CLI Reference - Akeyless Producers
NOTE
Looking for a specific command? Use the Table of Contents on the right. ===>
gateway-create-producer-artifactory
gateway-create-producer-artifactory
Creates Artifactory producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Artifactory REST URL, must end with artifactory postfix. |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | Token scope provided as a space-separated list, for example: member-of-groups:readers. |
| **Y** | A space-separate list of the other Artifactory instances or services that should accept this token., for example: [email protected]* . |
| Admin name. | |
| Admin API Key/Password. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-aws
gateway-create-producer-aws
Creates AWS producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| The types of credentials to retrieve from AWS. Options:[iam_user,assume_role]. | |
| Access Key ID. | |
| Access Secret Key. | |
| AWS region. | |
| Policy ARN(s). Multiple values should be separated by a comma. | |
| UserGroup name(s). Multiple values should be separated by a comma. | |
| AWS Role ARNs to be used in the Assume Role operation. Multiple values should be separated by a comma. | |
| Enable AWS User console access. | |
| Enable AWS User programmatic access | |
| Encrypt the producer with the following key. | |
| User TTL. | |
| Enable automatic admin credentials rotation. | |
| Admin credentials rotation interval (days). |
gateway-create-producer-azure
gateway-create-producer-azure
Creates Azure AD producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| Azure Tenant ID. | |
| Azure Client ID (Application ID). | |
| Azure AD Client Secret. | |
| Enable Azure AD user portal access. | |
| Enable Azure AD user programmatic access. | |
| Azure App Object ID (required if selected programmatic access) | |
| Azure AD User Principal Name (required if selected Portal access). | |
| Azure AD User Group Object ID (required if selected Portal access). | |
| Azure AD User Role Template ID (required if selected Portal access). |
gateway-create-producer-eks
gateway-create-producer-eks
Creates Amazon Elastic Kubernetes Service (Amazon EKS) producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | EKS cluster name. Must match the EKS cluster name you want to connect to |
| **Y** | EKS Cluster endpoint. https:// , <DNS / IP> of the cluster. |
| **Y** | EKS Cluster certificate. Base 64 encoded certificate. |
| EKS Access Key ID. | |
| EKS Secret Access Key. | |
| EKS Region. | |
| Role ARN. Role to assume when connecting to the EKS cluster. | |
| Encrypt the producer with the following key. | |
| User TTL. |
gateway-create-producer-gke
gateway-create-producer-gke
Creates Google Kubernetes Engine (GKE) producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | GKE service account email. |
| **Y** | File path to GKE Service Account Key. File path to RSA private key generated for this account to access. |
| **Y** | GKE Cluster endpoint. https:// , <DNS / IP> of the cluster. |
| **Y** | GKE Cluster certificate. Base 64 encoded certificate. |
| GKE Cluster name. | |
| Encrypt the producer with the following key. | |
| User TTL. |
gateway-create-producer-gcp
gateway-create-producer-gcp
Creates Google Cloud Provider (GCP) producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | GCP service account email. |
| **Y** | Credentials type, options are [token, key]. |
| Path to file with the Base64-encoded service account private key. | |
| Base64-encoded service account private key text. | |
| Access token scopes list, e.g. scope1,scope2. | |
| Service account key algorithm, e.g. KEY_ALG_RSA_1024. | |
| User TTL (<=60m for access token). | |
| Dynamic producer encryption key | |
| Use a specific profile from your akeyless/profiles/ folder. | |
| Required only when the authentication process requires a username and password. | |
| Required only when the authentication process requires a username and password. | |
| The universal identity token, Required only for universal_identity authentication. |
gateway-create-producer-mongo
gateway-create-producer-mongo
Creates a MongoDB/MongoDB Atlas producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| MongoDB roles (e.g. MongoDB:[{"role":"readWrite", "db": "sales"}], MongoDB Atlas:[{"roleName" : "readWrite", "databaseName": "sales"}]). | |
| MongoDB server uri (e.g. mongodb://akeyless:[email protected]:27017/admin?replicaSet=mySet. | |
| MongoDB server username. | |
| MongoDB server password. | |
| host:port (e.g. 1.2.3.4:8089). | |
| MongoDB server default authentication database. | |
| MongoDB server URI options (e.g. replicaSet=mySet&authSource=authDB). | |
| MongoDB Atlas project ID. | |
| MongoDB Atlas public key. | |
| MongoDB Atlas private key. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-mssql
gateway-create-producer-mssql
Creates Microsoft SQL Server.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| MSSQL Server DB Name. | |
| MS SQL Server user. | |
| MS SQL Server password. | |
| MS SQL Server host name. | |
| MS SQL Server port. | |
| MSSQL Server Creation Statements. | |
| MSSQL Server Revocation Statements. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-mysql
gateway-create-producer-mysql
Create MySQL producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| MySQL DB name. | |
| MySQL user. | |
| MySQL password. | |
| MySQL host name. | |
| MySQL port. | |
| MySQL Creation Statements. | |
| The set of root certificate authorities in base64 encoding that clients use when verifying server certificates. | |
