forked from pierront/but3-iac
39 KiB
39 KiB
# module.compute.google_compute_instance.backend:
resource "google_compute_instance" "backend" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.059-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "backend"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/backend-b"
instance_id = "8416510425622697844"
key_revocation_action_type = null
label_fingerprint = "v0RejeymZsc="
labels = {
"tier" = "backend"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "backend-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/backend-b"
tags = [
"backend",
"ssh",
]
tags_fingerprint = "N2bbCLFli_k="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "backend"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/backend-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 10
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.2.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
subnetwork_project = "school-478713"
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance.database:
resource "google_compute_instance" "database" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.466-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "database"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/database-b"
instance_id = "1015907451034982259"
key_revocation_action_type = null
label_fingerprint = "8TRgYIRYvzM="
labels = {
"tier" = "database"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "database-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/database-b"
tags = [
"database",
"ssh",
]
tags_fingerprint = "22sTRfPQYj4="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "database"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/database-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 20
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.3.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
subnetwork_project = "school-478713"
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance.frontend:
resource "google_compute_instance" "frontend" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.163-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/frontend-b"
instance_id = "8158722648816015220"
key_revocation_action_type = null
label_fingerprint = "UVCi664tBXg="
labels = {
"tier" = "frontend"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "frontend-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/frontend-b"
tags = [
"frontend",
"ssh",
]
tags_fingerprint = "sermMtqzdso="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/frontend-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 10
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.1.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
subnetwork_project = "school-478713"
access_config {
nat_ip = "34.14.84.37"
network_tier = "PREMIUM"
public_ptr_domain_name = null
}
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance_template.frontend_template:
resource "google_compute_instance_template" "frontend_template" {
can_ip_forward = false
creation_timestamp = "2025-12-04T02:59:40.999-08:00"
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
id = "projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
instance_description = null
key_revocation_action_type = null
labels = {
"tier" = "frontend"
}
machine_type = "e2-small"
metadata = {
"custom-value" = "custom-metadata"
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "UbBqyPiXsA0="
min_cpu_platform = null
name = "school-478713-frontend-template"
numeric_id = "6691436914263512948"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
self_link_unique = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template?uniqueId=6691436914263512948"
tags = [
"frontend",
"ssh",
]
tags_fingerprint = null
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
disk {
architecture = null
auto_delete = true
boot = true
device_name = "persistent-disk-0"
disk_name = null
disk_size_gb = 0
disk_type = "pd-standard"
interface = null
mode = "READ_WRITE"
provisioned_iops = 0
provisioned_throughput = 0
source = null
source_image = "projects/debian-cloud/global/images/family/debian-11"
source_snapshot = null
type = "PERSISTENT"
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_ip = null
nic_type = null
queue_count = 0
stack_type = null
