Configure cloud credentials

Self-managed Primary Sites need additional cloud credentials to import data from its corresponding Edge Sites.

Use the instructions below to configure your Primary Site cloud credentials, then Continue installation.

Google Cloud Platform

Install a Secret named gcp-cloud-credential into the foxglove namespace. This secret should contain a single key credentials.json with the contents of json key file.

Use the kubectl command to set the secret from an existing credentials.json file.

kubectl create secret generic gcp-cloud-credential \
  -n foxglove \
  --from-file=./credentials.json

The Primary Site deployment will mount this secret into a volume and read the credentials.json file to initialize the GCP client.

AWS

Install a Secret named cloud-credentials into the foxglove namespace. This secret should contain the credentials for your AWS key:

Check out the following example secret configuration file:

apiVersion: v1
kind: Secret
metadata:
  name: cloud-credentials
type: Opaque
stringData:
  AWS_ACCESS_KEY_ID: AKIAIOSFODNN7EXAMPLE
  AWS_SECRET_ACCESS_KEY: wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
  AWS_DEFAULT_REGION: us-west-2

Azure

Install a Secret named cloud-credentials into the foxglove namespace. This secret should contain the credentials for your Azure account:

Check out the following example secret configuration file:

apiVersion: v1
kind: Secret
metadata:
  name: cloud-credentials
type: Opaque
stringData:
  AZURE_TENANT_ID: tenant-id
  AZURE_CLIENT_ID: client-id
  AZURE_CLIENT_SECRET: f02f3819-b046-4c9d-a5e8-853f16e5c687
  AZURE_INBOX_STORAGE_SERVICE_URL: ...
  AZURE_INBOX_STORAGE_ACCOUNT_NAME: ...