Connecting your cloud

BigAnimal access requirements

BigAnimal requires access to your cloud to perform maintenance. BigAnimal CLI commands used in the procedures for connecting your cloud to BigAnimal automatically sets some of these permissions for you. For details on these and other permissions or policies required by BigAnimal, refer to the child topic for your cloud provider.

BigAnimal also requires permissions to run Kubernetes cluster services for PostgreSQL workloads and the associated storage services. It requires a set of supporting permissions:

  • Services for monitoring and logging to produce service telemetry information.

  • To set up networking so PostgreSQL workloads are reachable by customer applications and telemetry data is collected.

  • To provision vaults for safe storage of data at rest encryption keys.

  • To create workload identities and manage their permissions.

  • And, a small set of supporting permissions to ensure access to the services above and availability of cloud account information.

The scope of these permissions are limited to the associated cloud account.


Ensure that in your cloud provider shell, your environment is running:

  • bash shell version 4.0 or above.
  • BigAnimal CLI version 1.4 or later. For detailed steps, see Installing the CLI.

For additional cloud provider-specific requirements, see Setting up specific cloud providers.

Overview of connecting your cloud

Perform the following steps:


If you are using Cloud Shell, add the ./ prefix to the biganimal command (./biganimal).

  1. Open your cloud provider shell in your browser.

  2. Create a BigAnimal CLI credential:

    biganimal create-credential --name <cred> --address --port 443
  3. Run the setup-csp command to set up your cloud provider:

    biganimal setup-csp 

    Do not delete the ba-passport.json file created in your working directory. It contains important identity and access management information used by connect-csp while connecting to your cloud.


    Your organization might require you to review the scripts that are invoked while setting up your cloud account. To generate the scripts invoked by setup-csp, execute the command without the --run option. You can now review and manually execute ba-csp-preflight and then ba-csp-setup from your working directory.

    The command checks for cloud account readiness and displays the results. If needed, make the necessary adjustments to your cloud configuration.

  4. If the cloud readiness checks pass, your cloud account is successfully set up. Connect your cloud account to BigAnimal with following command.

    biganimal connect-csp --provider  <cloud-service-provider> --project <project-name>

    Once your cloud account is successfully connected to BigAnimal, you, and other users with the correct permissions, can create clusters.

Setting up specific cloud providers

For step-by-step instructions for setting up specific cloud providers, see: