Create and register Credential

---

Create and register Credential

To register credential in Cloud Studio, you need to create credential on each CSP (Cloud Service Provider) page.  credential registration can be done either on the main page or the canvas page.  The reason for pre-registering credential is that they are required later when deploying canvases or importing existing infrastructure.

What is credential?

     

It is information that is encrypted, such as personal details including user login credential.

 

Azure register Credential

Click the 🔗 link icon next to each field to access the azure docs. Use this information to fill out the fields.

  

1. Click the My Info - credential Management button in Register credential.
2. Select Azure.
3. Enter a name for the credential.

-   English letters only. -   Special characters other than numbers, underscores, and hyphens are not allowed. -   4 to 20 characters.

4. Access the Azure Portal and log in. https://azure.microsoft.com/ko-kr/get-started/azure-portal/
5. Click on Microsoft Entra ID.

  

6. Click on App registrations > New registration.
7. When the application registration page appears, enter the Registration information for the application.

-   Enter a name for the application(예: AspNetCore-WebApp). This name may be visible to users of the app and can be changed later. -   Select the supported account types for the application. -   For the redirect URI, add the format and URI target of the application that will receive the token response after successful authentication. For example, you might enter. https://localhost:44321 -   Click Register.

8. In the management section, select Authentication and add the following information:

-   In the Web section, add https://localhost:44321/signin-oidc as the redirect URI. -   Enter https://localhost:44321/signout-oidc as the front-channel logout URL. -   Select ID tokens under Implicit and Hybrid flows. -   Click Save.

9. The owner of the registered app must assign access permissions so that other users can access the registered app. To assign roles, click on the app you created earlier.

-   9-1. Click on Access Control (IAM). The following is an example of the Access Control (IAM) page for a resource group. -   9-2. Click on the Role Assignments tab to view the role assignments for the relevant scope. -   9-3. Click Add > Add role assignment. -   9-4. In the Role tab, select the role you want to use. -   9-5. Click View in the Details column to see more information about the role. -   9-6. Click Next. -   9-7. In the Members tab, select users, groups, or service principals to assign the selected role to one or more Azure AD users, groups, or service principals (applications). -   9-8. Click Select members. -   9-9. Search for and select the users, groups, or service principals. -   9-10. Click Select to add the users, groups, or service principals to the list of members. -   9-11. To assign the selected role to one or more managed identities, select Managed Identity. -   9-12. Click Select managed identities. -   9-13. In the Select managed identities pane, choose whether the managed identities are assigned by users or by the system. -   9-14. Search for and select the managed identities. -   9-15. Click Select to add the managed identities to the list of members, then click Next. -   9-16. Click Review + assign to assign the role. The role will be assigned to the security principal in the selected scope after a few minutes. -   9-17. If a description for the role assignment is not displayed, click Edit columns to add the description column.

 

info

For detailed instructions on assigning Azure roles using the Azure Portal, please refer to the link below. https://learn.microsoft.com/ko-kr/azure/role-based-access-control/role-assignments-portal

 

10. Enter the Directory (Tenant) ID into the Cloud Studio Tenant ID field. Enter the Application (Client) ID into the Cloud Studio Service Principal ID field.

  

11. In the left sidebar, click on Certificates & secrets. 12. Click on New client secret. 13. Enter a brief description for the Key and select the expiration time. Once the input is complete, click `Add`. 14. Copy the generated value and paste it into the Cloud Studio Service Principal Key.

 

caution

The generated Service Principal Key will not be visible if you refresh the page. It is recommended to write it down immediately. While you can generate a new Key if you forget the value, it is not recommended.

13. Return to the Azure Portal Home and click on Subscriptions.

  

14. Enter the Subscription ID into the Cloud Studio Subscription ID field.

  

15. Click Register.

tip

For instructions on how to register Credential using Azure CLI, please refer to the link below. https://docs.microsoft.com/ko-kr/cli/azure/what-is-azure-cli

 

Register NCloud Credential

To deploy to NAVER Cloud Platform using Cloud Studio, you need an API authentication key from NAVER Cloud Platform: the Access Key and Secret Key. These API authentication keys are tools used to verify whether the user making the API call has the necessary permissions.

  

1. Enter your Credential.
2. Sign up on the NAVER Cloud Platform portal to generate an authentication key.

tip

For instructions on how to sign up for NAVER Cloud Platform, please refer to here.

3. On the NCP site, click Apply for Use. Note that you must register a payment method to receive the authentication key.

  

4. Go to Portal > My Page > Account Management > Authentication Key Management.
5. If no authentication key is available, click the Create New API Authentication Key button.

  

6. Copy the Access Key ID and paste it into Cloud Studio.
7. Generate the Secret Key and paste it into Cloud Studio.

  

tip

It is recommended to issue API authentication keys from a sub-account rather than a main account with full permissions, and to periodically replace the keys to guard against potential leaks. If you are not using the API authentication key or suspect it may have been compromised, it is also advisable to disable or delete the key for security purposes. After generating a new API authentication key, you should apply the updated API key to continue using the services seamlessly.

 

Register AWS Credential

1. Log in to IAM at https://console.aws.amazon.com/iam/ to open the console.

  

2. From the console home, click My Account in the upper-right corner and then select Security Credential.

  

3. Click on Access keys.
4. Click Create new access key.

  

5. Click Show access key or download the Excel file to view the key.

  

caution

If you do not download the key file containing the new Access Key ID and Secret Access Key at the time of key creation, you will not be able to retrieve the Secret Access Key again.

Reference

-   Azure create credential -   AWS create credential -   NCloud create credential