mirrors/external-dns
1
0
Fork 0
mirror of https://github.com/kubernetes-sigs/external-dns.git synced 2025-08-06 01:26:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

changed documentation to include more details description when using api tokens

Browse Source
This commit is contained in:
Robert Jensen 2024-05-15 13:42:43 +02:00
parent 23f8d4037d
commit 5084f3e234
No known key found for this signature in database
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
docs/tutorials/cloudflare.md
View File

@ -23,6 +23,8 @@ Otherwise `CF_API_KEY` and `CF_API_EMAIL` should be set to run ExternalDNS with
You may provide the Cloudflare API token through a file by setting the You may provide the Cloudflare API token through a file by setting the
`CF_API_TOKEN="file:/path/to/token"`. `CF_API_TOKEN="file:/path/to/token"`.
Note. The `CF_API_KEY` and `CF_API_EMAIL` should not be present, if you are using a `CF_API_TOKEN`.
When using API Token authentication, the token should be granted Zone `Read`, DNS `Edit` privileges, and access to `All zones`. When using API Token authentication, the token should be granted Zone `Read`, DNS `Edit` privileges, and access to `All zones`.
If you would like to further restrict the API permissions to a specific zone (or zones), you also need to use the `--zone-id-filter` so that the underlying API requests only access the zones that you explicitly specify, as opposed to accessing all zones. If you would like to further restrict the API permissions to a specific zone (or zones), you also need to use the `--zone-id-filter` so that the underlying API requests only access the zones that you explicitly specify, as opposed to accessing all zones.
@ -41,6 +43,12 @@ Begin by creating a Kubernetes secret to securely store your CloudFlare API key.
kubectl create secret generic cloudflare-api-key --from-literal=apiKey=YOUR_API_KEY --from-literal=email=YOUR_CLOUDFLARE_EMAIL kubectl create secret generic cloudflare-api-key --from-literal=apiKey=YOUR_API_KEY --from-literal=email=YOUR_CLOUDFLARE_EMAIL
``` ```
And for API Token it should look like :
```shell
kubectl create secret generic cloudflare-api-key --from-literal=apiKey=YOUR_API_TOKEN
```
Ensure to replace YOUR_API_KEY with your actual CloudFlare API key and YOUR_CLOUDFLARE_EMAIL with the email associated with your CloudFlare account. Ensure to replace YOUR_API_KEY with your actual CloudFlare API key and YOUR_CLOUDFLARE_EMAIL with the email associated with your CloudFlare account.
Then apply one of the following manifests file to deploy ExternalDNS. Then apply one of the following manifests file to deploy ExternalDNS.
@ -65,6 +73,20 @@ env:
key: email key: email
``` ```
Use this in your values.yaml, if you are using API Token:
```shell
provider:
name: cloudflare
env:
- name: CF_API_TOKEN
valueFrom:
secretKeyRef:
name: cloudflare-api-key
key: apiKey
```
Finally, install the ExternalDNS chart with Helm using the configuration specified in your values.yaml file: Finally, install the ExternalDNS chart with Helm using the configuration specified in your values.yaml file:
```shell ```shell