Use the account plugin to manage account credentials for the organization.
tanzu plugin install account --target mission-control
tanzu mission-control account [command]
credential The credential object defines a cloud provider account connection and the accompanying metadata to identify its capabilities.
credentialThe credential object defines a cloud provider account connection and the accompanying metadata to identify its capabilities.
Tanzu Mission Control requires scoped credentials to operate on resources in a cloud infrastructure provider account. The credential object maintains a list of associations identifying the Tanzu Mission Control services that the credential’s permissions satisfy. The credential is always encrypted and securely stored.
tanzu mission-control account credential [command]
credential, credentials, cred
capability Account credential capabilities
create Create a credential object
delete Delete a credential
get Retrieve a credential object
input-template Account credential templates
list Return a list of credentials
permission-template Account credential permission template
provider Account credential providers
update Update (overwrite) a credential
credential capabilityAccount credential capabilities
tanzu mission-control account credential capability [command]
list List supported account credential capabilities
credential capability listList supported account credential capabilities
tanzu mission-control account credential capability list [flags]
List the providers supported by Tanzu Mission Control using tanzu mission-control account credential provider list
List the capabilities supported by Tanzu Mission Control using tanzu mission-control account credential capability list
Templates are provided for the different account capabilities. List them using tanzu mission-control account credential input-template list
Reference a template to quickly create your credential using tanzu mission-control account credential create --input-template <input-template-name> --data-value-file <file-name>
credential createCreate a credential object
tanzu mission-control account credential create [flags]
-v, --data-values-file string data values file to use
--dry-run create the data model only, do not apply to server
-f, --file string resource file from which to create a credential
-h, --help help for create
-t, --input-template string template to use (default "default")
--account-id Account ID of the AWS credential
--arn AWS IAM role ARN
--azure-cloud-name Azure Cloud name
--capability The Tanzu capability for which the credential shall be used. (required)
--client-id Client ID of the Service Principal
--client-secret Client Secret of the Service Principal
--ext-id An external ID used to assume an AWS IAM role
-n/ --name Name of the credential
--provider Infrastructure provider of the credential
--resource-group Resource Group name
--subscription-id Subscription ID of the Azure credential
--tempcred-support Temp cred support flag indicates if this credential should be kept private
and instead be used to generate temporary, short-lived, and scoped credentials
--tenant-id Tenant ID of the Azure credential
--name Name of the proxy-config credential
--capability The Tanzu capability for which the credential shall be used (PROXY_CONFIG)
--httpProxy The HTTP proxy server endpoint (<ip-or-domain:port>)
--httpUserName The user name for the HTTP proxy server
--httpPassword The password for the HTTP proxy server
--noProxyList Comma separated network CIDRs or hostnames that must bypass HTTP(S) proxy
--proxyDescription Description of the proxy config
--name Name of the proxy-config credential
--capability The Tanzu capability for which the credential shall be used (PROXY_CONFIG)
--proxyDescription Description of the proxy config
--httpProxy The HTTP proxy server endpoint (<ip-or-domain:port>)
--httpsProxy The HTTPS proxy server endpoint (<ip-or-domain:port>)
--httpUserName The user name for the HTTP proxy server
--httpPassword The password for the HTTP proxy server
--httpsUserName The user name for the HTTPS proxy server
--httpsPassword The password for the HTTPS proxy server
--noProxyList Comma separated network CIDRs or hostnames that must bypass HTTP(S) proxy
--managementClusterName Name of the management cluster
--name Name of the credential
--provisionerName Name of the provisioner
--accountId Account ID of the AWS credential
--arn AWS IAM role ARN
--extId An external ID used to assume an AWS IAM role
--provider Infrastructure provider of the credential
--temporaryCredentialSupport Temp cred support flag indicates if this credential should be kept private
and instead be used to generate temporary, short-lived, and scoped credentials.
--name Name of the image registry credential
--provider Infrastructure provider of the credential (GENERIC_KEY_VALUE)
--capability The Tanzu capability for which the credential shall be used (IMAGE_REGISTRY)
--description Description of the image registry config
--registry-url The image registry URL (<ip-or-domain:port>)
--repository-path The repository prefix
--access-id The access ID for the image registry
--access-secret The access secret for the image registry
--.dockerconfigjson The docker config json for the image registry
--dockerconfig-file The dockerconfigjson file containing the image registry configuration
--name Name of the credential
--capability The Tanzu capability for which the credential shall be used (MANAGED_K8S_PROVIDER)
--accountId Account ID of the AWS credential
--arn AWS IAM role ARN
--extId An external ID used to assume an AWS IAM role
--provider Infrastructure provider of the credential
--temporaryCredentialSupport Temp cred support flag indicates if this credential should be kept private
and instead be used to generate temporary, short-lived, and scoped credentials.
credential deleteDelete a credential
tanzu mission-control account credential delete CREDENTIAL_NAME [flags]
-m, --management-cluster-name name of the management cluster (required only to delete a provisioner credential)
-p, --provisioner-name name of the provisioner (required only to delete a provisioner credential)
credential getRetrieve a credential object
tanzu mission-control account credential get CREDENTIAL_NAME [flags]
-m, --management-cluster-name string name of the management cluster (required only to get a provisioner credential)
-o, --output string output format (yaml | json) (default "yaml")
-p, --provisioner-name string name of the provisioner (required only to get a provisioner credential)
credential input-templateTemplates for credential
Create resources easily with templates.
tanzu mission-control account credential input-template [command]
get Get template for account credential
list List templates for account credential
credential input-template getGet template for account credential
tanzu mission-control account credential template get TEMPLATE_NAME [flags]
credential input-template listList templates for account credential
tanzu mission-control account credential template list [flags]
credential listReturn a list of credentials
tanzu mission-control account credential list [flags]
--all-provisioners list all provisioner credentials in all management cluster
-m, --management-cluster-name string scope search to specified management cluster
--max-size uint number of records to return
--name string scope search to the specified name
--offset uint offset at which to start returning records
-o, --output string output format (yaml|json)
--provider string filter credentials by a provider
-p, --provisioner-name string scope search to specified provisioner
credential permission-templateAccount credential permission template
tanzu mission-control account credential permission-template [command]
generate Generate permission template for account credential
credential permsission-template generateGenerate permission template for account credential
tanzu mission-control account credential permission-template generate [flags]
-c, --capability string capability associated with the credential
-n, --name string name of the credential for which the permission template is to be generated
-p, --provider string credential provider
credential providerAccount credential providers
tanzu mission-control account credential provider [command]
list List supported account credential providers
credential provider listList supported account credential providers
tanzu mission-control account credential provider list [flags]
credential updateUpdate (overwrite) a credential
tanzu mission-control account credential update [flags]
-f, --file resource file from which to update the credential
