Comment on page
Start by going to the team page.
Go to team page
From here, click the "Add user" button and check the "Service account" checkbox.
Add user modal
In the screenshot above we've added the service account to the "Developers" group but you can of course choose whatever group has the permission that meet your needs.
Once created, you can create secrets for your service account just like for any other user.
To authenticate as the service account when running Garden you need to create an access token.
Click the edit pencil next to the service account to open the "Update user" modal and create the access token.
Make sure to note it down because it's only displayed once.
Creating an access token
Now you can use this access token to authenticate against Garden Cloud when running Garden, e.g. in CI, with the
Note that you should not add the token in plain text to your CI configuration. Instead store it as a secret with your CI provider.
For example, in your CI pipeline, you might run the following command (where
my-auth-token-referencerefers to a variable not the plain text value):
GARDEN_AUTH_TOKEN=<my-auth-token-reference> garden deploy
You can use service accounts to run Cloud Workflows and AEC jobs.
Simply go the settings page for the given project, click the gear icon for the relevant environment and select the service account.
Use service account for environment