From ca53b8dee21714f1d76a534ff8bb767bd3475756 Mon Sep 17 00:00:00 2001 From: Anton Putra Date: Wed, 17 Aug 2022 07:37:25 -0700 Subject: [PATCH] How To SSH into your VM? - Google Cloud Platform (#88) --- docs/contents.md | 1 + lessons/120/README.md | 3 +++ lessons/120/terraform/.terraform.lock.hcl | 21 ++++++++++++++++++ lessons/120/terraform/0-locals.tf | 4 ++++ lessons/120/terraform/1-provider.tf | 16 ++++++++++++++ lessons/120/terraform/2-vpc.tf | 26 +++++++++++++++++++++++ lessons/120/terraform/3-subnets.tf | 17 +++++++++++++++ lessons/120/terraform/4-router.tf | 6 ++++++ lessons/120/terraform/5-nat.tf | 25 ++++++++++++++++++++++ 9 files changed, 119 insertions(+) create mode 100644 lessons/120/README.md create mode 100644 lessons/120/terraform/.terraform.lock.hcl create mode 100644 lessons/120/terraform/0-locals.tf create mode 100644 lessons/120/terraform/1-provider.tf create mode 100644 lessons/120/terraform/2-vpc.tf create mode 100644 lessons/120/terraform/3-subnets.tf create mode 100644 lessons/120/terraform/4-router.tf create mode 100644 lessons/120/terraform/5-nat.tf diff --git a/docs/contents.md b/docs/contents.md index 1d994c0d..343f13bc 100644 --- a/docs/contents.md +++ b/docs/contents.md @@ -51,3 +51,4 @@ - [117 - AWS API Gateway - Custom Domain](../lessons/117) - [118 - AWS API Gateway - EC2 Integration](../lessons/118) - [119 - AWS API Gateway - WebSocket API + EC2](../lessons/119) +- [120 - How To SSH into your VM? - Google Cloud Platform](../lessons/120) diff --git a/lessons/120/README.md b/lessons/120/README.md new file mode 100644 index 00000000..40ef069b --- /dev/null +++ b/lessons/120/README.md @@ -0,0 +1,3 @@ +# How To SSH into your VM? - Google Cloud Platform (GCP | IAP tunnel | OS Login | Audit | Google IAM) + +You can find tutorial [here](https://antonputra.com/google/gcp-how-to-ssh-into-your-vm/). diff --git a/lessons/120/terraform/.terraform.lock.hcl b/lessons/120/terraform/.terraform.lock.hcl new file mode 100644 index 00000000..773d15f1 --- /dev/null +++ b/lessons/120/terraform/.terraform.lock.hcl @@ -0,0 +1,21 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/google" { + version = "4.31.0" + hashes = [ + "h1:p6GUUYG9PQ4XODXBgsHpWTygziRtY61z07slBKYbiCQ=", + "zh:02a19ed46c2007f6aadfb6ff90aa6063be063194d1f0dd02dc839adc212f7cae", + "zh:1046de7e13e81a8f86461f99e9d5ff25d5dabe8465f51efe72084ded426ba771", + "zh:209b054685f7364f3f5e8b570ceb62701e5b466d37cce8b7108385fc1feb3683", + "zh:717773619a1102748204699974c30aba39dc727baf389b874afcab6e17b63ffa", + "zh:7d5f4885cda2ca0ec8cb8bac36ea156aeca7787c01c17e65f7226742b60369d8", + "zh:82df57f2df5708441c57045b3e1a9a91ed55abe67d0d2f00705c7a1f512ec6ec", + "zh:a0191b194e68dd3c0ac5a26712f95d435839ff20d2b2ad53670374c64946042d", + "zh:a95b8358469d6347a5bcf4462ad18efaf80014f07f36bd26019ca039c523ff48", + "zh:b62c968f50d3afa8300c9267388d273a90a5be1a4e9a218205a358e6954e7844", + "zh:bc11cc9b8defec24831bbd6a73a2fa940659c7c610ea7aa0d8b38c2b1af6689b", + "zh:e6ac4c46c3e5a32635fcd27784c189b6cbc6aa9cbf7a3b09e999ec3aa3e2004a", + "zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c", + ] +} diff --git a/lessons/120/terraform/0-locals.tf b/lessons/120/terraform/0-locals.tf new file mode 100644 index 00000000..238e2769 --- /dev/null +++ b/lessons/120/terraform/0-locals.tf @@ -0,0 +1,4 @@ +locals { + project_id = "lesson-120" + region = "us-central1" +} \ No newline at end of file diff --git a/lessons/120/terraform/1-provider.tf b/lessons/120/terraform/1-provider.tf