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
subnetwork_project = "school-478713"
access_config {
nat_ip = null
network_tier = "PREMIUM"
public_ptr_domain_name = null
}
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
}
# module.compute.google_compute_region_instance_group_manager.frontend_mig:
resource "google_compute_region_instance_group_manager" "frontend_mig" {
base_instance_name = "frontend"
creation_timestamp = "2025-12-04T02:59:42.512-08:00"
description = null
distribution_policy_target_shape = "EVEN"
distribution_policy_zones = [
"europe-west1-b",
"europe-west1-c",
"europe-west1-d",
]
fingerprint = "pNdTknoSv6w="
id = "projects/school-478713/regions/europe-west1/instanceGroupManagers/school-478713-frontend-mig"
instance_group = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/instanceGroups/school-478713-frontend-mig"
instance_group_manager_id = 790514855900403569
list_managed_instances_results = "PAGELESS"
name = "school-478713-frontend-mig"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/instanceGroupManagers/school-478713-frontend-mig"
status = [
{
all_instances_config = [
{
current_revision = null
effective = true
},
]
is_stable = false
stateful = [
{
has_stateful_config = false
per_instance_configs = [
{
all_effective = true
},
]
},
]
version_target = [
{
is_reached = true
},
]
},
]
target_size = 2
target_stopped_size = 0
target_suspended_size = 0
wait_for_instances = false
wait_for_instances_status = "STABLE"
instance_lifecycle_policy {
default_action_on_failure = "REPAIR"
force_update_on_repair = "NO"
}
standby_policy {
initial_delay_sec = 0
mode = "MANUAL"
}
update_policy {
instance_redistribution_type = "PROACTIVE"
max_surge_fixed = 3
max_surge_percent = 0
max_unavailable_fixed = 3
max_unavailable_percent = 0
minimal_action = "REPLACE"
most_disruptive_allowed_action = null
replacement_method = "SUBSTITUTE"
type = "OPPORTUNISTIC"
}
version {
instance_template = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
name = null
}
}
# module.iam.google_project_iam_member.sa_roles["roles/compute.instanceAdmin.v1"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHji696A="
id = "school-478713/roles/compute.instanceAdmin.v1/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/compute.instanceAdmin.v1"
}
# module.iam.google_project_iam_member.sa_roles["roles/iam.serviceAccountKeyAdmin"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHjk9BHc="
id = "school-478713/roles/iam.serviceAccountKeyAdmin/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/iam.serviceAccountKeyAdmin"
}
# module.iam.google_project_iam_member.sa_roles["roles/iam.serviceAccountUser"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHji696A="
id = "school-478713/roles/iam.serviceAccountUser/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/iam.serviceAccountUser"
}
# module.iam.google_service_account.terraform_sa:
resource "google_service_account" "terraform_sa" {
account_id = "terraform-runner"
description = null
disabled = false
display_name = "Terraform SA for TP"
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
name = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
unique_id = "109555358132192646146"
}
# module.iam.google_service_account_key.terraform_sa_key:
resource "google_service_account_key" "terraform_sa_key" {
id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com/keys/a195dd2068cce9583141e3585c6b11b6078df475"
keepers = {
"display_name" = "Terraform SA for TP"
}
key_algorithm = "KEY_ALG_RSA_2048"
name = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com/keys/a195dd2068cce9583141e3585c6b11b6078df475"
private_key = (sensitive value)
private_key_type = "TYPE_GOOGLE_CREDENTIALS_FILE"
