Documentation

Azure Universal Secrets Connector

Suggest Edits

This page discusses the creation of Azure Universal Secrets Connectors. If you wish to create a Universal Secrets Connector for a different cloud service, please go to the matching doc, as they have varying parameters.

Working With Universal Secrets Connector from the Console

This section will discuss the different commands necessary to handle USCs. While the initial creation command is a regular Akeyless command, management of USCs is done through a set of sub-commands, that all have the prefix usc added to them, as will be shown later in this section. If the prefix is not added to these sub-commands, they will not work.

Creating a USC

To create a USC, use the following command:

akeyless create-usc --name <name> --target-to-associate <target name> --azure-kv-name <key vault name>

The main parameters are:

  • name: Name for the Universal Secrets Connector. You may specify the location by adding a path to the virtual folder where you want to create the new Universal Secrets Connector, using slash / separators. If the folder does not exist, it will be created along with the Universal Secrets Connector.

  • target-to-associate: An existing Target that points to your desired endpoint.

  • azure-kv-name: The name of an existing Azure key vault.

Additional parameters can be found in the CLI Reference.

Listing USC Secrets

To list the secrets saved on your USC, use the following command:

akeyless usc list --name <usc name>

The output should look as follows:

{
  "secrets_list": [
    {
      "secret_id": "<secret id>",
      "name": "<secret name>",
      "created": "<timestamp>",
      "type": "<type>",
      "status": <activity status, true/false>
    }
  ]
}

Fetching a Secret from the USC

To view a secret from your USC, use the following command:

akeyless usc get --usc-name <usc name> --secret-id <secret id or name>

The main parameters are:

  • usc-name: Name of the Universal Secrets Connector.

  • secret-id: The name or ID of the secret you would like to fetch.

Additional parameters can be found in the CLI Reference.

The output should look as follows:

{
  "value": "<base64 encoded value>",
  "metadata": {
    "created": "<timestamp>",
    "updated": "<timestamp>"
  }
}

Adding a New Secret to an USC

To create a new secret in your USC, use the following command:

akeyless usc create --usc-name <usc name> --secret-name <new secret name> --value <secret value>

The main parameters are:

  • usc-name: Name of the Universal Secrets Connector.

  • secret-name: The name of the secret you would like to create.

  • value: The value of the secret you would like to create, plaintext or base64 encoded.

Additional parameters can be found in the CLI Reference.

Updating an Existing USC secret

To update an existing secret in your USC, use the following command:

akelyess usc update --usc-name <usc name> --secret-name <new secret name> --value <secret value>

Additional parameters can be found in the CLI Reference.

Deleting an Existing USC secret

To delete an existing secret in your USC, use the following command:

akelyess usc delete --usc-name <usc name> --secret-name < secret name>

Additional parameters can be found in the CLI Reference.

Creating an Universal Secrets Connector from the Console

  1. Log in to the Akeyless Console, and go to Items > New > Universal Secrets Connector.

  2. Select the Azure secret type and click Next.

  3. Define a Name of the Universal Secrets Connector, and specify the Location as a path to the virtual folder where you want to create the new Universal Secrets Connector, using slash / separators. If the folder does not exist, it will be created along with the Universal Secrets Connector.

  4. Define the remaining settings as follows:

  • Description: Optional, enter a description of the Universal Secrets Connector.

  • Tags: Optional, select one or more tags for the Universal Secrets Connector, or enter the name of a new tag to be added as part of the creation process.

  • Delete Protection: Optional, turn on this setting to protect the item from deletion

  • Target: Select an existing Azure Target.

  • Gateway: Select the desired corresponding Gateway.

  • Key Vault Name: The name of the Azure key vault you would like to connect with.

  1. Click Finish.

Azure Universal Secrets Details

Once connected to a Target, you will be able to access the Universal Secrets Connector in your Akeyless console page, which will allow you to manage your Universal Secrets, as well as display the following information about the secret:

  • Name: Secret name

  • Type: Secret type

  • Status: Secret status of enabled/disabled

  • Expiration: Secret date of expiration

More information and secret value can be viewed by selecting a specific secret, additionally, you will have the option to perform actions on the secret.

Updated 5 months ago