For each target cloud platform (in most cases for single target cloud platform) OpeNgine requires two things:

  • connectivity information - identifier of the target project/account/subscription and credentials

  • key for service account that will be used by OpeNgine to check and provision cloud resources.

Similar details are required to configure connectivity to Terraform remote state storage. The following sub-sections contain detailed information and instructions on how to ensure that pre-conditions for cloud connectivity are met:

Please note:

  • It is not possible to reference multiple cloud environments of the same type (e.g. multiple GCP projects) in current version of OpeNgine (see one exclusion below). All clusters and VPC networks should belong to the same cloud environment of the same type

  • Connection to remote Terraform state can reference different cloud environment of the same type (e.g. all GKE clusters are provisioned in GCP project “A”, but remote Terraform state can use same project “A” or some other project “B”), but even in this case, service account remains single and therefore should have enough permissions to read-write state in alternative cloud environment