Jump to Content

Advanced K8s Gateway Configuration

Access Methods Configuration Parameters

Parameter	Description
defaultsConf.defaultSamlAccessId	Default SAML Access ID to be used for logging in to the Gateway Console using the SAML authentication method.
defaultsConf.defaultOidcAccessId	Default OIDC Access ID to be used for logging in to the Gateway Console using the OIDC authentication method.

You can also configure these parameters using the Web interface of the Gateway Configuration Manager.

TLS Configuration Parameters

Parameter	Description
TLSConf.akeylessWebUI	Default value: false Allows configuring TLS for the Gateway Console. If you enable TLS for this component, you must provide a TLS certificate and a private key.
TLSConf.vaultProxy	Default value: false Allows configuring TLS for the Vault Proxy. If you enable TLS for this component, you must provide a TLS certificate and a private key.
TLSConf.akeylessAPIServices	Default value: false Allows configuring TLS for the Akeyless API Services. If you enable TLS for this component, you must provide a TLS certificate and a private key.
TLSConf.configurationManager	Default value: false Allows configuring TLS for the Gateway Configuration Manager. If you enable TLS for this component, you must provide a TLS certificate and a private key.
TLSConf.tlsExistingSecretName	Value: the name of the Kubernetes secret You can provide the certificate and the key using the existing secret in Kubernetes. The secret must include: akeyless-api-cert.crt (base64-encoded) akeyless-api-cert.key (base64-encoded) If you provide the key and the certificate using this secret, the corresponding parameters below must be left blank.
TLSConf.tlsCertificate	Value: -----BEGIN CERTIFICATE----- -----END CERTIFICATE----- A base64-encoded content of the certificate.
TLSConf.tlsPrivateKey	Value: -----BEGIN RSA PRIVATE KEY----- -----END RSA PRIVATE KEY----- A base64-encoded content of the RSA private key.

You can also configure TLS parameters using the Web interface of the Gateway Configuration Manager.

Cache Configuration Parameters

Parameter	Description
cachingConf.enabled	Default value: false Enables caching functionality.
cachingConf.cacheTTL	Default value: 60 minutes Sets the amount of time (in minutes) during which a secret should be kept in the cache.
cachingConf.proActiveCaching.enabled	Default value: false Enables proactive caching functionality.
cachingConf.proActiveCaching.minimumFetchingTime	Default value: 5 minutes Instructs the system to update secrets in the cache if they are older than the specified value.
cachingConf.proActiveCaching.dumpInterval	Default value: 1 minute Sets the amount of time (in minutes) between the two consecutive backups of cached secrets.

You can also configure Caching parameters using the Web interface of the Gateway Configuration Manager.

Updated 17 days ago

What’s Next

Implementing Zero Knowledge

Did this page help you?