Dev/Terraform

LIST

GCP create config account

create config (only once) #show state before gcloud config configurations list gcloud config configurations create "MY_PROFILE" export CLOUDSDK_ACTIVE_CONFIG_NAME="MY_PROFILE" gcloud config set core/project "MY_GCP_PROJECT" gcloud config set core/account "MY_EMAIL" #show state after gcloud config configurations list use config (every terminal session) # choose project export CLOUDSDK_ACTIVE_CONFIG_NAME="MY_PROFILE" # login (valid for about an hour) export GOOGLE_OAUTH_ACCESS_TOKEN="$(gcloud auth print-access-token)"

March 10, 2023

run terraform as a service account

grant permission to a group / user resource "google_service_account_iam_member" "allow_us_to_impersonate" { service_account_id = google_service_account.service_account.id role = "roles/iam.serviceAccountTokenCreator" member = "group:GOOGLE_GROUP_EMAIL" } run terraform as a service account # run as service account export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT="SERVICE_ACCOUNT_EMAIL" # stop running as service account export GOOGLE_IMPERSONATE_SERVICE_ACCOUNT=""

March 10, 2023

terraform & GCP

How to login: don’t use a downloaded credential file https://jryancanty.medium.com/stop-downloading-google-cloud-service-account-keys-1811d44a97d9 instead export GOOGLE_OAUTH_ACCESS_TOKEN="$(gcloud auth print-access-token)" or SERVICE_ACCOUNT="your-service-account-email" export GOOGLE_OAUTH_ACCESS_TOKEN="$(gcloud --impersonate-service-account="${SERVICE_ACCOUNT}" auth print-access-token)" followed by your terraform commands or have a look at my automated setup https://github.com/TjenWellens/docker-alias Also related to terraform: my terraform gcp setup template: https://github.com/TjenWellens/template-tf-gcp-init

July 3, 2022

Project: Blog v3

The limitations of postachio started to become too constraining for my blog/wiki. After reaching out to them and getting no reply, I decided to build it myself. Inspired by Thoughtworks Radar’s ‘headless CMS’ (eg. contentful) ‘JAMstack’ (eg. gatsby)

December 1, 2020

Project: zero downtime DNS migration

zero downtime ‘refactoring’ of domain name (DNS etc)

November 1, 2020