Deckhouse Platform in Yandex.Cloud

You need to create a Yandex.Cloud service account with the editor role to manage cloud resources. The detailed instructions for creating a service account with Yandex.Cloud are available in the documentation. Below, we will provide a brief overview of the necessary actions:

Create a user named deckhouse. The command response will contain its parameters:

yc iam service-account create --name deckhouse
id: <userID>
folder_id: <folderID>
created_at: "YYYY-MM-DDTHH:MM:SSZ"
name: deckhouse
yc iam service-account create --name deckhouse id: <userID> folder_id: <folderID> created_at: "YYYY-MM-DDTHH:MM:SSZ" name: deckhouse

Assign the editor role to the newly created user:

yc resource-manager folder add-access-binding <foldername> --role editor --subject serviceAccount:<userID>
yc resource-manager folder add-access-binding <foldername> --role editor --subject serviceAccount:<userID>

Create a JSON file containing the parameters for user authorization in the cloud. These parameters will be used to log in to the cloud:

yc iam key create --service-account-name deckhouse --output deckhouse-sa-key.json
yc iam key create --service-account-name deckhouse --output deckhouse-sa-key.json

Please note that when you need to use the contents of this file during the next step — adding it to your YAML manifest (in the serviceAccountJSON parameter) — you will need to make it compact via cat deckhouse-sa-key.json | jq -c.