AWSCredential

This section describes the AWSCredential custom resource (CR) used in Mirantis Container Cloud API. It contains all information necessary to connect to a provider back end.

For demonstration purposes, the Container Cloud AWSCredential custom resource (CR) can be split into the following sections:

metadata

The Container Cloud AWSCredential custom resource (CR) contains the following fields:

  • apiVersion

    kaas.mirantis.com/v1alpha1

  • kind

    Object type that is AWSCredential

The metadata object field of the AWSCredential resource contains the following fields:

  • name

    Name of the AWSCredential object

  • namespace

    Namespace in which the AWSCredential object has been created

  • labels
    • kaas.mirantis.com/provider

      Provider type that matches the provider type in the Cluster object and must be aws

    • kaas.mirantis.com/regional-credential

      If true, indicates that AWSCredential is in use by the management or regional cluster

    • kaas.mirantis.com/region

      Region name

    Warning

    Labels and annotations that are not documented in this API Reference are generated automatically by Container Cloud. Do not modify them using the Container Cloud API.

Configuration example:

apiVersion: kaas.mirantis.com/v1alpha1
kind: AWSCredential
metadata:
  name: demo
  namespace: test
  labels:
    kaas.mirantis.com/region: region-one
    kaas.mirantis.com/regional-credential: "true"

AWSCredential configuration

The spec object field of the AWSCredential resource contains the configuration for AWS authentication. It contains the following fields:

  • accessKeyID

    AWS access key ID

  • secretAccessKey

    Reference to the Secret object that contains the AWS secret access key:

    • key

      Key name in the secret

    • name

      Secret name

Configuration example:

...
spec:
  accessKeyID: AKIAJCWK5M2CXIWGRMUA
  secretAccessKey:
  secret:
    key: value
    name: cloud-config