Chapter 6. Creating and managing activation keys in the Red Hat Hybrid Cloud Console
Your organization’s activation keys are listed on the Activation Keys page in the Red Hat Hybrid Cloud Console. You can use an activation key as an authentication token to register a system with Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). Administrators can create, edit, and delete activation keys for your organization. They also have the option to set system-level features, such as system purpose, on an activation key. When you use a preconfigured activation key to register a system, all the selected attributes are automatically applied at the time of registration.
6.1. Activation key management in the Red Hat Hybrid Cloud Console
An activation key is a preshared authentication token that enables authorized users to register and configure systems. It eliminates the need to store, use, and share a personal username and password combination, which increases security and facilitates automation. For example, you can use a preconfigured activation key to automatically register a system with all the required system-level features. Additionally, you can put preconfigured activation keys in Kickstart scripts to bulk -provision the registration of multiple systems.
You can use an activation key and a numeric organization identifier (organization ID) to register a system with Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). Your organization’s activation keys and organization ID are displayed on the Activation Keys page in the Hybrid Cloud Console.
Each user’s access to the activation keys in the Hybrid Cloud Console is managed through a role-based access control (RBAC) system. Users in the Organization Administrator group for your organization use the RBAC system to assign roles, such as RHC user and RHC administrator, to users within your organization. An RHC user can view the activation keys in the table on the Activation Keys page. Only an RHC administrator is authorized to use the Hybrid Cloud Console user interface to create, edit, and delete activation keys. An RHC administrator also has the option to configure an activation key to apply system purpose attributes (role, service level agreement, or usage) to the system during the registration process. An Organization Administrator has the RHC administrator role by default.
In the terminal, users with root privileges can use the activation key and the organization ID to register the system with a single command. If the activation key has been preconfigured with system purpose attributes, the specified attributes are automatically applied to the system upon registration.
Additional resources
- For more information about RBAC roles, see User Access Configuration Guide for Role-based Access Control (RBAC).
- For more information about system purpose, see System purpose configuration in Getting Started with RHEL System Registration.
6.2. Creating an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to create preconfigured activation keys that authorized users in your organization can use to register systems to Red Hat hosted services, such as Red Hat Subscription Manager or remote host configuration (RHC). An activation key requires a unique name that enables users to use the activation key by entering the activation key name and organization ID, without requiring a username or password. An activation key can also contain system purpose attributes that can be automatically applied to individual systems at the time of registration. The activation keys that you create can be viewed in the table on the Activation Keys page and used to register systems in the terminal.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To create an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, click Create activation key.
In the Name field, enter a unique name for the activation key.
NoteYour activation key name must be unique, may contain only numbers, letters, underscores, and hyphens, and contain fewer than 256 characters. If you enter a name that already exists in your organization, you will receive an error message and the key will not be created.
Optional: To add system purpose attributes to the activation key, navigate to the system purpose field that you want to populate. From the drop-down list, select the attribute value that you want to apply to the system.
NoteOnly the system purpose attributes that are available to your organization’s account are selectable.
When you have populated all the required fields, click Create.
Note=== The Create activation key button is disabled until a valid name is entered into the Name field. If the button remains disabled after populating the Name field, check that the name meets the noted criteria and that you are logged in to the Hybrid Cloud Console with the required RBAC role. For questions regarding your RBAC role, contact an Organization Administrator. ===
6.3. Viewing an activation key
As an RHC user, you can view your organization’s numeric identifier (organization ID) and available activation keys on the Activation Keys page in the Hybrid Cloud Console. The activation keys and their respective details are presented in a table. The Name column contains the name of the activation key. The Role column contains the role value for the system purpose attribute set on the key. A potential role value is Red Hat Enterprise Linux Server. The SLA column contains the service level agreement value for the system purpose attribute set on the key. A potential service level agreement value is Premium. The Usage column contains the usage value for the system purpose attribute set on the key. A potential usage value is Production. If no system purpose attribute is set on the activation key, the respective field contains no value.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC user or RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To view an activation key in the Hybrid Cloud Console, perform the following steps:
6.4. Using an activation key to register a system with Red Hat Subscription Manager
The activation keys that you create in the Hybrid Cloud Console combine all the system registration steps into one secure, automated process.
