The Management Pack for VMware Tanzu Application Service requires the following credential types:

  • Blue Medora Nozzle for PCF Credentials (UAA Client)
  • Cloud Controller API Credentials (UAA User)
  • BOSH Director Credentials (BOSH Director UAA Client)

Blue Medora Nozzle for PCF Credentials (UAA Client)

For the Blue Medora Nozzle for PCF, you will need a UAA Client and password when Creating a Credential (VMware Tanzu Application Service) for the Management Pack.

Note: The UAA Client used for your nozzle credentials must be the same UAA Client used when configuring your Nozzle. See:  Setting Up the Blue Medora Nozzle for PCF (VMware Tanzu Application Service).

To create a UAA Client for the nozzle:

  1. Complete steps 1-4 in Cloud Foundry's Create an Admin User topic. These steps walk you through installing the UAA CLI, targeting your UAA server, and obtaining an access token for the admin client from the UAA server.
  2. Next, execute the following command:

    uaac client add {clientname} \
        --authorities "oauth.login,doppler.firehose" \
        --scope "openid,oauth.approvals,doppler.firehose" \
        --authorized_grant_types "authorization_code,client_credentials,refresh_token" \
        --access_token_validity 1209600 \
        --autoapprove true \
        --redirect_uri https://apps.{foundation}
    NOTE:

Cloud Controller API Credentials (UAA User)

For the Cloud Controller API, you will need a UAA User and password when Creating a Credential (VMware Tanzu Application Service) for the Management Pack.

To create a UAA User for the Cloud Controller API:

  1. Complete steps 1-4in Cloud Foundry's Create an Admin Read-Only User topic, but adding the new user to thecloud_controller.admin group instead of cloud_controller.admin_read_only, as indicated in step 4. (Make sure to add the new user to the uaa.admin and scim.read groups as well.)

    NOTE:CPU, Memory, and Disk UsageApplicationsApplication Instances

BOSH Director Credentials (BOSH Director UAA Client)

For BOSH Director, you will need a BOSH Director UAA Client and password when Creating a Credential (VMware Tanzu Application Service) for the Management Pack.

To create a BOSH Director UAA Client:

  1. Complete steps 1-5in Pivotal Cloud Foundry's Creating UAA Clients for BOSH Director topic, but adding the new user to the bosh.read group instead of bosh.admin, as indicated in step 5.