A blueprint is a package of deployable, reusable configuration and policy that implements and documents a specific opinionated solution. For more details see, blueprints overview.
This page provides a list of blueprints/modules that are packaged as Terraform modules and can be used for creating resources for Google Cloud. There are also two end-to-end examples available.
End-to-end blueprints
These end-to-end examples are designed to be forked as a starting point. These examples are not suitable for direct usage in production scenarios:
- Example Foundation - Example repository showing how the CFT modules can be composed to build a secure cloud foundation.
CFT Fabric - This repository includes an advanced example designed for prototyping.
Blueprints/Modules
address - A Terraform module for managing Google Cloud IP addresses.
bastion-host - This module will generate a bastion host VM compatible with OS Login and IAP Tunneling that can be used to access internal VMs.
bigquery - This module lets you create opinionated Google Cloud BigQuery datasets and tables.
bootstrap - A module for bootstrapping Terraform usage in a new Google Cloud organization.
cloud-datastore - A Terraform module to help you to manage Datastore.
cloud-dns - This module makes it easy to create and manage Cloud DNS public or private zones, and their records.
cloud-nat - This module handles opinionated Cloud NAT creation and configuration.
cloud-operations - This module is a collection of submodules related to Google Cloud's operations suite (Logging and Monitoring).
cloud-router - Manage a Cloud Router on Google Cloud
cloud-run - Terraform Module for deploying apps to Cloud Run, along with an option to map custom domain
cloud-storage - This module makes it easy to create one or more Cloud Storage buckets, and assign basic permissions on them to arbitrary users.
composer - Terraform module for managing Cloud Composer
container-vm - This module simplifies deploying containers on Compute Engine instances.
data-fusion - [ALPHA] Terraform module for managing Cloud Data Fusion
dataflow - This module handles opiniated Dataflow job configuration and deployments.
datalab - This module will create DataLab instances with support for GPU instances.
event-function - Terraform module for responding to logging events with a function
folders - This module helps create several folders under the same parent
forseti - A Terraform module for installing Forseti on Google Cloud
gcloud - A module for executing gcloud commands within Terraform.
github-actions-runners - [ALPHA] Module to create self-hosted GitHub Actions Runners on Google Cloud
gke-gitlab - Installs GitLab on GKE
group - A Terraform module for managing Google Groups
healthcare - This module handles opinionated Google Cloud Healthcare datasets and stores.
iam - This Terraform module makes it easier to non-destructively manage multiple IAM roles for resources on Google Cloud.
jenkins -
kms - Simple Cloud Key Management Service module that allows managing a keyring, zero or more keys in the keyring, and IAM role bindings on individual keys.
kubernetes-engine - A Terraform module for configuring GKE clusters.
- acm
- asm
- auth
- beta-private-cluster
- beta-private-cluster-update-variant
- beta-public-cluster
- beta-public-cluster-update-variant
- binary-authorization
- config-sync
- hub
- k8s-operator-crd-support
- private-cluster
- private-cluster-update-variant
- safer-cluster
- safer-cluster-update-variant
- services
- workload-identity
lb - Modular Regional TCP Load Balancer for Compute Engine using target pool and forwarding rule.
lb-http - Modular Global HTTP Load Balancer for Compute Engine using forwarding rules.
lb-internal - Modular Internal Load Balancer for Compute Engine using forwarding rules.
log-export - This module lets you create log exports at the project, folder, or organization level.
memorystore - A Terraform module for creating a fully functional Google Memorystore (redis) instance.
network - A Terraform module that makes it easy to set up a new VPC Network in Google Cloud.
org-policy - A Terraform module for managing Google Cloud org policies.
project-factory - Opinionated Google Cloud project creation and configuration with Shared VPC, IAM, APIs, etc.
pubsub - This module makes it easy to create Pub/Sub topic and subscriptions associated with the topic.
sap - This module is a collection of multiple opinionated submodules to deploy SAP Products.
scheduled-function - This modules makes it easy to set up a scheduled job to trigger events/run functions.
secret -
service-accounts - This module allows easy creation of one or more service accounts, and granting them basic roles.
slo - Create SLOs on Google Cloud from custom Stackdriver metrics. Capability to export SLOs to Google Cloud services and other systems.
sql-db - Modular Cloud SQL database instance for Terraform.
startup-scripts - A library of useful startup scripts to embed in VMs created by Terraform
utils - This module provides a way to get the shortnames for a given Google Cloud region.
vault - Modular deployment of Vault on Google Compute Engine with Terraform
vm - This is a collection of opinionated submodules that can be used to provision VMs in Google Cloud.
vpc-service-controls - This module handles opinionated VPC Service Controls and Access Context Manager configuration and deployments.
vpn - A Terraform Module for setting up Cloud VPN