gcloud
CLIdefault
value of the
variable named project_id
in the
./gcp/variables.tf
file.
default
value under app_name
:
default
value under region
:
google_cloud_run_service
in the file
./gcp/main.tf:
+ GRANT ACCESS
.
terraform apply
even after granting access,
try Method B down below.
Compute Engine
default service account.
If you want to grant access to a different service account,
configure the service_account_name
argument in the spec
block in
main.tf
:Secret Manager Secret Accessor
.
Secrets | |
---|---|
Secret name | bigquery_credentials |
Reference method | Mounted as volume |
Mount path | /secrets/bigquery |
Path 1 | bigquery_credentials |
Version 1 | latest |
Environment variables | |
---|---|
Name | path_to_keyfile |
Value | /secrets/bigquery/bigquery_credentials |
http://[IP_address]
IP_address
to the IP address that was output in your terminal
after successfully running terraform apply
.[application_name]-security-policy
.
Click on that security group and verify your IP address is whitelisted.
If it isn’t, add a new rule with the following values:
Mode | Match | Action | Priority |
---|---|---|---|
Basic mode | Enter your IP address | Allow | 100 |
http://
and NOT https://
.
app_name
This is the value you changed when editing the
./gcp/variables.tf
file.
[application_name]-security-policy
.
Click on that security group and add a new rule with the following values:
Mode | Match | Action | Priority |
---|---|---|---|
Basic mode | Enter your IP address | Allow | 100 |
Mode | Match | Action | Priority |
---|---|---|---|
Advanced mode | request.path.startsWith('/api/pipeline_schedules/123/pipeline_runs') && inIpRange(origin.ip, '[IP address]/32') | Allow | 200 |
default
value of ssl
to be true
, and set the default
value of domain
variable to be the domain url you want to use.terraform apply
to create the HTTPS load balancer.service_ip
from the output of terraform command.