For an easier deployment and efficient auditing, Velostrata provides a Cloud Deployment script that helps create the VPC, subnets, firewall rules, network tags, Velostrata VPN Gateway instance and Service Accounts with the permissions required for Velostrata operations: http://tiny.cc/velos-poc-gcp-v3-ps
Please reference the readme.docx file in the zip file you download from the link above which outlines pre-requisites, including:
- gcloud SDK – latest version installed
- An existing GCP project ID
- User with Project Owner privileges for the selected PoC Project
- Assign GCP IAM role permission - "Role Administrator" to "Google APIs service account" service account user in the selected
- To use the script(s), find the appropriate PowerShell files in the zip file and run execute them from an elevated CLI (command prompt or PowerShell). Do not attempt to run the jinja files directly from CLI as this will not execute the scripts properly.
- With the templates below, no VPN is configured. You will need to configure a VPN of your choice, Dedicated Interconnect, VPC Peering for cross connectivity. For a complete example, including a software VPN configuration, refer to this section in the sandbox deployment guide.