public_key = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvVENDQWVXZ0F3SUJBZ0lKQUlpeGpWNEtTNThSTUEwR0NTcUdTSWIzRFFFQkJRVUFNQ0F4SGpBY0JnTlYKQkFNTUZURXdPVFUxTlRNMU9ERXpNakU1TWpZME5qRTBOakFnRncweU5URXlNRFF4TURVNU1qZGFHQTg1T1RrNQpNVEl6TVRJek5UazFPVm93SURFZU1Cd0dBMVVFQXd3Vk1UQTVOVFUxTXpVNE1UTXlNVGt5TmpRMk1UUTJNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEwdUpVMFh1TUZtNDBhS1hUd2tWKzdhY2oKbUJlcW9IWUxpZGt2dXA3Y3B5elRrVFg1NXFaWFBHY2JobGlZQStWTitYbWpBeFp6aXloQnJQWVNZWjd1MUlBbgpkb0VJTlNrbEd5eVlaV0pnSWpKaXNKcEg5UVFPWkloTnNrMHV2bjNRNjA2WTN3bXFrWEF6Rms1K3ZSdnVYaTV6CjVVcnBtcmE0YmI0RzNDUjIrRko4QUhZRVRyQzR0ODMrR3E5S3ZramthQ0NaV1NJZ3FXUi95R2NwejAwK29UUjEKeVNHeEl6TlA5bkM0eTNiSDF4blpJc0FjSmhqM2hHRXZqQjVVTEN0NGUvNDNUbUpLblR5bVRkWTdkZXFUL3RPZQpzTnhaZmE0akVQOVk3ZVdoY1NhbW1sNW90YUZIZ0poYm5jZ3pKV0hydDhCdU9wUStlSUxZOVU4V05TaXZud0lECkFRQUJvemd3TmpBTUJnTlZIUk1CQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVdCZ05WSFNVQkFmOEUKRERBS0JnZ3JCZ0VGQlFjREFqQU5CZ2txaGtpRzl3MEJBUVVGQUFPQ0FRRUFQbDFBUjBqMG5POWF6Nkd4dENRUQpnMnRMWEZlcWs4OXJEc3FHQXVzOTZ0aXA5TTE5Q0wzLzdaK2tXREtScTRmZXVEU3d2NFVwK3NLazhrd2FZbnNiCnVDcGI1cHBMaytzOWNkV0tqNGNTKzE5Z1JuaTNGa0NsdGtIZEptQ2d6bjZUYkU5U25GUWxhSU95ZWFVRDR4OWEKWHd2cVZiSDdGQkExdTZJcndHVGNHQVJueXlzWjlMRWtnKzlhMlZnSjBybWpLZC83bnQ0YklFbWwzMEZ6dTdQZQpIQ0pOMGkxL1FjSjJCWHFkUmJ1YkFQUUpXZGlwQjdkYjZXVy9kRElMc29WTzNVTko4WG5RQ0VLbXZGNXZybEZ2Cm1kQXI2TWFETEFQMkNsUkdyOUtEMVRVZ3N1d25uN3BpR2dPem5qVE9XK2kzb0xxSXM1YVk1Si92Z1hLK2VXd2sKZ0E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
public_key_type = "TYPE_X509_PEM_FILE"
service_account_id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
valid_after = "2025-12-04T10:59:27Z"
valid_before = "9999-12-31T23:59:59Z"
}
# module.network.google_compute_firewall.backend_to_database_3306:
resource "google_compute_firewall" "backend_to_database_3306" {
creation_timestamp = "2025-12-04T02:59:17.642-08:00"
description = "Autorise le trafic TCP 3306 des instances backend vers database"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-backend-database-3306"
name = "school-478713-fw-backend-database-3306"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-backend-database-3306"
source_tags = [
"backend",
]
target_tags = [
"database",
]
allow {
ports = [
"3306",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.frontend_http_https:
resource "google_compute_firewall" "frontend_http_https" {
creation_timestamp = "2025-12-04T02:59:17.462-08:00"
description = "Autorise HTTP/HTTPS vers les instances frontend"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-frontend-http-https"
name = "school-478713-fw-frontend-http-https"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-frontend-http-https"
source_ranges = [
"0.0.0.0/0",
]
target_tags = [
"frontend",
]
allow {
ports = [
"80",
"443",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.frontend_to_backend_8000:
resource "google_compute_firewall" "frontend_to_backend_8000" {
creation_timestamp = "2025-12-04T02:59:17.554-08:00"
description = "Autorise le trafic TCP 8000 des instances frontend vers backend"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-frontend-backend-8000"
name = "school-478713-fw-frontend-backend-8000"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-frontend-backend-8000"
source_tags = [
"frontend",
]
target_tags = [
"backend",
]
allow {
ports = [
"8000",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.ssh_all:
resource "google_compute_firewall" "ssh_all" {
creation_timestamp = "2025-12-04T02:59:17.539-08:00"
description = "Autorise SSH vers toutes les instances du VPC"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-ssh-all"
name = "school-478713-fw-ssh-all"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-ssh-all"
source_ranges = [
"34.79.226.15/32",
]
allow {
ports = [
"22",
]
protocol = "tcp"
}
}
# module.network.google_compute_network.vpc:
resource "google_compute_network" "vpc" {
auto_create_subnetworks = false
bgp_always_compare_med = false
bgp_best_path_selection_mode = "LEGACY"
bgp_inter_region_cost = null
delete_default_routes_on_create = false
description = null
enable_ula_internal_ipv6 = false
gateway_ipv4 = null
id = "projects/school-478713/global/networks/school-478713-vpc"
internal_ipv6_range = null
mtu = 0
name = "school-478713-vpc"
network_firewall_policy_enforcement_order = "AFTER_CLASSIC_FIREWALL"
network_id = "2560302305410602880"
network_profile = null
numeric_id = "2560302305410602880"
project = "school-478713"
routing_mode = "REGIONAL"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
}
# module.network.google_compute_router.nat_router:
resource "google_compute_router" "nat_router" {
creation_timestamp = "2025-12-04T02:59:17.474-08:00"
description = null
encrypted_interconnect_router = false
id = "projects/school-478713/regions/europe-west1/routers/school-478713-nat-router"
