How To SSH into your VM? - Google Cloud Platform (antonputra#88)

subash-subramaniyan · Aug 17, 2022 · ca53b8d · ca53b8d
1 parent a712f11
commit ca53b8d
Show file tree

Hide file tree

Showing 9 changed files with 119 additions and 0 deletions.
diff --git a/docs/contents.md b/docs/contents.md
@@ -51,3 +51,4 @@
 - [117 - AWS API Gateway - Custom Domain](../lessons/117)
 - [118 - AWS API Gateway - EC2 Integration](../lessons/118)
 - [119 - AWS API Gateway - WebSocket API + EC2](../lessons/119)
+- [120 - How To SSH into your VM? - Google Cloud Platform](../lessons/120)
diff --git a/lessons/120/README.md b/lessons/120/README.md
@@ -0,0 +1,3 @@
+# How To SSH into your VM? - Google Cloud Platform (GCP | IAP tunnel | OS Login | Audit | Google IAM)
+
+You can find tutorial [here](https://antonputra.com/google/gcp-how-to-ssh-into-your-vm/).
diff --git a/lessons/120/terraform/.terraform.lock.hcl b/lessons/120/terraform/.terraform.lock.hcl
diff --git a/lessons/120/terraform/0-locals.tf b/lessons/120/terraform/0-locals.tf
@@ -0,0 +1,4 @@
+locals {
+  project_id = "lesson-120"
+  region     = "us-central1"
+}
diff --git a/lessons/120/terraform/1-provider.tf b/lessons/120/terraform/1-provider.tf
@@ -0,0 +1,16 @@
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs
+provider "google" {
+  project = local.project_id
+  region  = local.region
+}
+
+terraform {
+  required_providers {
+    google = {
+      source  = "hashicorp/google"
+      version = "~> 4.31.0"
+    }
+  }
+
+  required_version = "~> 1.0"
+}
diff --git a/lessons/120/terraform/2-vpc.tf b/lessons/120/terraform/2-vpc.tf
@@ -0,0 +1,26 @@
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_service
+resource "google_project_service" "compute" {
+  service = "compute.googleapis.com"
+
+  disable_on_destroy = false
+}
+
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network
+resource "google_compute_network" "main" {
+  name                            = "main"
+  routing_mode                    = "REGIONAL"
+  auto_create_subnetworks         = false
+  delete_default_routes_on_create = true
+
+  depends_on = [google_project_service.compute]
+}
+
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_route
+resource "google_compute_route" "default_to_internet" {
+  name             = "default-internet-gateway"
+  dest_range       = "0.0.0.0/0"
+  network          = google_compute_network.main.name
+  next_hop_gateway = "default-internet-gateway"
+  priority         = 1000
+  description      = "Default route to the Internet."
+}
diff --git a/lessons/120/terraform/3-subnets.tf b/lessons/120/terraform/3-subnets.tf
@@ -0,0 +1,17 @@
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork
+resource "google_compute_subnetwork" "private" {
+  name                     = "private"
+  region                   = local.region
+  ip_cidr_range            = "10.0.0.0/18"
+  stack_type               = "IPV4_ONLY"
+  network                  = google_compute_network.main.id
+  private_ip_google_access = true
+}
+
+resource "google_compute_subnetwork" "public" {
+  name          = "public"
+  region        = local.region
+  ip_cidr_range = "10.0.64.0/18"
+  stack_type    = "IPV4_ONLY"
+  network       = google_compute_network.main.id
+}
diff --git a/lessons/120/terraform/4-router.tf b/lessons/120/terraform/4-router.tf
@@ -0,0 +1,6 @@
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router
+resource "google_compute_router" "router" {
+  name    = "router"
+  region  = local.region
+  network = google_compute_network.main.id
+}
diff --git a/lessons/120/terraform/5-nat.tf b/lessons/120/terraform/5-nat.tf
@@ -0,0 +1,25 @@
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_address
+resource "google_compute_address" "nat" {
+  name         = "nat"
+  address_type = "EXTERNAL"
+  network_tier = "PREMIUM"
+
+  depends_on = [google_project_service.compute]
+}
+
+# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router_nat
+resource "google_compute_router_nat" "nat" {
+  name   = "nat"
+  router = google_compute_router.router.name
+  region = local.region
+
+  source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
+  nat_ip_allocate_option             = "MANUAL_ONLY"
+
+  subnetwork {
+    name                    = google_compute_subnetwork.private.id
+    source_ip_ranges_to_nat = ["ALL_IP_RANGES"]
+  }
+
+  nat_ips = [google_compute_address.nat.self_link]
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,3 @@
		# How To SSH into your VM? - Google Cloud Platform (GCP \| IAP tunnel \| OS Login \| Audit \| Google IAM)

		You can find tutorial [here](https://antonputra.com/google/gcp-how-to-ssh-into-your-vm/).