AWSCredential¶

This section describes the AWSCredential custom resource (CR) used in Mirantis Container Cloud API. It contains all information necessary to connect to a provider back end.

For demonstration purposes, the Container Cloud AWSCredential custom resource (CR) can be split into the following sections:

metadata
AWSCredential configuration

metadata¶

The Container Cloud AWSCredential custom resource (CR) contains the following fields:

apiVersion
kaas.mirantis.com/v1alpha1
kind
Object type that is AWSCredential

The metadata object field of the AWSCredential resource contains the following fields:

name
Name of the AWSCredential object
namespace
Namespace in which the AWSCredential object has been created
labels
- kaas.mirantis.com/provider
  Provider type that matches the provider type in the Cluster object and must be aws
- kaas.mirantis.com/regional-credential
  If true, indicates that AWSCredential is in use by the management or regional cluster
- kaas.mirantis.com/region
  Region name
Warning

Labels and annotations that are not documented in this API Reference are generated automatically by Container Cloud. Do not modify them using the Container Cloud API.

Configuration example:

apiVersion: kaas.mirantis.com/v1alpha1
kind: AWSCredential
metadata:
  name: demo
  namespace: test
  labels:
    kaas.mirantis.com/region: region-one
    kaas.mirantis.com/regional-credential: "true"

AWSCredential configuration¶

The spec object field of the AWSCredential resource contains the configuration for AWS authentication. It contains the following fields:

accessKeyID
AWS access key ID
secretAccessKey
Reference to the Secret object that contains the AWS secret access key:
- key
  Key name in the secret
- name
  Secret name

Configuration example:

...
spec:
  accessKeyID: AKIAJCWK5M2CXIWGRMUA
  secretAccessKey:
  secret:
    key: value
    name: cloud-config