Automated Cert Rotation with tcld


I am trying to find a way to update the CA certs in our namespaces in Temporal cloud automatically when we rotate the ones we use for sending. We rotate on a monthly basis, so I was thinking something along the lines of a CronJob that uses tcld to update the cert in cloud every month.

However, it looks like the login command in tcld is manual-only - i.e., it brings you to the web UI to login, and you can’t just pass username/password args instead.

Is there another way that people have been automatically updating their certs in cloud? Or will we just have to stick with manually updating whenever we rotate?


We are working on adding support for API tokens for precisely these scenarios.

1 Like

Thank you!