Stay organized with collections
Save and categorize content based on your preferences.
HashiCorp Terraform is an infrastructure-as-code (IaC) tool that lets you
provision and manage cloud infrastructure. Terraform provides plugins called
providers that let you interact with cloud providers and other APIs. For
Google Distributed Cloud (GDC) air-gapped, you must use the
Kubernetes Provider
to provision resources since there is no specific GDC
air-gapped provider for Terraform.
GDC resources can be managed by the Kubernetes Provider
with the full lifecycle management of Kubernetes resources.
Operation
Terraform Provider
Create
Kubernetes Provider
Read
Update
Delete
N/A, use terraform destroy
How Terraform works
Terraform has a declarative and configuration-oriented syntax, which you can
use to describe the infrastructure that you want to provision in your
GDC project. After you author this configuration in one or more
Terraform configuration files, you can use the Terraform CLI to apply this
configuration to your GDC resources.
The following steps explain how Terraform works:
You describe the infrastructure you want to provision in a Terraform
configuration file. You don't need to write code describing how to provision
the infrastructure. Terraform provisions the infrastructure for you.
You run the terraform plan command, which evaluates your configuration and
generates an execution plan. You can review the plan and make changes as
needed.
You run the terraform apply command, which performs the following
actions:
It provisions your infrastructure based on your execution plan by
invoking the corresponding GDC air-gapped APIs in
the background.
It creates a Terraform state file, which is a JSON file that maps the
resources in your configuration file to the resources in the real-world
infrastructure. Terraform uses this file to keep a record of the most
recent state of your infrastructure, and to determine when to create,
update, and destroy resources.
When you run terraform apply, Terraform uses the mapping in
the state file to compare the existing infrastructure to the code, and make
updates as necessary:
If a resource object is defined in the configuration file, but
doesn't exist in the state file, Terraform creates it.
If a resource object exists in the state file, but has a different
configuration from your configuration file, Terraform updates the
resource to match your configuration file.
If a resource object in the state file matches your configuration
file, Terraform leaves the resource unchanged.
Terraform resources for GDC air-gapped
Resources are the fundamental elements in the Terraform language. Each
resource block describes one or more infrastructure objects.
GDC air-gapped is built on top of Kubernetes. Besides
the core Kubernetes APIs like Node, PersistentVolume, and Service, it also
supports the CustomResourceDefinition API. By using custom resource
definitions, GDC-specific APIs are built for
representing the GDC air-gapped infrastructure.
The following table lists the Terraform resources available for
GDC air-gapped:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-29 UTC."],[[["\u003cp\u003eHashiCorp Terraform, an infrastructure-as-code tool, provisions and manages cloud infrastructure, using providers to interact with cloud providers and other APIs.\u003c/p\u003e\n"],["\u003cp\u003eFor Google Distributed Cloud (GDC) air-gapped, the Kubernetes Provider is used to provision resources because there is no specific GDC air-gapped provider available for Terraform.\u003c/p\u003e\n"],["\u003cp\u003eTerraform uses a declarative syntax where users define the desired infrastructure in configuration files, and Terraform handles the provisioning, using \u003ccode\u003eterraform plan\u003c/code\u003e to generate an execution plan and \u003ccode\u003eterraform apply\u003c/code\u003e to execute it.\u003c/p\u003e\n"],["\u003cp\u003eThe Kubernetes Provider in Terraform manages GDC resources with full lifecycle management of Kubernetes resources, including creating, reading, and updating, with \u003ccode\u003eterraform destroy\u003c/code\u003e handling deletions.\u003c/p\u003e\n"],["\u003cp\u003eTerraform resources, including the \u003ccode\u003ekubernetes_manifest\u003c/code\u003e resource, represent infrastructure objects and are used alongside data sources like \u003ccode\u003ekubernetes_resource\u003c/code\u003e and \u003ccode\u003ekubernetes_resources\u003c/code\u003e for managing GDC air-gapped, which is built on top of Kubernetes and supports \u003ccode\u003eCustomResourceDefinition\u003c/code\u003e API.\u003c/p\u003e\n"]]],[],null,["# Terraform overview\n\nHashiCorp Terraform is an infrastructure-as-code (IaC) tool that lets you\nprovision and manage cloud infrastructure. Terraform provides plugins called\n*providers* that let you interact with cloud providers and other APIs. For\nGoogle Distributed Cloud (GDC) air-gapped, you must use the\n[Kubernetes Provider](https://registry.terraform.io/providers/hashicorp/kubernetes/latest/docs)\nto provision resources since there is no specific GDC\nair-gapped provider for Terraform.\n\nGDC resources can be managed by the Kubernetes Provider\nwith the full lifecycle management of Kubernetes resources.\n\nHow Terraform works\n-------------------\n\nTerraform has a declarative and configuration-oriented syntax, which you can\nuse to describe the infrastructure that you want to provision in your\nGDC project. After you author this configuration in one or more\nTerraform configuration files, you can use the Terraform CLI to apply this\nconfiguration to your GDC resources.\n\nThe following steps explain how Terraform works:\n\n1. You describe the infrastructure you want to provision in a *Terraform\n configuration file*. You don't need to write code describing how to provision\n the infrastructure. Terraform provisions the infrastructure for you.\n\n2. You run the `terraform plan` command, which evaluates your configuration and\n generates an execution plan. You can review the plan and make changes as\n needed.\n\n3. You run the `terraform apply` command, which performs the following\n actions:\n\n 1. It provisions your infrastructure based on your execution plan by\n invoking the corresponding GDC air-gapped APIs in\n the background.\n\n 2. It creates a *Terraform state file*, which is a JSON file that maps the\n resources in your configuration file to the resources in the real-world\n infrastructure. Terraform uses this file to keep a record of the most\n recent state of your infrastructure, and to determine when to create,\n update, and destroy resources.\n\n 3. When you run `terraform apply`, Terraform uses the mapping in\n the state file to compare the existing infrastructure to the code, and make\n updates as necessary:\n\n - If a resource object is defined in the configuration file, but\n doesn't exist in the state file, Terraform creates it.\n\n - If a resource object exists in the state file, but has a different\n configuration from your configuration file, Terraform updates the\n resource to match your configuration file.\n\n - If a resource object in the state file matches your configuration\n file, Terraform leaves the resource unchanged.\n\nTerraform resources for GDC air-gapped\n--------------------------------------\n\n*Resources* are the fundamental elements in the Terraform language. Each\nresource block describes one or more infrastructure objects.\n\nGDC air-gapped is built on top of Kubernetes. Besides\nthe core Kubernetes APIs like `Node`, `PersistentVolume`, and `Service`, it also\nsupports the `CustomResourceDefinition` API. By using custom resource\ndefinitions, GDC-specific APIs are built for\nrepresenting the GDC air-gapped infrastructure.\n\nThe following table lists the Terraform resources available for\nGDC air-gapped:\n\nWhat's next\n-----------\n\n- [Configure Terraform](/distributed-cloud/hosted/docs/latest/gdch/resources/configure-terraform)\n\n- [Terraform on Google Cloud documentation](/docs/terraform)\n\n- [Google Cloud provider documentation in HashiCorp](https://registry.terraform.io/providers/hashicorp/google/latest/docs)\n\n- [Infrastructure as code for Google Cloud](/docs/terraform/iac-overview)"]]