name = "school-478713-nat-router"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/routers/school-478713-nat-router"
}
# module.network.google_compute_router_nat.nat:
resource "google_compute_router_nat" "nat" {
drain_nat_ips = []
enable_dynamic_port_allocation = false
enable_endpoint_independent_mapping = false
endpoint_types = [
"ENDPOINT_TYPE_VM",
]
icmp_idle_timeout_sec = 30
id = "school-478713/europe-west1/school-478713-nat-router/school-478713-cloud-nat"
max_ports_per_vm = 0
min_ports_per_vm = 0
name = "school-478713-cloud-nat"
nat_ip_allocate_option = "AUTO_ONLY"
nat_ips = []
project = "school-478713"
region = "europe-west1"
router = "school-478713-nat-router"
source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
source_subnetwork_ip_ranges_to_nat64 = null
tcp_established_idle_timeout_sec = 1200
tcp_time_wait_timeout_sec = 120
tcp_transitory_idle_timeout_sec = 30
type = "PUBLIC"
udp_idle_timeout_sec = 30
subnetwork {
name = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
secondary_ip_range_names = []
source_ip_ranges_to_nat = [
"ALL_IP_RANGES",
]
}
subnetwork {
name = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
secondary_ip_range_names = []
source_ip_ranges_to_nat = [
"ALL_IP_RANGES",
]
}
}
# module.network.google_compute_subnetwork.backend:
resource "google_compute_subnetwork" "backend" {
creation_timestamp = "2025-12-04T02:59:17.731-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.2.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.2.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-backend-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 7034706132377327466
}
# module.network.google_compute_subnetwork.database:
resource "google_compute_subnetwork" "database" {
creation_timestamp = "2025-12-04T02:59:18.141-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.3.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.3.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-database-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 8978704791217428329
}
# module.network.google_compute_subnetwork.frontend:
resource "google_compute_subnetwork" "frontend" {
creation_timestamp = "2025-12-04T02:59:17.792-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.1.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.1.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-frontend-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 8148950743519123306
}
Outputs:
backend_internal_ip = "10.0.2.2"
database_internal_ip = "10.0.3.2"
frontend_internal_ip = "10.0.1.2"
frontend_public_ip = "34.14.84.37"
service_account_email = "terraform-runner@school-478713.iam.gserviceaccount.com"
service_account_key = (sensitive value)
resource "google_compute_instance" "backend" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.059-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "backend"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/backend-b"
instance_id = "8416510425622697844"
key_revocation_action_type = null
label_fingerprint = "v0RejeymZsc="
labels = {
"tier" = "backend"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "backend-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/backend-b"
tags = [
"backend",
"ssh",
]
tags_fingerprint = "N2bbCLFli_k="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "backend"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/backend-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 10
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.2.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
subnetwork_project = "school-478713"
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance.database:
resource "google_compute_instance" "database" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.466-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "database"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/database-b"
instance_id = "1015907451034982259"
key_revocation_action_type = null
label_fingerprint = "8TRgYIRYvzM="
labels = {
"tier" = "database"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "database-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/database-b"
tags = [
"database",
"ssh",
]
tags_fingerprint = "22sTRfPQYj4="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "database"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/database-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 20
