AWS Static
IAM access key and secret key.
{
"name": "AWS Static",
"credential_type": "aws_static"
}
Secrets:
access_key_id— IAM access key IDsecret_access_key— IAM secret access key
AWS Assume Role
Assume an IAM role.
{
"name": "AWS Assume Role",
"credential_type": "aws_assume_role",
"role_arn": "arn:aws:iam::123456789012:role/DeployRole"
}
Secrets:
- IAM credentials to assume the role (access key + secret key of the assuming user/role)
GCP Service Account
Google Cloud service account key.
{
"name": "GCP Service Account",
"credential_type": "gcp_service_account"
}
Secrets:
- Service account key JSON
Cloudflare API Token
Cloudflare API token.
{
"name": "Cloudflare",
"credential_type": "cloudflare_api_token"
}
Secrets:
- Cloudflare API token
Generic Environment Variables
Arbitrary environment variables for any provider.
{
"name": "Custom Provider",
"credential_type": "generic_env"
}
Secrets:
- Arbitrary key-value pairs
- Key names must be valid environment variable names (start with letter or underscore, then alphanumeric or underscore)
Verifying Credentials
Test any credential config:
POST /credential-configs/{id}/verify
Returns 200 with {"valid": true, "identity": "..."} or {"valid": false, "error": "..."}.
Related
- Credentials — Managing credential configs
- Creating Workspaces — Attaching credentials to workspaces