Akeyless Vault

The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Create a Static Secret

Suggest Edits

When you create a static secret, you need to name it and provide the secret value. All secret values are encrypted using patented Akeyless Distributed Fragment Cryptography (DFC) technology.

Let’s create a static secret using the Akeyless CLI. If you’d prefer, see how to do this from the Akeyless Console instead.

📘

Akeyless CLI Required

Ensure you have installed the Akeyless CLI before you begin.

Create a Static Secret from the CLI

The CLI command to create a static secret is:

$ akeyless create-secret --name <secret name> --value <secret value>

The output is:

A new secret named <secret name> was successfully created

The secret name can include the path to the virtual folder in which you want to create the secret, using slash / separators. If the folder does not exist, it will be created together with the secret.

For example, to create a secret in the Admin folder, called AdminCredentials with the value Admin101!, type:

$ akeyless create-secret --name /Admin/AdminCredentials --value Admin101!
A new secret named /Admin/AdminCredentials was successfully created

For more information about additional options available for this command, see create-secret.

Next, assign the static secret to an access role that defines who can access the secret value, and with what permissions.

Create the secret from the UI

Make sure you've fulfilled the prerequisites. It's time to create a static secret.

📘

Prerequisites

You must have Create access to the area in which you want to create this secret. If you don't see the options described here, speak with your administrator for assistance.

  1. Navigate to the folder in which you want to create the new secret.
  2. Go to Secret & Keys > New.

Create new static secret

  1. From the dropdown menu select Static Secret (+). The Create New Static Secret window pops up.

Create New Static Secret window

  1. Enter valid values in the window and click Save to create the new secret. The fields and values are described in Create New Static Secret Values described here:

Create New Static Secret Values

The following table describes the different fields in the Create New Static Secret window and their valid values.

UI Field

CLI Options

Description and values

Name

--name

Assign any unique name to help you identify which key this is.
Values should include no special characters except for a hyphen "-", dot "." , and underscore "_".

Location

Optional.
Akeyless Vault uses paths in order to locate objects and permit access (CRUD actions).
Though folders may look like a real object, they are in practice virtual objects, made for representation purposes.

Use the slash "/" separator to create or indicate a path as part of the secret creation.

From the CLI, include the entire path and the secret name together as part of the --name option.

Description

-m, --metadata

Optional.
This is especially handy when the name of the secret is generic or not specific enough.

Tags

-t, --tag
To specify multiple tags use argument multiple times:
-t Tag1 -t Tag2

Use tags as an extra tool for organizing and searching secrets. If the tag you want hasn't yet been created, you can add it as part of secret creation.

Encrypt secret with the following key

-k, --key

Choose an Encryption Key to be used to encrypt your secret. Leave the field empty in order to use the default (protectionKey) system key.

Value

--value

This is the value of the secret (the password essentially). The length should be 16KB.

--multiline

The provided value is a multiline value (separated by '\n')

Updated 18 days ago

What's Next

In order to fetch the secret read more here:

Add a Static Secret to an Access Role

Create a Static Secret

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.