Akeyless SaaS Core Services

The Akeyless Gateway is a stateless Docker container, provided as a standalone or as a cluster. To function correctly, it requires public network connectivity to the Akeyless SaaS core services (see the table below).

A basic Gateway deployment requires a server with a Docker engine installed. You may download the latest Docker engine on Docker website. You'll need public network access enabled on port 443 to pull a Docker image from the hub.docker.com.

The following table describes the main functionality of Akeyless micro-services:

Service NameIPPortDescription
Console: https://console.akeyless.io,,,,, SaaS platform.
Vault : https://vault.akeyless.io
https://vault-ro.akeyless.io,,,,, Account Management, managing user account, items, and roles.
Auth : https://auth.akeyless.io
https://auth-ro.akeyless.io,,,,, Authentication service.
Audit : https://audit.akeyless.io
https://audit-ro.akeyless.io,,,,, log main service, enables log forwarding from GW & Bastion.
BIS : https://bis.akeyless.io
https://bis-ro.akeyless.io, infrastructure service.
Gator : https://gator.akeyless.io
https://gator-ro.akeyless.io,,,,, service to sync gateways instances, and connections with Akeyless SaaS.
MQ : amqps://mq.akeyless.io52.223.11.194, queue between Akeyless micro-services.
KFM: https://kfm1.akeyless.io,
https://kfm4-ro.akeyless.io,,,,,, Fragments Services, enabling full DFC encryption.
Public Gateway:
https://api.akeyless.io, Gateway rest API v1\v2
Public HVP:
https://hvp.akeyless.io, HVP endpoint
Logs : tcp://log.akeyless.io:9997 tcp://log.akeyless.io:944335.192.171.1719997, 9443GW logs, mainly to be reflected during failure scenarios.
https://akeyless-cli.s3.us-east-2.amazonaws.comN\A443S3 bucket to download & update Akeyless CLI versions
https://akeylessservices.s3.us-east-2.amazonaws.comN\A443S3 bucket to download & update Akeyless official binaries. e.g. Gateway
https://artifacts.site2.akeyless.io34.149.100.205443Optional Akeyless official artifacts endpoint. Relevant when working with whitelisted IP range.



When using proxy services, you can use https://sqs.us-east-2.amazonaws.com instead of classic MQ services.