# Steps to implement Hands-on Project - Mission 1

Creating the terraform-en-1 user using the IAM service

Access the AWS console (https://aws.amazon.com) and log in with your newly created account. In the search bar, type IAM. In the Services section, click on IAM.
Click on Users and then Add users, enter the name terraform-en-1 and click Next to create a programmatic type user.
ALT
After advancing, in Set permissions, click on the Attach existing policies directly button.
ALT
Type AmazonS3FullAccess in Search.
Select AmazonS3FullAccess
ALT
Click on Next
Review all the details
Click on Create user

Creating the Access Key for the terraform-en-1 user using the IAM service

Access the terraform-en-1 user
ALT
Click on the Security credentials tab
ALT
Navigate to the Access keys section
Click on Create access key
ALT
Select Command Line Interface (CLI) and I understand the above recommendation and want to proceed to create an access key.
ALT
Click on Next.
Click on Create access key
ALT
Click on Download .csv file
ALT
After the download finishes, click on Done.
Once the download is complete, rename the .csv file to key.csv

Steps in Google Cloud Platform (GCP)

Preparing the environment to run Terraform

Access the Google Cloud Console (console.cloud.google.com) and log in with your newly created account
Open the Cloud Shell
ALT
ALT
Download the mission1.zip file in the Google Cloud shell using the wget command
JSON
Copy
wget https://tcb-public-events.s3.amazonaws.com/icp/mission1.zip
Result
ALT
Upload the key.csv file to the Cloud Shell using the browser
Step 1
ALT
Step 2
ALT
Step 3
ALT
Verify if the mission1.zip and key.csv files are in the folder in the Cloud Shell using the command below
JSON
Copy
ls
Result
ALT
Execute the file preparation commands:
Plain Text
Copy
unzip mission1.zip
Plain Text
Copy
mv key.csv mission1/en
Plain Text
Copy
cd mission1/en
Plain Text
Copy
chmod +x *.sh
Result
ALT
Execute the commands below to prepare the AWS and GCP environment
Plain Text
Copy
mkdir -p ~/.aws/
Plain Text
Copy
touch ~/.aws/credentials_multiclouddeploy
Plain Text
Copy
./aws_set_credentials.sh key.csv
Plain Text
Copy
GOOGLE_CLOUD_PROJECT_ID=$(gcloud config get-value project)
Plain Text
Copy
gcloud config set project $GOOGLE_CLOUD_PROJECT_ID
Click on Authorize
ALT
Execute the command below to set the project in the Google Cloud Shell
Plain Text
Copy
./gcp_set_project.sh
Execute the commands to enable the Kubernetes, Container Registry, and Cloud SQL APIs
Plain Text
Copy
gcloud services enable containerregistry.googleapis.com
Plain Text
Copy
gcloud services enable container.googleapis.com
Plain Text
Copy
gcloud services enable sqladmin.googleapis.com
Plain Text
Copy
gcloud services enable cloudresourcemanager.googleapis.com
Plain Text
Copy
gcloud services enable serviceusage.googleapis.com
Plain Text
Copy
gcloud services enable compute.googleapis.com
Plain Text
Copy
gcloud services enable servicenetworking.googleapis.com --project=$GOOGLE_CLOUD_PROJECT_ID

Running Terraform to provision MultiCloud infrastructure in AWS and Google Cloud

Execute the following commands to provision infrastructure resources
Plain Text
Copy
cd ~/mission1/en/terraform/
Plain Text
Copy
terraform init
Plain Text
Copy
terraform plan
Plain Text
Copy
terraform apply
Attention: The provisioning process can take between 15 to 25 minutes to finish. Keep the CloudShell open during the process. If disconnected, click on Reconnect when the session expires (the session expires after 5 minutes of inactivity by default)

Appendix I - Destroying the environment and starting over

In case you have encountered any problem/error and want to reset the environment to start over, follow the step-by-step instructions below to remove the entire MultiCloud environment.

[Google Cloud] Delete VPC Peering

ALT

[Google Cloud] Delete remaining resources w/ Terraform - Cloud Shell

JSON
Copy
cd ~/mission1/en/terraform/
JSON
Copy
terraform destroy

Clean the Cloud Shell in AWS and Google Cloud

AWS

JSON
Copy
cd ~
JSON
Copy
rm -rf mission*

Google Cloud

JSON
Copy
cd ~
JSON
Copy
rm -rf mission*
JSON
Copy
rm -rf .ssh

Security Tips

For production environments, it's recommended to use only the Private Network for database access.
Never provide public network access (0.0.0.0/0) to production databases. ⚠️
By reaching this point, you have completed the implementation of the first part of the Hands-on Project and have implemented resources in a MultiCloud (AWS and Google Cloud) environment using Terraform!
Congratulations! 🚀🎉