new file mode 100644 index 00000000..7fb97c99 --- /dev/null +++ b/lessons/120/terraform/1-provider.tf @@ -0,0 +1,16 @@ +# https://registry.terraform.io/providers/hashicorp/google/latest/docs +provider "google" { + project = local.project_id + region = local.region +} + +terraform { + required_providers { + google = { + source = "hashicorp/google" + version = "~> 4.31.0" + } + } + + required_version = "~> 1.0" +} diff --git a/lessons/120/terraform/2-vpc.tf b/lessons/120/terraform/2-vpc.tf new file mode 100644 index 00000000..61d36f79 --- /dev/null +++ b/lessons/120/terraform/2-vpc.tf @@ -0,0 +1,26 @@ +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/google_project_service +resource "google_project_service" "compute" { + service = "compute.googleapis.com" + + disable_on_destroy = false +} + +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_network +resource "google_compute_network" "main" { + name = "main" + routing_mode = "REGIONAL" + auto_create_subnetworks = false + delete_default_routes_on_create = true + + depends_on = [google_project_service.compute] +} + +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_route +resource "google_compute_route" "default_to_internet" { + name = "default-internet-gateway" + dest_range = "0.0.0.0/0" + network = google_compute_network.main.name + next_hop_gateway = "default-internet-gateway" + priority = 1000 + description = "Default route to the Internet." +} diff --git a/lessons/120/terraform/3-subnets.tf b/lessons/120/terraform/3-subnets.tf new file mode 100644 index 00000000..dd8b3402 --- /dev/null +++ b/lessons/120/terraform/3-subnets.tf @@ -0,0 +1,17 @@ +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_subnetwork +resource "google_compute_subnetwork" "private" { + name = "private" + region = local.region + ip_cidr_range = "10.0.0.0/18" + stack_type = "IPV4_ONLY" + network = google_compute_network.main.id + private_ip_google_access = true +} + +resource "google_compute_subnetwork" "public" { + name = "public" + region = local.region + ip_cidr_range = "10.0.64.0/18" + stack_type = "IPV4_ONLY" + network = google_compute_network.main.id +} diff --git a/lessons/120/terraform/4-router.tf b/lessons/120/terraform/4-router.tf new file mode 100644 index 00000000..31af6a9c --- /dev/null +++ b/lessons/120/terraform/4-router.tf @@ -0,0 +1,6 @@ +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router +resource "google_compute_router" "router" { + name = "router" + region = local.region + network = google_compute_network.main.id +} diff --git a/lessons/120/terraform/5-nat.tf b/lessons/120/terraform/5-nat.tf new file mode 100644 index 00000000..b6001483 --- /dev/null +++ b/lessons/120/terraform/5-nat.tf @@ -0,0 +1,25 @@ +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_address +resource "google_compute_address" "nat" { + name = "nat" + address_type = "EXTERNAL" + network_tier = "PREMIUM" + + depends_on = [google_project_service.compute] +} + +# https://registry.terraform.io/providers/hashicorp/google/latest/docs/resources/compute_router_nat +resource "google_compute_router_nat" "nat" { + name = "nat" + router = google_compute_router.router.name + region = local.region + + source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS" + nat_ip_allocate_option = "MANUAL_ONLY" + + subnetwork { + name = google_compute_subnetwork.private.id + source_ip_ranges_to_nat = ["ALL_IP_RANGES"] + } + + nat_ips = [google_compute_address.nat.self_link] +}