| Server name is used to verify the hostname on the returned certificates unless InsecureSkipVerify is given. It is also included in the client's handshake to support virtual hosting unless it is an IP address. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-postgresql
gateway-create-producer-postgresql
Creates PostgreSQL producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| The URL of your Akeyless Gateway (configuration management port). | |
| A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash | |
| PostgreSQL DB name. | |
| PostgreSQL user. | |
| PostgreSQL password. | |
| PostgreSQL host name. | |
| PostgreSQL port. | |
| PostgreSQL Creation Statements. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-rabbitmq
gateway-create-producer-rabbitmq
Creates RabbitMQ producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | RabbitMQ server URI. |
| **Y** | User configuration permission, for example:[.*,queue-name]. |
| **Y** | User write permission, for example:[.*,queue-name]. |
| **Y** | User read permission, for example:[.*,queue-name]. |
| RabbitMQ server user. | |
| RabbitMQ server password. | |
| User Virtual Host. | |
| Comma-separated list of tags to apply to user. | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-rdp
gateway-create-producer-rdp
Creates an RDP dynamic secret.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | A comma-separated list of the RDP user group(s) to which new users should be added. |
| **Y** | The hostname or IP address of the target Windows server. |
| The username of an administrator user with sufficient permissions to create users, groups, and so on. | |
| The administrator user password. | |
| The SSH port for the connection, by default | |
| Define as | |
| The encryption key with which to encrypt the dynamic secret (if your system includes multiple encryption keys). | |
| The length of time for which the credentials generated by the dynamic secret are valid. |
gateway-create-producer-snowflake
gateway-create-producer-snowflake
Creates a dynamic secret that generates access credentials for Snowflake.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | The Snowflake account name in |
| **Y** | The name of the target Snowflake database. |
| The Snowflake role to be assigned to temporary users. | |
| The name of the target Snowflake warehouse. | |
| The length of time for which the credentials generated by the dynamic secret are valid, by default | |
| The specific Akeyless profile to use to execute the command. | |
| The username for a Snowflake user administrator (with the USERADMIN role or higher). | |
| The password for the Snowflake user administrator account. | |
| The universal identity token. This value is only required if you use universal_identity authentication. |
gateway-create-producer-venafi
gateway-create-producer-venafi
Creates Venafi producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | Venafi API key. |
| **Y** | Venafi Zone. |
| Creating certificates using Akeyless PKI. | |
| Root chain. | |
| Store private key in Akeyless. | |
| Auto generated folder. | |
| Issuer name. | |
| Signer key name. | |
| Allowed domains. | |
| Allow subdomains. | |
| Enable automatic admin credentials rotation. | |
| Admin credentials rotation interval (days). | |
| Encrypt producer with following key. | |
| User TTL. |
gateway-create-producer-custom
gateway-create-producer-custom
Creates a custom webhook based dynamic secret producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | The URL of your Akeyless Gateway (configuration management port). |
| **Y** | A unique name for the dynamic secret. The name can include the path to the virtual folder in which you want to create the new secret, using slash |
| **Y** | URL of an endpoint that implements /sync/create method. |
| **Y** | URL of an endpoint that implements /sync/revoke method. |
| Encrypt producer with following key. | |
| User TTL. | |
| Secret payload to be sent with each create/revoke webhook request. | |
| Maximum allowed time in seconds for the webhook to return the results. | |
| Required only when the authentication process requires a username and password. | |
| Required only when the authentication process requires a username and password. | |
| The universal identity token, Required only for universal_identity authentication. |
gateway-delete-producer
gateway-delete-producer
Deletes producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
gateway-get-producer
gateway-get-producer
Return producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
gateway-get-producer-tmp-creds
gateway-get-producer-tmp-creds
Return producer temporary credentials list.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
gateway-list-producers
gateway-list-producers
Return available producers.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
gateway-revoke-producer-tmp-creds
gateway-revoke-producer-tmp-creds
Revoke producer temporary credentials.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
| Temp Creds ID. | |
| Use soft delete. | |
| Host. |
gateway-start-producer
gateway-start-producer
Starts producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
gateway-stop-producer
gateway-stop-producer
Stops producer.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
gateway-update-producer-tmp-creds
gateway-update-producer-tmp-creds
Update ttl of producer temporary credentials.
Parameters
Parameter | Mandatory | Description |
---|---|---|
| **Y** | Akeyless Gateway URL (Configuration Management port). |
| **Y** | Producer name. |
| Temp Creds ID. | |
| New TTL in Minutes. |
Updated 13 days ago