...
Panel | ||
---|---|---|
| ||
This page describes how to add credentials, such as public cloud credentials, and configure enterprise properties for cloud tenants. |
Add public cloud credentials for a tenant
...
See Add public cloud credentials for a tenant
To work with a public cloud region, each enterprise should have its own public cloud account for each cloud provider. All the users in the tenant will work with this same account.
Panel | ||
---|---|---|
| ||
Privileges: Manage provider credentials |
Before you begin:
Obtain credentials to access the cloud provider's API. For Abiquo's basic guides, see Obtain public cloud credentials. Always check your provider documentation too.
...
Delete public cloud credentials
Note |
---|
|
To delete public cloud credentials:
This will add a cloud provider account for a tenant enterprise with access to a public cloud region.
In resellers with Amazon, Azure ARM, and other partner accounts, to create a customer account in the provider and add it to an enterprise in the platform, click the enterprise building Create account button. See Create an account in public cloud for the customer of a reseller.
Public cloud credentials table
...
Attribute
...
Description
...
Compute Compute access
...
Access key ID
...
For compute access, identity to access the cloud provider API. For example, a username, API access key ID, subscription ID and certificate, or another account identifier.
For Azure, the format is subscription-id#app-id#tenant-id
For Google the format is project_id#client_id#client_email#private_key_id
For OCI, the format is tenancy#user#fingerprint
...
Secret access key
...
Key to access the cloud provider API. For example, an API key or other API credential. For Azure, enter the password for the app. For OCI enter the private key in PEM format.
...
Also use for pricing
...
Use this credential to access pricing data in the provider and for cost usage data for billing dashboards. For example, to get hardware profile prices from AWS or to obtain billing data from OCI. For Azure, add a separate pricing credential in a different format. The API user must have pricing and billing permissions in the provider
...
Billing only
...
Only for billing
...
If your customer is part of your reseller hierarchy AND their public cloud account is under your reseller or partner account AND they do not require compute access, then mark this checkbox AND enter the Access key ID as follows:
For Azure, the format is subscription-id##tenant-id
For AWS, the format is account-id
For these customers, for the Secret access key, you can enter a random string
...
Create a user to access the cloud provider portal
...
Add enterprise properties to store tenant details and metadata
...
Inject enterprise properties as VM variables
...
Configure Azure VPNs
...
Add an application for OAuth
...
Go to
...
Enter the Credentials as described here
Select the Provider: Some providers may require different credentials for groups of regions
Enter the credentials as described in the table below
If the customer account is under a provider partner account and will not have compute access, select Only for billing.
For a standalone customer account, see Add a customer AWS account for billing only.
...
Click Add account. The platform will validate your credentials with the cloud provider and save them
...
Finish editing the enterprise and click Save
Edit enterprise credentials
Click the trash bin icon next to the provider name in the Current credentials section.
...
Create a user to access the cloud provider portal
Excerpt | |||||
---|---|---|---|---|---|
| |||||
When your enterprise has credentials for a public cloud provider, you can create a user account in a cloud provider. From here you can also click a link to access the cloud provider portal. Abiquo displays the public cloud account identifiers on the Credentials tab.
To create a user:
|
...
Set enterprise properties to store tenant metadata
Excerpt | ||
---|---|---|
| ||
To store tenant details and metadata, use enterprise properties. The platform also uses enterprise properties to configure features and integrations. Enterprise properties can have different types to enable you to use properties in hierarchical organisation models (such as reseller models). Administrators can use types to reserve some properties for internal use, and enable reseller or enterprise admins to view or manage other properties. |
Excerpt | |||||
---|---|---|---|---|---|
| |||||
The platform controls access to enterprise properties with the following privileges and types.
To retrieve or update enterprise properties in the user interface, you will require the Allow user to switch enterprise privilege. As well as the regular administrator privileges to Manage enterprises and Manage users of all enterprises. There are three types of enterprise properties:
To update Read only or Hidden properties you will also require the Manage enterprise properties privilege. |
Excerpt | ||
---|---|---|
| ||
To store tenant details and metadata, by setting enterprise properties:
To edit a property's Value, click the pencil edit button. And to delete a property, click the trash bin delete button.
To set default enterprises properties and values for your users, see Predefine enterprise properties for the UI . For details of how to manage enterprise properties via the API, see Update enterprise properties via API . To add tenant metadata to VMs, see Inject enterprise properties as VM variables. |
...
Inject enterprise properties as VM variables
Excerpt | ||
---|---|---|
You can pass enterprise properties to VMs using cloud-init. An example use case for this feature is to call an external Windows License or AD server and automatically assign your VMs to the appropriate AD group when they deploy.
To add enterprise properties as VM variables when you create your VMs:
The platform will create VMs with the selected VM variables. Remember that users can edit the VM variables before they deploy the VMs. See also VM variables |
...