- 18 Oct 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
Service Account Management
- Updated on 18 Oct 2023
- 2 Minutes to read
- Print
- DarkLight
- PDF
This article will describe the steps for creating a Service Account to access the Bobsled API.
A Service Account represents an application or machine identity. Creating a Service Account allows you to generate Secrets that you supply to access the Bobsled API.
Service Account Management is located under the REST API tab on the Manage page.
High-Level Overview:
- Create a Service Account
- Generating a Secret
- Removing a Service Account
- Removing Service Account Secret(s)
- Rotating Service Account Secrets
Creating a Service Account
To create a Service Account you will need to supply:
- Service Account Name
- Service Account Label
Service Account Name (Required)
The Service Account name is the identity of your service account.
Service Account Name and Domain will be the value to supply to sled-service-account-email
e.g. "<service-account-name>@sa.<your-environment-name>.bobsled-cloud-api.com"
Service Account Label (Optional)
A human-readable identifier for your service account e.g. Production Service Account
You can modify the Label if you need by using the Edit Label menu option for the chosen Service Account
Service Account Domain (Configured)
This is automatically set for your environment. It will look like: "@sa.<your-environment-name>.bobsled-cloud-api.com"
Generating a Secret
Find the Service Account you will generate a secret against and press the Generate Secret button.
You will be prompted to have a place to store your secret as secrets will only be shown once
You will be returned the following:
- Secret ID: STRING ID for the secret to identify the secret as part of rotating secrets within the UI
- Access Secret: STRING represents the access secret
Use the copy and paste button to copy and store your secret somewhere safe as you will not be able to see it again
Removing a Service Account
To remove a Service Account, locate the Service Account you want to delete. Within the menu button icon, you can select Delete Service Account
Removing Service Account Secret(s)
You can remove either a single or all Secrets for a Service Account.
Removing a single Secret
To remove a single Service Account Secret, use the bin icon next to the Secret you wish to delete.
Removing all Secrets
To remove all Service Account Secrets, within the menu icon next to the Service Account you wish to delete all secrets for select Delete All Secrets.
Rotating Service Account Secret
Secrets may expire or you may want to rotate secrets for security reasons. To rotate a Service Account secret, it is advised to do the following:
- Locate the Service Account for the secret you wish to rotate
- Generate a new Secret for the service account: Generating a Secret
- Apply the new Secret to your environment(s), thoroughly check everything works as expected
- Identify the old Secret using the Secret ID that was given to you at the creation of the old Secret
- Use the bin icon to delete the old Secret: Removing Service Account Secret