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.3.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
subnetwork_project = "school-478713"
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance.frontend:
resource "google_compute_instance" "frontend" {
can_ip_forward = false
cpu_platform = "Intel Broadwell"
creation_timestamp = "2025-12-04T02:59:40.163-08:00"
current_status = "RUNNING"
deletion_protection = false
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
enable_display = false
hostname = null
id = "projects/school-478713/zones/europe-west1-b/instances/frontend-b"
instance_id = "8158722648816015220"
key_revocation_action_type = null
label_fingerprint = "UVCi664tBXg="
labels = {
"tier" = "frontend"
}
machine_type = "e2-small"
metadata = {
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "M6ECk_udM9A="
min_cpu_platform = null
name = "frontend-b"
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/instances/frontend-b"
tags = [
"frontend",
"ssh",
]
tags_fingerprint = "sermMtqzdso="
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
zone = "europe-west1-b"
boot_disk {
auto_delete = true
device_name = "persistent-disk-0"
disk_encryption_key_raw = (sensitive value)
disk_encryption_key_rsa = (sensitive value)
disk_encryption_key_sha256 = null
disk_encryption_service_account = null
force_attach = false
guest_os_features = [
"UEFI_COMPATIBLE",
"VIRTIO_SCSI_MULTIQUEUE",
"GVNIC",
]
interface = null
kms_key_self_link = null
mode = "READ_WRITE"
source = "https://www.googleapis.com/compute/v1/projects/school-478713/zones/europe-west1-b/disks/frontend-b"
initialize_params {
architecture = "X86_64"
enable_confidential_compute = false
image = "https://www.googleapis.com/compute/v1/projects/debian-cloud/global/images/debian-11-bullseye-v20251111"
labels = {}
provisioned_iops = 0
provisioned_throughput = 0
resource_policies = []
size = 10
snapshot = null
storage_pool = null
type = "pd-standard"
}
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_attachment = null
network_ip = "10.0.1.2"
nic_type = null
queue_count = 0
stack_type = "IPV4_ONLY"
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
subnetwork_project = "school-478713"
access_config {
nat_ip = "34.14.84.37"
network_tier = "PREMIUM"
public_ptr_domain_name = null
}
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
shielded_instance_config {
enable_integrity_monitoring = true
enable_secure_boot = false
enable_vtpm = true
}
}
# module.compute.google_compute_instance_template.frontend_template:
resource "google_compute_instance_template" "frontend_template" {
can_ip_forward = false
creation_timestamp = "2025-12-04T02:59:40.999-08:00"
description = null
effective_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
id = "projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
instance_description = null
key_revocation_action_type = null
labels = {
"tier" = "frontend"
}
machine_type = "e2-small"
metadata = {
"custom-value" = "custom-metadata"
"enable-oslogin" = "TRUE"
"ssh-keys" = "ssh-ed25519 AAAA... user@example.com"
}
metadata_fingerprint = "UbBqyPiXsA0="
min_cpu_platform = null
name = "school-478713-frontend-template"
numeric_id = "6691436914263512948"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
self_link_unique = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template?uniqueId=6691436914263512948"
tags = [
"frontend",
"ssh",
]
tags_fingerprint = null
terraform_labels = {
"goog-terraform-provisioned" = "true"
"tier" = "frontend"
}
disk {
architecture = null
auto_delete = true
boot = true
device_name = "persistent-disk-0"
disk_name = null
disk_size_gb = 0
disk_type = "pd-standard"
interface = null
mode = "READ_WRITE"
provisioned_iops = 0
provisioned_throughput = 0
source = null
source_image = "projects/debian-cloud/global/images/family/debian-11"
source_snapshot = null
type = "PERSISTENT"
}
network_interface {
internal_ipv6_prefix_length = 0
ipv6_access_type = null
ipv6_address = null
name = "nic0"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
network_ip = null
nic_type = null
queue_count = 0
stack_type = null
subnetwork = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
subnetwork_project = "school-478713"
access_config {
