To work with Infrastructure Manager (Infra Manager), you should be familiar with Terraform. To learn more about Terraform, start with HashiCorp's What is Terraform?.
Infra Manager deploys infrastructure resources and configurations that are defined in a Terraform configuration. These configurations can consist of multiple files and directories but their entrypoint must be a Terraform root module.
Infra Manager uses the term blueprint to refer to a Terraform configuration.
To learn more about Terraform with Google Cloud, see Terraform on Google Cloud.
Terraform modules for Google Cloud
For a set of modules to provision Google Cloud resources, see Terraform blueprints and modules for Google Cloud.
You can also create your own Terraform modules for Google Cloud. For more details, see Creating Modules.
Supported Terraform versions
Infra Manager supports the following Terraform versions:
- Terraform version 1.2.3
- Terraform version 1.3.10
- Terraform version 1.4.7
- Terraform version 1.5.7
You can use the flag --tf-version-constraint
to specify the version of
Terraform that Infra Manager uses to
create a deployment.
If you don't specify a version of Terraform, the latest support version is used by default.
When updating a deployment, you can change the Terraform version to a later version of Terraform. You cannot change to an earlier supported version of Terraform.
To view the version of Terraform that was used to create a specific deployment or revision, see View details of a deployment and View details of a revision.
Constraints on Terraform configurations
To use Infrastructure Manager to deploy a Terraform configuration, the configuration has the following constraints.
- Don't include personal or sensitive information in Terraform configuration values. For more information, see the following section Terraform configuration values and sensitive data.
- A valid Terraform root module must be provided. Templating or generation of Terraform is not supported.
- The configuration should be actuatable by a supported version of Terraform.
- Backend blocks shouldn't be defined.
- The use of provisioners are not recommended. Use a different solution if possible. See Provisioners are a Last Resort for more details about provisioners. If you are using provisioners, note that the Infra Manager runtime environment can change at any time.
Terraform configuration values and sensitive data
Don't include personal or sensitive information in Terraform configuration values.
The documentation for the Google Cloud provider indicates configuration values that can potentially include sensitive information.
For example, the resource google_storage_bucket_object
allows
creation of a Cloud Storage object using the content
argument. This
argument is labeled as sensitive on the
google_storage_bucket_object
page of the Google Cloud Provider documentation.
You can use these labels to help guide you as you create Terraform configurations or as you review an existing Terraform configuration before use.
See the Google Cloud Privacy Notice for information on how Google Cloud processes personal information it collects or generates during the provision and administration of the Cloud Services.
What's next
- Learn more about Infrastructure Manager.
- Create a deployment.
- Update a deployment.
- View the state of a deployment.
- Delete a deployment.