CLI Reference
This section describes the available CLI commands that you can use when working with Akeyless.
If you need help in context, check out the help from the terminal:
akeyless -h
akeyless <command> -h, --help
akeyless <command> --debug
Update Akeyless CLI
Akeyless update
AKEYLESS CLI, Version x.x.x is up-to-date
Commands for all items and objects
describe-item
describe-item
Returns the item details, which vary depending on the type of item.
Usage
akeyless describe-item --name ItemName
akeyless describe-item --name ItemName --version VersionNumber
akeyless describe-item --name ItemName --show-versions
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Item name. |
| Version number. | |
| Include all item versions in reply, by default set to false. |
Output
With only --name
specified, the command returns all details about the specified item except for its version.
When a version number is specified, the command returns all details about the specified item for the specified version.
When --show-versions
is specified, the command returns all details about the specified item including a full list of versions, their creation dates, and their encryption keys for any version for which a key other than the default was used.
update-item
update-item
Update item name, metadata or tags.
Secret versioning
No updates made with
update-item
can be saved as part of new versions, which means that these changes override existing data. If you wish to track these updates as part of secret versioning, first create a new version withupdate-version-val
. You can create a new version value using the same value for the current version if you don't want to actually change the value. Thereafter, runupdate-item
.
Usage
akeyless update-item --name ExistingNameofSecret --new-name NewName
akeyless update-item --name NameofSecret --new-metadata UpdateDescription
akeyless update-item --name NameofSecret --add-tag NewTagAdded
akeyless update-item --name NameofSecret --rm-tag Tag1
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The current name of the item. |
| The name that should now be assigned to the item. | |
| The new description for the item. | |
| List of the new tags that will be attached to this item. To specify multiple tags use argument multiple times: --add-tag Tag1 --add-tag Tag2. | |
| List of the existing tags that should be removed from this item. To specify multiple tags use argument multiple times: --rm-tag Tag1 --rm-tag Tag2. | |
| Protection from accidental deletion of a secret. Possible values: [true/false] |
delete-item
delete-item
Delete an item or an item version
Usage
akeylees delete-item -n <Path\to\item>
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Item name. |
| The specific version you want to delete - 0=last version, -1=entire item with all versions (default). | |
| The number of days to wait before deleting the item (relevant for keys only). | |
| When delete-in-days=-1, must be set. | |
| Use a specific profile (located at $HOME/.akeyless/profiles) or a temporary access token. | |
| The universal identity token. It is required only for universal_identity authentication. |
delete-items
delete-items
Delete multiple items from a given path
akeyless delete-items -p <Path\do\delete\items>
list-items
list-items
Returns a list of all accessible items
Usage
akeyless list-items
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The item types list of the requested items. In case it is empty, all types of items will be returned. options: [key, static-secret, dynamic-secret]. | |
| ||
| Filter by item name or part of it. | |
| Filter by item tag. | |
| Path to folder. | |
| Next page reference. |
move-objects
move-objects
Move/Rename objects.
Usage
akeyless move-objects -s <source> -t <target>
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Source path to move the objects from. |
| **Y** | Target path to move the objects to. |
| The objects type to move (item/auth_method/role). |
configure
configure
Configure client profile.
Usage
akeyless configure
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The profile name to be configured. | |
| Access ID. | |
| Access Key. | |
| Access Type (access_key/password/azure_ad/saml/ldap/aws_iam). | |
| Password (relevant only for access-type=password). | |
| Email (relevant only for access-type=password). | |
| Address URL for ldap proxy (relevant only for access-type=ldap) | |
| Azure Active Directory ObjectId (relevant only for access-type=azure_ad) | |
| GCP audience to use in signed JWT (relevant only for access-type=gcp) |
unconfigure
unconfigure
Remove Configuration of client profile.
Usage
akeyless unconfigure --profile <Profile name>
Updated 20 days ago