1,191 questions
1
vote
1
answer
59
views
How can I get access to the exact image used by packer when I've specified an image family for it use
I'm building GCE images using packer. My hcl contains something like this
source "googlecompute" "my-image" {
project_id = var.project_id
...
source_image_family = ...
- 3,087
0
votes
0
answers
58
views
Cloud Function -> Python connect to PostgreSQL via IAM user
So im only just starting with GCP/Python. and am still in the learning phase.
I'm using Terraform/Github to deploy my packages to GCP.
I'm trying to get a pub/sub to trigger a Cloud Run Function to ...
- 1
0
votes
1
answer
88
views
Terraform yamldecode Fails When YAML Structure Changes
I have a YAML file structured as follows:
alerts:
la:
la1:
description: "la1"
severity: 1
resource_counter: "004"
enabled: true
ma:
ma1:...
- 5,628
0
votes
1
answer
347
views
Google Cloud project creation fails with "Operation disallowed by Organization Policy constraint due to missing or incorrect Tags"
I'm trying to create a Google Cloud project using Terraform (specifically the terraform-google-modules/project-factory module), but I consistently receive the following error:
Error: error creating ...
- 1
0
votes
1
answer
64
views
error fetching latest gke min version using data.google_container_engine_versions
I'm using
data "google_container_engine_versions" "latest_version" {
provider = google-beta
location = var.region
version_prefix = "1.31."
}
...
-2
votes
1
answer
66
views
Execute command in GCP VM using terraform
I'm trying run below terraform script in Google Cloud.
https://github.com/terraform-google-modules/terraform-google-sap/tree/main/modules/sap_nw
The operating system I'm using is SUSE 15 SP06. ...
- 303
0
votes
0
answers
55
views
How to use dialogflow cx agent duplication with terraform script
We are creating a Terraform script to clone a Dialogflow CX agent. However, during execution, the existing agent is being replaced instead of being cloned.
Can you please confirm if it is possible to ...
0
votes
1
answer
291
views
Error: googleapi: Error 404: The Cloud SQL instance does not exist., instanceDoesNotExist
Planning to create the Postgres Instance using the Backstage, Terraform via pre-defined templates.
While running the Terraform plan, stuck with the below error:
Error: googleapi\*\*: Error 404: The ...
-1
votes
1
answer
130
views
Running Terraform against Google Cloud in GitLab
I am trying to run terraform from a Gitlab pipeline job against my Google Cloud instance. I have authenticated Gitlab to Google Cloud with Federated Id and can impersonate a service account connected ...
- 780
-1
votes
1
answer
1k
views
How do I create Google OAuth2.0 client credentials using Terraform?
https://developers.google.com/identity/protocols/oauth2
Pushes me to the "Google Auth Platform", but I can't find anything on provisioning a client or what seems to be required "...
- 504
-1
votes
2
answers
98
views
How to provision a GKE cluster - Enterprise Tier with Terraform
As the terraform docs for google_container_cluster resource (https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/container_cluster), to provision a GKE cluster we need to ...
- 609
0
votes
1
answer
349
views
Migrate from "reCAPTCHA Classic" to "reCAPTCHA on a Google Cloud" using Terraform
Google recently sent out an email that all Google reCAPTCHA keys will need to be migrated to a Google Cloud project by the end of 2025. They also released a tutorial which guides you through the ...
- 2,329
0
votes
1
answer
56
views
How to fetch all workspaces without pagination?
I've following goLang code:
I use "github.com/hashicorp/go-tfe" go library
workSpaces, err := tfeClient.Workspaces.List(ctx, orgName, &tfe.WorkspaceListOptions{ListOptions: tfe....
- 19
0
votes
1
answer
263
views
How can I configure Cloudflare DNS to send traffic to a GCP load balancer?
I am attempting to host a single page webapp on GCP, on a subdomain managed by Cloudflare.
So far I have been able to host the webapp in a bucket, and make the bucket accessible using a CNAME record ...
- 3,407
2
votes
0
answers
226
views
Error creating Group: googleapi: Error 403: Error(2015): Permission denied for group resource '[email protected]'
Problem
I am working on a Google Cloud Project under an Organization. I am trying to create some groups and assigning policies through Terraform. When running Terraform; the Organization Structure is ...
- 51
0
votes
0
answers
75
views
Failed to create GCP Cloud SQL instnace using Terraform
I am trying to create a Cloud SQL PostgreSQL instance using Terraform. I am using a Service Account as credentials for Google, and I have assigned the Cloud SQL Admin role to the Service Account. I am ...
user29109716
0
votes
1
answer
142
views
Why is my terraform init automation script failing?
