Creating a profile
There are two ways to create a profile:
-
Creating an empty profile and adding parameters manually.
This creates and activates an empty profile: you have to add all the parameters separately.
-
Wizard-based profile creation with basic parameters.
The CLI suggests setting the basic profile parameters step-by-step. You can use this method to redefine the parameters of an existing profile. This method doesn't work for service accounts.
Creating an empty profile and adding parameters manually
Create a profile with the test
name:
-
Run this command:
yc config profile create test
Result:
Profile 'test' created and activated
-
Add the necessary profile parameters, such as a folder:
yc config set folder-id <folder ID>
View the full list of profile parameters and learn how to manage them.
You can view an example of this type of profile when getting started.
Wizard-based profile creation with basic parameters
If you use the wizard to create a profile, the CLI prompts you to enter the basic profile parameters step-by-step:
- Profile name.
- OAuth token (for a Yandex account).
- The cloud you have access rights to.
- Default folder.
- Default availability zone where Yandex Compute Cloud resources are created.
You can stop profile creation at any time. All the settings you entered before stopping are saved to the profile.
If you are not connected to the management console yet, log in to the console
To get authenticated using a Yandex account:
-
Get an OAuth token in Yandex ID
:-
Click the link
. If the application requests access to data, permit it. You need to do this to get a token. -
Copy the token to the clipboard or save it.
-
-
If authenticating for the first time, go to the cloud console
. Accept the terms of the license agreement and privacy policy. -
To initialize CLI profile setup, run this command:
yc init
-
Select the profile you want to set up authentication for or create a new one. If it is your first time running the
yc init
command, this step will be skipped.Pick desired action: [1] Re-initialize this profile 'default' with new settings [2] Create a new profile Please enter your numeric choice: 1
-
Enter the previously obtained OAuth token when prompted by the command:
Please go to https://oauth.yandex.com/authorize?response_type=token&client_id=1a6990aa636648e9b2ef855fa7bec2fb in order to obtain OAuth token. Please enter OAuth token: y0_AgA ... wvs7N4
-
Select one of the clouds from the list of those you have access to:
Please select cloud to use: [1] cloud1 (id = aoe2bmdcvata********) [2] cloud2 (id = dcvatao4faoe********) Please enter your numeric choice: 2
If there is only one cloud available, it will be selected automatically.
-
Select the default folder:
Please choose a folder to use: [1] folder1 (id = cvatao4faoe2********) [2] folder2 (id = tao4faoe2cva********) [3] Create a new folder Please enter your numeric choice: 1
-
To select the default availability zone for Compute Cloud, type
Y
. To skip the setup, typen
.Do you want to configure a default Yandex Compute Cloud availability zone? [Y/n] Y
If you chose
Y
, select the availability zone:Which zone do you want to use as a profile default? [1] ru-central1-a [2] ru-central1-b [3] ru-central1-c [4] ru-central1-d [5] Do not set default zone Please enter your numeric choice: 2
-
View your CLI profile settings:
yc config list
Result:
token: y0_AgA...wvs7N4 cloud-id: b1g159pa15cd******** folder-id: b1g8o9jbt58******** compute-default-zone: ru-central1-b
To authenticate using a SAML-compatible identity federation:
-
Get your federation ID from your administrator.
-
Launch the profile creation wizard:
yc init \ --federation-endpoint auth.cloud.yandex.com \ --federation-id <federation_ID>
-
Select the profile you want to set up authentication for or create a new one.
Welcome! This command will take you through the configuration process. Pick desired action: [1] Re-initialize this profile 'default' with new settings [2] Create a new profile
-
The CLI prompts you to continue authentication in the browser. Press Enter to continue.
You are going to be authenticated via federation-id 'aje1f0hsgds3a********'. Your federation authentication web site will be opened. After your successful authentication, you will be redirected to 'https://console.yandex.cloud'. Press 'enter' to continue...
On successful authentication, the IAM token is saved in the profile. This token is used to authenticate each operation until the token expires. After that, the CLI again displays a prompt to authenticate in the browser.
-
Go back to the command line interface to finish creating the profile.
-
Select one of the clouds from the list of those you have access to:
Please select cloud to use: [1] cloud1 (id = aoe2bmdcvata********) [2] cloud2 (id = dcvatao4faoe********) Please enter your numeric choice: 2
If there is only one cloud available, it will be selected automatically.
-
Select the default folder:
Please choose a folder to use: [1] folder1 (id = cvatao4faoe2********) [2] folder2 (id = tao4faoe2cva********) [3] Create a new folder Please enter your numeric choice: 1
-
To select the default availability zone for Compute Cloud, type
Y
. To skip the setup, typen
.Do you want to configure a default Yandex Compute Cloud availability zone? [Y/n] Y
If you typed
Y
, select the availability zone:Which zone do you want to use as a profile default? [1] ru-central1-a [2] ru-central1-b [3] ru-central1-c [4] ru-central1-d [5] Do not set default zone Please enter your numeric choice: 2
-
View your CLI profile settings:
yc config list
Result:
federation-id: aje1f0hs6oja******** cloud-id: b1g159pa15cd******** folder-id: b1g8o9jbt58******** compute-default-zone: ru-central1-b