Skip to main content

4. Deploy your resources to a control plane

In the previous guide, you created a test for your composition logic. In this guide, you'll create a ClusterProviderConfig and authenticate to your cloud provider to deploy your resources.

Prerequisites​

Make sure you've completed the previous guide and have:

If you missed any of the previous steps, go to the project foundations guide to get started.

Create your control plane​

Now that you have your project built, create a new local control plane:

up project run --local

The run command installs your project functions and dependencies to a control plane.

Authenticate with your cloud provider​

Your project configuration requires an authentication method.

A ClusterProviderConfig is a custom resource that defines how your control plane authenticates and connects with cloud providers like AWS. It acts as a configuration bridge between your control plane's managed resources and the cloud provider's API.

Create a secret​

First, create a secret with your AWS credentials. To create the secret download your AWS access key ID and secret access key.

In the root of your project, create a new file called aws-credentials.txt and paste your AWS access key ID and secret access key.

[default]
aws_access_key_id = YOUR_ACCESS_KEY_ID
aws_secret_access_key = YOUR_SECRET_ACCESS_KEY

Next, create a new secret to store your credentials in your control plane. The kubectl create secret command puts your AWS login details in the control plane secure storage:

kubectl create secret generic aws-secret \
    -n crossplane-system \
    --from-file=my-aws-secret=./aws-credentials.txt

Create a ClusterProviderConfig​

Next, create a new file called provider-config.yaml and paste the configuration below:

upbound-hello-world/provider-config.yaml
apiVersion: aws.upbound.io/v1beta1
kind: ClusterProviderConfig
metadata:
  name: default
spec:
  credentials:
    source: Secret
    secretRef:
      namespace: crossplane-system
      name: aws-secret
      key: my-aws-secret

Next, apply your provider configuration:

kubectl apply -f provider-config.yaml

When you create a composition and deploy with the control plane, Upbound uses the ClusterProviderConfig to locate and retrieve the credentials in the secret store.

Deploy your resources to your control plane​

Now that you have a control plane, use the kubectl apply command in the root of your project to deploy your resources:

kubectl apply --filename examples/storagebucket/example.yaml

Return the resource state with the up CLI.

kubectl get storagebuckets.platform.example.com -o yaml

Now, you can validate your results through the Upbound Console, and make any changes to test your resources required.

Clean up​

Be sure to destroy your resources to avoid cloud costs:

kubectl delete --filename examples/storagebucket/example.yaml

Destroy your control plane:

up project stop

Next steps​

You just created an Upbound project from scratch with an embedded function and a resource claim.

Next, try out an Intelligent Control Plane solution or build your own Internal Developer Platform.

For more information on projects and how to build control planes, checkout the CLI Build manuals.