This repository provides a set of bash scripts to automate the creation of fundamental Google Cloud Platform (GCP) resources, forming a base infrastructure for your startup projects. It streamlines the setup of essential services like VPC networking, Cloud SQL, Artifact Registry, Secret Manager, and BigQuery, saving you valuable time and effort in the initial stages of your project. This setup provides a secure and scalable foundation for deploying and managing applications, allowing you to focus on building core features.
there is two other repositories related to this project:
This setup script supports the overall architecture by provisioning the following key components:
- VPC Networking: Creates a Virtual Private Cloud (VPC) network with a subnet, along with firewall rules to secure access via Identity-Aware Proxy (IAP) for SSH and RDP. This provides a secure and isolated environment for your GCP resources.
- Cloud SQL: Sets up a Cloud SQL instance, pre-configured for private connectivity within your VPC network. This allows for secure and performant database access by your applications.
- Artifact Registry: Creates a private Docker repository to store and manage your container images, used by Cloud Build for deployment. This ensures secure and controlled access to your containerized applications.
- Secret Manager: Securely stores sensitive configuration data, like database credentials and API keys, protecting them from unauthorized access.
- BigQuery: Creates a dataset and a sample table for storing application logs or other analytical data. This sets the foundation for data warehousing and business intelligence tasks. An example BigQuery table is created for storing login attempts, which can be visualized with Looker Studio.
- Permissions: Sets up essential IAM roles and permissions, granting Cloud Build the necessary access to deploy and manage resources on your behalf.
- gcloud CLI installed and configured.
- A Google Cloud Project with billing enabled.
-
Clone the repository:
git clone https://github.com/develasquez/gcp-setup-example cd gcp-setup-example -
Customize
00-main_setup.sh:Open the
00-main_setup.shfile and edit the following variables:STARTUP_NAME: Replace with the name of your startup (lowercase, using hyphens instead of spaces).PROJECT_ID: Replace with your Google Cloud Project ID.REGION: Adjust the region if needed (default:southamerica-west1).- Update all variables related to Cloud SQL config
DB_PASS,DB_PORT,DB_NAME,DB_USER AUTH_PLATFORM_KEY: Your Google Identity Platform API key.AUTH_PLATFORM_DOMAIN: Your Google Identity Platform domain. (These are found in the Identity Platform settings in your Google Cloud Console).- Update other variable if needed
-
Run the setup script:
./00-main_setup.sh
The script will execute and create the necessary GCP resources.
The setup process is divided into multiple scripts for better organization:
00-main_setup.sh: This is the main script that orchestrates the entire setup process by calling the individual scripts and defines global variables.01-enable_apis.sh: Enables the required GCP APIs.02-vpc.sh: Creates the VPC network and subnet, along with firewall rules for IAP-secured SSH and RDP access.03-vpc_connector.sh: Creates a dedicated subnet and a VPC connector. This enables serverless services like Cloud Run to access resources within the VPC network.04-artifact_registry.sh: Creates the Artifact Registry repository for Docker images.05-cloud_sql.sh: Sets up the Cloud SQL instance.06-secrets.sh: Creates secrets in Secret Manager to store sensitive configuration values.07-bigquery.sh: Creates the BigQuery dataset and table for login tracking.08-permisions.sh: Sets up IAM permissions to allow Cloud Build to manage your GCP resources.
Contributions are welcome! If you find any issues or have suggestions for improvements, please open a pull request or create an issue in the repository.