Create new account for Argo CD with API key and RBAC permissions
Following are the sequence of activities for creating a new account for Argo CD with API key and RBAC permissions.
- 1.Get the configmap argocd-cm of Argo CD by executing the below command.kubectl get configmap argocd-cm -n argocd -o yaml > argocd-cm.yml
- 2.Edit the configmap file
argocd-cm.ymland add the below line under "data" with new account which has API Key and login.data:accounts.argo-account: apiKey, loginNote: Please note that in the above command “argo-account” is the new account name. You are free to choose any name for your account. - 3.Apply the configmap by executing the below command . This will add a new account and allow that account to process an API key as well as login via the Command Line Interface and Graphical User Interface.kubectl apply -f argocd-cm.yml -n argocd
- 1.Get the configmap argocd-rbac-cm of Argo CD by executing the below command.kubectl get configmap argocd-rbac-cm -n argocd -o yaml > argocd-rbac-cm.yml
- 2.Edit the configmap file argocd-rbac-cm.yml and add the below section under "data" which has admin role permissions.data:policy.csv: |g, argo-account, role:adminNote: Please note that,by default Argo CD has admin and read-only roles.
- 3.Apply the configmap by executing the below command. This will add admin permission to account.kubectl apply -f argocd-rbac-cm.yml -n argocd
- 1.Login into Argo CD as an admin account via Argo CLI by executing the below command.argocd login SERVER
- 2.Create password to the new account by executing the below command. Password should contain at least one UPPERCASE.argocd account update-password --account argo-account --current-password current-admin-password --new-password Argo-passwordNote: Replace the “argo-account” in the above command with your new Argo account and the “current-admin-password” with the current logged in admin password.
- 3.
Last modified 7mo ago