Steps to implement Han... | Naru's Library

Creating the terraform-en-1 user using the IAM service

Access the AWS console (https://aws.amazon.com)
and log in with your newly created account. In the search bar, type IAM. In the Services section, click on IAM.

Click on Users and then Add users, enter the name terraform-en-1 and click Next to create a programmatic type user.

ALT

After advancing, in Set permissions, click on the Attach existing policies directly button.

ALT

Type AmazonS3FullAccess in Search.

Select AmazonS3FullAccess

ALT

Click on Next

Review all the details

Click on Create user

Creating the Access Key for the terraform-en-1 user using the IAM service

Access the terraform-en-1 user

ALT

Click on the Security credentials tab

ALT

Navigate to the Access keys section

Click on Create access key

ALT

Select Command Line Interface (CLI) and I understand the above recommendation and want to proceed to create an access key.

ALT

Click on Next.

Click on Create access key

ALT

Click on Download .csv file

ALT

After the download finishes, click on Done.

Once the download is complete, rename the .csv file to key.csv

Steps in Google Cloud Platform (GCP)

Preparing the environment to run Terraform

Access the Google Cloud Console (console.cloud.google.com)
and log in with your newly created account

Open the Cloud Shell

ALT

Download the mission1.zip file in the Google Cloud shell using the wget command

JSON

Copy

wget https://tcb-public-events.s3.amazonaws.com/icp/mission1.zip

Result

ALT

Upload the key.csv file to the Cloud Shell using the browser

Step 1

ALT

Step 2

ALT

Step 3

ALT

Verify if the mission1.zip and key.csv files are in the folder in the Cloud Shell using the command below

JSON

Copy

ls

Result

ALT

Execute the file preparation commands:

Plain Text

Copy

unzip mission1.zip

Plain Text

Copy

mv key.csv mission1/en

Plain Text

Copy

cd mission1/en

Plain Text

Copy

chmod +x *.sh

Result

ALT

Execute the commands below to prepare the AWS and GCP environment

Plain Text

Copy

mkdir -p ~/.aws/

Plain Text

Copy

touch ~/.aws/credentials_multiclouddeploy

Plain Text

Copy

./aws_set_credentials.sh key.csv

Plain Text

Copy

GOOGLE_CLOUD_PROJECT_ID=$(gcloud config get-value project)

Plain Text

Copy

gcloud config set project $GOOGLE_CLOUD_PROJECT_ID

Click on Authorize

ALT

Execute the command below to set the project in the Google Cloud Shell

Plain Text

Copy

./gcp_set_project.sh

Execute the commands to enable the Kubernetes, Container Registry, and Cloud SQL APIs

Plain Text

Copy

gcloud services enable containerregistry.googleapis.com

Plain Text

Copy

gcloud services enable container.googleapis.com

Plain Text

Copy

gcloud services enable sqladmin.googleapis.com

Plain Text

Copy

gcloud services enable cloudresourcemanager.googleapis.com

Plain Text

Copy

gcloud services enable serviceusage.googleapis.com

Plain Text

Copy

gcloud services enable compute.googleapis.com

Plain Text

Copy

gcloud services enable servicenetworking.googleapis.com --project=$GOOGLE_CLOUD_PROJECT_ID

Running Terraform to provision MultiCloud infrastructure in AWS and Google Cloud

Execute the following commands to provision infrastructure resources

Plain Text

Copy

cd ~/mission1/en/terraform/

Plain Text

Copy

terraform init

Plain Text

Copy

terraform plan

Plain Text

Copy

terraform apply

Attention: The provisioning process can take between 15 to 25 minutes                                to finish. Keep the CloudShell open during the process. If disconnected, click on Reconnect when the session expires (the session expires after 5 minutes of inactivity by default)

Appendix I - Destroying the environment and starting over

In case you have encountered any problem/error and want to reset the environment to start over, follow the step-by-step instructions below to remove the entire MultiCloud environment.

[Google Cloud] Delete VPC Peering

ALT

[Google Cloud] Delete remaining resources w/ Terraform - Cloud Shell

JSON

Copy

cd ~/mission1/en/terraform/

JSON

Copy

terraform destroy

Clean the Cloud Shell in AWS and Google Cloud

AWS

JSON

Copy

cd ~

JSON

Copy

rm -rf mission*

Google Cloud

JSON

Copy

cd ~

JSON

Copy

rm -rf mission*

JSON

Copy

rm -rf .ssh

Security Tips

For production environments, it's recommended to use only the Private Network for database access.

Never provide public network access (0.0.0.0/0) to production databases. ​

By reaching this point, you have completed the implementation of the first part of the Hands-on Project and have implemented resources in a MultiCloud (AWS and Google Cloud) environment using Terraform!

Congratulations! ​

Steps to implement Hands-on Project - Mission 1

Creating the terraform-en-1 user using the IAM service

Creating the Access Key for the terraform-en-1 user using the IAM service

Steps in Google Cloud Platform (GCP)

Preparing the environment to run Terraform

Running Terraform to provision MultiCloud infrastructure in AWS and Google Cloud

Appendix I - Destroying the environment and starting over

[Google Cloud] Delete VPC Peering

[Google Cloud] Delete remaining resources w/ Terraform - Cloud Shell

Clean the Cloud Shell in AWS and Google Cloud

AWS

Google Cloud

Security Tips

No Comments