Add-AksHciGmsaCredentialSpec
Synopsis
Adds a credentials spec for gMSA deployments on a cluster.
Syntax
Add-AksHciGmsaCredentialSpec -name <String>
-credSpecFilePath <String>
-credSpecName <String>
-clusterRoleName <String>
-secretName <String>
[-secretNamespace <String>]
[-serviceAccount <String>]
[-overwrite][-activity <String>]
Description
Adds a credentials spec for gMSA deployments on a cluster.
Examples
Example
Add-AksHciGMSACredentialSpec -Name mycluster -CredFilePath .\credspectest.json -CredSpecName credspec-mynewcluster -secretName mysecret -clusterRoleName clusterrole-mynewcluster
Parameters
-name
The alphanumeric name of your Kubernetes cluster.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-credSpecFilePath
File Path of the JSON cred spec file.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-credSpecName
Name of the Kubernetes credential spec object the user would like to designate.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-clusterRoleName
Name of the Kubernetes cluster role assigned to use the Kubernetes gMSA credspec object.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-secretName
Name of the Kubernetes secret object storing the Active Directory user credentials and gMSA domain.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: True
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-secretNamespace
Namespace where the Kubernetes secret object resides in.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: Default
Accept pipeline input: False
Accept wildcard characters: False
-serviceAccount
Name of the Kubernetes service account assigned to read the k8s gMSA credspec object.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: Default
Accept pipeline input: False
Accept wildcard characters: False
-overwrite
Overwrites existing Cluster role and service account role binding.
Type: System.Management.Automation.SwitchParameter
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
-activity
The name of the activity when updating progress.
Type: System.String
Parameter Sets: (All)
Aliases:
Required: False
Position: Named
Default value: None
Accept pipeline input: False
Accept wildcard characters: False
Next steps
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for