Cloudflare to GCP Terraform State

Hi everyone,

I’m searching for step-by-step guide to set up a Terraform script to create a Cloudflare Tunnel that transports Cloudflare Worker email objects to my GCP VM mail server using GitHub Actions:


  1. Cloudflare Account: Ensure you have a Cloudflare account with necessary permissions.
  2. GCP Account: Access to GCP with a project created and necessary permissions.
  3. SSH Key: SSH public key for authentication to the GCP VM.


1. Set up Cloudflare Tunnel:

  • Cloudflare Tunnel Configuration: Define your Cloudflare Tunnel configuration in a .json file or a Terraform configuration file. Include details like tunnel_name, credentials, origin_address, etc.

2. Set up Terraform Configuration:

  • Create Terraform Files: Develop Terraform configuration files (.tf) to provision resources. Create files for Cloudflare and GCP.
  • Cloudflare Resource: Define the Cloudflare Tunnel resource using the Cloudflare Terraform provider. Reference the configuration from step 1.
  • GCP Resource: Define GCP VM instance creation using the GCP Terraform provider. Configure the instance with SSH keys, networking, etc.

3. Integrate with GitHub Actions:

  • GitHub Repository: Ensure your Terraform files are stored in a GitHub repository.
  • GitHub Actions Workflow: Create a .yml file inside .github/workflows to define the GitHub Actions workflow.
  • Workflow Steps: Define workflow steps to trigger Terraform scripts on push/merge to specific branches or as needed.

4. Configure Secrets:

  • GitHub Secrets: Store sensitive information like Cloudflare credentials, GCP service account key, and SSH private key as secrets in the GitHub repository.

5. Automate Deployment:

  • GitHub Actions Run: Once configured, GitHub Actions will execute the workflow defined in the .yml file, triggering Terraform to create/update resources in Cloudflare and GCP.

Request: Check and confirm the step-by-step instructions above.