Start with Terraform#

The set of files used to describe infrastructure in Terraform is known as a Terraform configuration. Your git repository contains a starter configuration in the base directory. This lab will take you through te process of connecting a service account with Terraform so you can make cloud infrastructure from the command line.


You should already have done the steps in Terraform Quickstart for GCP

Step 1: Setup the Key File#

In the Terraform Quickstart you should have:

  1. Created a GCP project

  2. Created a service account

  3. Created and downloaded a key for the service account

To use the Terraform configuration in the project the key should be placed in the file secrets/cis-91.key. The secrets directory is excluded from git so there’s no risk that you’ll accidentally check the key in to GitHub.

Want to start a new project?

There is a shell script bin/ that automates the process. Execute it like this:

$ ./bin/ cis-91-terraform secrets/cis-91.key 

Running the script this way will create a project called cis-91-terraform-XXXXX where XXXXX is a random number and it will pace an access key file in secrets/cis-91.key.

Step 2: Set the Project Name#

Edit the file. It contains this stanza:

variable "project" {
  default = "your-project-here"

Change your-project-here to the ID of the project you created and save the file.

Step 3: Initialize Terraform#

The next steps should be run in the base directory:

$ cd base 
$ terraform init 

Step 4: Create the Base VM#

Now you can create the base virtual machine with Terraform.

$ terraform apply

If it worked you will see this output at the end:


external-ip = ""

Step 5: SSH Into Your New VM#

The gcloud command automates the configuration of SSH. When you add or remove VMs you can tell gcloud to refresh your ~/.ssh/config file with these two commands:

$ gcloud compute config-ssh --remove
$ gcloud compute config-ssh 


If the second command fails you haven’t set the default project. Follow the instructions in the error message.

The config-ssh command creates aliases but you should be able to login directly using the IP address:

$ ssh -i ~/.ssh/google_compute_engine


Replace with the IP address given to you by Terraform

Turn In#

Turn in a screenshot of you SSH’ed into your new VM