Provision Google SecOps resources with Terraform
HashiCorp Terraform is an infrastructure-as-code (IaC) tool that lets you provision and manage cloud infrastructure. Terraform provides plugins calledproviders that let you interact with cloud providers and other APIs. You can use theTerraform provider for Google Cloud to provision and manage Google Cloud resources, including Google SecOps.
This page introduces you to using Terraform with Google SecOps, including an introduction to how Terraform works and some resources to help you get started using Terraform with Google Cloud. You'll also find links to Terraform reference docs for Google SecOps, code examples, and guides for using Terraform to provision Google SecOps resources.
For instructions on how to get started with Terraform for Google Cloud, seeInstall and configure Terraform or theTerraform for Google Cloud quickstart.
How Terraform works
Terraform has a declarative and configuration-oriented syntax, which you can use to describe the infrastructure that you want to provision in your Google Cloud project. After you author this configuration in one or more Terraform configuration files, you can use the Terraform CLI to apply this configuration to your Google SecOps resources.
The following steps explain how Terraform works:
- You describe the infrastructure you want to provision in aTerraform configuration file. You don't need to write code describing how to provision the infrastructure. Terraform provisions the infrastructure for you.
- You run the
terraform plancommand, which evaluates your configuration and generates an execution plan. You can review the plan and make changes as needed. You run the
terraform applycommand, which performs the following actions:- It provisions your infrastructure based on your execution plan by invoking the corresponding Google SecOps APIs in the background.
- It creates aTerraform state file, which is a JSON file that maps the resources in your configuration file to the resources in the real-world infrastructure. Terraform uses this file to keep a record of the most recent state of your infrastructure, and to determine when to create, update, and destroy resources.
When you run
terraform apply, Terraform uses the mapping in the state file to compare the existing infrastructure to the code, and make updates as necessary:- If a resource object is defined in the configuration file, but doesn't exist in the state file, Terraform creates it.
- If a resource object exists in the state file, but has a different configuration from your configuration file, Terraform updates the resource to match your configuration file.
- If a resource object in the state file matches your configuration file, Terraform leaves the resource unchanged.
Terraform resources for Google SecOps
Resources are the fundamental elements in the Terraform language. Eachresource block describes one or more infrastructure objects, such as virtualnetworks or compute instances.
The following table lists the Terraform resources available forGoogle SecOps:
| Google SecOps service | Terraform resources |
|---|---|
| Chronicle API - v1beta | |
| Chronicle API - v1 |
What's next
- Terraform on Google Cloud documentation
- Google Cloud provider documentation in HashiCorp
- Infrastructure as code for Google Cloud
Except as otherwise noted, the content of this page is licensed under theCreative Commons Attribution 4.0 License, and code samples are licensed under theApache 2.0 License. For details, see theGoogle Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-02-19 UTC.