A ready-to-go scaffold to deploy a typical web project on Google Cloud Platform with:
- Load balancer
- Compute (two scenarios: Cloud Run or Compute Engine MIG)
- Cloud SQL (PostgreSQL)
- VPC + NAT and Firewall rules
- DNS + Managed TLS (optional)
- Python CLI to run Terraform plans
- Docker image with Terraform & gcloud preinstalled
- GitHub Actions CI/CD with Workload Identity Federation
⚠ Costs: Load balancer, Cloud SQL, NAT, and compute incur charges. Destroy when done.
- serverless_public (simplest)
- Cloud Run service (HTTPS by default)
- Cloud SQL (private IP) + Serverless VPC Connector
- Optional Cloud DNS A record to Cloud Run domain mapping (instructions in docs)
- Basic firewall is minimal (serverless)
- private_mig (closer to IaaS, “like ECS/ALB”)
- Regional VPC with two subnets (private instances, no external IPs)
- Cloud NAT for egress
- Compute Engine Managed Instance Groups in two zones running NGINX
- Global External HTTPS Load Balancer
- Cloud SQL (PostgreSQL) with private IP via Service Networking
- Firewall: health checks, LB traffic to backends, optional SSH
See docs/ for step-by-step guides, verification commands, and CI usage.