Skip to main content

GCP - Terraform


Step 1: Generate a new Runiac project

If you haven't already, generate a new Runiac project using the starter:

runiac new my-runiac-terraform-project --url

Step 2: Run a deploy

Run a local deployment in the newly created my-runiac-terraform-project folder:

runiac deploy -a <gcp-project-id> --local

Open step1/default/ and start adding resources. Once ready to test run the same runiac deploy command.

Step 3: Run a destroy (Clean up)

Finally, You can clean up any resources that were created by runiac with the --self-destroy flag:

runiac deploy -a <gcp-project-id> --local --self-destroy

That's it!

Congratulations! You've successfully run, modified and destroyed your Runiac project.

Important Notes

Be aware that some Google Cloud Platform resources are not deleted immediately. Common examples include IAM roles, among others, which remain in the system for a period of time before finally being purged (ie: soft deletes). The Terraform provider documentation will usually call this out in a warning.

This has implications on ephemeral deployments; you cannot create a role with a given name, run runiac with the --self-destroy flag in this example, and rerun runiac immediately afterwards. GCP will detect a conflict when the same role is created again, and as a result, your deployment will fail.

For these types of resources, the recommendation is to only deploy them to non-ephemeral environments. You can leverage Terraform's count property and runiac's namespace variable to conditionally deploy such resources:

resource "google_project_iam_custom_role" "my-custom-role" {
count = var.namespace != "" ? 0 : 1