uaa-credentials-broker

command module

v0.0.0-...-bb03362 Latest Latest Go to latest Published: Mar 15, 2024 License: CC0-1.0 Imports: 20 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/cloud-gov/uaa-credentials-broker

Links

Open Source Insights

README ¶

Cloud Foundry UAA Credentials Broker

This service broker allows Cloud Foundry users to provision and deprovision UAA users and clients:

UAA users managed by the broker are scoped to a given organization and space and can be used to push applications when password authentication is needed--such as when deploying from a continuous integration service. Live example: the cloud.gov service account service.
UAA clients can be used to leverage UAA authentication in tenant applications. Live example: leveraging cloud.gov authentication using the cloud.gov identity provider service.

Usage

UAA users

Create service instance:

$ cf create-service cloud-gov-service-account space-deployer my-service-account

Create service key:

$ cf create-service-key my-service-account my-service-key

Retrieve credentials from service key:

$ cf service-key my-service-account my-service-key

To rotate or deprovision when user is no longer needed, delete the service key:
```
$ cf delete-service-key my-service-account my-service-key
```

UAA clients

Create a service instance:

$ cf create-service cloud-gov-identity-provider oauth-client my-uaa-client

Create service key:

$ cf create-service-key my-uaa-client my-service-key \
    -c '{"redirect_uri": ["https://my.app.cloud.gov/auth/callback"]}'

Retrieve credentials from service key:

$ cf service-key my-uaa-client my-service-key

To rotate or deprovision when client is no longer needed, delete the service key:
```
$ cf delete-service-key my-uaa-client my-service-key
```

Deployment

Create UAA client:

$ uaac client add uaa-credentials-broker \
    --name uaa-credentials-broker \
    --authorized_grant_types client_credentials \
    --authorities scim.write,uaa.admin,cloud_controller.admin \
    --scope uaa.none

Update Concourse pipeline:

fly -t ci set-pipeline -p uaa-credentials-broker -c pipeline.yml -l credentials.yml

Public domain

This project is in the worldwide public domain. As stated in CONTRIBUTING:

This project is in the public domain within the United States, and copyright and related rights in the work worldwide are waived through the CC0 1.0 Universal public domain dedication.

All contributions to this project will be released under the CC0 dedication. By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
mocks

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL