gcp-lz-hub-n-spoke's Introduction

gcp-lz-hub-n-spoke

Privileges needed for development

Billing Account User (roles/billing.user)
Compute Network Admin (roles/compute.networkAdmin)
Compute Shared VPC Admin (roles/compute.xpnAdmin)
Folder Admin (roles/resourcemanager.folderAdmin)
Organization Administrator (roles/resourcemanager.organizationAdmin)
Organization Policy Administrator (roles/orgpolicy.policyAdmin)
Project Creator (roles/resourcemanager.projectCreator)
Project Deleter (roles/resourcemanager.projectDeleter)

How to deploy to your own landingzone folder using Cloud Shell

You can skip straight to the environment folder for workload development (recommended). You need capacity for 20 new projects to deploy from start to finish. Please note: you can't deploy the organizational groups or billing modules to a folder, so skip them.

Pull and configure repo

create a landing zone folder and a bootstrap/pipeline project for making API calls
gcloud config set project PROJECT_ID
configure git and fetch repo

git config --global user.email "emailaddress"
git config --global user.name "name"
git config --global init.defaultBranch main
gcloud source repos clone gcp-lz-hub-n-spoke --project=ultra-heading-383615
cd gcp-lz-hub-n-spoke
git fetch --all
git checkout main

Deploy repo using terraform (skip group and billing modules for folder deployments)

cp env.local .env.local
vi .env.local
source .env.local
in numeric order loop through each folder executing terraform init && terraform apply
you may need to update and source .env.local with terraform outputs from previous folders (composition)
add environment variables to a pipeline to implement your CI/CD of choice for each folder/module

Recommend Projects