Managing Infrastructure as Code on GCP

Learn how to simplify all of your application infrastructure into just a few configuration files then deploy your code on Google Cloud Platform with this course. We will start by learning the core concepts behind Infrastructure as Code, discussing security best practices when working with IaC, and comparing some popular orchestration and configuration management tools.

After that, we’ll implement version control for our IaC configurations, and learn how we can automate deployment updates using Cloud Build Triggers. Next, we’ll learn how to integrate Google Secret Manager to protect any sensitive data in our source code. Then to tie it all together, we’ll walk through Google Identity and Access Management and learn how to monitor our users and resources on GCP.

After learning the basics, we’ll build our own immutable server images with Google Cloud Build using both Docker and Packer. We’ll then explore a practical usage scenario and build a WordPress deployment with Google Deployment Manager. We’ll also deploy a similar WordPress configuration using Terraform to compare the two methods.

I will be working in Visual Studio Code during the demos for this course, but you are also free to use any other IDE you are comfortable with instead. A demo repository is provided along with this course, and while we will be working with some Python and PHP in our examples, you should still be able to follow along with the demos without any background in either of these languages.

Learning Objectives

  • Build server images from a configuration file using Docker and Packer.
  • Learn to use Google Cloud Build with third-party build steps.
  • Deploy application infrastructure from code using Google Deployment Manager and Terraform.
  • Understand templating systems for Infrastructure as Code.
  • Implement version control for Infrastructure as Code.
  • Learn to protect secret data in IaC configurations using Google IAM role management and Google Secret Manager.

Intended Audience

This course is intended for programmers interested in expanding their knowledge about modern cloud-based DevOps workflows. Learning to manage Infrastructure as Code is beneficial to solo developers who need to focus as much of their time as possible on their application code and not on managing infrastructure. Development teams will also benefit from this course, because implementing IaC provides consistent performance across deployments in multiple environments, which greatly simplifies project collaboration. This course will also help prepare the viewer for the Google Professional Cloud DevOps Engineer certification.


  • You should already have a Google Cloud Platform account.
  • You should have Google Cloud SDK already installed and initialized.
  • You should already have Git installed, and be familiar with its use.
  • Demos will be shown in Visual Studio Code, but you're free to use any IDE they are familiar with.
  • Demos will utilize some Python and PHP, but you're not required to be fluent in either of these languages to follow along with the examples.


Additional Documentation


Hello and welcome to my course, Managing Infrastructure as Code on Google Cloud Platform. My name is Arthur, and I have worked with many GCP products while managing cloud infrastructure in my previous role as IT Director for a large entertainment complex in a small part of Arizona. Movie theaters aren't doing so well these days, which has given me lots of extra free time to share my knowledge and experience with you here on Cloud Academy.

Let's get started. When building and deploying a software application, there are often many additional layers beyond our program source code that impact our ability to keep the application running. Server hardware and networking equipment will also be needed to operate and deliver our application. Each server will require operating system configuration, and may have a number of other programs or libraries that also require configuration to work with our application. Each networking device will further need its own configuration settings optimized to manage and secure traffic to our application.

When working with multiple servers and development environments, managing all the infrastructure that runs our application can become more time-consuming than writing the actual application code itself. Thankfully we can solve these problems with managing all the equipment required to run our application by using a modern cloud-hosted DevOps workflow that allows us to treat all this Infrastructure as Code. By learning how to create a few configuration files and including them in our project source code, we can tell our cloud hosting environment exactly how to set up and deploy our application, right down to all those server and networking details.

This course will focus on deploying Infrastructure as Code on Google Cloud Platform, but one of the benefits of Infrastructure as Code is that it's generally portable across providers, so many parts of this course can be easily applied in other cloud hosting environments as well.

In the first part of this course, we'll explore the basic concepts and best practices to follow when working with Infrastructure as Code. We'll focus on the ways a cloud-based DevOps approach differs from more traditional server and infrastructure management practices, and compare how different programming tools and techniques fit in when working with Infrastructure as Code.

In the second part of this course, we'll focus on securing our Infrastructure as Code deployments. Since we're able to basically define our infrastructure in plain text files now, this can also potentially leave secret information like database passwords, network credentials, API keys, or environment variables exposed in plain text as well.

We'll learn how to work with Google IAM roles and use Google Secret Manager to securely handle any sensitive data for our IaC deployments. We'll also learn how to reduce human errors in our development pipeline by implementing version control for our IaC configurations, then complete our CI/CD pipeline by deploying updated servers automatically when a version change is committed.

In the final section of this course, we'll get more hands-on with some examples actually deploying Infrastructure as Code on GCP. We'll start by learning how to build an immutable server image using both Docker and Packer. After that we'll explore a real world scenario and deploy a WordPress server using Google Deployment Manager, then again using Terraform, so we can compare the two methods.

Before beginning this course, you should already have a Google Cloud Platform account, and have the Google Cloud SDK installed, initialized, and connected to a GCP project that you have admin privileges over. You should already have Git installed locally, and possess at least a basic understanding of version control using Git before going into this course. I will be working with PHP and SQL using Visual Studio Code on Windows 10 to deploy to Google Cloud Platform during this course. Project source code is provided with this course so you can easily follow along with the demonstrations and test deployments in your own environment with only very minor changes needed.

If you have any questions or need any help at any point during this course, please contact After completing the course, I would greatly appreciate it if you could take a moment to rate your experience.

About the Author

Arthur spent seven years managing the IT infrastructure for a large entertainment complex in Arizona where he oversaw all network and server equipment and updated many on-premise systems to cloud-based solutions with Google Cloud Platform. Arthur is also a PHP and Python developer who specializes in database and API integrations. He has written several WordPress plugins, created an SDK for the Infusionsoft API, and built a custom digital signage management system powered by Raspberry Pis. Most recently, Arthur has been building Discord bots and attempting to teach a Python AI program how to compose music.