Skip to main content
Version: 0.7

kore setup cloudidentity

kore setup cloudidentity#

Creates the IAM resources required in your cloud provider to run Kore with implicit cloud identity

Synopsis#

Ensures a cloud identity exists in a cloud provider for Kore to use for accessing one or more cloud APIs with least privilege.

You must be logged in to the relevant cloud in order for these commands to work:

You must also have created a cluster in the cloud provider in question:

  • AWS: Ensure you have an EKS cluster in which you plan to, or have installed Kore.
kore setup cloudidentity [flags]

Examples#


# Add a cloud identity and, be prompted for all the values:$ kore setup cloudidentity
# Create AWS role for the kore management cluster where kore is (or# will be) installed, and configure an AWS KMS key for secrets# encryption:$ kore setup cloudidentity --cluster-name my-eks-cluster -c aws --kore-namespace kore --aws-setup-kms-key

Options#

      --aws-disable-kms-setup   disables AWS KMS key setup for Kore secrets encryption (by default, KMS setup is enabled when using -c aws)  -c, --cloud string            cloud to create/ensure identity for: gcp, aws, azure  -k, --cluster-name string     name of the kubernetes cluster Kore is (or will be) installed on in the cloud provider  -h, --help                    help for cloudidentity  -n, --kore-namespace string   Kubernetes namespace Kore is (or will be) installed in      --kore-sa string          Kubernetes service account for Kore (set in the Kore helm chart, should not need changing from default) (default "kore-admin")

Options inherited from parent commands#

      --debug            indicates we should use debug / trace logging (defaults: false)      --force            is used to force an operation to happen (defaults: false)      --no-wait          indicates if we should wait for resources to provision  -o, --output string    the output format of the resource (json,yaml,table,template) (default "table")      --profile string   allows you to explicitly set the selected profile      --show-headers     indicates we should display headers on table out (default true)  -t, --team string      the team you are operating within      --verbose          enables verbose logging for debugging purposes (defaults: false)

SEE ALSO#

  • kore setup - Initialises dependencies required to run Kore
Last updated on May 24, 2021