Setting up AWS infrastructure using terraform and ansible on aws, gcp and azure.

The scripts will create following infrastructure components on all the clouds.

• VPC, to span all the subnets
  • Subnet 1, in AZ1
  • Subnet 2, in AZ2
  • Subnet 3, in AZ3
• Public facing instance in Subnet 1

• to use google cloud cli, use one of the official images from: https://hub.docker.com/r/google/cloud-sdk/
• create a project on GCP
• generate service accounts and corresponding keys with restricted access
• login to gcp using service account keys

$ docker run --name gcloud-config -v $(pat/to/keys/on/host):/keys/ google/cloud-sdk:196.0.0-alpine gcloud auth activate-service-account --key-file=/keys/<key-file>.json
Activated service account credentials for: [<service-account-name>]

• authenticated gcp commands can now be executed from containers

$ sudo docker run --volumes-from gcloud-config google/cloud-sdk:196.0.0-alpine gcloud compute images --project <your-project> list
NAME                                                  PROJECT            FAMILY                            DEPRECATED  STATUS
centos-6-v20180716                                    centos-cloud       centos-6                                      READY
centos-7-v20180716                                    centos-cloud       centos-7                                      READY
...

• to use azure cli, use one of the official images from : https://hub.docker.com/r/microsoft/azure-cli/tags/

• naming convention for extensibility
• IAM roles and access control for VPC and subnets
• define tiers
• different/same VPC for prod/dev/test
  • permissions to be set accordingly