AWS Targets

You can define an AWS target to be used with an AWS dynamic secret or an AWS rotated secret.

Let’s create an AWS target using the Akeyless CLI.

Create an AWS Target from the CLI

The CLI command to create an AWS target is:

akeyless create-aws-target
--name <target name>
--access-key-id <AWS access key ID>
--access-key <AWS secret access key>
--region <AWS region>


-Name- A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-Access-key-id- The access key ID assigned to an admin user that will be used to authenticate Akeyless with AWS.

-Access-key- The secret access key assigned to the admin user.

-Region- The AWS region.


The full list of options for this command is:

-n, --name                      *Target name
      --comment                    Comment about the target
      --access-key-id              AWS access key ID
      --access-key                 AWS secret access key
      --session-token              Required only for temporary security credentials retrieved using STS
      --region[=us-east-2]         AWS region
  -k, --key                        Key name. The key will be used to encrypt the target secret value. If key name is not specified, the account default protection key is used
      --profile                    Use a specific profile from your akeyless/profiles/ folder
      --username                   Optional username for various authentication flows
      --password                   Optional password for various authentication flows
      --uid-token                  The universal identity token, Required only for universal_identity authentication
  -h, --help                       display help information
      --json[=false]               Set output format to JSON
      --no-creds-cleanup[=false]   Do not clean local temporary expired creds

Did this page help you?