Create Client Credentials
Overview
Client credentials are machine-to-machine credentials that the CLI uses to authenticate with your Armory CD-as-a-Service environment when you trigger deployments as part of an external automated workflow. These credentials are passed through the clientID
and clientSecret
parameters.
How to create client credentials
-
Access the CD-as-a-Service Console.
-
Go to the Configuration tab.
-
If you have more than one tenant, make sure you select the desired tenant in the User drop down menu.
-
In the left navigation menu, select Access Management > Client Credentials.
-
In the upper right corner, select New Credential.
-
Create a credential for your RNA. Use a descriptive name for the credential that matches what it is being used for. For example, name the credentials the same as the account name you assigned the target deployment cluster if creating a credential for an Remote Network Agent (RNA).
-
Set the permission scope to a preconfigured scope group or manually assign permissions. If the credential is for a RNA, select Remote Network Agent from the preconfigured scope group. The group assigns the minimum set of required permissions for a RNA to work:
write:infra:data
get:infra:op
connect:agentHub
Removing a preconfigured scope group does not remove the permissions that a preconfigured scope group assigns. You must remove the permissions manually.
-
Note both the
Client ID
andClient Secret
. You need these values when configuring the RNA or any other service that you want to grant access to. Make sure to store the secret somewhere safe. You are not shown the value again.
Armory recommends that you store these credentials in a secret engine that is supported by the tool you want to integrate with Armory CD-as-a-Service.
Feedback
Was this page helpful?
Thank you for letting us know!
Sorry to hear that. Please tell us how we can improve.
Last modified May 31, 2022: (a4d93dbe)