Introduction
In this article we will explain how to set up your GCP credentials in HCP Terraform (formerly Terraform Cloud).
Requirements:
- Authenticate to GCP
- Set up Google Cloud Service Account
- Download your JSON key file
Use Case
In Terraform documentation for GCP provider the authentication is done by pointing to the location of the JSON key file which is not a suitable approach for Terraform Cloud.
Solutions
We can set the GCP credentials in two ways:
1. As Terraform Variable
Having the following example code we will create variable named gcp-creds:
provider "google" {
project = "<YOUR PROJECT>"
region = "<YOUR REGION>"
zone = "<YOUR ZONE>"
credentials = var.gcp-creds
}
variable "gcp-creds" {
default= ""
}then we create a Terraform variable in Terraform Cloud named gcp-creds and we populate the content of JSON key file as its value.
Note:
Please don't forget to set up the variable as sensitive.
2. As Environment Variable
We create Environment variable named GOOGLE_CREDENTIALS in Terraform Cloud and for that value we set the output of your JSON file but without tabs and new lines.
For example the output of cat file.json | jq -c.
Note:
Please don't forget to set up the variable as sensitive.