Blueprints and modules help you automate provisioning and managing Google Cloud resources at scale.
A module is a reusable set of Terraform configuration files that creates a logical abstraction of Terraform resources.
A blueprint is a package of deployable, reusable modules and policy that implements and documents a specific opinionated solution. Deployable configuration for all Terraform blueprints are packaged as Terraform modules.
Category | Blueprints and modules | Description |
---|---|---|
End-to-end, Data analytics | ai-notebook | Demonstrates how to protect confidential data in Vertex AI Workbench notebooks |
Data analytics, End-to-end | crmint | Deploy the marketing analytics application, CRMint |
End-to-end, Operations | enterprise-application | Deploy an enterprise developer platform on Google Cloud |
End-to-end, Operations | example-foundation | Shows how the CFT modules can be composed to build a secure cloud foundation |
End-to-end | fabric | Provides advanced examples designed for prototyping |
Developer tools, End-to-end, Security and identity | secure-cicd | Builds a secure CI/CD pipeline on Google Cloud |
End-to-end, Data analytics | secured-data-warehouse | Deploys a secured BigQuery data warehouse |
Data analytics, End-to-end, Security and identity | secured-data-warehouse-onprem-ingest | Deploys a secured data warehouse variant for ingesting encrypted data from on-prem sources |
End-to-end | vertex-mlops | Create a Vertex AI environment needed for MLOps |
Networking | address | Manages Google Cloud IP addresses |
Databases | alloy-db | Creates an AlloyDB for PostgreSQL instance |
Data analytics | analytics-lakehouse | Deploys a Lakehouse Architecture Solution |
Compute | anthos-vm | Creates VMs on Google Distributed Cloud clusters |
Containers, Developer tools | artifact-registry | Create and manage Artifact Registry repositories |
Developer tools, Operations, Security and identity | bastion-host | Generates a bastion host VM compatible with OS Login and IAP tunneling that can be used to access internal VMs |
Compute, Operations | backup-dr | Deploy Backup and DR appliances |
Data analytics | bigquery | Creates opinionated BigQuery datasets and tables |
Developer tools, Operations | bootstrap | Bootstraps Terraform usage and related CI/CD in a new Google Cloud organization |
Compute, Networking | cloud-armor | Deploy Google Cloud Armor security policy |
Databases | cloud-datastore | Manages Datastore |
Developer tools | cloud-deploy | Create Cloud Deploy pipelines and targets |
Networking | cloud-dns | Creates and manages Cloud DNS public or private zones and their records |
Serverless computing | cloud-functions | Deploys Cloud Run functions (Gen 2) |
Networking, Security and identity | cloud-ids | Deploys a Cloud IDS instance and associated resources |
Networking | cloud-nat | Creates and configures Cloud NAT |
Operations | cloud-operations | Manages Cloud Logging and Cloud Monitoring |
Networking | cloud-router | Manages a Cloud Router on Google Cloud |
Serverless computing | cloud-run | Deploys apps to Cloud Run, along with option to map custom domain |
Databases | cloud-spanner | Deploys Spanner instances |
Storage | cloud-storage | Creates one or more Cloud Storage buckets and assigns basic permissions on them to arbitrary users |
Developer tools, Serverless computing | cloud-workflows | Manage Workflows with optional Cloud Scheduler or Eventarc triggers |
End-to-end, Data analytics, Operations | composer | Manages Cloud Composer v1 and v2 along with option to manage networking |
Compute, Containers | container-vm | Deploys containers on Compute Engine instances |
Data analytics | data-fusion | Manages Cloud Data Fusion |
Data analytics | dataflow | Handles opinionated Dataflow job configuration and deployments |
Data analytics | datalab | Creates DataLab instances with support for GPU instances |
Data analytics | dataplex-auto-data-quality | Move data between environments using Dataplex |
Serverless computing | event-function | Responds to logging events with a Cloud Run functions |
Developer tools | folders | Creates several Google Cloud folders under the same parent |
Developer tools | gcloud | Executes Google Cloud CLI commands within Terraform |
Developer tools | github-actions-runners | Creates self-hosted GitHub Actions Runners on Google Cloud |
Developer tools | gke-gitlab | Installs GitLab on Kubernetes Engine |
Workspace | group | Manages Google Groups |
Operations, Workspace | gsuite-export | Creates a Compute Engine VM instance and sets up a cronjob to export Google Workspace Admin SDK data to Cloud Logging on a schedule |
Healthcare and life sciences | healthcare | Handles opinionated Google Cloud Healthcare datasets and stores |
Security and identity | iam | Manages multiple IAM roles for resources on Google Cloud |
Developer tools | jenkins | Creates a Compute Engine instance running Jenkins |
Security and identity | kms | Allows managing a keyring, zero or more keys in the keyring, and IAM role bindings on individual keys |
Compute, Containers | kubernetes-engine | Configures opinionated GKE clusters |
Networking | lb | Creates a regional TCP proxy load balancer for Compute Engine by using target pools and forwarding rules |
Networking | lb-http | Creates a global HTTP load balancer for Compute Engine by using forwarding rules |
Networking | lb-internal | Creates an internal load balancer for Compute Engine by using forwarding rules |
Networking | load-balanced-vms | Creates a managed instance group with a load balancer |
Data analytics | log-analysis | Stores and analyzes log data |
Operations | log-export | Creates log exports at the project, folder, or organization level |
Operations | media-cdn-vod | Deploys Media CDN video-on-demand |
Databases | memorystore | Creates a fully functional Google Memorystore (redis) instance |
Compute, Networking | netapp-volumes | Deploy Google Cloud NetApp Volumes |
Networking | network | Sets up a new VPC network on Google Cloud |
Networking | network-forensics | Deploys Zeek on Google Cloud |
Security and identity | org-policy | Manages Google Cloud organization policies |
Networking | out-of-band-security-3P | Creates a 3P out-of-band security appliance deployment |
Operations | project-factory | Creates an opinionated Google Cloud project by using Shared VPC, IAM, and Google Cloud APIs |
Data analytics | Pub/Sub | Creates Pub/Sub topic and subscriptions associated with the topic |
Compute | sap | Deploys SAP products |
Serverless computing | scheduled-function | Sets up a scheduled job to trigger events and run functions |
Security and identity | secret-manager | Creates one or more Google Secret Manager secrets and manages basic permissions for them |
Networking, Security and identity | secure-web-proxy | Create and manage Secure Web Proxy on Google Cloud for secured egress web traffic |
Security and identity | service-accounts | Creates one or more service accounts and grants them basic roles |
Operations | slo | Creates SLOs on Google Cloud from custom Stackdriver metrics capability to export SLOs to Google Cloud services and other systems |
Databases | sql-db | Creates a Cloud SQL database instance |
Compute | startup-scripts | Provides a library of useful startup scripts to embed in VMs |
Operations, Security and identity | tags | Create and manage Google Cloud Tags |
Developer tools, Operations, Security and identity | tf-cloud-agents | Creates self-hosted Terraform Cloud Agent on Google Cloud |
Databases, Serverless computing | three-tier-web-app | Deploys a three-tier web application using Cloud Run and Cloud SQL |
Operations | utils | Gets the short names for a given Google Cloud region |
Developer tools, Operations, Security and identity | vault | Deploys Vault on Compute Engine |
Compute | vm | Provisions VMs in Google Cloud |
Networking | vpc-service-controls | Handles opinionated VPC Service Controls and Access Context Manager configuration and deployments |
Networking | vpn | Sets up a Cloud VPN gateway |
Operations | waap | Deploys the WAAP solution on Google Cloud |