nat_ip = null
network_tier = "PREMIUM"
public_ptr_domain_name = null
}
}
scheduling {
automatic_restart = true
availability_domain = 0
instance_termination_action = null
min_node_cpus = 0
on_host_maintenance = "MIGRATE"
preemptible = false
provisioning_model = "STANDARD"
termination_time = null
}
service_account {
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
scopes = [
"https://www.googleapis.com/auth/compute.readonly",
"https://www.googleapis.com/auth/userinfo.email",
]
}
}
# module.compute.google_compute_region_instance_group_manager.frontend_mig:
resource "google_compute_region_instance_group_manager" "frontend_mig" {
base_instance_name = "frontend"
creation_timestamp = "2025-12-04T02:59:42.512-08:00"
description = null
distribution_policy_target_shape = "EVEN"
distribution_policy_zones = [
"europe-west1-b",
"europe-west1-c",
"europe-west1-d",
]
fingerprint = "pNdTknoSv6w="
id = "projects/school-478713/regions/europe-west1/instanceGroupManagers/school-478713-frontend-mig"
instance_group = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/instanceGroups/school-478713-frontend-mig"
instance_group_manager_id = 790514855900403569
list_managed_instances_results = "PAGELESS"
name = "school-478713-frontend-mig"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/instanceGroupManagers/school-478713-frontend-mig"
status = [
{
all_instances_config = [
{
current_revision = null
effective = true
},
]
is_stable = false
stateful = [
{
has_stateful_config = false
per_instance_configs = [
{
all_effective = true
},
]
},
]
version_target = [
{
is_reached = true
},
]
},
]
target_size = 2
target_stopped_size = 0
target_suspended_size = 0
wait_for_instances = false
wait_for_instances_status = "STABLE"
instance_lifecycle_policy {
default_action_on_failure = "REPAIR"
force_update_on_repair = "NO"
}
standby_policy {
initial_delay_sec = 0
mode = "MANUAL"
}
update_policy {
instance_redistribution_type = "PROACTIVE"
max_surge_fixed = 3
max_surge_percent = 0
max_unavailable_fixed = 3
max_unavailable_percent = 0
minimal_action = "REPLACE"
most_disruptive_allowed_action = null
replacement_method = "SUBSTITUTE"
type = "OPPORTUNISTIC"
}
version {
instance_template = "https://www.googleapis.com/compute/v1/projects/school-478713/global/instanceTemplates/school-478713-frontend-template"
name = null
}
}
# module.iam.google_project_iam_member.sa_roles["roles/compute.instanceAdmin.v1"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHji696A="
id = "school-478713/roles/compute.instanceAdmin.v1/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/compute.instanceAdmin.v1"
}
# module.iam.google_project_iam_member.sa_roles["roles/iam.serviceAccountKeyAdmin"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHjk9BHc="
id = "school-478713/roles/iam.serviceAccountKeyAdmin/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/iam.serviceAccountKeyAdmin"
}
# module.iam.google_project_iam_member.sa_roles["roles/iam.serviceAccountUser"]:
resource "google_project_iam_member" "sa_roles" {
etag = "BwZFHji696A="
id = "school-478713/roles/iam.serviceAccountUser/serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
role = "roles/iam.serviceAccountUser"
}
# module.iam.google_service_account.terraform_sa:
resource "google_service_account" "terraform_sa" {
account_id = "terraform-runner"
description = null
disabled = false
display_name = "Terraform SA for TP"
email = "terraform-runner@school-478713.iam.gserviceaccount.com"
id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
member = "serviceAccount:terraform-runner@school-478713.iam.gserviceaccount.com"
name = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
project = "school-478713"
unique_id = "109555358132192646146"
}
# module.iam.google_service_account_key.terraform_sa_key:
resource "google_service_account_key" "terraform_sa_key" {
id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com/keys/a195dd2068cce9583141e3585c6b11b6078df475"
keepers = {
"display_name" = "Terraform SA for TP"
}
key_algorithm = "KEY_ALG_RSA_2048"
name = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com/keys/a195dd2068cce9583141e3585c6b11b6078df475"
private_key = (sensitive value)
private_key_type = "TYPE_GOOGLE_CREDENTIALS_FILE"
