diff --git a/terraform/backend.tf b/terraform/backend.tf
new file mode 100644
index 000000000..0e1bdffe1
--- /dev/null
+++ b/terraform/backend.tf
@@ -0,0 +1,6 @@
+terraform {
+  backend "gcs" {
+    bucket  = "terraform-petclinic"
+    prefix  = "terraform/state"
+  }
+}
\ No newline at end of file
diff --git a/terraform/main.tf b/terraform/main.tf
new file mode 100644
index 000000000..ab8216184
--- /dev/null
+++ b/terraform/main.tf
@@ -0,0 +1,99 @@
+provider "google" {
+  project = var.project_id
+  region  = var.region
+}
+
+data "google_compute_network" "default" {
+  name = "default"
+}
+
+resource "google_compute_instance" "petclinic" {
+  name         = var.vm_name
+  machine_type = var.vm_type
+  zone         = var.zone
+
+  boot_disk {
+    initialize_params {
+      image = var.vm_image
+      labels = {
+        my_label = "value"
+      }
+    }
+  }
+
+  tags = ["http-server", "https-server"]
+
+  network_interface {
+    network = data.google_compute_network.default.self_link
+  }
+
+  metadata_startup_script = "${file("startup-script.sh")}"
+}
+
+resource "google_sql_database_instance" "petclinic" {
+  name             = var.db_name
+  database_version = var.db_version
+  region           = var.region
+
+  settings {
+    tier = var.db_tier
+    
+    ip_configuration {
+      ipv4_enabled     = false
+      private_network  = data.google_compute_network.default.self_link
+    }
+  }
+}
+
+resource "google_sql_user" "users" {
+  name     = var.app
+  instance = google_sql_database_instance.petclinic.name
+  password = POSTGRES_PASSWORD
+}
+
+resource "google_sql_database" "database" {
+  name     = var.app
+  instance = google_sql_database_instance.petclinic.name
+}
+
+resource "google_dns_managed_zone" "cloudsql" {
+  name        = "cloudsql"
+  dns_name    = "cloudsql.private."
+  description = "Private DNS zone for CloudSQL"
+  visibility  = "private"
+
+  private_visibility_config {
+    networks {
+      network_url = data.google_compute_network.default.self_link
+    }
+  }
+}
+
+resource "google_dns_record_set" "petclinic" {
+  name = "petclinic.${google_dns_managed_zone.cloudsql.dns_name}"
+  type = "A"
+  ttl  = 300
+
+  managed_zone = google_dns_managed_zone.cloudsql.name
+
+  rrdatas = [google_sql_database_instance.petclinic.ip_address[0].ip_address]
+}
+
+resource "google_compute_router" "router" {
+  name    = "my-router"
+  region  = var.region
+  network = data.google_compute_network.default.self_link
+}
+
+resource "google_compute_router_nat" "nat" {
+  name                               = "my-router-nat"
+  router                             = google_compute_router.router.name
+  region                             = var.region
+  nat_ip_allocate_option             = "AUTO_ONLY"
+  source_subnetwork_ip_ranges_to_nat = "ALL_SUBNETWORKS_ALL_IP_RANGES"
+
+  log_config {
+    enable = true
+    filter = "ERRORS_ONLY"
+  }
+}
\ No newline at end of file
diff --git a/terraform/startup-script.sh b/terraform/startup-script.sh
new file mode 100644
index 000000000..0abf1c868
--- /dev/null
+++ b/terraform/startup-script.sh
@@ -0,0 +1,15 @@
+sudo apt-get update
+sudo apt-get install ca-certificates curl
+sudo install -m 0755 -d /etc/apt/keyrings
+sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
+sudo chmod a+r /etc/apt/keyrings/docker.asc
+
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/debian \
+  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
+  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
+sudo apt-get update
+
+sudo apt-get -y install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+
+grep -qxF "petclinic.local" /etc/hosts || echo "127.0.0.1     petclinic.local" >> /etc/hosts
\ No newline at end of file
diff --git a/terraform/variables.tf b/terraform/variables.tf
new file mode 100644
index 000000000..fe2d33601
--- /dev/null
+++ b/terraform/variables.tf
@@ -0,0 +1,49 @@
+variable "project_id" {
+    type = string
+    description = "Google Cloud Platform Project ID"
+}
+
+variable "app" {
+    type = string
+    description = "App Name"
+}
+
+variable "region" {
+    type = string
+    description = "Default region for the project"
+}
+
+variable "zone" {
+    type = string
+    description = "Default zone for the project"
+}
+
+variable "vm_name" {
+    type = string
+    description = "Name for Compute Engine in GCP"
+}
+
+variable "vm_type" {
+    type = string
+    description = "Type of Compute Engine in GCP"
+}
+
+variable "vm_image" {
+    type = string
+    description = "OS image of Compute Engine in GCP"
+}
+
+variable "db_name" {
+    type = string
+    description = "Name for CloudSQL instance in GCP"
+}
+
+variable "db_version" {
+    type = string
+    description = "Version of CloudSQL instance in GCP"
+}
+
+variable "db_tier" {
+    type = string
+    description = "Tier of CloudSQL in GCP"
+}
\ No newline at end of file
diff --git a/terraform/variables.tfvars b/terraform/variables.tfvars
new file mode 100644
index 000000000..b98b5c8e2
--- /dev/null
+++ b/terraform/variables.tfvars
@@ -0,0 +1,12 @@
+project_id = "spring-petclinic-439415"
+region = "asia-southeast2"
+zone = "asia-southeast2-a"
+app = "petclinic"
+
+vm_name = "petclinic"
+vm_type = "e2-medium"
+vm_image = "debian-cloud/debian-11"
+
+db_name = "petclinic"
+db_tier = "db-custom-2-8192"
+db_version = "POSTGRES_15"
\ No newline at end of file