Quickstart: Create a VM instance using Terraform
In this quickstart, you learn how to use Terraform to create a Compute Engine Virtual Machine (VM) instance and connect to that VM instance.
Hashicorp Terraform is an Infrastructure as code (IaC) tool that lets you provision and manage cloud infrastructure. Terraform provider for Google Cloud (Google Cloud provider) lets you provision and manage Google Cloud infrastructure.
Before you begin
To use an online terminal with the gcloud CLI and Terraform already set up, activate Cloud Shell:
At the bottom of this page, a Cloud Shell session starts and displays a command-line prompt. It can take a few seconds for the session to initialize.
-
Create or select a Google Cloud project.
Roles required to select or create a project
- Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
-
Create a project: To create a project, you need the Project Creator
(
roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.createpermission. Learn how to grant roles.
-
Create a Google Cloud project:
gcloud projects create PROJECT_ID
Replace
PROJECT_IDwith a name for the Google Cloud project you are creating. -
Select the Google Cloud project that you created:
gcloud config set project PROJECT_ID
Replace
PROJECT_IDwith your Google Cloud project name.
-
Verify that billing is enabled for your Google Cloud project.
-
Enable the Compute Engine API:
Roles required to enable APIs
To enable APIs, you need the Service Usage Admin IAM role (
roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enablepermission. Learn how to grant roles.gcloudservicesenablecompute.googleapis.com -
Grant roles to your user account. Run the following command once for each of the following IAM roles:
roles/compute.instanceAdmin.v1gcloudprojectsadd-iam-policy-bindingPROJECT_ID--member="user:USER_IDENTIFIER"--role=ROLE
Replace the following:
PROJECT_ID: Your project ID.USER_IDENTIFIER: The identifier for your user account. For examples, see Represent workforce pool users in IAM policies.ROLE: The IAM role that you grant to your user account.
Prepare the environment
Clone the GitHub repository containing Terraform samples:
gitclonehttps://github.com/terraform-google-modules/terraform-docs-samples.git--single-branchGo to the directory that contains the quickstart sample:
cdterraform-docs-samples/compute/quickstart/create_vm
Review the Terraform files
Review the main.tf file. This file defines the Google Cloud
resources that you want to create.
catmain.tf
The output is similar to the following
resource "google_compute_instance" "default" {
name = "my-vm"
machine_type = "n1-standard-1"
zone = "us-central1-a"
boot_disk {
initialize_params {
image = "ubuntu-minimal-2210-kinetic-amd64-v20230126"
}
}
network_interface {
network = "default"
access_config {}
}
}This file describes the
google_compute_instance resource, which is the Terraform resource for the
Compute Engine VM instance. google_compute_instance is configured to
have the following properties:
nameis set tomy-vm.machine_typeis set ton1-standard-1.zoneis set tous-central1-a.boot_disksets the boot disk for the instance.network_interfaceis set to use the default network in your Google Cloud project.
Create the Compute Engine VM instance
In Cloud Shell, run the following command to verify that Terraform is available:
terraformThe output should be similar to the following:
Usage:terraform[globaloptions]<subcommand>[args] Theavailablecommandsforexecutionarelistedbelow. Theprimaryworkflowcommandsaregivenfirst,followedby lesscommonormoreadvancedcommands. Maincommands: initPrepareyourworkingdirectoryforothercommands validateCheckwhethertheconfigurationisvalid planShowchangesrequiredbythecurrentconfiguration applyCreateorupdateinfrastructure destroyDestroypreviously-createdinfrastructureInitialize Terraform by running the following command. This command prepares your workspace so Terraform can apply your configuration.
terraforminitThe output should be similar to the following:
Initializingthebackend... Initializingproviderplugins... -Findinglatestversionofhashicorp/google... -Installinghashicorp/googlev5.35.0... -Installedhashicorp/googlev5.35.0(signedbyHashiCorp) Terraformhascreatedalockfile.terraform.lock.hcltorecordtheprovider selectionsitmadeabove.Includethisfileinyourversioncontrolrepository sothatTerraformcanguaranteetomakethesameselectionsbydefaultwhen yourun"terraform init"inthefuture. Terraformhasbeensuccessfullyinitialized!Validate the Terraform configuration by running the following command. This command takes the following actions:
- Verifies that the syntax of
main.tfis correct. - Shows a preview of the resources that will be created.
terraformplanThe output should be similar to the following:
Plan:1toadd,0tochange,0todestroy. Note:Youdidn't use the -out option to save this plan, so Terraform can't guaranteetotakeexactlytheseactionsifyourun"terraform apply"now.- Verifies that the syntax of
Apply the configuration to provision resources described in the
main.tffile:terraformapplyWhen prompted, enter
yes.Terraform calls Google Cloud APIs to create the VM instance defined in the
main.tffile.The output should be similar to the following:
Applycomplete!Resources:1added,0changed,0destroyed
Connect to the VM instance
Connect to the VM instance you just created by running the following command:
gcloudcomputessh--zone=us-central1-amy-vm
Clean up
To avoid incurring charges to your Google Cloud account for the resources used on this page, delete the Google Cloud project with the resources.
In Cloud Shell, run the following command to delete the Terraform resources:
terraformdestroy
When prompted, enter yes.
The output should be similar to the following:
Destroycomplete!Resources:1destroyed.
What's next
- Learn how to deploy a basic Flask web server using Terraform.
- Learn how to store Terraform state in a Cloud Storage bucket.