$gcloud infra-manager deployments create --async

Request Automation Environment

Submit a request to provision a new GCP project with pre-configured APIs, Workload Identity Federation, and serverless compute. No console access required.

Provisioning Pipeline

Portal (Cloud Run + IAP)
Pub/Sub Event Bus
Eventarc → Workflows
Infrastructure Manager
WIF + Org Policies
Cloud Run + Scheduler

Project Configuration

Will become: project-id-env-XXXX

APIs to Enable

3 selected

Security Controls Applied Automatically

Workload Identity Federation (no keys) · Organization Policies · Apigee Rate Limiting · Langfuse LLM Observability

What Happens Next

01
Event published to Pub/Sub
~1s
02
Eventarc routes to Workflows
~2s
03
Org policies validated
~5s
04
Terraform applied via Infra Manager
~3min
05
WIF configured, no keys generated
~4min
06
Slack notification sent
~5min

Estimated Monthly Cost

Cloud Scheduler (1 job)$0.10
Cloud Run (cron compute)~$0.00*
Workload IdentityFree
Org PoliciesFree
Total / automation~$0.10/mo

*Covered by GCP free tier for typical cron jobs

GCP Services Used

Identity-Aware Proxy
Cloud Pub/Sub
Cloud Workflows
Infrastructure Manager
Workload Identity Fed.
Cloud Run
Cloud Scheduler