This guide is for provisioning and deploying agenta on GCP Compute Engine using Terraform. If you prefer to provision the instance manually, you can use the guide for deploying on a remote machine.


We provide a Terraform module to deploy Agenta on GCP. You can find it here. The terraform module will in the in us-central1 region create;

  • An e2-medium Compute instance
  • VPC Network
  • Firewall configured to allow ports 22 (ssh), 80 (http), and 443 (https)

You can customize the module according to your needs.


  1. Install Terraform: First, install Terraform.
Step 2 until 6 can be skipped if you already have a project with billing enabled and a service account with the compute admin role.
  1. Setup Project; In the Google cloud Console, on the project selector page, select or create a Google Cloud project, then copy and save the Project ID for later.

  2. Confirm Billing; Make sure that billing is enabled for your Google Cloud project.

  3. Create a Service account; Click here to Create a Service account and specify the compute admin role.

  4. Get Service account key; Click here to obtain the keys for the service account you created.

  5. Enable Google Compute Engine API: Navigate to Compute Engine API and make sure to select the correct project at the top, then enable Compute Engine API.

  6. Copy the content of the downloaded key file and replace the content of credentials.json with it.

  7. Initialize and Apply Terraform: Navigate to the correct directory and run:

    cd self-host/gcp
    terraform init
    terraform apply

SSH into the instance:

In order to ssh into the instance you need to:

  1. Uncomment these lines in the Terraform instance file
metadata = {
 ssh-keys = "YOUR_USERNAME:${file("~/.ssh/")}"
  1. Create an SSH key pair.

  2. Add the SSH Key to the VM Metadata

  3. Rerun

    terraform apply.

Remember that while allowing SSH access from any source ( is convenient for testing, it’s not recommended for production environments due to security concerns. In production, you would restrict SSH access to specific trusted IP addresses.

Removing All Resources:

To delete all the resources created by Terraform, simply run

cd self-host/gcp
terraform destroy