Contents x
    Service Account Management
    • 18 Oct 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Service Account Management

    • Updated on 18 Oct 2023
    • 2 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article Summary

    This article will describe the steps for creating a Service Account to access the Bobsled API. 

    A Service Account represents an application or machine identity. Creating a Service Account allows you to generate Secrets that you supply to access the Bobsled API.

    Service Account Management is located under the REST API tab on the Manage page.


    High-Level Overview:

    Creating a Service Account

    To create a Service Account you will need to supply:

    1. Service Account Name
    2. Service Account Label

    Service Account Name (Required)

    The Service Account name is the identity of your service account. 

    Service Account Name and Domain will be the value to supply to sled-service-account-email 

    e.g. "<service-account-name>@sa.<your-environment-name>.bobsled-cloud-api.com"

    Service Account Label (Optional)

    A human-readable identifier for your service account e.g. Production Service Account

    You can modify the Label if you need by using the Edit Label menu option for the chosen Service Account

    Service Account Domain (Configured)

    This is automatically set for your environment. It will look like: "@sa.<your-environment-name>.bobsled-cloud-api.com"


    Generating a Secret 

    Find the Service Account you will generate a secret against and press the Generate Secret button.


    You will be prompted to have a place to store your secret as secrets will only be shown once

    You will be returned the following:

    1. Secret ID: STRING ID for the secret to identify the secret as part of rotating secrets within the UI
    2. Access Secret: STRING represents the access secret 

    Use the copy and paste button to copy and store your secret somewhere safe as you will not be able to see it again


    Removing a Service Account

    To remove a Service Account, locate the Service Account you want to delete. Within the menu button icon, you can select Delete Service Account 


    Removing Service Account Secret(s)

    You can remove either a single or all Secrets for a Service Account. 

    Removing a single Secret

    To remove a single Service Account Secret, use the bin icon next to the Secret you wish to delete.

    Removing all Secrets

    To remove all Service Account Secrets, within the menu icon next to the Service Account you wish to delete all secrets for select Delete All Secrets.


    Rotating Service Account Secret

    Secrets may expire or you may want to rotate secrets for security reasons. To rotate a Service Account secret, it is advised to do the following:

    1.  Locate the Service Account for the secret you wish to rotate
    2.  Generate a new Secret for the service account: Generating a Secret
    3.  Apply the new Secret to your environment(s), thoroughly check everything works as expected
    4.  Identify the old Secret using the Secret ID that was given to you at the creation of the old Secret
    5.  Use the bin icon to delete the old Secret: Removing Service Account Secret 



    Was this article helpful?
    What's Next