From 5084f3e2341df98dcc4acab4dcf442faefa44692 Mon Sep 17 00:00:00 2001 From: Robert Jensen Date: Wed, 15 May 2024 13:42:43 +0200 Subject: [PATCH] changed documentation to include more details description when using api tokens --- docs/tutorials/cloudflare.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/docs/tutorials/cloudflare.md b/docs/tutorials/cloudflare.md index 1b0d63c05a..2757c4825d 100644 --- a/docs/tutorials/cloudflare.md +++ b/docs/tutorials/cloudflare.md @@ -23,6 +23,8 @@ Otherwise `CF_API_KEY` and `CF_API_EMAIL` should be set to run ExternalDNS with You may provide the Cloudflare API token through a file by setting the `CF_API_TOKEN="file:/path/to/token"`. +Note. The `CF_API_KEY` and `CF_API_EMAIL` should not be present, if you are using a `CF_API_TOKEN`. + When using API Token authentication, the token should be granted Zone `Read`, DNS `Edit` privileges, and access to `All zones`. If you would like to further restrict the API permissions to a specific zone (or zones), you also need to use the `--zone-id-filter` so that the underlying API requests only access the zones that you explicitly specify, as opposed to accessing all zones. @@ -41,6 +43,12 @@ Begin by creating a Kubernetes secret to securely store your CloudFlare API key. kubectl create secret generic cloudflare-api-key --from-literal=apiKey=YOUR_API_KEY --from-literal=email=YOUR_CLOUDFLARE_EMAIL ``` +And for API Token it should look like : + +```shell +kubectl create secret generic cloudflare-api-key --from-literal=apiKey=YOUR_API_TOKEN +``` + Ensure to replace YOUR_API_KEY with your actual CloudFlare API key and YOUR_CLOUDFLARE_EMAIL with the email associated with your CloudFlare account. Then apply one of the following manifests file to deploy ExternalDNS. @@ -65,6 +73,20 @@ env: key: email ``` +Use this in your values.yaml, if you are using API Token: + +```shell +provider: + name: cloudflare +env: + - name: CF_API_TOKEN + valueFrom: + secretKeyRef: + name: cloudflare-api-key + key: apiKey +``` + + Finally, install the ExternalDNS chart with Helm using the configuration specified in your values.yaml file: ```shell