Version: 0.7

kore create cloudcredentials

kore create cloudcredentials#

Creates a set of cloud provider credentials

Synopsis#

Creates a set of credentials that Kore can use for accessing one or more cloud accounts (add those with kore create cloudaccount once the credentials are created).

kore create cloudcredentials [flags]

Examples#

# Add a credential, being prompted for all the values:
$ kore create cloudcredential [credname]
# To understand the fields for a credential for a given cloud:
$ kore create cloudcredential [credname] -c [gcp|aws|azure]
# To specify the values on the command line:
$ kore create cloudcredential [credname] -c [gcp|aws|azure] --secret-values FIELD='VALUE',FIELD2='VALUE2'
# To specify the values from files (you can mix --secret-values and --secret-files as needed):
$ kore create cloudcredential [credname] -c [gcp|aws|azure] --secret-files FIELD=./path/to-file.json,FIELD2=./path/to/other-file.json
# To use an existing secret in Kore's admin namespace:
$ kore create cloudcredential [credname] -c [gcp|aws|azure] --secret-name my-secret
# Create GCP credential, use either inline:
$ kore create cloudcredential gcp-admin -c gcp --secret-values service_account_key='{"type": "service_account","project_id": "project-id-for-this-project","private_key_id": "KEY_ID","private_key": "-----BEGIN PRIVATE KEY-----\nPRIVATE_KEY\n-----END PRIVATE KEY-----\n","client_email": "service-account@project-id.iam.gserviceaccount.com","client_id": "12345234324123123123123","auth_uri": "https://accounts.google.com/o/oauth2/auth","token_uri": "https://oauth2.googleapis.com/token","auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs","client_x509_cert_url": "https://www.googleapis.com/robot/v1/metadata/x509/service-account%40project-id.iam.gserviceaccount.com"}'
# Or from a file:
$ kore create cloudcredential gcp-admin -c gcp --secret-files service_account_key=./credential.json
# Create AWS credential:
$ kore create cloudcredential aws-admin -c aws --secret-values access_key_id='ABCD1234ZXYWABC1E2F3',access_secret_key='secretvalue12345'
# Create Azure credential:
$ kore create cloudcredential azure-admin -c azure --secret-values tenant_id='abcd1234-a1b2-c3d4-e5f6-abcd1234ef90',client_id='abcd1234-a1b2-c3d4-e5f6-abcd1234ef90',client_secret='secretvalue12345'
# Create credential using existing secret:
$ kore create cloudcredential gcp-admin -c gcp --secret-name my-secret

Options#

-c, --cloud string the cloud these credentials are for: gcp, aws, azure
-d, --display-name string the human-readable name of this credential, defaults to name if not supplied
--dry-run shows the resource but does not apply or create (defaults: false)
-h, --help help for cloudcredentials
-f, --secret-files stringToString credential values from file, e.g. -v field=./cred.json - run kore create cloudcredential examplename -c [cloud] to discover the set of required and optional values for the credential for a cloud (default [])
--secret-name string optional name of a secret in the admin namespace to use for this credential
-v, --secret-values stringToString credential values, e.g. -v field=value,field2=value2 - run kore create cloudcredential examplename -c [cloud] to discover the set of required and optional values for the credential for a cloud (default [])

Options inherited from parent commands#

--debug indicates we should use debug / trace logging (defaults: false)
--force is used to force an operation to happen (defaults: false)
--no-wait indicates if we should wait for resources to provision
-o, --output string the output format of the resource (json,yaml,table,template) (default "table")
--profile string allows you to explicitly set the selected profile
--show-headers indicates we should display headers on table out (default true)
-t, --team string the team you are operating within
--verbose enables verbose logging for debugging purposes (defaults: false)

SEE ALSO#