Integrate Google Cloud using Terraform

Before you begin

• Use Terraform v0.13 or later.

• Install gcloud CLI on your workstation

• To verify that you fulfilled these prerequisites, run the command in your terminal: gcloud version && terraform init && terraform --version

Procedure

1. Create a directory for the Terraform file of your Google Cloud Platform project.

2. At your gcloud CLI, run the command: gcloud config set project <PROJECT_NAME>

3. In Firefly, select Settings > Integrations > + Add New > Google Cloud > Terraform.

4. Copy the details created by the wizard, and paste them in the file.

5. Run the terraform init command in the directory that contains the provided code.

6. Run the terraform apply command.

Discovering multiple projects in this integration

Use the same service account key to simultaneously integrate multiple Google Cloud projects.

Procedure

1. Log in to the Google Cloud console.

2. Select IAM & Admin > Service Accounts.

3. Copy the principal of the Service account you created in "Creating a service account" (associated email address).

4. Select a resource - the desired project you would like to integrate or the organization if you want Firefly to discover all the projects in your organization.

5. Select IAM > GRANT ACCESS.

6. In the New principals field, paste the principal you copied in step 3.

7. In the role field, select the following roles and SAVE:

   • roles/iam.securityReviewer

   • roles/storage.objectViewer (conditional to tfstate suffix)

   • roles/viewer

   • roles/logging.configWriter

• To exclude projects under this service account, enter the rules in the Regex rules field.

• Make sure the APIs in the list Enabling APIs is enabled for all projects you integrated.