Cloud infrastructure
- Architecture
- Infrastructure as code
- AWS
- Azure
- DigitalOcean
- GCP
- Mage Pro
Secret manager
GCP
Terraform GCP resources
Here is the default output of terraform plan:
data.http.myip: Reading...
data.http.myip: Read complete after 0s [id=http://ipv4.icanhazip.com]
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
+ create
Terraform will perform the following actions:
# google_cloud_run_service.run_service will be created
+ resource "google_cloud_run_service" "run_service" {
+ autogenerate_revision_name = true
+ id = (known after apply)
+ location = "us-west2"
+ name = "mage-data-prep"
+ project = (known after apply)
+ status = (known after apply)
+ metadata {
+ annotations = {
+ "run.googleapis.com/ingress" = "internal-and-cloud-load-balancing"
+ "run.googleapis.com/launch-stage" = "BETA"
}
+ generation = (known after apply)
+ labels = (known after apply)
+ namespace = (known after apply)
+ resource_version = (known after apply)
+ self_link = (known after apply)
+ uid = (known after apply)
}
+ template {
+ metadata {
+ annotations = (known after apply)
+ generation = (known after apply)
+ name = (known after apply)
+ namespace = (known after apply)
+ resource_version = (known after apply)
+ self_link = (known after apply)
+ uid = (known after apply)
}
+ spec {
+ container_concurrency = (known after apply)
+ service_account_name = (known after apply)
+ serving_state = (known after apply)
+ timeout_seconds = (known after apply)
+ containers {
+ image = "region-docker.pkg.dev/project_id/repository_name/mageai"
+ env {
+ name = "FILESTORE_IP_ADDRESS"
+ value = (known after apply)
}
+ env {
+ name = "FILE_SHARE_NAME"
+ value = "share1"
}
+ ports {
+ container_port = 6789
+ name = (known after apply)
}
+ resources {
+ limits = {
+ "cpu" = "2000m"
+ "memory" = "1G"
}
}
}
}
}
+ traffic {
+ latest_revision = true
+ percent = 100
+ url = (known after apply)
}
}
# google_cloud_run_service_iam_member.run_all_users will be created
+ resource "google_cloud_run_service_iam_member" "run_all_users" {
+ etag = (known after apply)
+ id = (known after apply)
+ location = "us-west2"
+ member = "allUsers"
+ project = (known after apply)
+ role = "roles/run.invoker"
+ service = "mage-data-prep"
}
# google_compute_backend_service.backend will be created
+ resource "google_compute_backend_service" "backend" {
+ connection_draining_timeout_sec = 300
+ creation_timestamp = (known after apply)
+ fingerprint = (known after apply)
+ id = (known after apply)
+ load_balancing_scheme = "EXTERNAL"
+ name = "mage-data-prep-backend"
+ port_name = "http"
+ project = (known after apply)
+ protocol = "HTTP"
+ security_policy = "mage-data-prep-security-policy"
+ self_link = (known after apply)
+ session_affinity = (known after apply)
+ timeout_sec = 30
+ backend {
+ balancing_mode = "UTILIZATION"
+ capacity_scaler = 1
+ group = (known after apply)
+ max_connections = (known after apply)
+ max_connections_per_endpoint = (known after apply)
+ max_connections_per_instance = (known after apply)
+ max_rate = (known after apply)
+ max_rate_per_endpoint = (known after apply)
+ max_rate_per_instance = (known after apply)
+ max_utilization = (known after apply)
}
+ cdn_policy {
+ cache_mode = (known after apply)
+ client_ttl = (known after apply)
+ default_ttl = (known after apply)
+ max_ttl = (known after apply)
+ negative_caching = (known after apply)
+ serve_while_stale = (known after apply)
+ signed_url_cache_max_age_sec = (known after apply)
+ cache_key_policy {
+ include_host = (known after apply)
+ include_named_cookies = (known after apply)
+ include_protocol = (known after apply)
+ include_query_string = (known after apply)
+ query_string_blacklist = (known after apply)
+ query_string_whitelist = (known after apply)
}
+ negative_caching_policy {
+ code = (known after apply)
+ ttl = (known after apply)
}
}
+ log_config {
+ enable = (known after apply)
+ sample_rate = (known after apply)
}
}
# google_compute_global_address.ip will be created
+ resource "google_compute_global_address" "ip" {
+ address = (known after apply)
+ creation_timestamp = (known after apply)
+ id = (known after apply)
+ name = "mage-data-prep-service-ip"
+ project = (known after apply)
+ self_link = (known after apply)
}
# google_compute_global_forwarding_rule.frontend will be created
+ resource "google_compute_global_forwarding_rule" "frontend" {
+ id = (known after apply)
+ ip_address = (known after apply)
+ ip_protocol = (known after apply)
+ label_fingerprint = (known after apply)
+ load_balancing_scheme = "EXTERNAL"
+ name = "mage-data-prep-frontend"
+ network = (known after apply)
+ port_range = "80"
+ project = (known after apply)
