Supported cloud providers
aws_access_key
and aws_secret_key
can be generated in the IAM console. We recommend creating a new IAM user with Read Only
permissions and providing the access token for the user.
Scopes Required:
The following scopes can directly be provided to the IAM user.
gcp_service_account_key
can be retrieved by creating a new service account. To do so, create service account with Read Only access to cloudresourcemanager
and dns
scopes in IAM. Next, generate a new account key for the Service Account by following steps in Reference 2. This should give you a json which can be pasted in a single line in the gcp_service_account_key
.
Scopes Required: Cloud DNS, GKE
roles/cloudasset.viewer
- To read asset inventory dataroles/resourcemanager.organizationViewer
- To list organization resourcesroles/resourcemanager.folderViewer
- To list folder resources (if using folders)roles/browser
- To browse project resourcestenant_id
, client_id
, client_secret
can be obtained/generated from All services
> Azure Active Directory
> App registrations
subscription_id
can be retrieved from All services
> Subscriptions
To use cli auth set use_cli_auth
value to true
and run az login
in the terminal
References:
digitalocean_token
can be generated from the Digitalocean Control Panel. We recommend only giving Read Access to the token.
References:
scaleway_access_key
and scaleway_access_token
can be generated from the Credentials Options in scaleway console.
References -
heroku_api_token
can be generated from https://dashboard.heroku.com/account/applications/authorizations/new
It can also be created with the Heroku CLI by running:
linode_personal_access_token
can be created from https://cloud.linode.com/id/tokens. Minimum scope needed is Read Only
for Linodes
resource.
References:
fastly_api_key
can be generated from https://manage.fastly.com/account/personal/tokens
References -
api_key
can be generated from Cloudflare API Key manager. It needs to be Global API Key due to limitation of cloudflare new API tokens.
References:
nomad_url
automatically turns SSL to on. All the fields are optional except the nomad_url
.
References:
consul_url
automatically turns SSL to on. All the fields are optional except the consul_url
.
References: