Corrections for TF manifest #4

mikhaildoc-documentat · 2024-12-09T10:33:35Z

No description provided.

Odyvia42 · 2024-12-28T05:14:28Z

data-proc-data-exchange-with-mch.tf

 resource "yandex_iam_service_account" "sa-for-obj-storage" {
  folder_id = local.folder_id
  name      = local.os_sa_name
 }

-# Grant the service account storage.admin role to create storages and grant bucket ACLs.
+# Grant the service account storage.admin role to create storages and grant bucket ACLs


Suggested change

# Grant the service account storage.admin role to create storages and grant bucket ACLs

# Grant the service account storage.admin role to manage buckets and grant bucket ACLs

Предлагаю здесь поправить.
Роль позволяет не только создавать, но и в целом управлять бакетом, в том числе и удалять его. Ну и термин "бакет" сюда больше подходит, чем хранилище.

Odyvia42 · 2024-12-28T05:17:02Z

data-proc-data-exchange-with-mch.tf

 resource "yandex_iam_service_account" "sa-for-obj-storage" {
  folder_id = local.folder_id
  name      = local.os_sa_name
 }

-# Grant the service account storage.admin role to create storages and grant bucket ACLs.
+# Grant the service account storage.admin role to create storages and grant bucket ACLs
 resource "yandex_resourcemanager_folder_iam_binding" "s3-editor" {


Suggested change

resource "yandex_resourcemanager_folder_iam_binding" "s3-editor" {

resource "yandex_resourcemanager_folder_iam_binding" "s3-admin" {

Odyvia42 · 2024-12-28T05:17:51Z

data-proc-data-exchange-with-mch.tf

 resource "yandex_storage_bucket" "input-bucket" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = local.input_bucket

+  depends_on = [
+    yandex_resourcemanager_folder_iam_binding.s3-editor


Suggested change

yandex_resourcemanager_folder_iam_binding.s3-editor

yandex_resourcemanager_folder_iam_binding.s3-admin

Odyvia42 · 2024-12-28T05:18:12Z

data-proc-data-exchange-with-mch.tf

 resource "yandex_storage_bucket" "output-bucket" {
  access_key = yandex_iam_service_account_static_access_key.sa-static-key.access_key
  secret_key = yandex_iam_service_account_static_access_key.sa-static-key.secret_key
  bucket     = local.output_bucket

+  depends_on = [
+    yandex_resourcemanager_folder_iam_binding.s3-editor


Suggested change

yandex_resourcemanager_folder_iam_binding.s3-editor

yandex_resourcemanager_folder_iam_binding.s3-admin

Odyvia42 · 2024-12-28T05:18:33Z

data-proc-data-exchange-with-mch.tf

@@ -197,7 +212,7 @@ resource "yandex_dataproc_cluster" "dataproc-cluster" {

    hadoop {
      services        = ["HDFS", "SPARK", "YARN"]
-      ssh_public_keys = [file(local.dp_ssh_key)]
+      ssh_public_keys = ["${file(local.dp_ssh_key)}"]


Здесь было правильно. Давай вернём как было.

Тут используется не явно прописанный путь, а локальная переменная, с ней путь нужно записывать именно так

Odyvia42

Давай ещё добавим в кластер зависимости от ресурсов с ролями dataproc.agent и dataproc.provisioner, как в других манифестах.

mikhaildoc-documentat added 2 commits December 9, 2024 15:07

Corrections for TF manifest

84085bc

Removed dots

d485556

Odyvia42 requested changes Dec 28, 2024

View reviewed changes

Odyvia42 reviewed Dec 28, 2024

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Corrections for TF manifest #4

Corrections for TF manifest #4

mikhaildoc-documentat commented Dec 9, 2024

Odyvia42 Dec 28, 2024

Odyvia42 Dec 28, 2024

Odyvia42 Dec 28, 2024

Odyvia42 Dec 28, 2024

Odyvia42 Dec 28, 2024

Odyvia42 Dec 28, 2024

mikhaildoc-documentat Dec 28, 2024

Odyvia42 left a comment

	# Grant the service account storage.admin role to create storages and grant bucket ACLs
	# Grant the service account storage.admin role to manage buckets and grant bucket ACLs

	resource "yandex_resourcemanager_folder_iam_binding" "s3-editor" {
	resource "yandex_resourcemanager_folder_iam_binding" "s3-admin" {

	yandex_resourcemanager_folder_iam_binding.s3-editor
	yandex_resourcemanager_folder_iam_binding.s3-admin

Corrections for TF manifest #4

Are you sure you want to change the base?

Corrections for TF manifest #4

Conversation

mikhaildoc-documentat commented Dec 9, 2024

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 Dec 28, 2024

Choose a reason for hiding this comment

mikhaildoc-documentat Dec 28, 2024

Choose a reason for hiding this comment

Odyvia42 left a comment

Choose a reason for hiding this comment