I am a Terraform (provider) beginner and I try to create an out of the box working script that runs terraform init and does all the preparation that is needed to make that working. For example, ...
- 3,068
-1
votes
1
answer
132
views
Why does the folder check in Terraform contradict my Python output?
I am a beginner when it comes to Terraform providers which may explain why I have the following problem on my Ubuntu 24.04 machine. First, here is the main.tf file:
terraform {
required_providers {
...
- 3,068
0
votes
0
answers
93
views
Best Practice on inspecting Logs in Terraform Test
I am implementing end to end testing with Terraform Test for a Cloud Run solution. The desired outcomes is that a file uploaded to a storage bucket, triggers a pubsub message, which in turn triggers a ...
- 11
0
votes
1
answer
274
views
gcloud: command not found when using Terraform Cloud but works locally
I have the following Terraform configuration that runs a simple gcloud command using a null_resource with a local-exec provisioner.
resource "null_resource" "test_gcloud" {
...
- 3,620
-1
votes
1
answer
170
views
How can we split a terraform module into multiple modules
I'm new to terraform so pardon my inexperience. I have a terraform file to create multiple big query table. we specify table config in tables array. Since this is a consolidated repository the number ...
- 11
0
votes
1
answer
338
views
How to update/delete GCP Organization Policies
I am trying to delete/edit organization policy constraints in my GCP project which can be found in IAM & Admin --> Organization Policies . Though I have added all the required permissions to ...
- 445
0
votes
1
answer
369
views
Terraform state file migration from local to GCP cloud
I have a terraform state file in local which we want to migrate it to GCP cloud as a remote backend. I have created the bucket named "dns-zone" and added the existing tfstate file named ...
- 11
0
votes
0
answers
55
views
terraform .tfstate file doesn't change after removing itens
For some unknown reason, the removed items remain in the state file after I remove from the .tfstate file.
CASE:
downloaded my state file(my_statefile.tfstate) from cloud_bucket where it's stored
In ...
- 564
1
vote
2
answers
84
views
schedule autoscaler in terraform for GCP?
I am trying to schedule an autoscaler in GCP using terraform. I want to schedule it using cronjob and according to google documentation but it's not working.
This is part of my main.tf as per the ...
- 185
0
votes
1
answer
69
views
I want to clone Google Cloud Platform Cloud SQL between two different projects but got error 403 "The caller does not have permission"
Here below is my terraform source code
provider "google" {
project = var.preprod_id
region = var.reqion
}
provider "google" {
alias = "source"
project = var....
0
votes
1
answer
155
views
Unable to create cloud private nat on gcp using google_compute_router_nat
Description: "type" parameter is not working in the resource google_compute_router_nat
I’m attempting to create a private Cloud NAT resource on Google Cloud Platform (GCP) using Terraform. ...
0
votes
1
answer
89
views
Creating two Google Cloud VPCs in different regions using the same Terraform main.tf file [closed]
I'm trying to create two VPCs (google_compute_network resources) in different regions with the same Terraform main.tf file. My google provider in provider.tf has a default region of us-east1.
I want ...
- 31
0
votes
0
answers
82
views
Big query API schedule job authorisation
I have
locals {
creation_roles = {
"cloud_scheduler_create" = "roles/cloudscheduler.admin"
}
running_roles = {
"bigquery_job_user" = "roles/...
- 1,802
0
votes
1
answer
251
views
cloud composer with terraform
I'm trying to create a composer (3) env with this code:
resource "google_composer_environment" "composer" {
provider = google-beta
name = "airflow-env-1"
region = ...
- 11
-2
votes
1
answer
489
views
Terraform cloudbuild trigger: Error 400: Repository mapping does not exist
I am trying to provision a cloudbuild v1 trigger within my GCP project, however I run into the following issue:
Error: Error creating Trigger: googleapi: Error 400: Repository mapping does not exist. ...
- 161
3
votes
2
answers
1k
views
Terraform fails to destroy Service Networking Connections
I am using terraform to create the infrastructure in GCP. When I do a terraform apply the infrastructure gets created successfully. I was also trying to delete the infrastructure but then the script ...
- 95
1
vote
1
answer
107
views
How to configure a list of role_bindings with terrform google_privileged_access_manager_entitlement
google_privileged_access_manager_entitlement has a single example which grants a single role.
How can I create an entitlement that grants an entitlement to a list or set of roles?
I tried this but the ...
- 5,794
0
votes
1
answer
162
views
Create GCP folder with Terraform only if it does not exist
I have a key - value input with information about GCP projects that need to be created. With information like the name, GCP folder that the project should go in etc.
