Skip to content

Step 4 - Nais post terraforming

Configure OAuth login for web frontend

Set up an OAuth client for Console in the tenant management project.

  1. Go to https://console.cloud.google.com
  2. Choose project -> nais-management -> nais-management
  3. Go to APIs ans Service -> OAuth consent screen
  4. Internal -> create
  5. App name: nais management
  6. User support email: admin@<tenant-domain>
  7. Developer Contact email: admin@<tenant-domain>
  8. Save and continue (x2)
  9. Go to APIs ans Service -> Credentials
  10. Click Create Credentials -> OAuth client ID
  11. Select type Web Application
  12. Name: Console
  13. Authorized redirect URI: http://console.<tenant-name>.cloud.nais.io/oauth2/callback
  14. Set Name and Authorized redirect URIs
  15. Create
  16. Copy client id and secret and give to NAIS-team

Add the API reconcilers user to the billing account

  • Billing -> Account Management -> Right side menu (Show info panel) -> Add principal

Add nais-api-reconcilers@<MANAGEMENT_PROJECT_ID>.iam.gserviceaccount.com as Billing Account User

Add new tenant to the documentation repo

  1. in .github/workflows/main.yml add the new tenant to the tenants list (two places)
  2. in docs/workloads/reference/environments.md, add a new section for the tenant with the correct content.