Synopsis
Manage authentication tokens for vCluster access.
vcluster token [command] [flags]
Subcommands
create - Create a new tokenlist - List existing tokensdelete - Delete a token
vcluster token create
Create a new authentication token.
Synopsis
vcluster token create TOKEN_NAME [flags]
Examples
# Create token for CI/CD
vcluster token create ci-bot -n team-x
# Create token with TTL
vcluster token create temp-token -n team-x --ttl 24h
# Create token for specific service account
vcluster token create deploy-bot -n team-x \
--service-account deploy-sa
Flags
The namespace where the vCluster is running.
Token time-to-live (e.g., 24h, 7d).
Service account to create token for.
vcluster token list
List authentication tokens.
Synopsis
vcluster token list [flags]
Examples
# List tokens
vcluster token list -n team-x
# JSON output
vcluster token list -n team-x --output json
vcluster token delete
Delete an authentication token.
Synopsis
vcluster token delete TOKEN_NAME [flags]
Examples
# Delete token
vcluster token delete ci-bot -n team-x
Complete Example
#!/bin/bash
VCLUSTER="ci-cluster"
NAMESPACE="ci"
# Create vCluster
vcluster create $VCLUSTER -n $NAMESPACE
# Create service account inside vCluster
vcluster connect $VCLUSTER -n $NAMESPACE
kubectl create serviceaccount ci-bot
kubectl create clusterrolebinding ci-bot \
--clusterrole=cluster-admin \
--serviceaccount=default:ci-bot
vcluster disconnect
# Create token
TOKEN=$(vcluster token create ci-bot -n $NAMESPACE --service-account ci-bot --ttl 720h)
# Use in CI
echo "CI_VCLUSTER_TOKEN=$TOKEN" >> $GITHUB_ENV
See Also
