googleDataprocMetastoreService

A managed metastore service that serves metadata queries.

To get more information about Service, see:

Example Usage - Dataproc Metastore Service Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
new google.dataprocMetastoreService.DataprocMetastoreService(this, "default", {
  hive_metastore_config: [
    {
      version: "2.3.6",
    },
  ],
  location: "us-central1",
  maintenance_window: [
    {
      day_of_week: "SUNDAY",
      hour_of_day: 2,
    },
  ],
  port: 9080,
  service_id: "metastore-srv",
  tier: "DEVELOPER",
});

Example Usage - Dataproc Metastore Service Cmek Example

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleKmsKeyRingKeyRing = new google.kmsKeyRing.KmsKeyRing(
  this,
  "key_ring",
  {
    location: "us-central1",
    name: "example-keyring",
    provider: "${google-beta}",
  }
);
const googleKmsCryptoKeyCryptoKey = new google.kmsCryptoKey.KmsCryptoKey(
  this,
  "crypto_key",
  {
    key_ring: googleKmsKeyRingKeyRing.id,
    name: "example-key",
    provider: "${google-beta}",
    purpose: "ENCRYPT_DECRYPT",
  }
);
new google.dataprocMetastoreService.DataprocMetastoreService(this, "default", {
  encryption_config: [
    {
      kms_key: googleKmsCryptoKeyCryptoKey.id,
    },
  ],
  hive_metastore_config: [
    {
      version: "3.1.2",
    },
  ],
  location: "us-central1",
  service_id: "example-service",
});

Example Usage - Dataproc Metastore Service Private Service Connect

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeNetworkNet = new google.computeNetwork.ComputeNetwork(
  this,
  "net",
  {
    auto_create_subnetworks: false,
    name: "my-network",
  }
);
const googleComputeSubnetworkSubnet =
  new google.computeSubnetwork.ComputeSubnetwork(this, "subnet", {
    ip_cidr_range: "10.0.0.0/22",
    name: "my-subnetwork",
    network: googleComputeNetworkNet.id,
    private_ip_google_access: true,
    region: "us-central1",
  });
new google.dataprocMetastoreService.DataprocMetastoreService(this, "default", {
  hive_metastore_config: [
    {
      version: "3.1.2",
    },
  ],
  location: "us-central1",
  network_config: [
    {
      consumers: [
        {
          subnetwork: googleComputeSubnetworkSubnet.id,
        },
      ],
    },
  ],
  service_id: "metastore-srv",
});

Argument Reference

The following arguments are supported:

serviceId - (Required) The ID of the metastore service. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 63 characters.

labels - (Optional) User-defined labels for the metastore service.
network - (Optional) The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form: "projects/{projectNumber}/global/networks/{network_id}".
port - (Optional) The TCP port at which the metastore service is reached. Default: 9083.
tier - (Optional) The tier of the service. Possible values are developer and enterprise.
maintenanceWindow - (Optional) The one hour maintenance window of the metastore service. This specifies when the service can be restarted for maintenance purposes in UTC time. Maintenance window is not needed for services with the spanner database type. Structure is documented below.
encryptionConfig - (Optional) Information used to configure the Dataproc Metastore service to encrypt customer data at rest. Structure is documented below.
hiveMetastoreConfig - (Optional) Configuration information specific to running Hive metastore software as the metastore service. Structure is documented below.
networkConfig - (Optional) The configuration specifying the network settings for the Dataproc Metastore service. Structure is documented below.
databaseType - (Optional) The database type that the Metastore service stores its data. Default value is mysql. Possible values are mysql and spanner.
releaseChannel - (Optional) The release channel of the service. If unspecified, defaults to stable. Default value is stable. Possible values are canary and stable.
metadataIntegration - (Optional, Beta) The setting that defines how metastore metadata should be integrated with external services and systems. Structure is documented below.
telemetryConfig - (Optional) The configuration specifying telemetry settings for the Dataproc Metastore service. If unspecified defaults to JSON. Structure is documented below.
location - (Optional) The location where the metastore service should reside. The default value is global.
project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The maintenanceWindow block supports:

hourOfDay - (Required) The hour of day (0-23) when the window starts.
dayOfWeek - (Required) The day of week, when the window starts. Possible values are monday, tuesday, wednesday, thursday, friday, saturday, and sunday.

