Google Dataproc metastore Service

This page shows how to write Terraform for Dataproc metastore Service and write them securely.

google_dataproc_metastore_service (Terraform)

The Service in Dataproc metastore can be configured in Terraform with the resource name google_dataproc_metastore_service. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).


The following arguments are supported:

  • service_id - (Required) The ID of the metastore service. The id must contain only letters (a-z, A-Z), numbers (0-9), underscores (_), and hyphens (-). Cannot begin or end with underscore or hyphen. Must consist of between 3 and 63 characters.

  • labels - (Optional) User-defined labels for the metastore service.

  • network - (Optional) The relative resource name of the VPC network on which the instance can be accessed. It is specified in the following form: "projects/[projectNumber]/global/networks/[network_id]".

  • port - (Optional) The TCP port at which the metastore service is reached. Default: 9083.

  • tier - (Optional) The tier of the service. Possible values are DEVELOPER and ENTERPRISE.

  • maintenance_window - (Optional) The one hour maintenance window of the metastore service. This specifies when the service can be restarted for maintenance purposes in UTC time. Structure is documented below.

  • hive_metastore_config - (Optional) Configuration information specific to running Hive metastore software as the metastore service. Structure is documented below.

  • location - (Optional) The location where the autoscaling policy should reside. The default value is global.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The maintenance_window block supports:

  • hour_of_day - (Required) The hour of day (0-23) when the window starts.

  • day_of_week - (Required) The day of week, when the window starts. Possible values are MONDAY, TUESDAY, WEDNESDAY, THURSDAY, FRIDAY, SATURDAY, and SUNDAY.

The hive_metastore_config block supports:

  • version - (Required) The Hive metastore schema version.

  • config_overrides - (Optional) A mapping of Hive metastore configuration key-value pairs to apply to the Hive metastore (configured in hive-site.xml). The mappings override system defaults (some keys cannot be overridden)

  • kerberos_config - (Optional) Information used to configure the Hive metastore service as a service principal in a Kerberos realm. Structure is documented below.

The kerberos_config block supports:

  • keytab - (Required) A Kerberos keytab file that can be used to authenticate a service principal with a Kerberos Key Distribution Center (KDC). Structure is documented below.

  • principal - (Required) A Kerberos principal that exists in the both the keytab the KDC to authenticate as. A typical principal is of the form "primary/instance@REALM", but there is no exact format.

  • krb5_config_gcs_uri - (Required) A Cloud Storage URI that specifies the path to a krb5.conf file. It is of the form gs://[bucket_name]/path/to/krb5.conf, although the file does not need to be named krb5.conf explicitly.

The keytab block supports:

  • cloud_secret - (Required) The relative resource name of a Secret Manager secret version, in the following form: "projects/[projectNumber]/secrets/[secret_id]/versions/[version_id]".

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/[[project]]/locations/[[location]]/services/[[service_id]]

  • name - The relative resource name of the metastore service.

  • endpoint_uri - The URI of the endpoint used to access the metastore service.

  • state - The current state of the metastore service.

  • state_message - Additional information about the current state of the metastore service, if available.

  • artifact_gcs_uri - A Cloud Storage URI (starting with gs://) that specifies where artifacts related to the metastore service are stored.

Explanation in Terraform Registry

A managed metastore service that serves metadata queries.

Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.

Frequently asked questions

What is Google Dataproc metastore Service?

Google Dataproc metastore Service is a resource for Dataproc metastore of Google Cloud Platform. Settings can be wrote in Terraform.


Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.