| description |
|---|
A guide on how to create an Omni service account. |
You will need omnictl installed and configured to follow this guide. If you haven't done so already, follow the omnictl guide.
{% hint style="info" %} And Omni service account will create token based authentication for access to Omni. This is separate from access to the clusters managed by Omni. For Kubernetes access, see Kubernetes Service Accounts. {% endhint %}
To create an Omni service account, use the following command:
omnictl serviceaccount create <sa-name>{% hint style="info" %}
By default, the created service account will have a lifetime of 1 year, and uses the role of the creating user. These options can be adjusted by passing in the --ttl and --role parameters to the command. See the command for details.
{% endhint %}
The output of this command will print OMNI_ENDPOINT and OMNI_SERVICE_ACCOUNT_KEY.
{% hint style="warning" %}
Store the OMNI_SERVICE_ACCOUNT_KEY securely as it will not be displayed again.
{% endhint %}
Export these variables with the printed values:
export OMNI_ENDPOINT=<output from above command>
export OMNI_SERVICE_ACCOUNT_KEY=<output from above command>You can now use omnictl with the generated service account.