public_key = "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUMvVENDQWVXZ0F3SUJBZ0lKQUlpeGpWNEtTNThSTUEwR0NTcUdTSWIzRFFFQkJRVUFNQ0F4SGpBY0JnTlYKQkFNTUZURXdPVFUxTlRNMU9ERXpNakU1TWpZME5qRTBOakFnRncweU5URXlNRFF4TURVNU1qZGFHQTg1T1RrNQpNVEl6TVRJek5UazFPVm93SURFZU1Cd0dBMVVFQXd3Vk1UQTVOVFUxTXpVNE1UTXlNVGt5TmpRMk1UUTJNSUlCCklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUEwdUpVMFh1TUZtNDBhS1hUd2tWKzdhY2oKbUJlcW9IWUxpZGt2dXA3Y3B5elRrVFg1NXFaWFBHY2JobGlZQStWTitYbWpBeFp6aXloQnJQWVNZWjd1MUlBbgpkb0VJTlNrbEd5eVlaV0pnSWpKaXNKcEg5UVFPWkloTnNrMHV2bjNRNjA2WTN3bXFrWEF6Rms1K3ZSdnVYaTV6CjVVcnBtcmE0YmI0RzNDUjIrRko4QUhZRVRyQzR0ODMrR3E5S3ZramthQ0NaV1NJZ3FXUi95R2NwejAwK29UUjEKeVNHeEl6TlA5bkM0eTNiSDF4blpJc0FjSmhqM2hHRXZqQjVVTEN0NGUvNDNUbUpLblR5bVRkWTdkZXFUL3RPZQpzTnhaZmE0akVQOVk3ZVdoY1NhbW1sNW90YUZIZ0poYm5jZ3pKV0hydDhCdU9wUStlSUxZOVU4V05TaXZud0lECkFRQUJvemd3TmpBTUJnTlZIUk1CQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJSGdEQVdCZ05WSFNVQkFmOEUKRERBS0JnZ3JCZ0VGQlFjREFqQU5CZ2txaGtpRzl3MEJBUVVGQUFPQ0FRRUFQbDFBUjBqMG5POWF6Nkd4dENRUQpnMnRMWEZlcWs4OXJEc3FHQXVzOTZ0aXA5TTE5Q0wzLzdaK2tXREtScTRmZXVEU3d2NFVwK3NLazhrd2FZbnNiCnVDcGI1cHBMaytzOWNkV0tqNGNTKzE5Z1JuaTNGa0NsdGtIZEptQ2d6bjZUYkU5U25GUWxhSU95ZWFVRDR4OWEKWHd2cVZiSDdGQkExdTZJcndHVGNHQVJueXlzWjlMRWtnKzlhMlZnSjBybWpLZC83bnQ0YklFbWwzMEZ6dTdQZQpIQ0pOMGkxL1FjSjJCWHFkUmJ1YkFQUUpXZGlwQjdkYjZXVy9kRElMc29WTzNVTko4WG5RQ0VLbXZGNXZybEZ2Cm1kQXI2TWFETEFQMkNsUkdyOUtEMVRVZ3N1d25uN3BpR2dPem5qVE9XK2kzb0xxSXM1YVk1Si92Z1hLK2VXd2sKZ0E9PQotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg=="
public_key_type = "TYPE_X509_PEM_FILE"
service_account_id = "projects/school-478713/serviceAccounts/terraform-runner@school-478713.iam.gserviceaccount.com"
valid_after = "2025-12-04T10:59:27Z"
valid_before = "9999-12-31T23:59:59Z"
}
# module.network.google_compute_firewall.backend_to_database_3306:
resource "google_compute_firewall" "backend_to_database_3306" {
creation_timestamp = "2025-12-04T02:59:17.642-08:00"
description = "Autorise le trafic TCP 3306 des instances backend vers database"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-backend-database-3306"
name = "school-478713-fw-backend-database-3306"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-backend-database-3306"
source_tags = [
"backend",
]
target_tags = [
"database",
]
allow {
ports = [
"3306",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.frontend_http_https:
resource "google_compute_firewall" "frontend_http_https" {
creation_timestamp = "2025-12-04T02:59:17.462-08:00"
description = "Autorise HTTP/HTTPS vers les instances frontend"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-frontend-http-https"
name = "school-478713-fw-frontend-http-https"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-frontend-http-https"
source_ranges = [
"0.0.0.0/0",
]
target_tags = [
"frontend",
]
allow {
ports = [
"80",
"443",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.frontend_to_backend_8000:
resource "google_compute_firewall" "frontend_to_backend_8000" {
creation_timestamp = "2025-12-04T02:59:17.554-08:00"
description = "Autorise le trafic TCP 8000 des instances frontend vers backend"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-frontend-backend-8000"
name = "school-478713-fw-frontend-backend-8000"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-frontend-backend-8000"
source_tags = [
"frontend",
]
target_tags = [
"backend",
]
allow {
ports = [
"8000",
]
protocol = "tcp"
}
}
# module.network.google_compute_firewall.ssh_all:
resource "google_compute_firewall" "ssh_all" {
creation_timestamp = "2025-12-04T02:59:17.539-08:00"
description = "Autorise SSH vers toutes les instances du VPC"
destination_ranges = []
direction = "INGRESS"
disabled = false
id = "projects/school-478713/global/firewalls/school-478713-fw-ssh-all"
name = "school-478713-fw-ssh-all"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
priority = 1000
project = "school-478713"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/firewalls/school-478713-fw-ssh-all"
source_ranges = [
"34.79.226.15/32",
]
allow {
ports = [
"22",
]
protocol = "tcp"
}
}
# module.network.google_compute_network.vpc:
resource "google_compute_network" "vpc" {
auto_create_subnetworks = false
bgp_always_compare_med = false
bgp_best_path_selection_mode = "LEGACY"
bgp_inter_region_cost = null
delete_default_routes_on_create = false
