Edit

Share via

Add-AksHciGmsaCredentialSpec

  • Article

Synopsis

Adds a credentials spec for gMSA deployments on a cluster.

Syntax

Add-AksHciGmsaCredentialSpec -name <String> 
                             -credSpecFilePath <String>
                             -credSpecName <String>
                             -clusterRoleName <String>
                             -secretName <String>
                             [-secretNamespace <String>]
                             [-serviceAccount <String>]
                             [-overwrite][-activity <String>]

Description

Adds a credentials spec for gMSA deployments on a cluster.

Examples

Example

Add-AksHciGMSACredentialSpec -Name mycluster -CredFilePath .\credspectest.json -CredSpecName credspec-mynewcluster -secretName mysecret -clusterRoleName clusterrole-mynewcluster

Parameters

-name

The alphanumeric name of your Kubernetes cluster.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-credSpecFilePath

File Path of the JSON cred spec file.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-credSpecName

Name of the Kubernetes credential spec object the user would like to designate.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-clusterRoleName

Name of the Kubernetes cluster role assigned to use the Kubernetes gMSA credspec object.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-secretName

Name of the Kubernetes secret object storing the Active Directory user credentials and gMSA domain.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-secretNamespace

Namespace where the Kubernetes secret object resides in.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: Default
Accept pipeline input: False
Accept wildcard characters: False

-serviceAccount

Name of the Kubernetes service account assigned to read the k8s gMSA credspec object.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: Default
Accept pipeline input: False
Accept wildcard characters: False

-overwrite

Overwrites existing Cluster role and service account role binding.

Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

-activity

The name of the activity when updating progress.

Type: System.String
Parameter Sets: (All)
Aliases:

Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False

Next steps

AksHci PowerShell Reference