Skip to content

Step 3 - Nais terraforming the tenant

Here we describe the steps required to run through the terraform as this is not necessarily a straight forward process.

Nais-terraform-modules repository

  1. Copy an existing tenant folder to get have naas.tf and main.tf as templates.
  2. Update the naas.tf and main.tf files to represent desired reality.
  3. Add the new tenant to atlantis.yaml

console.cloud.gooogle.com -> nais-io project

  1. go to secret manager and create two empty secrets named:
  2. -management-iap-client-id
  3. -management-iap-client-secret
  4. location europe-north1, labels: "provisioned: manually"
  5. add dummy content to make sure we have a latest version
  6. grant the nais-tf-@nais-io.iam.gserviceaccount.com the role roles/secretmanager.secretAccessor on the secrets
  7. add nais-tf-@nais-io.iam.gserviceaccount.com to the domain https://search.google.com/search-console?resource_id=sc-domain%3Adoc..cloud.nais.io