mws_mkafka_cluster_user (Resource)

Пользователь — это внутренняя учетная запись Kafka для аутентификации в кластере

Пример использования

resource "mws_vpc_network" "network" {
  network = var.network_name
}

resource "mws_vpc_subnet" "subnet_a" {
  subnet  = "${var.subnet_name}-a"
  network = mws_vpc_network.network.network
  cidr    = var.subnet_cidr_a
}

resource "mws_vpc_address" "broker_addr_1" {
  address = "${var.kafka_name}-broker-addr-1"
  network = mws_vpc_network.network.network
  subnet  = mws_vpc_subnet.subnet_a.metadata.id
}

resource "mws_mkafka_cluster" "example" {
  cluster = var.kafka_name
  version = "3.6.0-mws.1"

  metadata = {
    display_name = "Example Kafka Cluster"
    description  = "Managed Kafka cluster example with VPC endpoints"
  }

  active = true

  endpoints = [
    {
      name    = "vpc-endpoint"
      network = mws_vpc_network.network.network
      broker_addresses = [
        { ref = mws_vpc_address.broker_addr_1.id },
      ]
    }
  ]

  instances = {
    broker = {
      vm_type = "compute/vmTypes/gen-2-4"
      disk = {
        size = "10Gb"
        type = "NETWORK_STANDARD_SSD"
      }
      allocation = [
        {
          zone  = "ru-central1-a"
          count = 1
        }
      ]
    }
    controller = {
      vm_type = "compute/vmTypes/gen-2-4"
      disk = {
        size = "10Gb"
        type = "NETWORK_STANDARD_SSD"
      }
      allocation = [
        {
          zone  = "ru-central1-a"
          count = 1
        }
      ]
    }
  }

  maintenance_window = {
    weekly = {
      days = ["TUESDAY"]
      hour = 4
    }
  }
}

resource "mws_mkafka_cluster_user" "example_user" {
  cluster          = mws_mkafka_cluster.example.cluster
  user             = var.kafka_user_name
  password         = var.kafka_user_password
  password_version = 1 //increase on change password

  metadata = {
    display_name = "Example Kafka User"
    description  = "User for accessing the example Kafka cluster"
  }

  roles = [
    {
      name = "CLUSTER_ADMIN"
    }
  ]
}

variable "network_name" {
  type        = string
  default     = "kafka-vpc-network"
  description = "VPC network name"
}

variable "subnet_name" {
  type        = string
  default     = "kafka-subnet"
  description = "Base name for subnets"
}

variable "subnet_cidr_a" {
  type        = string
  default     = "192.168.1.0/24"
  description = "CIDR for subnet A"
}

variable "kafka_name" {
  type        = string
  default     = "kafka-cluster"
  description = "Kafka cluster name"
}

variable "kafka_user_name" {
  type        = string
  default     = "example-user"
  description = "Kafka user name"
}

variable "kafka_user_password" {
  type        = string
  default     = "securePassword123!"
  description = "Kafka user password"
}

Schema

Required

NOTE: Write-only arguments are supported in Terraform 1.11 and later.

• cluster (String) Название или идентификатор кластера.
• password (String, Sensitive, Write-only) Пароль пользователя.
• roles (Attributes List) Роли пользователя. (see below for nested schema)
• user (String) Пользователь кластера.

Optional

• kind (String)
• metadata (Attributes) (see below for nested schema)
• password_version (Number) Increase this field's value if you want to force updating the associated write-only field.
• project (String) Путь к проекту
• timeouts (Attributes) (see below for nested schema)

Read-Only

• id (String) The ID of this resource.
• status (Attributes) (see below for nested schema)

Nested Schema for roles

Required:

• name (String) Название роли.

Nested Schema for metadata

Optional:

• description (String) Описание ресурса.
• display_name (String) Отображаемое имя. Необязательное поле, можно свободно задавать и изменять для удобства организации ресурсов.

Read-Only:

• create_time (String) Дата создания объекта.
• delete_time (String) Время запроса на удаление ресурса (не фактическое время удаления).
• id (String) ссылка на типизированный референс
• purge_time (String)
• usages (Attributes List) Связи с другими ресурсами. В зависимости от типа связи, операции над ресурсом могут быть ограничены. (see below for nested schema)

Nested Schema for metadata.usages

Read-Only:

• name (String) Имя связи, требуется для модификации коллекции
• resource (String) ссылка на ресурс
• usage_type (String) Тип связи. Помимо стандартных own и use могут быть добавлены специализированные типы для конкретных сервисов

Nested Schema for timeouts

Optional:

• create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
• delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
• update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).

Nested Schema for status

Read-Only:

• ready (Attributes) Информация о статусе реконсиляции (see below for nested schema)

Nested Schema for status.ready

Read-Only:

• message (String) Описание статуса
• state (String) Состояние ресурса