Step 2: Create GCP prerequisites

The second step is to create the CDP prerequisites in your GCP project. To get this done quickly, we will use a script that creates a VPC network, a subnet, firewall rules, service accounts, storage buckets, and so on.


  1. Navigate to the browser tab with the GCP console.

  2. Click on the project navigation widget:
  3. A window appears, allowing you to select a project. Copy the ID of the project where you created your credential earlier:
    You will need it in a later step
  4. In the GCP console, download the following files and gcp_param.yml:
    This is a script that creates all of the prerequisite resources required for CDP.
  5. Run the provided bash script using the following command:
    bash <prefix> <region> <project-id> <IP-CIDR-to-whitelist>
    Replace the following with actual values:
    • Prefix - A prefix to prepend to names of all resources that the script creates for you.
    • Region - A GCP region where you would like to deploy your environment. For a list of supported regions, see Supported GCP regions.
    • Project ID - The project ID that you obtained in an earlier step. This is the project where you will deploy the resources required for a CDP environment.
    • CIDR-to-whitelist - The IPv4 CIDR range for SSH and UI access.
    For example:
    bash test us-east4 gcp-dev
  6. The script creates a new deployment called <prefix>-cdp-deployment in the Deployment Manager and creates resources in your GCP account:

The script does the following:

  1. Verify that the correct number of arguments were supplied.
  2. Replace the Deployment Manager config parameters with those arguments that you supplied.
  3. Check for the existence of a custom IAM role with the provided prefix (i.e. check if you have run this script before with the same prefix).
  4. Run the Deployment Manager (which creates resources such as a VPC network, a subnet, firewall rules, service accounts, storage buckets, and so on).
  5. Add policy bindings to the created service accounts
  6. Change GCS bucket permissions for created service accounts
  7. Create a VPC peering to (for purposes of the CloudSQL DB that CDP creates).

Once the deployment is ready, you will see a message “<prefix>-cdp-deployment has been deployed”. At that point, you can proceed to the next step.