Access Tokens
You can create access tokens to automate deployments and other tasks in your CI system. Access tokens provide a set of access permission for you to access your cloud resources and the permissions are assigned via access roles. The duration of access can be static or temporary.
Workspace Owners can view/create access tokens in the workspaces that they are the owner of.
If you are a Wayfinder administrator then you can administer access tokens across all workspaces.
Create access token
Using the CLI
-
Create a workspace level access token:
wf create workspaceaccesstoken TOKEN-NAME
-
Remove a workspace level access token:
wf delete workspaceaccesstoken TOKEN-NAME
-
Assign an access role to the workspace level access token:
wf assign accessrole --workspace-access-token TOKEN-NAME --role ROLENAME
To regenerate an access token use the --regenerate
flag with the wf create
command. If you have used the old token, for example in a CI system, you must replace all occurences of the old token with the new one.
Using Wayfinder's web interface
Users can create an access token that applies to one or more workspaces.
In Wayfinder's web interface:
- Select Workspaces > Your-Workspace-Name, and navigate to Settings and click the Access Tokens tab
- Select the Create Access Token button
- Enter the details:
- Name: Provide a name for the access token
- Description: Provide a description for the access token
- Assign an initial role by checking one or more of the checkboxes. Wayfinder allows for access roles to be updated after the access token has been created.
- Click Save
- Copy the details for your token. You will not be able to access it again.
After an access token has been created for a workspace, you can assign access to clusters and namespaces in that workspace.
- Role: Select the relevant access role from the drop-down that should be granted
- Cluster: Select the relevant cluster. If non-specified, then all clusters will be granted the role access.
- Namespace: Select the relevant namespace in the cluster. If non specified, then all namespaces will be granted the role access.
- Click the + button to add your selections.
- Click Save.
To regenerate an access token, click the Regenerate token button. If you have used the old token, for example in a CI system, you must replace all occurences of the old token with the new one.
For help, click on the Usage button.
Users can assign access tokens at the workspace level when they create their environments.
In Wayfinder's web interface:
- Select Workspaces > Your-Workspace-Name, and navigate to Applications.
- Select your application's name
- Select your environment's name and click on the Access Token tab.
- Use the slider to Enable or Disable the access token
- You will not be able to access it again.
By default, Wayfinder supplies a disabled access token at the workspace level. Once it is enabled, Wayfinder will create the access token and provide the needed permissions.
To regenerate an access token, click the Regenerate token button. If you have used the old token, for example in a CI system, you must replace all occurences of the old token with the new one.
For help, click on the Usage button.
If you have not created an environment yet, then you can do so by following the instructions in the Deploy Application section.
View Access Tokens
In Wayfinder's web interface:
- Select Workspaces > Your-Workspace-Name, and navigate to Settings and click the Access Tokens tab