--- --- ## kubectl config set-credentials Sets a user entry in kubeconfig ### Synopsis Sets a user entry in kubeconfig Specifying a name that already exists will merge new fields on top of existing values. Client-certificate flags: --client-certificate=certfile --client-key=keyfile Bearer token flags: --token=bearer_token Basic auth flags: --username=basic_user --password=basic_password Bearer token and basic auth are mutually exclusive. ``` kubectl config set-credentials NAME [--client-certificate=path/to/certfile] [--client-key=path/to/keyfile] [--token=bearer_token] [--username=basic_user] [--password=basic_password] [--auth-provider=provider_name] [--auth-provider-arg=key=value] ``` ### Examples ``` # Set only the "client-key" field on the "cluster-admin" # entry, without touching other values: kubectl config set-credentials cluster-admin --client-key=~/.kube/admin.key # Set basic auth for the "cluster-admin" entry kubectl config set-credentials cluster-admin --username=admin --password=uXFGweU9l35qcif # Embed client certificate data in the "cluster-admin" entry kubectl config set-credentials cluster-admin --client-certificate=~/.kube/admin.crt --embed-certs=true # Enable the Google Compute Platform auth provider for the "cluster-admin" entry kubectl config set-credentials cluster-admin --auth-provider=gcp # Enable the OpenID Connect auth provider for the "cluster-admin" entry with additional args kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-id=foo --auth-provider-arg=client-secret=bar # Remove the "client-secret" config value for the OpenID Connect auth provider for the "cluster-admin" entry kubectl config set-credentials cluster-admin --auth-provider=oidc --auth-provider-arg=client-secret- ``` ### Options ``` --auth-provider value auth provider for the user entry in kubeconfig --auth-provider-arg value 'key=value' arugments for the auth provider (default []) --client-certificate value path to client-certificate file for the user entry in kubeconfig --client-key value path to client-key file for the user entry in kubeconfig --embed-certs value[=true] embed client cert/key for the user entry in kubeconfig --password value password for the user entry in kubeconfig --token value token for the user entry in kubeconfig --username value username for the user entry in kubeconfig ``` ### Options inherited from parent commands ``` --alsologtostderr value log to standard error as well as files --as string Username to impersonate for the operation --certificate-authority string Path to a cert. file for the certificate authority --cluster string The name of the kubeconfig cluster to use --context string The name of the kubeconfig context to use --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure --kubeconfig string use a particular kubeconfig file --log-backtrace-at value when logging hits line file:N, emit a stack trace (default :0) --log-dir value If non-empty, write log files in this directory --logtostderr value log to standard error instead of files --match-server-version Require server version to match client version -n, --namespace string If present, the namespace scope for this CLI request -s, --server string The address and port of the Kubernetes API server --stderrthreshold value logs at or above this threshold go to stderr (default 2) --user string The name of the kubeconfig user to use -v, --v value log level for V logs --vmodule value comma-separated list of pattern=N settings for file-filtered logging ``` ###### Auto generated by spf13/cobra on 24-Oct-2016 [![Analytics](https://kubernetes-site.appspot.com/UA-36037335-10/GitHub/docs/user-guide/kubectl/kubectl_config_set-credentials.md?pixel)]()