Skip to Content
Cloud Credentials

Cloud Credentials

Cloud credentials connect Kovra to your cloud provider accounts, enabling managed cluster provisioning and infrastructure management. Kovra supports AWS, GCP, and Azure.

Adding Credentials

Navigate to Cloud Credentials in the sidebar and click Add Credential. Select your cloud provider and follow the setup wizard.

AWS Setup

  1. Enter your AWS Account ID
  2. Kovra generates a CloudFormation template that creates a cross-account IAM role
  3. Deploy the template in your AWS account via the AWS Console or CLI
  4. Return to Kovra and submit the Role ARN and External ID
  5. Kovra validates the credentials by assuming the role

GCP Setup

  1. Enter your GCP Project ID
  2. Enable the required APIs (Compute Engine, Kubernetes Engine, etc.) using the provided gcloud commands
  3. Create a Service Account with the required IAM roles (Compute Admin, Kubernetes Engine Admin, etc.)
  4. Generate a JSON key for the service account
  5. Paste the JSON key into Kovra

Azure Setup

  1. Gather your Subscription ID, Tenant ID, Client ID, and Client Secret from the Azure portal
  2. Enter all four values in the Kovra wizard
  3. Kovra validates access to your Azure subscription

Managing Credentials

Each credential shows:

  • Provider — AWS, GCP, or Azure icon
  • Display name — Your label for this credential
  • Validation status — Valid or Invalid
  • Last validated — When the credential was last checked

Available Actions

ActionDescription
ValidateRe-check that the credential can access the cloud provider
DeleteRemove the credential (clusters using it will lose provisioning access)

Usage

Cloud credentials are required before you can:

  • Create managed clusters — Provision GKE, EKS, or AKS clusters
  • Set up monitoring — Deploy metrics agents to cloud-hosted clusters

You can have multiple credentials per provider (e.g., separate AWS accounts for staging and production).

Last updated on
ClustersDatabases