GCP Modules

The GCP Terraform modules provision Google Cloud-specific infrastructure for the MATIH platform: GKE clusters, Cloud SQL databases, Cloud Storage, Vertex AI, and networking resources.

Source: infrastructure/terraform/modules/gcp/

Module Inventory

Module	Path	Description
Kubernetes Control Plane	`gcp/kubernetes/control-plane/`	GKE Autopilot or Standard cluster
CloudSQL	`gcp/cloudsql/`	Cloud SQL for PostgreSQL
Storage	`gcp/storage/`	GCS buckets for data lake and artifacts
Vertex AI	`gcp/vertex-ai/`	Vertex AI model endpoints
Networking	`gcp/networking/`	VPC, subnets, firewall rules
Governance	`gcp/governance/`	IAM policies and organization constraints

GKE Cluster Module

Key Resources

Resource	Purpose
`google_container_cluster`	GKE cluster with Workload Identity
`google_container_node_pool`	Node pools for different workload types
`google_artifact_registry_repository`	Container image registry
`google_service_account`	Workload Identity service accounts

Node Pool Configuration

Node Pool	Machine Type	Purpose
system	e2-standard-4	System components
application	e2-standard-8	Application workloads
gpu	n1-standard-8 + T4	ML/AI GPU workloads

CloudSQL Module

Resource	Purpose
`google_sql_database_instance`	Cloud SQL PostgreSQL instance
`google_sql_database`	Database per service
`google_secret_manager_secret`	Database credentials

Storage Module

Bucket	Purpose
Data lake	Iceberg table storage
Artifacts	MLflow artifacts, pipeline outputs
Backups	Database backup storage

Vertex AI Module

Provisions Vertex AI endpoints for model serving:

Resource	Purpose
`google_vertex_ai_endpoint`	Model serving endpoint
`google_project_iam_member`	Service account access to Vertex AI

Networking Module

Resource	Purpose
`google_compute_network`	Platform VPC
`google_compute_subnetwork`	Regional subnets
`google_compute_firewall`	Firewall rules
`google_dns_managed_zone`	Cloud DNS zone

Azure Modules -- Azure equivalents
AWS Modules -- AWS equivalents
Tenant Modules -- Per-tenant provisioning

AWS Modules Environments