Cloud Credentials

• Select the Cloud and Edge Sites service.
• Navigate to Manage -> Site Management -> Cloud Credentials.

• Click Add Cloud Credentials.
• Enter a name for the credential you are creating.
• Optionally add labels and a description to this entry.

Select a cloud credential type from the drop-down menu. There are:

• AWS Programmatic Access Credentials
• Azure Credential Client Certificate
• Azure Client Secret for Service Principal
• GCP Credentials

Retrieve your access key id and secret you intend to use for accessing AWS API services from your AWS Management Console IAM Dashboard (AWS IAM Reference).

• Select AWS Programmable Access Credentials for the Select Cloud Credential Type field.

• Enter the AWS Access Key ID that you retrieved from your AWS account.

• Configure Secret Access Key by clicking on the Configure link below where you entered the Access Key ID.

• Secret information can be one of two types via drop-down.

  • Blindfold Secret: Used for secrets managed by Distributed Cloud Secret Management Service (Recommended as this service provides a high level of security).
  • Clear Secret: Used for secrets that are not encrypted.

• Policy information can be one of two types via drop-down

  • Built-in: Provides a list of Distributed Cloud Services provided set of generic policies.
  • Custom: Provides a list of user defined policies which have been defined under Manage → Secrets.

• Enter or paste the text or blindfold value of the AWS Secret Key.

• For a text secret, click on the Blindfold button to generate the blindfold key based on the AWS Secret Key. To see the result shown in the image below, click Edit after the Blindfold process is complete.

• Once the key has been generated or entered, click Apply and then click Save and Exit button to exit the wizard and save your AWS credentials for use with Distributed Cloud Services.

Retrieve your Client ID, Subscription ID, Tenant ID, Certificate and Certificate Password you intend to use for accessing Azure API services from your Azure Portal (Azure Key Vault Reference) (Azure Key Vault Quick Start).

• Select Azure Credential Client Certificate for the Select Cloud Credential Type field.

• Enter the Azure Client ID, Subscription ID and Tenant ID that you retrieved from your Azure account.

• Enter your Client Certificate in the following format:

  string:///<base64 encoded string of the certificate>

• Click on the Configure link to enter the Certificate Password you retrieved from the Azure Portal and enter in the same manner as was done for the AWS Access Secret Key in the AWS Programmable Access Credentials chapter using either the Clear Secret or Blindfold Secret options.

• Click Apply and then click Save and Exit.

• Retrieve your Client ID, Subscription ID, Tenant ID and Client Secret you intend to use for accessing Azure API services from your Azure Portal (Azure Key Vault Reference) (Azure Key Vault Quick Start).

• Select Azure Client Secret for Service Principal Credentials for the Select Cloud Credential Type field.

• Enter the Azure Client ID, Subscription ID and Tenant ID that you retrieved from your Azure account.

• Click on the Configure link to enter the Secret Key you retrieved from the Azure Portal and enter in the same manner as was done for the AWS Secret Key in the AWS Programmable Access Credentials chapter using either the Clear Secret or Blindfold Secret options.

• Click Apply and then click Save and Exit to complete creating Azure credentials.

• Retrieve the service account key for your project from GCP. For information on how to generate service account key, see Creating and Managing Service Account Keys.

• Select GCP Credentials for the Select Cloud Credential Type field. Click Configure.

• Enter the service account Key you retrieved from the GCP and enter in the same manner as was done for the AWS Secret Key in the AWS Programmable Access Credentials chapter using either the Clear Secret or Blindfold Secret options.

• Click Apply and then click Save and Exit to complete creating GCP cloud credentials.