Create new account for Argo CD with API key and RBAC permissions

Following are the sequence of activities for creating a new account for Argo CD with API key and RBAC permissions.

Add account to Argo CD via configmap

  1. Get the configmap argocd-cm of Argo CD by executing the below command.

    kubectl get configmap argocd-cm -n argocd -o yaml > argocd-cm.yml
  2. Edit the configmap file argocd-cm.yml and add the below line under "data" with new account which has API Key and login.

    data:
     accounts.argo-account: apiKey, login

  3. Apply the configmap by executing the below command . This will add a new account and allow that account to process an API key as well as login via the Command Line Interface and Graphical User Interface.

    kubectl apply -f argocd-cm.yml -n argocd

Add RBAC admin permission to user via configmap

  1. Get the configmap argocd-rbac-cm of Argo CD by executing the below command.

    kubectl get configmap argocd-rbac-cm -n argocd -o yaml > argocd-rbac-cm.yml
  2. Edit the configmap file argocd-rbac-cm.yml and add the below section under "data" which has admin role permissions.

    data:
      policy.csv: |
        g, argo-account, role:admin

  3. Apply the configmap by executing the below command. This will add admin permission to account.

    kubectl apply -f argocd-rbac-cm.yml -n argocd

Create password for new Argo CD account

  1. Login into Argo CD as an admin account via Argo CLI by executing the below command.

    argocd login SERVER
  2. Create password to the new account by executing the below command. Password should contain at least one UPPERCASE.

    argocd account update-password --account argo-account --current-password current-admin-password --new-password Argo-password

  3. Generate token to the account. For the detailed information, refer here.

Last updated

Was this helpful?