Cloudbreak CLI Reference
Also available as:
PDF

credential create

Creates a new credential.

Sub-commands

aws role-based Creates a new AWS credential

aws key-based Creates a new AWS credential

aws-gov role-based Creates a new AWSGov credential

aws-gov key-based Creates a new AWSGov credential

azure app-based Creates a new app-based Azure credential

gcp p12-based Creates a new gcp credential with a P12 key (deprecated)

gcp json-based Creates a new gcp credential with a JSON key

openstack keystone-v2 Creates a new OpenStack credential

openstack keystone-v3 Creates a new OpenStack credential

Required options

Options required for aws role-based sub-command:

--name [$VALUE] Name for the credential

--role-arn [$VALUE] IAM Role ARN of the role used for the credential

Options required for aws key-based sub-command:

--name [$VALUE] Name for the credential

--access-key [$VALUE] AWS Access Key

--secret-key [$VALUE] AWS Secret Key

Options required for aws-gov role-based sub-command:

--name [$VALUE] Name for the credential

--role-arn [$VALUE] IAM Role ARN of the role used for the credential

Options required for aws-gov key-based sub-command:

--name [$VALUE] Name for the credential

--access-key [$VALUE] AWS Access Key

--secret-key [$VALUE] AWS Secret Key

Options required for azure app-based sub-command:

--name [$VALUE] Name for the credential

--subscription-id [$VALUE] Subscription ID from your Azure Subscriptions

--tenant-id [$VALUE] Directory ID from your Azure Active Directory > Properties

--app-id [$VALUE] Application ID of your app from your Azure Active Directory > App Registrations

--app-password [$VALUE] Your application key from app registration’s Settings > Keys

Options required for gcp p12-based sub-command:

--name [$VALUE] Name for the credential

--project-id [$VALUE] Project ID from your GCP account

--service-account-id [$VALUE] Your GCP Service account ID from IAM & Admin > Service accounts

--service-account-private-key-file [$VALUE] P12 key from your GCP service account

Options required for gcp json-based sub-command:

--name [$VALUE] Name for the credential

--service-account-json-file [$VALUE] JSON key from your GCP service account

Options required for openstack keystone-v2 sub-command:

--name [$VALUE] Name for the credential

--tenant-user [$VALUE] OpenStack user name

--tenant-password [$VALUE] OpenStack password

--tenant-name [$VALUE] OpenStack tenant name

--endpoint [$VALUE] OpenStack endpoint

Options required for openstack keystone-v3 sub-command:

--name [$VALUE] Name for the credential

--tenant-user [$VALUE] OpenStack user name

--tenant-password [$VALUE] OpenStack password

--user-domain [$VALUE] OpenStack user domain

--endpoint [$VALUE] OpenStack endpoint

Options

--description [$VALUE] Description of the resource

--server [$VALUE] Cloudbreak server address [$CB_SERVER_ADDRESS]

--username [$VALUE] Cloudbreak user name (e-mail address) [$CB_USER_NAME]

--password [$VALUE] Cloudbreak password [$CB_PASSWORD]

--workspace [$VALUE] Name of the workspace where to create the resource

--profile [$VALUE] Selects a config profile to use [$CB_PROFILE]

--auth-type [$VALUE] Authentication method to use. Values: oauth2, basic [$CB_AUTH_TYPE]

Additionally, the following option is available for OpenStack Keystone2 and Keystone3:

--facing [$VALUE] API facing. One of: public, admin, internal

Additionally, the following options are available for OpenStack Keystone3:

--project-domain-name [$VALUE] OpenStack project domain name

--project-name [$VALUE] OpenStack project name

--domain-name [$VALUE] OpenStack domain name

--keystone-scope [$VALUE] OpenStack keystone scope. One of: default, domain, project

Examples

Creates a role-based credential on AWS:

cb credential create aws role-based --name my-credential1 --role-arn arn:aws:iam::517127065441:role/CredentialRole

Creates a key-based credential on AWS:

cb credential create aws key-based --name my-credential2 --access-key ABDVIRDFV3K4HLJ45SKA --secret-key D89L5pOPM+426Rtj3curKzJEJL3lYoNcP8GvguBV

Creates a role-based credential on AWSGov:

cb credential create aws-gov role-based --name my-credential1 --role-arn arn:aws:iam::517127065441:role/CredentialRole

Creates a key-based credential on AWSGov:

cb credential create aws-gov key-based --name my-credential2 --access-key ABDVIRDFV3K4HLJ45SKA --secret-key D89L5pOPM+426Rtj3curKzJEJL3lYoNcP8GvguBV

Creates an app-based credential on Azure:

cb credential create azure app-based --name my-credential3 --subscription-id b8e7379e-568g-55d3-na82-45b8d421e998 --tenant-id  c79n5399-3231-65ba-8dgg-2g4e2a40085e --app-id 6d147d89-48d2-5de2-eef8-b89775bbfcg1 --app-password 4a8hBgfI52s/C8R5Sea2YHGnBFrD3fRONfdG8w7F2Ua=

Creates a credential on Google Cloud by using a key in JSON format :

cb credential create gcp json-based --name my-credential4  --service-account-json-file /Users/test/3fff57a6f68e.json

Creates a role-based credential on OpenStack with Keystone-v2:

cb credential create openstack keystone-v2 --name my-credential5 --tenant-user test --tenant-password MySecurePass123 --tenant-name test --endpoint http://openstack.test.organization.com:5000/v2.0