Skip to content

GCP Infrastructure manager terraform for elastic-agent #3776

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
amirbenun wants to merge 38 commits into
base: main
Choose a base branch
from
Open

GCP Infrastructure manager terraform for elastic-agent #3776

amirbenun wants to merge 38 commits into from

Conversation

@amirbenun
Copy link
Contributor

@amirbenun amirbenun commented Dec 18, 2025
edited
Loading

Summary of your changes

Replaces deprecated GCP Deployment Manager with modern Infrastructure Manager (Terraform) for deploying Elastic Agent CSPM integration. Provides identical resources with improved tooling and user experience.

New Directory: deploy/infrastructure-manager/gcp-elastic-agent/ Files Added:

main.tf - Main infrastructure configuration (compute instance, network, service account, IAM bindings)
variables.tf - Input variable definitions
outputs.tf - Deployment outputs
service_account.tf - Standalone service account deployment for agentless mode
terraform.tfvars.example - Example configuration for main deployment
service_account.tfvars.example - Example configuration for SA-only deployment
README.md - Comprehensive deployment guide

Resources Created

Identical to Deployment Manager implementation:
Compute instance (Ubuntu, n2-standard-4, 32GB disk) with Elastic Agent pre-installed
Service account with roles/cloudasset.viewer and roles/browser
VPC network with auto-created subnets
IAM bindings (project or organization scope)
Optional SSH firewall rule

Compatibility

The new deployment script infrastructure-manager/deploy.sh is compatible with kibana deployment command of the form:

gcloud config set project elastic-security-test && \
FLEET_URL=https://a6f784d2fb4d48bea7724fbe41ef17d3.fleet.us-central1.gcp.qa.elastic.cloud:443 \
ENROLLMENT_TOKEN=<REDUCTED> \
STACK_VERSION=9.2.3 \
./deploy.sh

Related Issues

@amirbenun amirbenun requested a review from a team as a code owner December 18, 2025 16:27
Copilot AI review requested due to automatic review settings December 18, 2025 16:27
@mergify
Copy link

mergify bot commented Dec 18, 2025

This pull request does not have a backport label. Could you fix it @amirbenun? 🙏
To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v./d./d./d is the label to automatically backport to the 8./d branch. /d is the digit
  • backport-active-all is the label that automatically backports to all active branches.
  • backport-active-8 is the label that automatically backports to all active minor branches for the 8 major.
  • backport-active-9 is the label that automatically backports to all active minor branches for the 9 major.

Copilot AI reviewed Dec 18, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@amirbenun
Copy link
Contributor Author

amirbenun commented Dec 23, 2025

A common failure is when the artifacts server is not configured well, I tested this use case to create a good user experience and surface the error to the GCP cloudshell and console:
image

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@amirbenun amirbenun

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Replace GCP deployment-manager scripts with infrastructure-manager

1 participant

@amirbenun