How to create a VPC with Subnet in GCP with Terraform?

Reading Time: 4 minutes

What is VPC?

VPC is Virtual Private Cloud is a Secure, isolated private cloud hosted within the public cloud. Google Cloud VPC provides the networking functionality to Compute VM Instances, GKE Clusters.

VPCs are software versions of physical networks that link resources in a project. GCP

automatically creates a VPC when you create a project. You can create additional VPCs and
modify the VPCs created by GCP.

VPCs are global resources, so they are not tied to a specific region or zone. Resources,
such as Compute Engine virtual machines (VMs) and Kubernetes Engine clusters, can
communicate with each other, assuming traffic is not blocked by a firewall rule.

What is Subnet in VPC?

VPCs contain subnetworks, call subnets, which are regional resources. Subnets have
a range of IP addresses associated with them. Subnets provide private internal addresses.
Resources use these addresses to communicate with each other and with Google APIs and

In addition to VPCs associated with projects, you can create a shared VPC within
an organization. The shared VPC is hosted in a common project. Users in other proj
ects who have sufficient permissions can create resources in the shared VPC. You
can also use VPC peering for interproject connectivity, even if an organization is not

In this section, you will create a VPC with subnets using terraform


  1. Create a Service account
  2. Make sure you have the terraform installed

Create a Service Account

To create a service account you can follow these steps-

  1. From the Google Cloud console’s main navigation, choose IAM & Admin > Service Accounts.
  2. Click Create service account.
  3. Give your service account a name.
  4. Click Create.
  5. In the roles dropdown, select Project > Owner.
  6. Click Continue and then Done.

After creating a service account, make sure to create keys that will be used for authentication while creating resources with Terraform. to create keys you can go into the service account, and under the keys tab, you will get an option to create keys, and download it in JSON format, Also make sure your service account has proper permission, if not then giving editor role will also work or if you want you can give specific permissions.

Add provider

Now create a Main. tf file and add the following code in that

First of all you need to define the provider

provider "google" {

credentials = file("~/gcp/access-keys.json")

project = "give your project ID here"

region = "asia-northeast1"


Create a VPC Resource

Here you can see, that we have given the provider name which is google and then given credentials path which is stored in our local machine in JSON format, and then we have added project ID and Region.

Add the resource in the file, First we will create a vpc resource

resource "google_compute_network" "vpc_network" {

name = "terraform-vpc"

auto_create_subnetworks = "false"


Here the name we gave is terraform-network and one thing you must remember is name is a required field here for this resource. Also, make sure you disable the auto_create_subnetworks field to false otherwise it will create this resource in every region. Apart from this, you can get many other fields as well which are optional.

Create Subnet Resource for VPC

and we add another resource for sub-network which will create a subnet for us.

resource "google_compute_subnetwork" "public-subnetwork" {

name = "terraform-subnet"

ip_cidr_range = ""

region = "asia-northeast1"

network =


As you can see here the resource name is “google_compute_subnetwork” and here we get the different fields to provide regions where we want to create the subnet and provide the CIDR range and network.

Network (required) – The network to this subnet belongs to. Here we have passed the value from the above resource where we create the network.

Let’s proceed and run terraform init

terraform init

So we will run terraform plan

Now you can verify your terraform plan and make sure these are the resources that you want to create, After this, you can run terraform apply

terraform apply 

and you will be prompted to enter yes or no, after entering yes you can see it will start creating these resources and within a few mins it will be created.

You can visit the console and verify this also

After the terraform apply command is successful, the current state of your infrastructure is then stored in the terraform.tfstate file in the working directory.

As you can see it has created a vpc resource and under that it has created one subnet in the asia-northeast1 region.


This was all about how you can use terraform to create VPC and manage its state . If you liked this blog please do like , comment and share. This will motivate me to come up with many such blogs.

Written by 

Passionate about Technology and always Interested to Upskill myself in new technology, Working in the field of DevOps