homework 15.2: complete part 1 from task 1

src/homework/15-cloud-providers/15.2/terraform/.gitignore

@@ -0,0 +1,38 @@
+# Local .terraform directories
+**/.terraform/*
+
+# .tfstate files
+*.tfstate
+*.tfstate.*
+
+# Crash log files
+crash.log
+crash.*.log
+
+# Exclude all .tfvars files, which are likely to contain sentitive data, such as
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
+# to change depending on the environment.
+#
+*.tfvars
+
+# Ignore override files as they are usually used to override resources locally and so
+# are not checked in
+override.tf
+override.tf.json
+*_override.tf
+*_override.tf.json
+
+# Include override files you do wish to add to version control using negated pattern
+#
+# !example_override.tf
+
+# Include tfplan files to ignore the plan output of command: terraform plan -out=tfplan
+# example: *tfplan*
+
+# Ignore CLI configuration files
+.terraformrc
+terraform.rc
+.terraform.lock.hcl
+
+variables.tf

src/homework/15-cloud-providers/15.2/terraform/main.tf

@@ -0,0 +1,70 @@
+terraform {
+  required_providers {
+    yandex = {
+      source = "yandex-cloud/yandex"
+    }
+  }
+  required_version = ">= 0.13"
+}
+
+provider "yandex" {
+  token     = var.yandex_cloud_token
+  cloud_id  = var.yandex_cloud_id
+  folder_id = var.yandex_folder_id
+  zone      = "ru-central1-a"
+}
+
+resource "yandex_iam_service_account" "os-service-account" {
+  name = "s3-service-account"
+}
+
+// Назначение роли сервисному аккаунту
+resource "yandex_resourcemanager_folder_iam_member" "os-editor" {
+  folder_id = var.yandex_folder_id
+  role      = "storage.editor"
+  member    = "serviceAccount:${yandex_iam_service_account.os-service-account.id}"
+}
+
+// Создание статического ключа доступа
+resource "yandex_iam_service_account_static_access_key" "os-static-key" {
+  service_account_id = yandex_iam_service_account.os-service-account.id
+  description        = "static access key for object storage"
+}
+
+// Создание бакета с использованием ключа
+resource "yandex_storage_bucket" "os-netology-bucket" {
+  access_key = yandex_iam_service_account_static_access_key.os-static-key.access_key
+  secret_key = yandex_iam_service_account_static_access_key.os-static-key.secret_key
+  bucket     = "os-netology-bucket"
+
+  anonymous_access_flags {
+    read = true
+    list = false
+  }
+}
+
+resource "yandex_storage_object" "cute-cat-picture" {
+  bucket = yandex_storage_bucket.os-netology-bucket.bucket
+  access_key = yandex_iam_service_account_static_access_key.os-static-key.access_key
+  secret_key = yandex_iam_service_account_static_access_key.os-static-key.secret_key
+  key    = "cute-cat"
+  source = "./static/cute_cat.jpg"
+  content_type = "image/jpg"
+  acl = "public-read"
+}
+
+output "os" {
+  value = {
+    "staticUrl": "https://${yandex_storage_bucket.os-netology-bucket.bucket}.storage.yandexcloud.net/${yandex_storage_object.cute-cat-picture.key}"
+  }
+}
+
+#resource "yandex_vpc_network" "network-vpc" {
+#  name = "network-vpc"
+#}
+
+#output "ips" {
+#  value = {
+#
+#  }
+#}

src/homework/15-cloud-providers/15.2/terraform/variables.tf.example

@@ -0,0 +1,16 @@
+# Заменить на ID своего облака
+# https://console.cloud.yandex.ru/cloud?section=overview
+variable "yandex_cloud_id" {
+  default = "b1gu1gt5nqi6lqgu3t7s"
+}
+
+# Заменить на Folder своего облака
+# https://console.cloud.yandex.ru/cloud?section=overview
+variable "yandex_folder_id" {
+  default = "b1gaec42k169jqpo02f7"
+}
+
+# OAuth токен, используемый утилитой yc. Применялся на этапе с packer.
+variable "yandex_cloud_token" {
+  default = ""
+}