Blueprints and modules help you automate provisioning and managing Google Cloud resources at scale.
A module is a reusable set of Terraform configuration files that creates a logical abstraction of Terraform resources.
A blueprint is a package of deployable, reusable modules and policy that implements and documents a specific opinionated solution. Deployable configuration for all Terraform blueprints are packaged as Terraform modules.
| Category | Blueprints and modules | Description |
|---|---|---|
|
End-to-end, Data analytics
|
ai-notebook | Demonstrates how to protect confidential data in Vertex AI Workbench notebooks |
|
Data analytics, End-to-end
|
crmint | Deploy the marketing analytics application, CRMint |
|
End-to-end, Operations
|
enterprise-application | Deploy an enterprise developer platform on Google Cloud |
|
End-to-end, Operations
|
example-foundation | Shows how the CFT modules can be composed to build a secure cloud foundation |
|
End-to-end
|
fabric | Provides advanced examples designed for prototyping |
|
Developer tools, End-to-end, Security and identity
|
secure-cicd | Builds a secure CI/CD pipeline on Google Cloud |
|
End-to-end, Data analytics
|
secured-data-warehouse | Deploys a secured BigQuery data warehouse |
|
Data analytics, End-to-end, Security and identity
|
secured-data-warehouse-onprem-ingest | Deploys a secured data warehouse variant for ingesting encrypted data from on-prem sources |
|
End-to-end
|
vertex-mlops | Create a Vertex AI environment needed for MLOps |
|
Networking
|
address | Manages Google Cloud IP addresses |
|
Databases
|
alloy-db | Creates an AlloyDB for PostgreSQL instance |
|
Data analytics
|
analytics-lakehouse | Deploys a Lakehouse Architecture Solution |
|
Compute
|
anthos-vm | Creates VMs on Google Distributed Cloud clusters |
|
Developer tools
|
apphub | Creates and manages App Hub resources |
|
Containers, Developer tools
|
artifact-registry | Create and manage Artifact Registry repositories |
|
Developer tools, Operations, Security and identity
|
bastion-host | Generates a bastion host VM compatible with OS Login and IAP tunneling that can be used to access internal VMs |
|
Compute, Operations
|
backup-dr | Deploy Backup and DR appliances |
|
Data analytics
|
bigquery | Creates opinionated BigQuery datasets and tables |
|
Data analytics
|
bigtable | Create and manage Google Bigtable resources |
|
Developer tools, Operations
|
bootstrap | Bootstraps Terraform usage and related CI/CD in a new Google Cloud organization |
|
Compute, Networking
|
cloud-armor | Deploy Google Cloud Armor security policy |
|
Databases
|
cloud-datastore | Manages Datastore |
|
Developer tools
|
cloud-deploy | Create Cloud Deploy pipelines and targets |
|
Networking
|
cloud-dns | Creates and manages Cloud DNS public or private zones and their records |
|
Serverless computing
|
cloud-functions | Deploys Cloud Run functions (Gen 2) |
|
Networking, Security and identity
|
cloud-ids | Deploys a Cloud IDS instance and associated resources |
|
Networking
|
cloud-nat | Creates and configures Cloud NAT |
|
Operations
|
cloud-operations | Manages Cloud Logging and Cloud Monitoring |
|
Networking
|
cloud-router | Manages a Cloud Router on Google Cloud |
|
Serverless computing
|
cloud-run | Deploys apps to Cloud Run, along with option to map custom domain |
|
Databases
|
cloud-spanner | Deploys Spanner instances |
|
Storage
|
cloud-storage | Creates one or more Cloud Storage buckets and assigns basic permissions on them to arbitrary users |
|
Developer tools, Serverless computing
|
cloud-workflows | Manage Workflows with optional Cloud Scheduler or Eventarc triggers |
|
End-to-end, Data analytics, Operations
|
composer | Manages Cloud Composer v1 and v2 along with option to manage networking |
|
Compute, Containers
|
container-vm | Deploys containers on Compute Engine instances |
|
Data analytics
|
data-fusion | Manages Cloud Data Fusion |
|
Data analytics
|
dataflow | Handles opinionated Dataflow job configuration and deployments |
|
Data analytics
|
datalab | Creates DataLab instances with support for GPU instances |
|
Data analytics
|
dataplex-auto-data-quality | Deploys data quality rules on BigQuery tables across development and production environments using Cloud Build |
|
Serverless computing
|
