Cloud Credentials

Shipa allows users to store their cloud credentials in its central repository and leverage them when creating nodes through the node add command.

Shipa supports the store of credentials for the following cloud providers:

  • Amazon Web Services
  • Google Cloud
  • Microsoft Azure

When storing credentials, Shipa uses an encrypted format and against the user who is adding them, which means that only this specific user can access it when adding nodes or managing credentials.

For credential management, the following commands are available:

  • credential add
  • credential list
  • credential remove
  • credential show

Adding Credentials

To add cloud credentials, use the credential add command.

The command credential add should be used when adding cloud credentials.

When added, credentials are stored and encrypted against the user that is adding them.

The command below should be used when adding credentials:

shipa credential add [credential_name] --provider [google|aws|azure] --path /path/to/credential-file

The following flags can be used:

FlagDescription
-h, --helpDisplay help and exit
--namecloud credential name
--pathpath to credential file
--providercloud provider [aws, google, azure] (required)

📘

Cloud credential files

When adding credentials, users should provide a path to a cloud-specific credential file.

Following the directions below can help users retrieve their files from each specific cloud provider:

AWS:

Google:

Azure:
Expects a JSON file containing, azure-client-id, azure-client-secret & azure-subscription-id. Shipa uses Azure Service Principal authentication when adding Azure nodes where users need to register an App on azure to get the required values.

Example file format:

{
    "azure-subscription-id": "<your subscription id>",
    "azure-client-id": "<your client id>",
    "azure-client-secret": <your client secret>
}

Listing All User Credentials

Use the credential list command to list all added credentials.

shipa credential list

The command will generate a list and information of all the cloud credentials added by the specific user running the command, displaying only his own cloud credentials.

Listing Specific Credential

To list the information of a specific cloud credential, use the credential show command.

shipa credential show [credential_name]

The following flags are available:

FlagDescription
credential_nameName of the credential utilized when adding the specific configuration

As explained in the section above, listing credentials will only display the credentials that belong to the user executing the command.

Deleting Cloud Credentials

To delete specific cloud credentials, use the credential remove command.

shipa credential remove [credential_name]

Flags available:

FlagDescription
credential_nameName of the credential wished to be removed