||||
|
```hcl
|
||||||
|
provider "google" {
|
||||||
|
credentials = "${file("account.json")}"
|
||||||
|
project = "my-project-id"
|
||||||
|
region = "us-central1"
|
||||||
|
zone = "us-central1-c"
|
||||||
|
}
|
||||||
|
```
|
||||||
|
|
||||||
|
## Configuration Reference
|
||||||
|
|
||||||
|
The following keys can be used to configure the provider.
|
||||||
|
|
||||||
|
* `credentials` - (Optional) The path or contents of a file that contains your
|
||||||
|
service account private key in JSON format. You can download your existing
|
||||||
|
[Google Cloud service account file] from the Google Cloud Console, or you can
|
||||||
|
create a new one from the same page.
|
||||||
|
|
||||||
|
Credentials can also be specified using any of the following environment
|
||||||
|
variables (listed in order of precedence):
|
||||||
|
|
||||||
|
* `GOOGLE_CREDENTIALS`
|
||||||
|
* `GOOGLE_CLOUD_KEYFILE_JSON`
|
||||||
|
* `GCLOUD_KEYFILE_JSON`
|
||||||
|
|
||||||
|
The [`GOOGLE_APPLICATION_CREDENTIALS`][adc]
|
||||||
|
environment variable can also contain the path of a file to obtain credentials
|
||||||
|
from.
|
||||||
|
|
||||||
|
If no credentials are specified, the provider will fall back to using the
|
||||||
|
[Google Application Default Credentials][adc].
|
||||||
|
If you are running Terraform from a GCE instance, see [Creating and Enabling
|
||||||
|
Service Accounts for Instances][gce-service-account] for details.
|
||||||
|
|
||||||
|
On your computer, if you have made your identity available as the
|
||||||
|
Application Default Credentials by running [`gcloud auth application-default
|
||||||
|
login`][gcloud adc], the provider will use your identity.
|
||||||
|
|
||||||
|
-> [Service accounts][service accounts] are the recommended way
|
||||||
|
to manage GCP credentials. [GCE metadata] is also acceptable, although it can
|
||||||
|
only be used when running Terraform from within [certain GCP resources](https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions).
|
||||||
|
Credentials obtained through `gcloud` are not guaranteed to work for all APIs.
|
||||||
|
|
||||||
|
* `project` - (Optional) The ID of the project to apply any resources to. This
|
||||||
|
can also be specified using any of the following environment variables (listed
|
||||||
|
in order of precedence):
|
||||||
|
|
||||||
|
* `GOOGLE_PROJECT`
|
||||||
|
* `GOOGLE_CLOUD_PROJECT`
|
||||||
|
* `GCLOUD_PROJECT`
|
||||||
|
* `CLOUDSDK_CORE_PROJECT`
|
||||||
|
|
||||||
|
-> `GOOGLE_PROJECT` is the recommended environment variable to use if
|
||||||
|
you choose to add your project using environment variables.
|
||||||
|
|
||||||
|
* `region` - (Optional) The region to operate under, if not specified by a given resource.
|
||||||
|
This can also be specified using any of the following environment variables (listed in order of
|
||||||
|
precedence):
|
||||||
|
|
||||||
|
* `GOOGLE_REGION`
|
||||||
|
* `GCLOUD_REGION`
|
||||||
|
* `CLOUDSDK_COMPUTE_REGION`
|
||||||
|
|
||||||
|
* `zone` - (Optional) The zone to operate under, if not specified by a given resource.
|
||||||
|
This can also be specified using any of the following environment variables (listed in order of
|
||||||
|
precedence):
|
||||||
|
|
||||||
|
* `GOOGLE_ZONE`
|
||||||
|
* `GCLOUD_ZONE`
|
||||||
|
* `CLOUDSDK_COMPUTE_ZONE`
|
||||||
|
|
||||||
|
[Google Cloud service account file]: https://console.cloud.google.com/apis/credentials/serviceaccountkey
|
||||||
|
[adc]: https://cloud.google.com/docs/authentication/production
|
||||||
|
[gce-service-account]: https://cloud.google.com/compute/docs/authentication
|
||||||
|
[gcloud adc]: https://cloud.google.com/sdk/gcloud/reference/auth/application-default/login
|
||||||
|
[service accounts]: https://cloud.google.com/docs/authentication/getting-started
|
||||||
|
[GCE metadata]: https://cloud.google.com/docs/authentication/production#obtaining_credentials_on_compute_engine_kubernetes_engine_app_engine_flexible_environment_and_cloud_functions
|
@ -6,8 +6,19 @@
|
|||||||
<a href="/docs/providers/index.html">All Providers</a>
|
<a href="/docs/providers/index.html">All Providers</a>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li<%= sidebar_current("docs-google-index") %>>
|
<li<%= sidebar_current("docs-google-provider") %>>
|
||||||
<a href="/docs/providers/google/index.html">Google Provider</a>
|
<a href="/docs/providers/google/index.html">Google Provider</a>
|
||||||
|
<ul class="nav nav-visible">
|
||||||
|
<li<%= sidebar_current("docs-google-provider-x") %>>
|
||||||
|
<a href="/docs/providers/google/index.html">Provider Info</a>
|
||||||
|
</li>
|
||||||
|
<li<%= sidebar_current("docs-google-provider-getting-started") %>>
|
||||||
|
<a href="/docs/providers/google/getting_started.html">Getting Started</a>
|
||||||
|
</li>
|
||||||
|
<li<%= sidebar_current("docs-google-provider-reference") %>>
|
||||||
|
<a href="/docs/providers/google/provider_reference.html">google provider reference</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
</li>
|
</li>
|
||||||
|
|
||||||
<li<%= sidebar_current("docs-google-datasource") %>>
|
<li<%= sidebar_current("docs-google-datasource") %>>
|
||||||
|
Loading…
Reference in New Issue
Block a user