vmware-tanzu
/
velero
mirror of https://github.com/vmware-tanzu/velero.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #1671 from prydonius/1663-update-azure-sp-creation-docs 

docs: remove custom password option from azure service principle create command
pull/1674/head
Nolan Brubaker 2019-07-17 13:42:42 -04:00 committed by GitHub
parent 8e098e2f6c 1c69bafeeb
commit 5841f82ee9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
site/docs/master/azure-config.md
View File

@ -110,18 +110,11 @@ To integrate Velero with Azure, you must create a Velero-specific [service princ
AZURE_TENANT_ID=`az account list --query '[?isDefault].tenantId' -o tsv`
```
1. Create a service principal with `Contributor` role. This will have subscription-wide access, so protect this credential. You can specify a password or let the `az ad sp create-for-rbac` command create one for you.
1. Create a service principal with `Contributor` role. This will have subscription-wide access, so protect this credential.
If you'll be using Velero to backup multiple clusters with multiple blob containers, it may be desirable to create a unique username per cluster rather than the default `velero`.
Create service principal and specify your own password:
```bash
AZURE_CLIENT_SECRET=super_secret_and_high_entropy_password_replace_me_with_your_own
az ad sp create-for-rbac --name "velero" --role "Contributor" --password $AZURE_CLIENT_SECRET
```
Or create service principal and let the CLI generate a password for you. Make sure to capture the password.
Create service principal and let the CLI generate a password for you. Make sure to capture the password.
```bash
AZURE_CLIENT_SECRET=`az ad sp create-for-rbac --name "velero" --role "Contributor" --query 'password' -o tsv`

11
site/docs/v1.0.0/azure-config.md
View File

@ -110,18 +110,11 @@ To integrate Velero with Azure, you must create a Velero-specific [service princ
AZURE_TENANT_ID=`az account list --query '[?isDefault].tenantId' -o tsv`
```
1. Create a service principal with `Contributor` role. This will have subscription-wide access, so protect this credential. You can specify a password or let the `az ad sp create-for-rbac` command create one for you.
1. Create a service principal with `Contributor` role. This will have subscription-wide access, so protect this credential.
If you'll be using Velero to backup multiple clusters with multiple blob containers, it may be desirable to create a unique username per cluster rather than the default `velero`.
Create service principal and specify your own password:
```bash
AZURE_CLIENT_SECRET=super_secret_and_high_entropy_password_replace_me_with_your_own
az ad sp create-for-rbac --name "velero" --role "Contributor" --password $AZURE_CLIENT_SECRET
```
Or create service principal and let the CLI generate a password for you. Make sure to capture the password.
Create service principal and let the CLI generate a password for you. Make sure to capture the password.
```bash
AZURE_CLIENT_SECRET=`az ad sp create-for-rbac --name "velero" --role "Contributor" --query 'password' -o tsv`