To grant a (collection of) user(s) access to a service account, add an administrator permission between the user(s) and the service account. For example: For example: juju add-permission serviceaccoun...
A service account tag has the following format: serviceaccount-<identifier> where <identifier> is the name/id of the service account as provided by your IdP. Tip A serviceaccount-<identifier> type tag...
In order to create an initial admin user we must use the config option controller-admins. The format for controller-admins is a space separated list of email addresses or service accounts. This means ...
The vault backend supports the following configuration keys: ca-cert The path to a PEM-encoded CA certificate file on the local disk. This file is used to verify the Vault server’s SSL certificate. cl...
Conceptually, the JAAS authorization system consists of two main components: Authorization model, which defines the schema of different entity types (e.g. controllers, users, or groups), the possible ...