Create Your Credentials
Intro to Credentials
Credentials are objects within Ortelius that contain username and password pairs. Credentials access the various objects used to retrieve files, interact with git, execute actions, and deploy files. Each Credential can be assigned to various objects within Ortelius, so that a single Credential could be assigned to many Endpoints with the same username/password pair. Credentials are primarily used for accessing Endpoints and Repositories but can be applied to any object in Ortelius that requires a User Name and Password. Credentials are assigned to Domains. Anyone with access to the Domain can view the Credentials. Further restrictions can be applied at the Credential access level .
Note: In order to define a Repository or Endpoint you will need to first define the Credential used to access them.
Containers and Credentials
You may not need Credentials if you only deploy containers. Ortelius uses Helm to perform container deployments. Helm interacts with the Kubernetes cluster, Helm Chart Museum and the container registry to pull charts and images for the deployment. Credentials are only needed to access private container registries and private Chart Museums and are assigned at the Endpoint or Environment level.
Use the Credential List View for Adding or Deleting
Credentials are found under the Setup menu on the left of the Ortelius main panel. By selecting the Credentials menu, you see a list of all Credentials to which you have access. You can also use the Search bar, represented by a funnel icon, to filter Credentials based on Name or Domain.
The Credentials List View has the following Tabs:
|Refresh||Refreshes the browser.|
|Add||Allows you to Add a new Credential. You will select from:
|Delete||Deletes the selected item.|
By double clicking on an item in the list, you will be taken to the Dashboard view.
Use the Credential Dashboard for Viewing and Editing
The Dashboard view displays all information related to a specific Credential.
Common Credential Details
|Full Domain||The fully qualified path of the Domain to which the Credential belongs.|
|Name||The name of the Credential.|
|Summary||A general description of the Credential.|
|Type||The kind of Credential. There are two different Types of Credentials:
|Owner Type||User or Group.|
|Owner||The User name or Group name who created the Credential.|
|Created||The date and time the Credential was created.|
|Modified||The date and time the Credential was last modified.|
SSH Private Keys for Connecting to Endpoints
SSH Private Keys are used to access the Endpoints for deployments over ssh protocol. These keys are generated at the operating system level and need to be made available to Ortelius in order to connect to the Endpoints. If you are using SSH Private keys, you will find these files in your Home directory under the .ssh directory. These files need to be created by you using ssh-keygen. ssh-keygen is a Linux or UNIX command line program. It will generate a id_rsa file or id_dsa file depending on your parameters used. See SSH Keygen more information on generating and using SSH Private keys. Following are additional detail paramters needed for SSH Private Key.
|Username||The User name who owns the key and will be used for logging in to the Endpoint.|
|Filename||The fully qualified path to your SSH id_rsa or id_dsa file.|
Encrypted in Database User and Password Pairs for Accessing External Data Sources
This Credential can be used for accessing any external repository or tool such as Git, SalesForce, or any kind of Data Source external to Ortelius. The data entered into the Username and Password fields is encrypted in the Ortelius database.
|Username||The User name that will be used to access the object.|
|Password||The password that will be used to access the object.|
Credential Access Controls
The Access Section allows Users within designated Groups to update the Credential in various ways. To add a Group to one of the access lists, drag and drop the Group from the Available Groups list onto desired access list. All Users who belong to a Group that appear in one of the Access lists will be granted access to the Credential in the following ways:
|View||Allows the User to see the Credential. If the User does not belong to a Group in the View Access list, the Credential will not appear in the List View.|
|Change||Allows the User to change the Credential’s characteristics i.e. Name, Summary, etc.|
|Read||Allows the User to use the Credential by assigning it to an object such as an EndPoint or Repository.|