The encryptionConfig block supports:

kmsKey - (Required) The fully qualified customer provided Cloud KMS key name to use for customer data encryption. Use the following format: projects/([^/]+)/locations/([^/]+)/keyRings/([^/]+)/cryptoKeys/([^/]+)

The hiveMetastoreConfig block supports:

endpointProtocol - (Optional, Beta) The protocol to use for the metastore service endpoint. If unspecified, defaults to thrift. Default value is thrift. Possible values are thrift and grpc.
version - (Required) The Hive metastore schema version.
configOverrides - (Optional) A mapping of Hive metastore configuration key-value pairs to apply to the Hive metastore (configured in hive-site.xml). The mappings override system defaults (some keys cannot be overridden)
kerberosConfig - (Optional) Information used to configure the Hive metastore service as a service principal in a Kerberos realm. Structure is documented below.
auxiliaryVersions - (Optional, Beta) A mapping of Hive metastore version to the auxiliary version configuration. When specified, a secondary Hive metastore service is created along with the primary service. All auxiliary versions must be less than the service's primary version. The key is the auxiliary service name and it must match the regular expression a-z?. This means that the first character must be a lowercase letter, and all the following characters must be hyphens, lowercase letters, or digits, except the last character, which cannot be a hyphen. Structure is documented below.

The kerberosConfig block supports:

keytab - (Required) A Kerberos keytab file that can be used to authenticate a service principal with a Kerberos Key Distribution Center (KDC). Structure is documented below.
principal - (Required) A Kerberos principal that exists in the both the keytab the KDC to authenticate as. A typical principal is of the form "primary/instance@REALM", but there is no exact format.
krb5ConfigGcsUri - (Required) A Cloud Storage URI that specifies the path to a krb5.conf file. It is of the form gs://{bucket_name}/path/to/krb5.conf, although the file does not need to be named krb5.conf explicitly.

The keytab block supports:

cloudSecret - (Required) The relative resource name of a Secret Manager secret version, in the following form: "projects/{projectNumber}/secrets/{secret_id}/versions/{version_id}".

The auxiliaryVersions block supports:

key - (Required) The identifier for this object. Format specified above.
version - (Required) The Hive metastore version of the auxiliary service. It must be less than the primary Hive metastore service's version.
configOverrides - (Optional) A mapping of Hive metastore configuration key-value pairs to apply to the auxiliary Hive metastore (configured in hive-site.xml) in addition to the primary version's overrides. If keys are present in both the auxiliary version's overrides and the primary version's overrides, the value from the auxiliary version's overrides takes precedence.

The networkConfig block supports:

consumers - (Required) The consumer-side network configuration for the Dataproc Metastore instance. Structure is documented below.

The consumers block supports:

endpointUri - (Output) The URI of the endpoint used to access the metastore service.
subnetwork - (Required) The subnetwork of the customer project from which an IP address is reserved and used as the Dataproc Metastore service's endpoint. It is accessible to hosts in the subnet and to all hosts in a subnet in the same region and same network. There must be at least one IP address available in the subnet's primary range. The subnet is specified in the following form: `projects/{projectNumber}/regions/{region_id}/subnetworks/{subnetwork_id}

The metadataIntegration block supports:

dataCatalogConfig - (Required) The integration config for the Data Catalog service. Structure is documented below.

The dataCatalogConfig block supports:

enabled - (Required) Defines whether the metastore metadata should be synced to Data Catalog. The default value is to disable syncing metastore metadata to Data Catalog.

The telemetryConfig block supports:

logFormat - (Optional) The output format of the Dataproc Metastore service's logs. Default value is json. Possible values are legacy and json.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

id - an identifier for the resource with format projects/{{project}}/locations/{{location}}/services/{{serviceId}}
name - The relative resource name of the metastore service.
endpointUri - The URI of the endpoint used to access the metastore service.
state - The current state of the metastore service.
stateMessage - Additional information about the current state of the metastore service, if available.
artifactGcsUri - A Cloud Storage URI (starting with gs://) that specifies where artifacts related to the metastore service are stored.
uid - The globally unique resource identifier of the metastore service.

Timeouts

This resource provides the following Timeouts configuration options:

create - Default is 60 minutes.
update - Default is 60 minutes.
delete - Default is 60 minutes.

Import

Service can be imported using any of these accepted formats:

$ terraform import google_dataproc_metastore_service.default projects/{{project}}/locations/{{location}}/services/{{service_id}}
$ terraform import google_dataproc_metastore_service.default {{project}}/{{location}}/{{service_id}}
$ terraform import google_dataproc_metastore_service.default {{location}}/{{service_id}}

User Project Overrides

This resource supports User Project Overrides.