In this quickstart, you learn how to use Terraform to create a Compute EngineVirtual Machine (VM) instance and connect to that VM instance.

Hashicorp Terraform is an Infrastructure as code (IaC) tool that lets youprovision and manage cloud infrastructure.Terraform provider forGoogle Cloud (Google Cloud provider) lets you provision andmanage Google Cloud infrastructure.

Before you begin

1. To use an online terminal with the gcloud CLI and Terraformalready set up, activate Cloud Shell:

   At the bottom of this page, a Cloud Shell session starts anddisplays a command-line prompt. It can take a few seconds for the session toinitialize.

2. Create or select a Google Cloud project.

   Roles required to select or create a project

   • Select a project: Selecting a project doesn't require a specific IAM role—you can select any project that you've been granted a role on.
   • Create a project: To create a project, you need the Project Creator role (roles/resourcemanager.projectCreator), which contains theresourcemanager.projects.create permission.Learn how to grant roles.
   Note: If you don't plan to keep the resources that you create in this procedure, create a project instead of selecting an existing project. After you finish these steps, you can delete the project, removing all resources associated with the project.

   • Create a Google Cloud project:

     gcloud projects createPROJECT_ID

     ReplacePROJECT_ID with a name for the Google Cloud project you are creating.

   • Select the Google Cloud project that you created:

     gcloud config set projectPROJECT_ID

     ReplacePROJECT_ID with your Google Cloud project name.

3. Verify that billing is enabled for your Google Cloud project.

4. Enable the Compute Engine API:

   Roles required to enable APIs

   To enable APIs, you need the Service Usage Admin IAM role (roles/serviceusage.serviceUsageAdmin), which contains theserviceusage.services.enable permission.Learn how to grant roles.

   gcloudservicesenablecompute.googleapis.com

5. Grant roles to your user account. Run the following command once for each of the following IAM roles:roles/compute.instanceAdmin.v1

   gcloudprojectsadd-iam-policy-bindingPROJECT_ID--member="user:USER_IDENTIFIER"--role=ROLE

   Replace the following:

   • PROJECT_ID: Your project ID.
   • USER_IDENTIFIER: The identifier for your user account. For examples, see Represent workforce pool users in IAM policies.
   • ROLE: The IAM role that you grant to your user account.

Prepare the environment

1. Clone the GitHub repository containing Terraform samples:

   gitclonehttps://github.com/terraform-google-modules/terraform-docs-samples.git--single-branch

2. Go to the directory that contains the quickstart sample:

   cdterraform-docs-samples/compute/quickstart/create_vm

Review the Terraform files

Review themain.tf file. This file defines the Google Cloudresources that you want to create.

catmain.tf

The output is similar to the following

resource "google_compute_instance" "default" {  name         = "my-vm"  machine_type = "n1-standard-1"  zone         = "us-central1-a"  boot_disk {    initialize_params {      image = "ubuntu-minimal-2210-kinetic-amd64-v20230126"    }  }  network_interface {    network = "default"    access_config {}  }}

This file describes thegoogle_compute_instance resource, which is the Terraform resource for theCompute Engine VM instance.google_compute_instance is configured tohave the following properties:

• name is set tomy-vm.
• machine_type is set ton1-standard-1.
• zone is set tous-central1-a.
• boot_disk sets the boot disk for the instance.
• network_interface is set to use the default network in yourGoogle Cloud project.

Create the Compute Engine VM instance

1. In Cloud Shell, run the following command to verify that Terraformis available:

   terraform

   The output should be similar to the following:

   Usage:terraform[globaloptions]<subcommand>[args]Theavailablecommandsforexecutionarelistedbelow.Theprimaryworkflowcommandsaregivenfirst,followedbylesscommonormoreadvancedcommands.Maincommands:initPrepareyourworkingdirectoryforothercommandsvalidateCheckwhethertheconfigurationisvalidplanShowchangesrequiredbythecurrentconfigurationapplyCreateorupdateinfrastructuredestroyDestroypreviously-createdinfrastructure

2. Initialize Terraform by running the following command. This command preparesyour workspace so Terraform can apply your configuration.

   terraforminit

   The output should be similar to the following:

   Initializingthebackend...Initializingproviderplugins...-Findinglatestversionofhashicorp/google...-Installinghashicorp/googlev5.35.0...-Installedhashicorp/googlev5.35.0(signedbyHashiCorp)Terraformhascreatedalockfile.terraform.lock.hcltorecordtheproviderselectionsitmadeabove.IncludethisfileinyourversioncontrolrepositorysothatTerraformcanguaranteetomakethesameselectionsbydefaultwhenyourun"terraform init"inthefuture.Terraformhasbeensuccessfullyinitialized!

3. Validate the Terraform configuration by running the following command.This command takes the following actions:

   • Verifies that the syntax ofmain.tf is correct.
   • Shows a preview of the resources that will be created.

   terraformplan

   The output should be similar to the following:

   Plan:1toadd,0tochange,0todestroy.Note:Youdidn't use the -out option to save this plan, so Terraform can'tguaranteetotakeexactlytheseactionsifyourun"terraform apply"now.

4. Apply the configuration to provision resources described in themain.tffile:

   terraformapply

   When prompted, enteryes.

   Terraform calls Google Cloud APIs to create the VM instance defined inthemain.tf file.

   The output should be similar to the following:

   Applycomplete!Resources:1added,0changed,0destroyed

Connect to the VM instance

Connect to the VM instance you just created by running the following command:

gcloudcomputessh--zone=us-central1-amy-vm

Clean up

To avoid incurring charges to your Google Cloud account for the resources used on this page, delete the Google Cloud project with the resources.

In Cloud Shell, run the following command to delete the Terraformresources:

terraformdestroy

When prompted, enteryes.

The output should be similar to the following:

Destroycomplete!Resources:1destroyed.

What's next

• Learn how todeploy a basic Flask web server using Terraform.
• Learn how tostore Terraform state in a Cloud Storage bucket.