Using gcp workflows with recaptcha
TypeScriptTo use Google Cloud Workflows with reCAPTCHA Enterprise on GCP, you’d need to create two main resources: a reCAPTCHA Enterprise Key and a Cloud Workflow. The reCAPTCHA Enterprise key will be used to verify user interactions on your website or application, while the Cloud Workflow orchestrates interactions between GCP services, potentially including the verification process with reCAPTCHA.
In this example, I'll show you how to create a simple workflow that could be part of a larger process where a reCAPTCHA Enterprise key is used. This cloud workflow will be a basic template and does not fully implement a CAPTCHA verification system.
First, you will create a reCAPTCHA Enterprise Key with the
gcp.recaptcha.EnterpriseKey
resource which is a representation of the reCAPTCHA enterprise key used for identifying the recaptcha activities in your application. You must providedisplayName
for the key and your GCPproject
id.Then, you’ll create a Cloud Workflow using the
gcp.workflows.Workflow
resource which allows you to define a series of steps that call various GCP services. In this case, we'll just set up the framework for it as the actual logic for calling reCAPTCHA verification will depend on your specific use case.Here’s a Pulumi program written in TypeScript that demonstrates creating these resources:
import * as pulumi from "@pulumi/pulumi"; import * as gcp from "@pulumi/gcp"; // Replace with your GCP project ID const googleProject = "<your-gcp-project-id>"; // Replace with the display name for your reCAPTCHA Enterprise Key const recaptchaKeyDisplayName = "<your-recaptcha-key-display-name>"; // Create a reCAPTCHA Enterprise Key. // For more details on the properties of this resource, visit: // https://www.pulumi.com/registry/packages/gcp/api-docs/recaptcha/enterprisekey/ const recaptchaEnterpriseKey = new gcp.recaptcha.EnterpriseKey("example-recaptcha-key", { project: googleProject, displayName: recaptchaKeyDisplayName, webSettings: { allowAllDomains: true, integrationType: "SCORE", // You can choose other integration types as needed challengeSecurityPreference: "SECURITY" } }); // Define a Cloud Workflow to orchestrate GCP services // For more details on the properties of this resource, visit: // https://www.pulumi.com/registry/packages/gcp/api-docs/workflows/workflow/ const exampleWorkflow = new gcp.workflows.Workflow("example-workflow", { project: googleProject, region: "us-central1", // Choose the correct region for your use case description: "This is an example workflow that integrates with reCAPTCHA Enterprise", sourceContents: `# This is a YAML representation of a workflow - getCurrentTime: call: http.get args: url: "https://us-central1-workflowsample.cloudfunctions.net/getCurrentTime" result: currentTime # You would call reCAPTCHA Enterprise verification service here # and implement further logic based on the verification result `, }); // Export the sensitive key and the workflow's name as stack outputs export const recaptchaEnterpriseKeyName = recaptchaEnterpriseKey.name; export const workflowName = exampleWorkflow.name;
In this program, we define two constants at the top for your GCP project ID and the display name for the reCAPTCHA key. You need to replace these with your respective GCP project ID and desired display name.
The
recaptchaEnterpriseKey
is created with a configuration allowing all domains and using an integration type of "SCORE". These settings can be adjusted based on your needs, for example, you might want to specify a list of allowed domains in a production environment.The
exampleWorkflow
defines a very simple Cloud Workflow that fetches the current time from a hypothetical Cloud Function endpoint (you'll need to deploy a Cloud Function separately that provides this functionality). In a real-world scenario, you would add additional steps to call the reCAPTCHA Enterprise verification service and implement logic based on the verification results.The
sourceContents
of the workflow is a string in YAML format for this example. This is where the step-by-step orchestration is defined using Cloud Workflows' syntax. The actual implementation details within this string will depend greatly on how you expect to interact with reCAPTCHA and other services.At the end of the program, two stack exports are provided: one for the reCAPTCHA Enterprise key name and one for the workflow's name. These could be used in other systems, or for reference in your deployment.
You can expand on this program to fully integrate a verification process depending on your application's requirements.