Table of Contents generated with DocToc
Install Terraform by tapping into the Terraform keg and installing the CLI via brew:
brew tap hashicorp/tap
brew install hashicorp/tap/terraformFor more up-to-date information, visit the Terraform docs on this subject.
Follow these instructions to set up Google Cloud Platform:
-
- Select the project you created in the previous step.
- Click "Create Service Account".
- Give it any name you like and click "Create".
- For the Role, choose "Project -> Editor", then click "Continue".
- Add the "Security Account Admin" role so that it can create service accounts.
- Skip granting additional users access, and click "Done".
After you create your service account, download your service account key.
- Select your service account from the list.
- Select the "Keys" tab.
- In the drop down menu, select "Create new key".
- Leave the "Key Type" as JSON.
- Click "Create" to create the key and save the key file to your system.
For more up-to-date information, visit the Terraform docs on this subject.
Create a terraform.tfvars file in this directory. Then, fill it with the following variables with their appropriate values:
project_id: this value is your GCP project idcredentials_file: this is the path to the service account key credentials file created abovedeposit_request: request that will be sent to Coinbase to deposit fundspurchase_orders: although the config provides a default purchase, you're encouraged to update this as wellcoinbase_api_key: this is the API key for your Coinbase accountcoinbase_secret_key: this is the secret key for your Coinbase accounttelegram_bot_token: this is the token for your Telegram bottelegram_chat_id: this is the chat id for your Telegram bot`
Example:
credentials_file = "/path/to/your/credentials/file"
project_id = "your-unique-gcp-project-id"Visit the variable configuration file to view other values that can be overridden.
Before running Terraform, you must initialize the directory:
terraform initThen, you can optionally confirm that the configuration is valid:
terraform validateOptionally, you can also view what infrastructure changes the Terraform configuration will apply:
terraform planFinally, to apply the Terraform configuration run the following:
terraform applyIf you want to revert your changes simply destroy the created resources:
terraform destroySee official docs for installation instructions.
Usage:
tfsec . --tfvars-file variables.tfThe Terraform config attempts to enable the required APIs, but if that doesn't work follow the descriptive errors when attempting to plan/apply the infrastructure.
If you have the gcloud CLI installed and set to the target project id (gcloud config set <PROJECT_ID>),
you can enable the required APIs with the following commands:
gcloud services enable artifactregistry.googleapis.com
gcloud services enable cloudfunctions.googleapis.com
gcloud services enable cloudresourcemanager.googleapis.com
gcloud services enable cloudscheduler.googleapis.com
gcloud services enable iam.googleapis.com
gcloud services enable pubsub.googleapis.co
gcloud services enable secretmanager.googleapis.comFull error:
Attempted to load application default credentials since neither
credentialsnoraccess_tokenwas set in the provider block
This issue may happen because you have Google credentials already configured.
If that is the case, then the solution may be to unset the GOOGLE_APPLICATION_CREDENTIALS environment variable.
- Update providers to latest versions
- Provision the
Secret Manager Secret Accessorrole to the${var.project_id}@appspot.gserviceaccount.comservice account - Divest from having to use the credentials file -- define all resources in Terraform