search
πŸ”— Supported Cloud ObjectsπŸ”— PortalπŸ”— REST APIπŸ”— tuono.com

CLI Configuration

I have this. Just give me the steps...

This tool will generate the IAM user, group and permissions in AWS, then generate the secret to allow programmatic access. It will then push these details directly into the Tuono credential Vault via the Tuono API.

hashtag
Static Credential Tool

  • Connect directly to the AWS CloudShellarrow-up-right.

  • Download the file tuono_credential_add.py with wget and make it executable. Copy the following in to the CloudShell terminal:

wget https://raw.githubusercontent.com/tuono/tuono-open-tools/main/tuono_credential_add.py \
    && chmod +x tuono_credential_add.py
circle-info

To examine the code, please review it in GitHubarrow-up-right

  • To execute the script, provide the following details (this might be easier in a text editor) and copy it in to the AWS CloudShell terminal. NOTE: You can use any name you like for the IAM user and group.

./tuono_credential_add.py --username '<tuono_username>' \
    --venue 'aws' \
    --iam_user '<new_iam_user>' \
    --iam_group '<new_iam_group>'

  • This should output:

[cloudshell-user@<ip> ~]$ ./tuono_credential_add.py --username '<tuono_username>' --venue 'aws' --iam_user '<new_iam_user>' --iam_group '<new_iam_group>'

Please enter the Password for <tuono_username>: 
2021-01-26 23:59:25,835 INFO Creating IAM user <new_iam_user>
2021-01-26 23:59:26,726 INFO Creating IAM group <new_iam_group>
2021-01-26 23:59:27,900 INFO Adding IAM permissions to <new_iam_group>
2021-01-26 23:59:33,963 INFO Adding <new_iam_user> to <new_iam_group>
2021-01-26 23:59:34,744 INFO Generating secret
2021-01-26 23:59:36,023 INFO Waiting 20s to reconcile changes
2021-01-26 23:59:56,995 INFO Credential details for the Tuono Portal. THESE WILL NOT BE LOGGED:

{
  "access_key": "<access_key>",
  "cred_type": "static",
  "name": "<new_iam_user>",
  "secret_key": "<secret_key>"
}

2021-01-26 23:59:56,996 INFO Keep these details in a secure place. If you lose these you will need to recreate the registration
2021-01-26 23:59:56,996 INFO Making REST call to add credentials to the Tuono Portal
2021-01-26 23:59:59,652 INFO Job still running
2021-01-27 00:00:10,142 INFO Pushing credentials to Tuono succeeded!
2021-01-27 00:00:10,142 INFO To see DEBUG logs, please review tuono_aws_setup.txt. Command: less tuono_aws_setup.txt
triangle-exclamation

Take a note of the Credential details for the Tuono Portal. This is the only time you will be able to obtain the secret key, so store it in a safe and secure location. If you forget these, you will need to recreate the user.

circle-check

If you have completed this successfully, you can skip the "Add Cloud Credential to Tuono" section, as this has already been done for you via the API. Head over Tuono Portalarrow-up-right to confirm that the credentials were successfully added. If there are any issues, the credential details in the terminal can be used to manually add your credentials.

PreviousGUI ConfigurationNextAzure Credentials

Last updated

Was this helpful?