86 lines
3.2 KiB
Markdown
86 lines
3.2 KiB
Markdown
---
|
|
layout: "google"
|
|
page_title: "Provider: Google Cloud"
|
|
sidebar_current: "docs-google-index"
|
|
description: |-
|
|
The Google Cloud provider is used to interact with Google Cloud services. The provider needs to be configured with the proper credentials before it can be used.
|
|
---
|
|
|
|
# Google Cloud Provider
|
|
|
|
The Google Cloud provider is used to interact with
|
|
[Google Cloud services](https://cloud.google.com/). The provider needs
|
|
to be configured with the proper credentials before it can be used.
|
|
|
|
Use the navigation to the left to read about the available resources.
|
|
|
|
## Example Usage
|
|
|
|
```js
|
|
// Configure the Google Cloud provider
|
|
provider "google" {
|
|
credentials = "${file("account.json")}"
|
|
project = "my-gce-project"
|
|
region = "us-central1"
|
|
}
|
|
|
|
// Create a new instance
|
|
resource "google_compute_instance" "default" {
|
|
// ...
|
|
}
|
|
```
|
|
|
|
## Configuration Reference
|
|
|
|
The following keys can be used to configure the provider.
|
|
|
|
* `credentials` - (Optional) Contents of the JSON file used to describe your
|
|
account credentials, downloaded from Google Cloud Console. More details on
|
|
retrieving this file are below. Credentials may be blank if you are running
|
|
Terraform from a GCE instance with a properly-configured [Compute Engine
|
|
Service Account](https://cloud.google.com/compute/docs/authentication). This
|
|
can also be specified with the `GOOGLE_CREDENTIALS` or `GOOGLE_CLOUD_KEYFILE_JSON`
|
|
shell environment variable, containing the contents of the credentials file.
|
|
|
|
* `region` - (Required) The region to operate under. This can also be specified
|
|
with the `GOOGLE_REGION` shell environment variable.
|
|
|
|
* `project` - (Optional) The ID of the project to apply resources in. This
|
|
can also be specified with the `GOOGLE_PROJECT` shell environment variable.
|
|
If unspecified, users will need to specify the `project` attribute for
|
|
all resources. If specified, resources which do not depend on a project will
|
|
ignore this value.
|
|
|
|
The following keys are supported for backwards compatibility, and may be
|
|
removed in a future version:
|
|
|
|
* `account_file` - __Deprecated: please use `credentials` instead.__
|
|
Path to or contents of the JSON file used to describe your
|
|
account credentials, downloaded from Google Cloud Console. More details on
|
|
retrieving this file are below. The `account file` can be "" if you are running
|
|
terraform from a GCE instance with a properly-configured [Compute Engine
|
|
Service Account](https://cloud.google.com/compute/docs/authentication). This
|
|
can also be specified with the `GOOGLE_ACCOUNT_FILE` shell environment
|
|
variable.
|
|
|
|
|
|
## Authentication JSON File
|
|
|
|
Authenticating with Google Cloud services requires a JSON
|
|
file which we call the _account file_.
|
|
|
|
This file is downloaded directly from the
|
|
[Google Developers Console](https://console.developers.google.com). To make
|
|
the process more straightforwarded, it is documented here:
|
|
|
|
1. Log into the [Google Developers Console](https://console.developers.google.com)
|
|
and select a project.
|
|
|
|
2. Click the menu button in the top left corner, and navigate to "Permissions",
|
|
then "Service accounts", and finally "Create service account".
|
|
|
|
3. Provide a name and ID in the corresponding fields, select
|
|
"Furnish a new private key", and select "JSON" as the key type.
|
|
|
|
4. Clicking "Create" will download your `credentials`.
|