Исправить VPC примеры на IAM (#8)

* add IAM resource `selectel_iam_s3_credentials_v1`

* bump selectel/selectel provider version to 5.0.2

* replace terracurl to selectel/selectel provider in s3-credentials

* delete unused variables from s3-credentials

* fix s3-credentials outputs

* update README.md

* delete variables for s3-creds

* fix mistakes

---------

Co-authored-by: Maksim Kuznetsov <[email protected]>
Co-authored-by: Filipp Fedorov <[email protected]>

README.md

@@ -74,7 +74,7 @@ terraform plan/apply \
 
 - Ввести с клавиатуры, если переменные не были заданы любым другим способом
 
-После успешного выполнения команды `terraform apply` вы должны увидеть в своём аккаунте новый проект, в котором будет запущены все модули (MKS, SFS, vm, CRaaS и др.)
+После успешного выполнения команды `terraform apply` вы должны увидеть в своём аккаунте новый проект, в котором будут запущены все модули (MKS, SFS, vm, CRaaS и др.)
 
 ## Repository structure
 
@@ -94,8 +94,8 @@ terraform plan/apply \
   * [network](modules/network) - создание локальной сети
   * [os_project_with_user](modules/os_project_with_user) - создание проекта в облаке Selectel
   * [s3](modules/s3) - создание [объектного хранилища s3](https://selectel.ru/services/cloud/storage/)
-    * [s3](modules/s3-bucket) - создание s3 бакета
-    * [s3](modules/s3-credentioals) - создание s3 параметров авторизации
+    * [s3-bucket](modules/s3-bucket) - создание s3 бакета
+    * [s3-credentials](modules/s3-credentioals) - создание s3 параметров авторизации
   * [selectel-token](modules/selectel) - создание токена аккаунта Selectel
   * [sfs](modules/sfs) - создание [файлового хранилища](https://selectel.ru/lab/file-storage/)
   * [vm](modules/vm) - создание [виртуального облачного сервера](https://selectel.ru/services/cloud/servers/)

main.tf

@@ -42,9 +42,6 @@ module "sfs" {
 # Создаём S3-ключ для пользователя
 module "s3-creds" {
   source           = "./modules/s3/s3-credentials"
-  os_account       = var.selectel_domain_name
-  os_username      = var.selectel_user_admin_user
-  os_password      = var.selectel_user_admin_password
   os_user_id       = module.project-with-user.user_id
   os_project_id    = module.project-with-user.project_id
   credentials_name = "github-s3-creds"

modules/craas/README.md

@@ -2,13 +2,13 @@
 
 | Name | Version |
 |------|---------|
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.2 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.2 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -18,8 +18,8 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [selectel_craas_registry_v1.registry_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/craas_registry_v1) | resource |
-| [selectel_craas_token_v1.token_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/craas_token_v1) | resource |
+| [selectel_craas_registry_v1.registry_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/craas_registry_v1) | resource |
+| [selectel_craas_token_v1.token_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/craas_token_v1) | resource |
 
 ## Inputs
 

modules/craas/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.2"
+      version = "5.0.2"
     }
   }
 }

modules/mks/k8s-cluster-standalone/README.md

@@ -4,13 +4,13 @@
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
 | <a name="requirement_openstack"></a> [openstack](#requirement\_openstack) | 1.53.0 |
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.2 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.2 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -25,7 +25,7 @@
 
 | Name | Type |
 |------|------|
-| [selectel_mks_kubeconfig_v1.kubeconfig](https://registry.terraform.io/providers/selectel/selectel/latest/docs/data-sources/mks_kubeconfig_v1) | data source |
+| [selectel_mks_kubeconfig_v1.kubeconfig](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/data-sources/mks_kubeconfig_v1) | data source |
 
 ## Inputs
 

modules/mks/k8s-cluster-standalone/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.2"
+      version = "5.0.2"
     }
     openstack = {
       source  = "terraform-provider-openstack/openstack"

modules/mks/k8s-cluster/README.md

@@ -3,13 +3,13 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.2 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.2 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -19,7 +19,7 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [selectel_mks_cluster_v1.cluster_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/mks_cluster_v1) | resource |
+| [selectel_mks_cluster_v1.cluster_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/mks_cluster_v1) | resource |
 