+ psc_connection_id = (known after apply)
+ psc_connection_status = (known after apply)
+ self_link = (known after apply)
+ target = (known after apply)
}
# google_compute_region_network_endpoint_group.cloudrun_neg will be created
+ resource "google_compute_region_network_endpoint_group" "cloudrun_neg" {
+ id = (known after apply)
+ name = "mage-data-prep-neg"
+ network_endpoint_type = "SERVERLESS"
+ project = (known after apply)
+ region = "us-west2"
+ self_link = (known after apply)
+ cloud_run {
+ service = "mage-data-prep"
}
}
# google_compute_security_policy.policy will be created
+ resource "google_compute_security_policy" "policy" {
+ fingerprint = (known after apply)
+ id = (known after apply)
+ name = "mage-data-prep-security-policy"
+ project = (known after apply)
+ self_link = (known after apply)
+ type = (known after apply)
+ advanced_options_config {
+ json_parsing = (known after apply)
+ log_level = (known after apply)
+ json_custom_config {
+ content_types = (known after apply)
}
}
+ rule {
+ action = "allow"
+ description = "Whitelist IP"
+ preview = (known after apply)
+ priority = 100
+ match {
+ versioned_expr = "SRC_IPS_V1"
+ config {
+ src_ip_ranges = [
+ "11.111.11.111/32",
]
}
}
}
+ rule {
+ action = "deny(403)"
+ description = "default rule"
+ preview = (known after apply)
+ priority = 2147483647
+ match {
+ versioned_expr = "SRC_IPS_V1"
+ config {
+ src_ip_ranges = [
+ "*",
]
}
}
}
}
# google_compute_target_http_proxy.http_proxy will be created
+ resource "google_compute_target_http_proxy" "http_proxy" {
+ creation_timestamp = (known after apply)
+ id = (known after apply)
+ name = "mage-data-prep-http-proxy"
+ project = (known after apply)
+ proxy_bind = (known after apply)
+ proxy_id = (known after apply)
+ self_link = (known after apply)
+ url_map = (known after apply)
}
# google_compute_url_map.url_map will be created
+ resource "google_compute_url_map" "url_map" {
+ creation_timestamp = (known after apply)
+ default_service = (known after apply)
+ fingerprint = (known after apply)
+ id = (known after apply)
+ map_id = (known after apply)
+ name = "mage-data-prep-urlmap"
+ project = (known after apply)
+ self_link = (known after apply)
}
# google_filestore_instance.instance will be created
+ resource "google_filestore_instance" "instance" {
+ create_time = (known after apply)
+ etag = (known after apply)
+ id = (known after apply)
+ location = "us-west2-a"
+ name = "mage-data-prep"
+ project = (known after apply)
+ tier = "BASIC_HDD"
+ zone = (known after apply)
+ file_shares {
+ capacity_gb = 1024
+ name = "share1"
}
+ networks {
+ connect_mode = "DIRECT_PEERING"
+ ip_addresses = (known after apply)
+ modes = [
+ "MODE_IPV4",
]
+ network = "default"
+ reserved_ip_range = (known after apply)
}
}
# google_project_service.artifactregistry will be created
+ resource "google_project_service" "artifactregistry" {
+ disable_on_destroy = false
+ id = (known after apply)
+ project = (known after apply)
+ service = "artifactregistry.googleapis.com"
}
# google_project_service.cloudrun will be created
+ resource "google_project_service" "cloudrun" {
+ disable_on_destroy = false
+ id = (known after apply)
+ project = (known after apply)
+ service = "run.googleapis.com"
}
# google_project_service.iam will be created
+ resource "google_project_service" "iam" {
+ disable_on_destroy = false
+ id = (known after apply)
+ project = (known after apply)
+ service = "iam.googleapis.com"
}
# google_project_service.resourcemanager will be created
+ resource "google_project_service" "resourcemanager" {
+ disable_on_destroy = false
+ id = (known after apply)
+ project = (known after apply)
+ service = "cloudresourcemanager.googleapis.com"
}
# google_project_service.vpcaccess will be created
+ resource "google_project_service" "vpcaccess" {
+ disable_on_destroy = false
+ id = (known after apply)
+ project = (known after apply)
+ service = "vpcaccess.googleapis.com"
}
# google_vpc_access_connector.connector will be created
+ resource "google_vpc_access_connector" "connector" {
+ id = (known after apply)
+ ip_cidr_range = "10.8.0.0/28"
+ max_throughput = 300
+ min_throughput = 200
+ name = "mage-data-prep-connector"
+ network = "default"
+ project = (known after apply)
+ region = "us-west2"
+ self_link = (known after apply)
+ state = (known after apply)
}
Plan: 16 to add, 0 to change, 0 to destroy.
Changes to Outputs:
+ service_ip = (known after apply)
─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Note: You didn't use the -out option to save this plan, so Terraform can't guarantee to take exactly these actions if you run "terraform apply" now.Was this page helpful?
Assistant
Responses are generated using AI and may contain mistakes.