From 509c9aaf2850fc21544433861f3bc7c0c0d2e7ac Mon Sep 17 00:00:00 2001 From: Jim Enright Date: Mon, 18 Dec 2023 16:04:23 +0000 Subject: [PATCH] Update top level readme with module details and CDP auth notes (#48) Signed-off-by: Jim Enright --- DEVELOPMENT.md | 59 ++++++++++++++++++++++++++++++++++++++++++++++++++ README.md | 5 ++++- 2 files changed, 63 insertions(+), 1 deletion(-) diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index d697200..e98a711 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -93,3 +93,62 @@ source = "../../terraform-cdp-modules/modules/terraform-cdp-deploy" #### Azure Same as above, just change the first module’s source to `source = "../../terraform-cdp-modules/modules/terraform-cdp-azure-pre-reqs"` + +# Notes on CDP authentication + +The CDP provider offers a flexible means of providing credentials for authentication. The following methods are supported: + +* Static credentials +* Environment variables +* Shared credentials file + +See the [CDP Terraform Provider Documentation](https://registry.terraform.io/providers/cloudera/cdp/latest/docs#authentication) for more details on each of these authentication methods. + +## Setting CDP Region + +The [CDP Control Plane Region](https://docs.cloudera.com/cdp-public-cloud/cloud/cp-regions/topics/cdp-control-plane-regions.html) associated with a set of CDP credentials can be specified via one of the following methods: + +1. Set the control plane region name in the CDP provider configuration of the Terraform root module as shown below. + +```terraform +provider "cdp" { + # Example of setting control plane region to eu-1 + cdp_region = "eu-1" +} +``` + +2. Set the `CDP_REGION` environment variable in your terminal, e.g.: + +```bash +export CDP_REGION="eu-1" +``` + +3. Set cdp_region in your CDP config file (`~/.cdp/config`). Below shows an example for the default profile and for a custom profile. + +``` +[default] +cdp_region = us-west-1 + +[profile customprofile] +cdp_region = eu-1 +``` + +See CDP Terraform Provider Documentation for further details on [setting the CDP region](https://registry.terraform.io/providers/cloudera/cdp/latest/docs#setting-the-cdp-region) + +## Setting CDP Profile + +When using a shared credentials file a custom profile (other than `default`) can be specified via one of the following methods: + +1. Set the profile name in the CDP provider configuration of the Terraform root module as shown below. + +```terraform +provider "cdp" { + cdp_profile = "customprofile" +} +``` + +2. Set the `CDP_PROFILE` environment variable in your terminal, e.g. + +```bash +export CDP_PROFILE="customprofile" +``` diff --git a/README.md b/README.md index 6c89634..04ab8e7 100644 --- a/README.md +++ b/README.md @@ -10,6 +10,8 @@ This repository contains a number of Terraform modules for creation of the pre-r | [terraform-cdp-azure-prereqs](modules/terraform-cdp-azure-pre-reqs/README.md) | For all Azure pre-requisite Cloud resources | | [terraform-cdp-deploy](modules/terraform-cdp-deploy/README.md) | For deployment of CDP on Azure or AWS. | | [terraform-aws-vpc](modules/terraform-aws-vpc/README.md) | Module for creation of the VPC networking resources on AWS suitable. Can be used to create the CDP VPC and Subnets. Note that this module is called from the terraform-cdp-aws-prereqs module. | +| [terraform-aws-tgw](modules/terraform-aws-tgw/README.md) | Module for creation creation of AWS Transity Gateway (TGW) and attaching a specified list of VPCs via the TGW. This module can be used to assist in deploying Cloudera Data Platform (CDP) Public Cloud in a fully private networking configuration where a CDP VPC and Networking VPC are connected using the Transit Gateway. | +| [terraform-azure-nfs](modules/terraform-azure-nfs/README.md) | Module for creation of Azure NFS File Share required for Cloudera Machine Learning (CML) Public Cloud. Also optionally creates a Virtual Machine which can be used to mount and set the required ownership for CML workspace's projects folder.| Each module contains Terraform resource configuration and example variable definition files. @@ -67,7 +69,8 @@ Configure Terraform Provider for AWS or Azure * Configure the Terraform Provider for CDP with access key ID and private key by dowloading or creating a CDP configuation file. * See the [CDP documentation for steps to Generate the API access key](https://docs.cloudera.com/cdp-public-cloud/cloud/cli/topics/mc-cli-generating-an-api-access-key.html). - + * See the [CDP Terraform Provider Documentation](https://registry.terraform.io/providers/cloudera/cdp/latest/docs#authentication) and [DEVELOPMENT.md](./DEVELOPMENT.md) for the different ways of providing the CDP credentials for authentication. + * To create resources in the Cloud Provider, access credentials or service account are needed for authentication. * For **AWS** access keys are required to be able to create the Cloud resources via the Terraform aws provider. See the [AWS Terraform Provider Documentation](https://registry.terraform.io/providers/hashicorp/aws/latest/docs#authentication-and-configuration). * For **Azure**, authentication with the Azure subscription is required. There are a number of ways to do this outlined in the [Azure Terraform Provider Documentation](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs#authenticating-to-azure).