The Akeyless Gateway is a stateless Docker container, provided as a standalone or as a cluster. To function correctly, it requires public network connectivity to the Akeyless SaaS core services (see the table below).
A basic Gateway deployment requires a server with a Docker engine installed. You may download the latest Docker engine on Docker website. You'll need public network access enabled on port 443 to pull a Docker image from the hub.docker.com.
The following table describes the main functionality of Akeyless micro-services:
|Console: https://console.akeyless.io||18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11||443||Akeyless SaaS platform|
|Vault : https://vault.akeyless.io|
|18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11||443||User Account Management (UAM), managing user accounts, items, and roles|
|Auth : https://auth.akeyless.io|
|18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11||443||Akeyless Authentication service|
|Audit : https://audit.akeyless.io|
|18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11||443||Audit log main service, enables log forwarding from GW & Bastion|
|BIS : https://bis.akeyless.io|
|18.104.22.168, 22.214.171.124||443||Billing Infrastructure Service (BIS)|
|Gator : https://gator.akeyless.io|
|126.96.36.199, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124||443||Main service to sync gateways instances, and connections with Akeyless SaaS|
|MQ : amqps://mq.akeyless.io||126.96.36.199, 188.8.131.52||5671||Message queue between Akeyless micro-services|
|184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206||443||Key Fragments Services, enabling full DFC encryption|
|220.127.116.11, 18.104.22.168||443||Optional Public Gateway rest API v1\v2|
|22.214.171.124, 126.96.36.199||443||Optional Public HVP endpoint|
|Logs : tcp://log.akeyless.io:9997 tcp://log.akeyless.io:9443||188.8.131.52||9997, 9443||GW logs, mainly to be reflected during failure scenarios|
|https://akeyless-cli.s3.us-east-2.amazonaws.com||N\A||443||S3 bucket to download & update Akeyless CLI versions|
|https://akeylessservices.s3.us-east-2.amazonaws.com||N\A||443||S3 bucket to download & update Akeyless official binaries. e.g. |
|https://artifacts.site2.akeyless.io||184.108.40.206||443||Optional Akeyless official artifacts endpoint. Relevant when working with whitelisted IP range|
When using proxy services, you can use https://sqs.us-east-2.amazonaws.com instead of classic MQ services.
Updated 12 days ago