Cloud Targets

Azure

To create an Azure target to be used with an Azure AD Dynamic Secrets:

Let’s create an Azure target using the Akeyless CLI.

Create an Azure Target from the CLI

The CLI command to create an Azure target is:

akeyless create-azure-target
--name <target name>
--client-id <Azure client/application id>
--tenant-id <Azure tenant id>
--client-secret <Azure client secret>

Where:
-Name - A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-Client-id - The Application ID assigned to an admin user that will be used to authenticate Akeyless with Azure.

-Tenant-id- Your Azure Tenant ID.

-Client-secret- The Azure client secret.

Options

The full list of options for this command is:

-n, --name                      *Target name
      --comment                    Comment about the target
      --client-id                  Azure client/application id
      --tenant-id                  Azure tenant id
      --client-secret              Azure client secret
  -k, --key                        Key name. The key is used to encrypt the target secret value. If the key name is not specified, the account default protection key is used
      --profile                    Use a specific profile from your akeyless/profiles/ folder
      --username                   Optional username for various authentication flows
      --password                   Optional password for various authentication flows
      --uid-token                  The universal identity token, Required only for universal_identity authentication
  -h, --help                       display help information
      --json[=false]               Set output format to JSON
      --no-creds-cleanup[=false]   Do not clean local temporary expired creds

GCP

To create a GCP target to be used with an GCP Dynamic Secrets

Let’s create a GCP target using the Akeyless CLI.

Create a GCP Target from the CLI

The CLI command to create a GCP target is:

akeyless create-gcp-target
--name <target name>
--gcp-key-file-path <Path to file with the base64-encoded service account private key>
--gcp-sa-email <GCP service account email>

Options

The full list of options for this command is:

-n, --name                      *Target name
  -e, --gcp-sa-email              *GCP service account email
      --comment                    Comment about the target
      --gcp-key-file-path          Path to file with the base64-encoded service account private key
      --gcp-key                    Base64-encoded service account private key text
  -k, --key                        Key name. The key will be used to encrypt the target secret value. If key name is not specified, the account default protection key is used
      --profile                    Use a specific profile from your akeyless/profiles/ folder
      --username                   Optional username for various authentication flows
      --password                   Optional password for various authentication flows
      --uid-token                  The universal identity token, Required only for universal_identity authentication
  -h, --help                       display help information
      --json[=false]               Set output format to JSON
      --no-creds-cleanup[=false]   Do not clean local temporary expired creds

Did this page help you?