vshatravenko/example.tf

## example.tf
# Initialize GCP provider
provider "google" {
  credentials = "${file("${var.credentials}")}"
  project = "${var.project}"
  region = "${var.region}"
}

# Create a new VPC
resource "google_compute_network" "platform" {
  name       = "${var.vpc_name}"
}

# Create a subnetwork
resource "google_compute_subnetwork" "platform_net" {
  name          = "platform-net"
  ip_cidr_range = "${var.subnet_cidr}"
  network       = "${google_compute_network.platform.self_link}"
}

# Create a VM
resource "google_compute_instance" "bastion" {
  name         = "bastion"
  machine_type = "n1-standard-1"
  zone         = "${var.zone}"

  tags = ["bastion", "platform-internal"]

  boot_disk {
    initialize_params {
      image = "debian-cloud/debian-8"
    }
  }

  network_interface {
    subnetwork = "${google_compute_subnetwork.platform_net.name}"
  }


  service_account {
    scopes = ["userinfo-email", "compute-ro", "storage-ro"]
  }
}

# Allow SSH to Platform Bastion
resource "google_compute_firewall" "bastion" {
  name    = "bastion-rules"
  network = "${google_compute_network.platform.name}"

  allow {
    protocol = "icmp"
  }

  allow {
    protocol = "tcp"
    ports    = ["22"]
  }

  target_tags = ["bastion"]
}


variable "project" {
    type = "string"
}

variable "region" {
    type = "string"
    default = "us-east1"
}

variable "zone" {
    type = "string"
    default = "us-east1-d"
}

variable "credentials" {
    type = "string"
}

variable "vpc_name" {
    type = "string"
    default = "platform-tools"
}

variable "subnet_cidr" {
    type = "string"
    default = "10.0.0.0/24"
}
	# Initialize GCP provider
	provider "google" {
	credentials = "${file("${var.credentials}")}"
	project = "${var.project}"
	region = "${var.region}"
	}

	# Create a new VPC
	resource "google_compute_network" "platform" {
	name = "${var.vpc_name}"
	}

	# Create a subnetwork
	resource "google_compute_subnetwork" "platform_net" {
	name = "platform-net"
	ip_cidr_range = "${var.subnet_cidr}"
	network = "${google_compute_network.platform.self_link}"
	}

	# Create a VM
	resource "google_compute_instance" "bastion" {
	name = "bastion"
	machine_type = "n1-standard-1"
	zone = "${var.zone}"

	tags = ["bastion", "platform-internal"]

	boot_disk {
	initialize_params {
	image = "debian-cloud/debian-8"
	}
	}

	network_interface {
	subnetwork = "${google_compute_subnetwork.platform_net.name}"
	}


	service_account {
	scopes = ["userinfo-email", "compute-ro", "storage-ro"]
	}
	}

	# Allow SSH to Platform Bastion
	resource "google_compute_firewall" "bastion" {
	name = "bastion-rules"
	network = "${google_compute_network.platform.name}"

	allow {
	protocol = "icmp"
	}

	allow {
	protocol = "tcp"
	ports = ["22"]
	}

	target_tags = ["bastion"]
	}


	variable "project" {
	type = "string"
	}

	variable "region" {
	type = "string"
	default = "us-east1"
	}

	variable "zone" {
	type = "string"
	default = "us-east1-d"
	}

	variable "credentials" {
	type = "string"
	}

	variable "vpc_name" {
	type = "string"
	default = "platform-tools"
	}

	variable "subnet_cidr" {
	type = "string"
	default = "10.0.0.0/24"
	}