- Creates a GC bucket through terraform cdktf API. The purpose of this terraform setup to create a bucket that will be used for storing remote state for other terraform runs.
- Creats a GC logging bucket.
- Creates a GC sink that routes the logs to the logging bucket.
From here
From here
- Create a GCP
service account. - The service account should have the following iam roles/permissions.
logging.buckets.create
logging.buckets.delete
logging.buckets.get
logging.buckets.list
logging.buckets.undelete
logging.buckets.update
logging.buckets.write
logging.links.create
logging.links.delete
logging.links.get
logging.links.list
logging.logMetrics.list
logging.logMetrics.update
logging.logServiceIndexes.list
logging.logServices.list
logging.logs.list
logging.notificationRules.create
logging.notificationRules.delete
logging.notificationRules.get
logging.notificationRules.list
logging.notificationRules.update
logging.settings.get
logging.settings.update
logging.sinks.create
logging.sinks.delete
logging.sinks.get
logging.sinks.list
logging.sinks.update
logging.views.create
logging.views.delete
logging.views.get
logging.views.update
storage.buckets.create
storage.buckets.delete
storage.buckets.get
storage.buckets.list
storage.buckets.update
storage.objects.create
storage.objects.delete
storage.objects.get
storage.objects.list
storage.objects.update
- Download the json formatted service account key to this current folder and
rename it to
credentials.json. In case the key file has a different name or resides in a different path, it can be set through command line.
The commands are defined in the script field of package.json file. The two
main commands will be yarn synth and yarn deploy. To get a list of all
available command line options run yarn tsx src/main.ts -h.
-
yarn synth -a "tsx src/main.ts --pi <google cloud project id> -
yarn deploy gcs-bucket-cdktf log-buket -a `tsx src/main.ts --pi <google cloud project id>The
deploycommand do runsynth, however it is easier to verify the command by thesynthseparately.