 ## Inputs
 

modules/mks/k8s-cluster/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.2"
+      version = "5.0.2"
     }
   }
   required_version = ">= 1.5.0"

modules/mks/k8s-nodegroup-gpu/README.md

@@ -3,13 +3,13 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.2 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.2 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -19,7 +19,7 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [selectel_mks_nodegroup_v1.nodegroup_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/mks_nodegroup_v1) | resource |
+| [selectel_mks_nodegroup_v1.nodegroup_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/mks_nodegroup_v1) | resource |
 
 ## Inputs
 

modules/mks/k8s-nodegroup-gpu/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.2"
+      version = "5.0.2"
     }
   }
   required_version = ">= 1.5.0"

modules/mks/k8s-nodegroup/README.md

@@ -3,13 +3,13 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.2 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.2 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -19,7 +19,7 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [selectel_mks_nodegroup_v1.nodegroup_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/mks_nodegroup_v1) | resource |
+| [selectel_mks_nodegroup_v1.nodegroup_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/mks_nodegroup_v1) | resource |
 
 ## Inputs
 

modules/mks/k8s-nodegroup/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.2"
+      version = "5.0.2"
     }
   }
   required_version = ">= 1.5.0"

modules/os_project_with_user/README.md

@@ -4,14 +4,14 @@
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.5.0 |
 | <a name="requirement_random"></a> [random](#requirement\_random) | >= 3.3.2 |
-| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | >= 4.0.1 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
 | <a name="provider_random"></a> [random](#provider\_random) | >= 3.3.2 |
-| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | >= 4.0.1 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
@@ -21,25 +21,23 @@ No modules.
 
 | Name | Type |
 |------|------|
-| [random_password.user_1_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
-| [selectel_vpc_project_v2.project_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/vpc_project_v2) | resource |
-| [selectel_vpc_role_v2.role_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/vpc_role_v2) | resource |
-| [selectel_vpc_user_v2.user_1](https://registry.terraform.io/providers/selectel/selectel/latest/docs/resources/vpc_user_v2) | resource |
+| [random_password.serviceuser_1_password](https://registry.terraform.io/providers/hashicorp/random/latest/docs/resources/password) | resource |
+| [selectel_iam_serviceuser_v1.serviceuser_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/iam_serviceuser_v1) | resource |
+| [selectel_vpc_project_v2.project_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/vpc_project_v2) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_os_project_name"></a> [os\_project\_name](#input\_os\_project\_name) | Name of OpenStack project to create | `string` | n/a | yes |
-| <a name="input_os_username"></a> [os\_username](#input\_os\_username) | Username of user create in OpenStack project | `string` | n/a | yes |
+| <a name="input_os_username"></a> [os\_username](#input\_os\_username) | Username of service user to create in OpenStack project | `string` | n/a | yes |
 
 ## Outputs
 
 | Name | Description |
 |------|-------------|
 | <a name="output_project_id"></a> [project\_id](#output\_project\_id) | ID of created project |
 | <a name="output_project_name"></a> [project\_name](#output\_project\_name) | Name of created project |
-| <a name="output_role_id"></a> [role\_id](#output\_role\_id) | ID of created user role |
-| <a name="output_user_id"></a> [user\_id](#output\_user\_id) | ID of user, that admins the project |
+| <a name="output_user_id"></a> [user\_id](#output\_user\_id) | ID of user that admins the project |
 | <a name="output_user_name"></a> [user\_name](#output\_user\_name) | Username of created user |
 | <a name="output_user_password"></a> [user\_password](#output\_user\_password) | Password of created user. Generated automatically. |

modules/os_project_with_user/main.tf

@@ -2,7 +2,7 @@ resource "selectel_vpc_project_v2" "project_1" {
   name = var.os_project_name
 }
 
-resource "random_password" "user_1_password" {
+resource "random_password" "serviceuser_1_password" {
   length           = 32
   special          = true
   override_special = "!#$%&*()-_=+[]{}<>:?"
@@ -12,12 +12,12 @@ resource "random_password" "user_1_password" {
   min_upper        = 1
 }
 
