Gcloud

$ gcloud auth login $ gcloud config set project PROJECT_ID

$ gcloud organizations list DISPLAY_NAME ID DIRECTORY_CUSTOMER_ID jeeva.us 1082763338996 C04hc1j0m

$ gcloud beta billing accounts list ACCOUNT_ID NAME OPEN MASTER_ACCOUNT_ID 016A41-F11E24-D3F9BF Jeeva.us True

$ gcloud projects list PROJECT_ID NAME PROJECT_NUMBER bookshelf-app-201707 Bookshelf App 211635270895 jeeva-dev Jeeva-dev 834993794872 jeeva-prod Jeeva-prod 338327500477

$ gcloud config set project jeeva-dev

$ gcloud iam service-accounts create terraform --display-name "Terraform admin account"
Created service account [terraform].

export TF_CREDS=~/.config/gcloud/terraform-admin.json
export TF_ADMIN=jeeva-dev

gcloud iam service-accounts keys create ${TF_CREDS} --iam-account terraform@${TF_ADMIN}.iam.gserviceaccount.com
created key [3d9eac17d10aa1a9b7c3488ebbc482ef05852d9c] of type [json] as [/Users/jeevandk/.config/gcloud/terraform-admin.json] for [terraform@jeeva-dev.iam.gserviceaccount.com]

$ gcloud beta iam roles list

$ gcloud projects add-iam-policy-binding ${TF_ADMIN} \
   --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
   --role roles/storage.admin
bindings:
- members:
  - serviceAccount:service-834993794872@gcf-admin-robot.iam.gserviceaccount.com
  role: roles/cloudfunctions.serviceAgent
- members:
  - serviceAccount:service-834993794872@container-engine-robot.iam.gserviceaccount.com
  role: roles/container.serviceAgent
- members:
  - serviceAccount:834993794872-compute@developer.gserviceaccount.com
  - serviceAccount:834993794872@cloudservices.gserviceaccount.com
  - serviceAccount:jeeva-dev@appspot.gserviceaccount.com
  - serviceAccount:service-834993794872@containerregistry.iam.gserviceaccount.com
  role: roles/editor
- members:
  - serviceAccount:terraform@jeeva-dev.iam.gserviceaccount.com
  role: roles/storage.admin
- members:
  - serviceAccount:gcr-pull-test@jeeva-dev.iam.gserviceaccount.com
  role: roles/storage.objectViewer
etag: BwVuaAIfw3Y=
version: 1

$ gcloud projects add-iam-policy-binding jeeva-dev \
  --member serviceAccount:terraform@jeeva-dev.iam.gserviceaccount.com --role roles/compute.admin

$ gcloud projects add-iam-policy-binding ${TF_ADMIN} \
   --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
   --role roles/cloudsql.admin

$ gcloud projects add-iam-policy-binding ${TF_ADMIN} \
   --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com \
   --role roles/serviceAccountUser

$ gcloud projects add-iam-policy-binding ${TF_ADMIN}    --member serviceAccount:terraform@${TF_ADMIN}.iam.gserviceaccount.com    --role roles/iam.serviceAccountUser


# Enable the APIs
$ gcloud services enable cloudresourcemanager.googleapis.com
Waiting for async operation operations/tmo-acf.377d59eb-d5df-4718-8a07-b6ed9a6788a8 to complete...
Operation finished successfully. The following command can describe the Operation details:
 gcloud services operations describe operations/tmo-acf.377d59eb-d5df-4718-8a07-b6ed9a6788a8

$ gcloud services enable compute.googleapis.com
Waiting for async operation operations/tmo-acf.5bbc7976-3a73-43f6-8d6a-d5d9fcd2f130 to complete...
Operation finished successfully. The following command can describe the Operation details:
 gcloud services operations describe operations/tmo-acf.5bbc7976-3a73-43f6-8d6a-d5d9fcd2f130

$ gcloud services enable sqladmin.googleapis.com
Waiting for async operation operations/tmo-acf.3a28f4a4-eee0-41a7-8447-916fba4f45aa to complete...
Operation finished successfully. The following command can describe the Operation details:
 gcloud services operations describe operations/tmo-acf.3a28f4a4-eee0-41a7-8447-916fba4f45aa



 # Create a bucket 
 <https://cloud.google.com/storage/docs/gsutil>  

gsutil is a Python application that lets you access Cloud Storage from the command line. You can use gsutil to do a wide range of bucket and object management tasks, including:

    * Creating and deleting buckets.
    * Uploading, downloading, and deleting objects.
    * Listing buckets and objects.
    * Moving, copying, and renaming objects.
    * Editing object and bucket ACLs

$ gsutil mb -p <project-id> gs://<bucket-name>
$ gsutil mb -p jeeva-dev  gs://jeeva-dev-terraform
Creating gs://jeeva-dev-terraform/...

$ gsutil versioning set on gs://jeeva-dev-terraform
Enabling versioning for gs://jeeva-dev-terraform/...


cat > backend.tf <<EOF
terraform {
 backend "gcs" {
   bucket  = "jeeva-dev-terraform"
   prefix    = "apps/wordpress/terraform.tfstate"
   project = "jeeva-dev"
 }
}
EOF

$ echo $TF_ADMIN
jeeva-dev

$ echo $TF_CREDS
/Users/jeevandk/.config/gcloud/terraform-admin.json

export GOOGLE_APPLICATION_CREDENTIALS=${TF_CREDS}
export GOOGLE_PROJECT=${TF_ADMIN}

terraform init