event-function | Responds to logging events with a Cloud Run functions |
|
Developer tools
|
folders | Creates several Google Cloud folders under the same parent |
|
Developer tools
|
gcloud | Executes Google Cloud CLI commands within Terraform |
|
Developer tools
|
github-actions-runners | Creates self-hosted GitHub Actions Runners on Google Cloud |
|
Developer tools
|
gke-gitlab | Installs GitLab on Kubernetes Engine |
|
Workspace
|
group | Manages Google Groups |
|
Operations, Workspace
|
gsuite-export | Creates a Compute Engine VM instance and sets up a cronjob to export Google Workspace Admin SDK data to Cloud Logging on a schedule |
|
Healthcare and life sciences
|
healthcare | Handles opinionated Google Cloud Healthcare datasets and stores |
|
Security and identity
|
iam | Manages multiple IAM roles for resources on Google Cloud |
|
Developer tools
|
jenkins | Creates a Compute Engine instance running Jenkins |
|
Security and identity
|
kms | Allows managing a keyring, zero or more keys in the keyring, and IAM role bindings on individual keys |
|
Compute, Containers
|
kubernetes-engine | Configures opinionated GKE clusters |
|
Networking
|
lb | Creates a regional TCP proxy load balancer for Compute Engine by using target pools and forwarding rules |
|
Networking
|
lb-http | Creates a global HTTP load balancer for Compute Engine by using forwarding rules |
|
Networking
|
lb-internal | Creates an internal load balancer for Compute Engine by using forwarding rules |
|
Networking
|
load-balanced-vms | Creates a managed instance group with a load balancer |
|
Data analytics
|
log-analysis | Stores and analyzes log data |
|
Operations
|
log-export | Creates log exports at the project, folder, or organization level |
|
Operations
|
media-cdn-vod | Deploys Media CDN video-on-demand |
|
Databases
|
memorystore | Creates a fully functional Google Memorystore (redis) instance |
|
Compute, Networking
|
netapp-volumes | Deploy Google Cloud NetApp Volumes |
|
Networking
|
network | Sets up a new VPC network on Google Cloud |
|
Networking
|
network-forensics | Deploys Zeek on Google Cloud |
|
Security and identity
|
org-policy | Manages Google Cloud organization policies |
|
Networking
|
out-of-band-security-3P | Creates a 3P out-of-band security appliance deployment |
|
Security and identity
|
pam | Deploy Privileged Access Manager |
|
Operations
|
project-factory | Creates an opinionated Google Cloud project by using Shared VPC, IAM, and Google Cloud APIs |
|
Data analytics
|
Pub/Sub | Creates Pub/Sub topic and subscriptions associated with the topic |
|
Compute
|
sap | Deploys SAP products |
|
Serverless computing
|
scheduled-function | Sets up a scheduled job to trigger events and run functions |
|
Security and identity
|
secret-manager | Creates one or more Google Secret Manager secrets and manages basic permissions for them |
|
Networking, Security and identity
|
secure-web-proxy | Create and manage Secure Web Proxy on Google Cloud for secured egress web traffic |
|
Security and identity
|
service-accounts | Creates one or more service accounts and grants them basic roles |
|
Operations
|
slo | Creates SLOs on Google Cloud from custom Stackdriver metrics capability to export SLOs to Google Cloud services and other systems |
|
Databases
|
sql-db | Creates a Cloud SQL database instance |
|
Compute
|
startup-scripts | Provides a library of useful startup scripts to embed in VMs |
|
Operations, Security and identity
|
tags | Create and manage Google Cloud Tags |
|
Developer tools, Operations, Security and identity
|
tf-cloud-agents | Creates self-hosted Terraform Cloud Agent on Google Cloud |
|
Databases, Serverless computing
|
three-tier-web-app | Deploys a three-tier web application using Cloud Run and Cloud SQL |
|
Operations
|
utils | Gets the short names for a given Google Cloud region |
|
Developer tools, Operations, Security and identity
|
vault | Deploys Vault on Compute Engine |
|
Compute
|
vertex-ai | Deploy Vertex AI resources |
|
Compute
|
vm | Provisions VMs in Google Cloud |
|
Networking
|
vpc-service-controls | Handles opinionated VPC Service Controls and Access Context Manager configuration and deployments |
|
Networking
|
vpn | Sets up a Cloud VPN gateway |
|
Operations
|
waap | Deploys the WAAP solution on Google Cloud |
