Convert the GCP stacks from GCP Deployment Manager to Terraform

If you deployed GCP stacks using the GCP deployment manager, we encourage you to convert your deployment to Terraform for better support of stack management and stack updates.

The steps of converting the GCP stacks from GCP Deployment Manager to Terraform

1. Follow the steps of adding the stacks until the step 5.d. Add the customRolePrefix variable with the value of prefix in terraform.tfvars.json. After the step 5.d is done. The new custom roles will distinguish from the roles created by GCP Deployment Manager.
2. At step 5.e of the steps of adding the stacks, add the customRolePrefix variable with the value of the prefix in terraform.tfvars.json. After the step 5.e is done, the all-in-one stack will use the new custom roles.
3. Set disableScanningBucketIAMBinding of the storage stack to true in terraform.tfvars.json. This variable helps prevent overwriting the old IAM bindings on the scanning bucket.
4. Follow the remaining steps of adding the stacks until you finish step 6. Ensure that the stacks are created on File Storage Security web console.
5. Set the disableScanningBucketIAMBinding variable of the storage stack to false in terraform.tfvars.json. Execute terraform apply again to add new IAM bindings on the scanning bucket.
6. After the new IAM bindings are done, the file event of the bucket will pass to the stacks of Terraform deployment. Upload a file and check the logs of the scanner function to confirm that the conversion is successful.
7. Check the uploaded file has tag in the object metadata.
8. Delete the old stacks which created by GCP Deployment Manager.
9. Ensure all the stacks in your GCP project are converted. After that, you can delete the old custom roles by executing the following command: gcloud deployment-manager deployments delete trend-micro-file-storage-security-roles