Yandex.Cloud Connection¶

The Yandex.Cloud connection type enables the authentication in Yandex.Cloud services.

Configuring the Connection¶

Service account auth JSON

JSON object as a string.

Example: {"id": "...", "service_account_id": "...", "private_key": "..."}

Service account auth JSON file path

Path to the file containing service account auth JSON.

Example: /home/airflow/authorized_key.json

OAuth Token

OAuth token as a string.

Example: y3_Vdheub7w9bIut67GHeL345gfb5GAnd3dZnf08FRbvjeUFvetYiohGvc

SSH public key (optional)

The key will be placed to all created Compute nodes, allowing to have a root shell there.

Folder ID (optional)

Folder is a entity to separate different projects within the cloud.

If specified, this ID will be used by default during creation of nodes and clusters.

Endpoint (optional)

Set API endpoint

All hooks and operators related to Yandex.Cloud use yandexcloud_default connection by default.

Before you start, make sure you have created a Yandex Cloud Service Account with the permissions lockbox.viewer and lockbox.payloadViewer.

First, you need to create Authorized key for your service account and save the generated JSON file with public and private key parts.

Then you need to specify the key in the Service account auth JSON field.

Alternatively, you can specify the path to JSON file in the Service account auth JSON file path field.

First, you need to create OAuth token for user account. It will looks like y3_Vdheub7w9bIut67GHeL345gfb5GAnd3dZnf08FRbvjeUFvetYiohGvc.

Then you need to specify token in the OAuth Token field.

If no credentials are specified, the connection will attempt to use the metadata service for authentication.

To do this, you need to link your service account with your VM.