View Cloud Credential

2 minute read

Details for the selected credential are presented:

Field or Menu Description

Name

User-defined name for this credential.

Description

User-defined description.

Type

One of the following cloud provider cluster types.

Kubernetes, as supplied with your Kubernetes account:

  • Kubernetes API Endpoint — Endpoint at which the Kubernetes API is reachable. This must be an IP address or a resolvable DNS name in the form: https://ip_address:port_number.

  • User Name —(Optional) AccountService user who owns the bearer token.

  • Kubernetes Bearer token— Service account bearer token for a service account that has permissions to create resources in the Kubernetes cluster.

Azure, available from your Azure portal:

  • Azure API ClientID —Azure Application ID as configured from the Azure App registration page. UUID formatted string.

  • Azure API ClientSecret —Azure Client secret as configured from the Azure App registration page. UUID formatted string.

  • Azure API TenantID —Directory ID from the Azure Active Directory, Default Directory Properties page. UUID formatted string.

  • Azure API SubscriptionID —Visual Studio Professional Subscription ID from the Subscriptions page. UUID formatted string.

EC2, as supplied with your EC2 account:

  • Credential Provider — Choose Access Key ID/Secret Key or Server IAM Role

    If you select Server IAM Role, you can also select No Key Pair from the Key Pair pulldown menu. But this is not recommended, because you cannot SSH to the instance.
    You must set up the appropriate permissions for the IAM role. For the list of required permissions, see Setting Up a Server IAM Role.
  • Region —Named set of AWS resources in the same geographical area. A region comprises at least two Availability Zones.

  • (If you selected Access Key ID/Secret Key ) AWS Access Key ID —Access key ID, which is the unique identifier that is associated with a secret access key. The access key ID and the secret access key are used together to sign programmatic AWS requests cryptographically.

  • (If you selected Access Key ID/Secret Key ) AWS Secret Key —Secret access key, which is used in conjunction with the access key ID to cryptographically sign programmatic AWS requests. Signing a request identifies the sender and prevents request alteration. You can generate secret access keys for your AWS account, individual IAM users, and temporary sessions.

Google Cloud Platform, as supplied with your GCP account:

  • Service Account File —JSON file generated when the private key is created for the service account in the Google Cloud Platform Console. The service account identified by the key pair in the JSON is used. Service account must have Owner permission allocated.

From this page, you can edit or delete the credential. If it is already in use, the following error appears:

The cloud credential < credential > is in use by < resource >. Editing or deleting it is not allowed

In this case, you must create a new cloud credential, modify the resource to use the new cloud credential (see Resources - Create or Edit a Resource ), and then delete the original one (as described in Cloud Credentials ).