description = null
enable_ula_internal_ipv6 = false
gateway_ipv4 = null
id = "projects/school-478713/global/networks/school-478713-vpc"
internal_ipv6_range = null
mtu = 0
name = "school-478713-vpc"
network_firewall_policy_enforcement_order = "AFTER_CLASSIC_FIREWALL"
network_id = "2560302305410602880"
network_profile = null
numeric_id = "2560302305410602880"
project = "school-478713"
routing_mode = "REGIONAL"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
}
# module.network.google_compute_router.nat_router:
resource "google_compute_router" "nat_router" {
creation_timestamp = "2025-12-04T02:59:17.474-08:00"
description = null
encrypted_interconnect_router = false
id = "projects/school-478713/regions/europe-west1/routers/school-478713-nat-router"
name = "school-478713-nat-router"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
project = "school-478713"
region = "europe-west1"
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/routers/school-478713-nat-router"
}
# module.network.google_compute_router_nat.nat:
resource "google_compute_router_nat" "nat" {
drain_nat_ips = []
enable_dynamic_port_allocation = false
enable_endpoint_independent_mapping = false
endpoint_types = [
"ENDPOINT_TYPE_VM",
]
icmp_idle_timeout_sec = 30
id = "school-478713/europe-west1/school-478713-nat-router/school-478713-cloud-nat"
max_ports_per_vm = 0
min_ports_per_vm = 0
name = "school-478713-cloud-nat"
nat_ip_allocate_option = "AUTO_ONLY"
nat_ips = []
project = "school-478713"
region = "europe-west1"
router = "school-478713-nat-router"
source_subnetwork_ip_ranges_to_nat = "LIST_OF_SUBNETWORKS"
source_subnetwork_ip_ranges_to_nat64 = null
tcp_established_idle_timeout_sec = 1200
tcp_time_wait_timeout_sec = 120
tcp_transitory_idle_timeout_sec = 30
type = "PUBLIC"
udp_idle_timeout_sec = 30
subnetwork {
name = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
secondary_ip_range_names = []
source_ip_ranges_to_nat = [
"ALL_IP_RANGES",
]
}
subnetwork {
name = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
secondary_ip_range_names = []
source_ip_ranges_to_nat = [
"ALL_IP_RANGES",
]
}
}
# module.network.google_compute_subnetwork.backend:
resource "google_compute_subnetwork" "backend" {
creation_timestamp = "2025-12-04T02:59:17.731-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.2.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.2.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-backend-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-backend-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 7034706132377327466
}
# module.network.google_compute_subnetwork.database:
resource "google_compute_subnetwork" "database" {
creation_timestamp = "2025-12-04T02:59:18.141-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.3.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.3.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-database-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-database-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 8978704791217428329
}
# module.network.google_compute_subnetwork.frontend:
resource "google_compute_subnetwork" "frontend" {
creation_timestamp = "2025-12-04T02:59:17.792-08:00"
description = null
external_ipv6_prefix = null
gateway_address = "10.0.1.1"
id = "projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
internal_ipv6_prefix = null
ip_cidr_range = "10.0.1.0/24"
ipv6_access_type = null
ipv6_cidr_range = null
ipv6_gce_endpoint = null
name = "school-478713-frontend-subnet"
network = "https://www.googleapis.com/compute/v1/projects/school-478713/global/networks/school-478713-vpc"
private_ip_google_access = false
private_ipv6_google_access = "DISABLE_GOOGLE_ACCESS"
project = "school-478713"
purpose = "PRIVATE"
region = "europe-west1"
reserved_internal_range = null
role = null
self_link = "https://www.googleapis.com/compute/v1/projects/school-478713/regions/europe-west1/subnetworks/school-478713-frontend-subnet"
stack_type = "IPV4_ONLY"
state = null
subnetwork_id = 8148950743519123306
}
Outputs:
backend_internal_ip = "10.0.2.2"
database_internal_ip = "10.0.3.2"
frontend_internal_ip = "10.0.1.2"
frontend_public_ip = "34.14.84.37"
service_account_email = "terraform-runner@school-478713.iam.gserviceaccount.com"
service_account_key = (sensitive value)