Managing Confluent Cloud using Terraform.

Create a Confluent Cloud Cloud API Key

Create a service account called tf_runnerin Confluent Cloud

Assign the OrganizationAdmin role to the tf_runner service account

Create a Cloud API Key for the tf_runner service account

Terraform will use the following environment variables to authenticate with Confluent Cloud.

export CONFLUENT_CLOUD_API_KEY="<CONFLUENT_CLOUD_API_KEY>"
export CONFLUENT_CLOUD_API_SECRET="<CONFLUENT_CLOUD_API_SECRET>"

1. Provide a Confluent Cloud Environment ID.

• environment: Confluent Cloud Environment ID

2. Provide Cluster details

• cluster: Cluster map.(Defaults)
  • display_name = "sandbox"
  • availability = "SINGLE_ZONE"
  • cloud = "GCP"
  • region = "europe-west1"
  • type = "BASIC"

3. Provide a Service Account Name to create a ClusterAdmin role binding.

• service_account: Service Account Name

terraform init

Build the plan.

terraform plan --var-file=sandbox.tfvars

Apply - Using auto-approve skips interactive approval of plan before applying.

terraform apply -auto-approve --var-file=sandbox.tfvars

1. Outputs

• Cluster Bootstrap Server endpoint:

terraform show -json terraform.tfstate | jq '.values.outputs.cluster.value.bootstrap_endpoint'

• Confluent Cloud Cluster API_KEY:

terraform show -json terraform.tfstate | jq '.values.outputs.cluster_api_key.value.id'

• Confluent Cloud Cluster API_SECRET:

terraform show -json terraform.tfstate | jq '.values.outputs.cluster_api_key.value.secret'

terraform destroy --var-file=sandbox.tfvars

or

terraform apply -auto-approve -destroy --var-file=sandbox.tfvars

{
  "availability": "SINGLE_ZONE",
  "cloud": "GCP",
  "display_name": "sandbox",
  "region": "europe-west1",
  "type": "BASIC"
}