glooctl create secret authcredentials
glooctl create secret authcredentials
Create an AuthenticationCredentials secret with the given name (Enterprise)
Synopsis
Create an AuthenticationCredentials secret with the given name. The AuthenticationCredentials secret contains a username and password to bind as an LDAP service account. This is an enterprise-only feature.
glooctl create secret authcredentials [flags]
Options
-h, --help help for authcredentials
--password string password to be stored in secret
--username string user name to be stored in secret
Options inherited from parent commands
-c, --config string set the path to the glooctl config file (default "<home_directory>/.gloo/glooctl-config.yaml")
--consul-address string address of the Consul server. Use with --use-consul (default "127.0.0.1:8500")
--consul-allow-stale-reads Allows reading using Consul's stale consistency mode.
--consul-datacenter string Datacenter to use. If not provided, the default agent datacenter is used. Use with --use-consul
--consul-root-key string key prefix for for Consul key-value storage. (default "gloo")
--consul-scheme string URI scheme for the Consul server. Use with --use-consul (default "http")
--consul-token string Token is used to provide a per-request ACL token which overrides the agent's default token. Use with --use-consul
--dry-run print kubernetes-formatted yaml rather than creating or updating a resource
-i, --interactive use interactive mode
--kube-context string kube context to use when interacting with kubernetes
--kubeconfig string kubeconfig to use, if not standard one
--name string name of the resource to read or write
-n, --namespace string namespace for reading or writing resources (default "gloo-system")
-o, --output OutputType output format: (yaml, json, table, kube-yaml, wide) (default table)
--use-consul use Consul Key-Value storage as the backend for reading and writing config (VirtualServices, Upstreams, and Proxies)
--use-vault use Vault Key-Value storage as the backend for reading and writing secrets
--vault-address string address of the Vault server. This should be a complete URL such as "http://vault.example.com". Use with --use-vault (default "https://127.0.0.1:8200")
--vault-ca-cert string CACert is the path to a PEM-encoded CA cert file to use to verify the Vault server SSL certificate.Use with --use-vault
--vault-ca-path string CAPath is the path to a directory of PEM-encoded CA cert files to verify the Vault server SSL certificate.Use with --use-vault
--vault-client-cert string ClientCert is the path to the certificate for Vault communication.Use with --use-vault
--vault-client-key string ClientKey is the path to the private key for Vault communication.Use with --use-vault
--vault-path-prefix string The Secrets Engine to which Vault should route traffic. (default "secret")
--vault-root-key string key prefix for Vault key-value storage inside a storage engine. (default "gloo")
--vault-tls-insecure Insecure enables or disables SSL verification.Use with --use-vault
--vault-tls-server-name string TLSServerName, if set, is used to set the SNI host when connecting via TLS.Use with --use-vault
--vault-token string The root token to authenticate with a Vault server. Use with --use-vault
SEE ALSO
- glooctl create secret - Create a secret