Comment 11 for bug 1735402

@David Lawson (deej),

To clarify...

When we bootstrap a controller, a local credential is uploaded and cached there. This credential would be used when you create models, add units/machines, etc... You can specify a different credential for a model at 'add-model' by using '--credential' option and referring to your local credential.

The *only* command that affects that cached credential is 'update-credential'. ALL other credential commands work on your locally stored credentials.

So...

(4) will work because you have updated your local credential and it was used in bootstrap;
(3) will fail because 'set-default-credentials' works on your local credentials cache, the one on you client machine. It does not change anything on the controller credentials cache.

(1) is a different case... When credentials are cached on the controller they are specific to a user. So the same user that added a model (or bootstrapped a controller) would be able to update the credential that 'controller' model uses.

I would have expected the following workflow to work:

i. Add a new azure credential to your local cache using 'add-credential';
ii. From that client, update the credential on the controller using 'update-credential' (you may need to be switched to the model which needs this new credential).

If this is not happening, please ping me on irc. We may need to work f-2-f to figure it out.