Access roles provide clients with permission to work with secrets. When you add a secret to a role, you can specify exactly which CRUD operations clients can perform with that secret.
Let’s add a static secret to a role using the Akeyless CLI. If you’d prefer, see how to do this from the Akeyless Console instead.
Akeyless CLI Required
Ensure you have installed the Akeyless CLI before you begin.
The CLI command to add a secret to a role is:
$ akeyless set-role-rule \ --role-name <role name> \ --path <secret name with path> \ --capability <read|create|update|delete|list|deny> \ --rule-type item-rule
The output is:
The requested rule was successfully set to the role <role name>
capability option can include a single permission. Use multiple
capability options to assign multiple permissions.
For example, to add the AdminCredentials secret in the Admin folder to the SystemAdmin access role, also in the Admin folder, with Read and List permissions, type:
$ akeyless set-role-rule \ --role-name /Admin/SystemAdmin \ --path /Admin/AdminCredentials \ --capability read \ --capability list \ --rule-type item-rule The requested rule was successfully set to the role /Admin/SystemAdmin
Updated 19 days ago
|Retrieve and view static secrets|