Resource Definitions

Driver

Capability

Dynamic Credentials

Using dynamic credentials

This section contains example Resource Definitions using dynamic credentials for connecting to GKE clusters.

  • gke-dynamic-credentials.yaml: use dynamic credentials defined via a Cloud Account. This format is for use with the Humanitec CLI
  • gke-dynamic-credentials.tf: uses dynamic credentials defined via a Cloud Account. This format is for use with the Humanitec Terraform provider

gke-dynamic-credentials.tf (view on GitHub) :

# Connect to a GKE cluster using dynamic credentials defined via a Cloud Account
resource "humanitec_resource_definition" "gke-dynamic" {
  id          = "gke-dynamic"
  name        = "gke-dynamic"
  type        = "k8s-cluster"
  driver_type = "humanitec/k8s-cluster-gke"
  # The driver_account references a Cloud Account of type "gcp-identity"
  driver_account = humanitec_resource_account.gcp-dynamic.id

  driver_inputs = {
    values_string = jsonencode({
      "name"         = var.gke_cluster_name
      "loadbalancer" = var.gke_loadbalancer
      "project_id"   = var.gcp_project_id
      "zone"         = var.gcp_region
    })
  }
}

gke-dynamic-credentials.yaml (view on GitHub) :

# Connect to a GKE cluster using dynamic credentials defined via a Cloud Account
apiVersion: entity.humanitec.io/v1b1
kind: Definition
metadata:
  id: gke-dynamic-credentials
entity:
  name: gke-dynamic-credentials
  type: k8s-cluster
  # The driver_account references a Cloud Account of type "gcp-identity"
  # which needs to be configured for your Organization.
  driver_account: gcp-dynamic-creds
  driver_type: humanitec/k8s-cluster-gke
  driver_inputs:
    values:
      loadbalancer: 35.10.10.10
      name: demo-123
      zone: europe-west2-a
      project_id: my-gcp-project