Google Cloud Run

Estimated deployment time: 5 minutes

The Superblocks Terraform module for Google module deploys the OPA as a Google Cloud Run service and configures all the required infrastructure to expose it to end users in Superblocks.

Deploy with Terraform

Follow the steps below to deploy the OPA on Google Cloud Run using Terraform.

Install prerequisites

• Install Terraform
• Install and authorize the gcloud CLI

Create Terraform file

To get started, navigate to the On-premise Agent Setup Wizard to generate a superblocks_agent_key.

caution

We recommend following secret management best practices such as using environment variables, encrypted files, or a secret store to securely pass the superblocks_agent_key into your Terraform code.

module "terraform_google_superblocks" {
  source  = "superblocksteam/superblocks/google"
  version = "~>1.0"

  project_id = "[GOOGLE_CLOUD_PROJECT_ID]"
  region     = "[GOOGLE_CLOUD_REGION]"

  superblocks_agent_key = "[YOUR_AGENT_KEY]"
  
  # Subdomain & domain in your Superblocks agent host url, for example superblocks.example.com
  sudomain = "[YOUR_SUBDOMAIN]"
  domain   = "[YOUR_DOMAIN]"
  
  # Google Cloud DNS Zone Name
  zone_name = "[YOUR_DOMAINS_CLOUD_DNS_ZONE_NAME]"
}

info

If you use the EU Superblocks instance, also set superblocks_agent_data_domain = "eu.superblocks.com".

If you use Google Cloud DNS, find the zone_name for your domain by running gcloud dns managed-zones list --filter "dns_name ~ ${domain}. If you don't use Google Cloud DNS, see the Custom Domain Mapping section for how you can manually configure the DNS for your agent.

Initialize and apply Terraform

terraform init
terraform apply

For all available configuration options, see the Terraform registry.

Billable services

The Terraform module makes use of the following GCP services. Be aware of the pricing associated with these.

• Cloud Run - Service to run the On-premise Agent container
• Cloud DNS - Managed zone and record for DNS (optional)