This Terraform module provides an example of how to deploy VeraId Authority to Google Cloud Platform (GCP) and MongoDB Atlas using serverless resources. It also assumes you'll be using Google as the identity provider.
This example doesn't support Awala. Refer to the awala example for a full example with the Awala Internet Endpoint.
-
Configure authentication. Go to Credentials in the Google Cloud Console, and create a new OAuth2 client ID with the following parameters:
- Application type: Web application.
- Authorised redirect URIs:
https://jwt.io
Then copy the client id.
-
Log in to Google using the following URL, replacing
YOUR_CLIENT_IDwith the id you got above:https://accounts.google.com/o/oauth2/v2/auth?client_id=YOUR_CLIENT_ID&redirect_uri=https%3A%2F%2Fjwt.io&response_type=id_token&scope=https://www.googleapis.com/auth/userinfo.profile%20https://www.googleapis.com/auth/userinfo.email&nonce=randomYou'll be redirected to jwt.io with a JWT in the URL. Copy the value of the
subclaim. -
Initialise this module with the required variables. For example:
module "veraid-authority-basic" { source = "relaycorp/veraid-authority/google//examples/basic" version = "<INSERT VERSION HERE>" google_project_id = "your-project" # Use environment variables in production google_credentials_path = "/home/you/Desktop/google-credentials.json" mongodbatlas_public_key = "your-public-key-id" mongodbatlas_private_key = "your-private-key" mongodbatlas_project_id = "your-project-id" api_auth_audience = "your-oauth2-client-id" superadmin_email_address = "your-jwt-sub" # The "sub" claim of the JWT you got above }
-
Run
terraform init, followed byterraform apply.
You're now ready to make requests to the VeraId Authority API. Refer to the VeraId Authority documentation for more information.