As a user with root privileges you can register the system, apply pre-configured system purpose attributes, and enable repositories with a single command. Root users can pass an activation key and a numeric organization identifier (organization ID) to the command line tools used to register a system to Red Hat hosted services such as Red Hat Subscription Manager or remote host configuration (RHC). If an RHC administrator has preconfigured the activation key to apply selected system purpose attributes, those attributes are automatically applied to the system during the registration process.
Prerequisites
- You have root privileges or their equivalent to run the commands in the following procedure.
- You have the numeric identifier for your organization (organization ID).
Procedure
To use an activation key to register a system with Subscription Manager, perform the following steps:
From the terminal, enter the following command where <activation_key_name> is the name of the activation key you want to use and <1234567> is your organization ID:
subscription-manager register --activationkey=<activation_key_name> --org=<1234567>
The expected output confirms that your system is registered. For example:
The system has been registered with id: 62edc0f8-855b-4184-b1b8-72a9dc793b96
6.5. Using an activation key to register a system with remote host configuration (RHC)
The activation keys that you create in the Hybrid Cloud Console combine all the system registration steps into one secure, automated process.
As a user with root privileges you can register the system, apply pre-configured system purpose attributes, and enable repositories with a single command. Root users can pass an activation key and a numeric organization identifier (organization ID) to the command line tools used to register a system to Red Hat hosted services such as Red Hat Subscription Manager or remote host configuration (RHC). If an RHC administrator has pre-configured the activation key to apply selected system purpose attributes, those attributes are automatically applied to the system during the registration process.
Prerequisites
- You have root privileges or their equivalent to run the commands in the following procedure.
- You have the numeric identifier for your organization (organization ID).
Procedure
To use an activation key to register a system with RHC, perform the following steps:
From the terminal, enter the following command where <activation_key_name> is the name of the activation key you want to use and <1234567> is your organization ID:
rhc connect --activation-key <activation_key_name> --organization <1234567>
6.6. Editing an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to edit the activation keys on the Activation Keys page. Specifically, you can add, update, or remove the system purpose attributes on an existing activation key. However, you cannot edit the name of the activation key itself.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To edit an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, locate the row that contains the activation key that you want to edit. Click More options and select Edit from the overflow menu.
- To update a system purpose attribute on the activation key, navigate to the system purpose field that you want to change. From the drop-down list, select the attribute value that you want to apply to the system.
- To remove a system purpose attribute from the activation key, navigate to the system purpose field that you want to clear and deselect the unwanted value from the drop-down list. To update the activation key, click Save changes.
6.7. Deleting an activation key
As an RHC administrator, you can use the Hybrid Cloud Console interface to delete an activation key from the table on the Activation Keys page. You might want to delete an unwanted or compromised activation key for security or maintenance purposes. However, deleting an activation key that is referenced in an automation script will impact the ability of that automation to function. To avoid any negative impacts to your automated processes, either remove the unwanted activation key from the script or retire the automation script prior to deleting the key.
Prerequisites
- You are logged in to the Red Hat Hybrid Cloud Console.
- You have the RHC administrator role in the role-based access control (RBAC) system for the Red Hat Hybrid Cloud Console.
Procedure
To delete an activation key in the Hybrid Cloud Console, perform the following steps:
- Navigate to Red Hat Hybrid Cloud Console > Red Hat Insights > Inventory > System Configuration > Activation Keys.
- From the Activation Keys page, locate the row containing the activation key that you want to delete. Click More options and select Delete from the overflow menu.
In the Delete Activation Key window, review the information about deleting activation keys. If you want to continue with the deletion, click Delete.
Important=== Deleting this activation key will impact any automation that references it. To avoid any negative consequences of deleting this key, retire any automation script that uses this key or remove any references of this key from your Kickstart scripts.