v1

Cloud Providers /

Add your cloud account to Northflank

To add a new cloud provider integration navigate to the clusters page in your account settings.

You can add credentials when creating a new cluster, or create a new integration on its own. In both cases you will be able to use the saved credentials to create new clusters in the future.

Add your Google Cloud Platform account

You can use Northflank with an existing Google Cloud Platform project, or create a new one. It is recommended that you create a new service account to integrate with Northflank:

  1. Open your GCP console and create a new project, or select an existing one
  2. Navigate to IAM and admin in your GCP project and open the service accounts page
  3. Create a new service account:
    1. Add a name and description, click create and continue
    2. Add roles with the required permissions: the standard Google roles service account user and Kubernetes engine admin contain all the required permissions
    3. Go to the keys page, create a new key and export the keyfile.json
  4. Navigate to your Northflank account settings and open the clusters page
  5. Create a new integration, or create a new cluster and select new credentials . Select Google Cloud Platform as the provider.
  6. Copy and paste your keyfile.json
  7. Create the integration or continue configuring your new cluster. Your credentials will be saved as a new integration when you create the new cluster.

You can edit the integration at any time to update the keyfile.json and Google project ID, if required. If you change the Google project while there are still Northflank clusters on it, you will be unable to manage those clusters and deleting them via Google may leave orphaned resources.

Add your Amazon Web Services account

It is recommended that you create a new IAM user group and user to integrate with Northflank:

  1. Open your AWS IAM console and create a user group

  2. Add a user with access key credential type and download the access tokens. Add this user to the group.

  3. Add the following inline policy to this user:

    {
       "Version": "2012-10-17",
       "Statement": [
           {
               "Effect": "Allow",
               "Resource": "*",
               "Action": [
                   "autoscaling:*",
                   "ec2:*",
                   "ecr:*",
                   "eks:*",
                   "iam:*",
                   "kms:*",
                   "dynamodb:*",
                   "logs:*"
               ]
           }
       ]
    }
    
  4. Navigate to your Northflank account settings and open the clusters page

  5. Create a new integration, or create a new cluster and select new credentials . Select Amazon Web Services as the provider.

  6. Enter the access key and secret key for the user you created

  7. Create the integration or continue configuring your new cluster. Your credentials will be saved as a new integration when you create the new cluster.

You can edit the integration at any time to update the secrets, if required. If the new secrets do not have permission to manage existing clusters, you will be unable to edit those clusters and deleting them via AWS may leave orphaned resources.

Add your Microsoft Azure account

It is recommended that you create a new Azure Active Directory application to integrate with Northflank:

  1. Open Azure Portal and navigate to Active Directory
  2. Register a new application with Azure ID, copy the application (client) ID and the directory (tenant) ID
  3. In your new application click the link for managed application in local directory and copy the application's object ID from properties
  4. Create a new secret and copy the secret value (not the secret ID)
  5. Go to subscriptions and add a new IAM role assignment, assign it the contributor role , and select your app as a member
  6. Copy the subscription ID
  7. Navigate to your Northflank account settings and open the clusters page
  8. Create a new integration, or create a new cluster and select new credentials . Select Azure as the provider.
  9. Enter the directory (tenant) ID, the application (client) ID, the object ID, the secret value, and the subscription ID
  10. Create the integration or continue configuring your new cluster. Your credentials will be saved as a new integration when you create the new cluster.

You can edit the integration at any time to update the secrets, if required. If the new secrets do not have permission to manage existing clusters, you will be unable to edit those clusters and deleting them via Azure Active Directory may leave orphaned resources.

© 2022 Northflank Ltd. All rights reserved.