I want in my terraform code to ...
- 1,074
1
vote
1
answer
116
views
How can I prevent new authoritative binding resources from clobbering existing bindings?
All authoritative GCP IAM bindings have an unexpected behaviour: if you create a new tf resource for a GCP resource with existing bindings it won't check if there are any existing bindings and will ...
- 32.3k
0
votes
1
answer
123
views
Getting error while creating nested map(object) template for monitoring_logging_metric in terraform GCP
getting error while creating nested map(object) template for monitoring_logging_metric in terraform GCP. Trying to create a template resource and passing the values of multiple objects through tfvars ...
- 21
0
votes
0
answers
41
views
How to create map(object) template for terraform resource "google_logging_metric" to pass all the object values from .tfvars file for multiple objects
How to create map(object) template for terraform resource "google_logging_metric" to pass all the object values from .tfvars file for multiple objects? sharing sample resource for "...
- 21
1
vote
0
answers
228
views
How to attach gcloud application-default account to a gcloud configuration?
I have multiple GCP accounts for multiple clients and I handle their infrastructure using Terraform.
To change between different projects/GCP accounts, I use the gcloud config configurations activate &...
- 2,077
0
votes
1
answer
35
views
Referencing secret_env values in docker run args in Cloudbuild template in Terraform
I need to reference a secretEnv value from secrets manager in my docker run arg in a CloudBuild step, but I've tried many variation of $DATABASE_CREDENTIALS and I haven't had any success. The secret ...
- 1,548
0
votes
1
answer
39
views
when the github actions is triggered, it shows the error
I am a relatively new Terraform(GCP) user and I currently running into some problems when using github actions.
I am trying to implement CI/CD using github actions - when the github actions is ...
0
votes
1
answer
616
views
How do I use the URI of a GCP Cloud Run resource in an environment variable for the same resource?
I'm deploying a container via Google Cloud Run and would like to pass the public URI to an environment variable for the resource. How can I do this without running multiple passes of terraform apply ...
- 289
1
vote
1
answer
35
views
Airflow ExternalTaskSensor to load table in bigquey
I have DAG which is loading data into bigquery table A.
The table A is dependent on 8 other tables and the DAG for these tables are triggered at different time.
I want create a DAG for table A such ...
0
votes
1
answer
89
views
Terraform dynamic block for GCP firestore
I'm trying to create a module for GCP firestore that creates a single database which can create multiple indexes with multiple fields but am having some trouble.
I've tried with for_each but I don't ...
- 838
1
vote
1
answer
88
views
How to call the value of a map (object) resource in another map (object) resource
resource "google_monitoring_custom_service" "customsrv" {
for_each = var.custom_service_level
display_name = each.value.service_display_name
service_id = each.value....
- 21
-1
votes
1
answer
113
views
Dynamic step blocks in Terraform google_cloudbuild_trigger resulting in argument Unsupported errors
I am attempting to dynamically generate blocks within a google_cloudbuild_trigger
resource "google_cloudbuild_trigger" "push_to_production" {
name = "cloudbuild-workers"...
- 1,548
0
votes
1
answer
107
views
Terraform module override new attributes
In our existing infra, we calling version 7.4.0 of the following module in our own module.
terraform-google-modules/vm/google//modules/instance_template
When we try and upgrade to latest version 11.1....
- 1
0
votes
2
answers
96
views
GCP REST API or Terraform equivalent of "gcloud services vpc-peerings enable-vpc-service-controls"
Consider this CLI:
gcloud services vpc-peerings enable-vpc-service-controls ...
Questions:
What is the GCP REST API method equivalent to that?
What is the Terraform equivalent to that?
- 1,854
0
votes
1
answer
181
views
How to Resolve Cyclic Dependency Between Google Storage Buckets in Terraform?
I'm trying to set up logging for a Google Storage bucket(already existing) using Terraform, but I'm running into a cyclic dependency issue. Here's my current Terraform configuration:
resource "...
- 13
0
votes
1
answer
36
views
Allowing only specific types of objects(image/jpeg) to be transferred during GCP GCS transfer job creation
I want to create a GCS transfer job which transfer only certain type of objects let us say (image/jpeg) only between 2 GCS buckets.
I can't see any way to do it now as there is only prefix match ...
0
votes
1
answer
631
views
Terraform GCP: apply IAM binding policy to buckets created through terraform only
I am new to Terraform. There are many GCS buckets created through my terraform code. I am trying to apply a deny policy to restrict any console changes to be done on these buckets only and not the ...
- 19