To enable autodiscovery of your cloud infrastructure, you must register a secret in
Mesh.
About this task
When you register a secret, you must provide the following credentials, depending on your
cloud provider:
- AWS: Access key ID and secret access key
- IBM Cloud®: API key
The secret is stored in an IBM® secret manager instance that is built in to Mesh. An ID for the secret is stored in the Mesh database.
Procedure
-
Create a YAML file that contains the following attributes:
| Attribute |
Description |
name
|
The name of the secret. |
type
|
The type of the cloud that you select. For IBM Cloud, use
cloud-ibm. For AWS, use cloud-aws. |
secret:accessKeyId |
AWS only. The access key ID for the account. |
secret:secretAccessKey |
AWS only. The secret access key for the account. |
secret:apikey |
IBM Cloud only. An API key for the account. |
resource_group_id
|
The ID of the resource group. |
The following example is a YAML file for an IBM Cloud
secret:
name: my-ibm-secret
type: cloud-ibm
secret:
apikey: "FuW6Nf2-_KKMBDM2vyJyL2ASaRpQts5xg9zWPy"
resource_group_id: default-infra
Save the file. Use a meaningful name, like
secret.yaml.
-
To register the secret, run a command like this:
palmctl create secret -f secret.yaml
The output
from the command looks similar to the following example:
...
name: my-ibm-secret
resource_group_id: default-infra
type: cloud-ibm
...