-resource "selectel_vpc_user_v2" "user_1" {
+resource "selectel_iam_serviceuser_v1" "serviceuser_1" {
   name     = var.os_username
-  password = random_password.user_1_password.result
-}
-
-resource "selectel_vpc_role_v2" "role_1" {
-  project_id = selectel_vpc_project_v2.project_1.id
-  user_id    = selectel_vpc_user_v2.user_1.id
-}
+  password = random_password.serviceuser_1_password.result
+  role {
+    scope      = "project"
+    role_name  = "member"
+    project_id = selectel_vpc_project_v2.project_1.id
+  }
+}

modules/os_project_with_user/outputs.tf

@@ -9,22 +9,17 @@ output "project_name" {
 }
 
 output "user_id" {
-  description = "ID of user, that admins the project"
-  value       = selectel_vpc_user_v2.user_1.id
+  description = "ID of user that admins the project"
+  value       = selectel_iam_serviceuser_v1.serviceuser_1.id
 }
 
 output "user_name" {
   description = "Username of created user"
-  value       = selectel_vpc_user_v2.user_1.name
-}
-
-output "role_id" {
-  description = "ID of created user role"
-  value       = selectel_vpc_role_v2.role_1.id
+  value       = selectel_iam_serviceuser_v1.serviceuser_1.name
 }
 
 output "user_password" {
   description = "Password of created user. Generated automatically."
-  value       = random_password.user_1_password.result
+  value       = random_password.serviceuser_1_password.result
   sensitive   = true
 }

modules/os_project_with_user/vars.tf

@@ -4,6 +4,6 @@ variable "os_project_name" {
 }
 
 variable "os_username" {
-  description = "Username of user create in OpenStack project"
+  description = "Username of service user to create in OpenStack project"
   type        = string
 }

modules/os_project_with_user/versions.tf

@@ -2,7 +2,7 @@ terraform {
   required_providers {
     selectel = {
       source  = "selectel/selectel"
-      version = ">= 4.0.1"
+      version = "5.0.2"
     }
     random = {
       source  = "hashicorp/random"

modules/s3/s3-credentials/README.md

@@ -3,36 +3,31 @@
 | Name | Version |
 |------|---------|
 | <a name="requirement_terraform"></a> [terraform](#requirement\_terraform) | >= 1.0.0 |
-| <a name="requirement_terracurl"></a> [terracurl](#requirement\_terracurl) | >= 1.0.1 |
+| <a name="requirement_selectel"></a> [selectel](#requirement\_selectel) | 5.0.2 |
 
 ## Providers
 
 | Name | Version |
 |------|---------|
-| <a name="provider_terracurl"></a> [terracurl](#provider\_terracurl) | >= 1.0.1 |
+| <a name="provider_selectel"></a> [selectel](#provider\_selectel) | 5.0.2 |
 
 ## Modules
 
-| Name | Source | Version |
-|------|--------|---------|
-| <a name="module_selectel_token"></a> [selectel\_token](#module\_selectel\_token) | ../../selectel-token | n/a |
+No modules.
 
 ## Resources
 
 | Name | Type |
 |------|------|
-| [terracurl_request.s3_credentials](https://registry.terraform.io/providers/devops-rob/terracurl/latest/docs/resources/request) | resource |
+| [selectel_iam_s3_credentials_v1.s3_credentials_1](https://registry.terraform.io/providers/selectel/selectel/5.0.2/docs/resources/iam_s3_credentials_v1) | resource |
 
 ## Inputs
 
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_credentials_name"></a> [credentials\_name](#input\_credentials\_name) | Название создаваемых кред для S3 | `string` | n/a | yes |
-| <a name="input_os_account"></a> [os\_account](#input\_os\_account) | ID аккаунта | `string` | n/a | yes |
-| <a name="input_os_password"></a> [os\_password](#input\_os\_password) | Пароль пользователя МИНИМУМ с ролью Администратор пользователей. Именем этого пользователя будут выданы ключи от S3 | `string` | n/a | yes |
 | <a name="input_os_project_id"></a> [os\_project\_id](#input\_os\_project\_id) | ID проекта, в котором находится бакет | `string` | n/a | yes |
 | <a name="input_os_user_id"></a> [os\_user\_id](#input\_os\_user\_id) | ID пользователя, которому надо выдать ключи S3 | `string` | n/a | yes |
-| <a name="input_os_username"></a> [os\_username](#input\_os\_username) | Логин пользователя МИНИМУМ с ролью Администратор пользователей. Именем этого пользователя будут выданы ключи от S3 | `string` | n/a | yes |
 
 ## Outputs