Database Targets

Database Targets

You can define a database target to be used with Database Dynamic Secrets.

Available database targets:

  • MySQL

  • MSSQL

  • MongoDB

  • Snowflake

  • PostgreSQL

  • Oracle

  • Cassandra

👍

Tip

To create database target from Akeyless CLI choose the database type within the create-db-target command

In order to create database targets you can define the following fields on Akeyless Gateway UI or using Akeyless CLI:

MySql:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Username - Privilege database user name with sufficient rights to create users.

-DB Password- Password of the database privilege user name.

-DB Hostname- Target database host name or IP address.

-DB Port- Target database port.

-DB Name - Target database name.

Advanced:

-DB Server Certificate - Set of root certificate authorities in base64 encoding used by clients to verify server certificates.

-DB Server Name - Server name is used to verify the hostname on the returned certificates unless InsecureSkipVerify is provided. It is also included in the client's handshake to support virtual hosting unless it is an IP address

PostgreSQL:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Username - Privilege database user name with sufficient rights to create users.

-DB Password- Password of the database privilege user name.

-DB Hostname- Target database host name or IP address.

-DB Port- Target database port.

-DB Name - Target database name.

MSSQL:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Username - Privilege database user name with sufficient rights to create users.

-DB Password- Password of the database privilege user name.

-DB Hostname- Target database host name or IP address.

-DB Port- Target database port.

-DB Name - Target database name.

Oracle:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Username - Privilege database user name with sufficient rights to create users.

-DB Password- Password of the database privilege user name.

-DB Hostname- Target database host name or IP address.

-DB Port- Target database port.

-Service Name - Target database name.

MongoDB:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Username - Privilege database user name with sufficient rights to create users.

-DB Password- Password of the database privilege user name.

-Host and Port- Target database host name or IP address with port.

Advanced:

-Default Authentication DB - MongoDB default authentication database.

-Options - URI options (e.g. replicaSet=mySet&authSource=authDB)

Mongo Atlas:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-DB Name - Target database name.

-Project ID - MongoDB Atlas project ID

-API public key - MongoDB Atlas public key

-API private key - MongoDB Atlas private key

Snowflake:

-Name: A unique name for the target. The name can include the path to the virtual folder in which you want to create the new target, using slash / separators. If the folder does not exist, it will be created together with the target.

-Account Username - Username for a Snowflake user administrator (with the USERADMIN role or higher).

-Account Password - Password for the Snowflake user administrator account.

-DB Name - Target database name.

-Account Name - Snowflake account name in xy12345.region.cloud_provider format.

Options

📘

Usage

akeyless create-db-target command includes all available databases target, please follow the relevant database section for the relevant fields.

The full list of options for database targets command is:

-n, --name                           *Target name
      --comment                         Comment about the target
      --db-type                        *Database type: mysql/mssql/postgres/mongodb/snowflake
      --user-name                       Database user name
      --host                            Database host
      --pwd                             Database password
      --port                            Database port
      --db-name                         Database name
      --db-server-certificates          Set of root certificate authorities in base64 encoding used by clients to verify server certificates
      --db-server-name                  Server name is used to verify the hostname on the returned certificates unless InsecureSkipVerify is provided. It is also included in the cliens handshake to support virtual hosting unless it is an IP address
      --snowflake-account               Snowflake account name
      --mongodb-atlas                   Flag, set database type to "mongodb" and the flag to "true" to create Mongo Atlas target
      --mongodb-server-uri              MongoDB server URI (e.g. mongodb://akeyless:[email protected]:27017/admin?replicaSet=mySet
      --mongodb-username                MongoDB server username
      --mongodb-password                MongoDB server password
      --mongodb-host-port               host:port (e.g. 12.25.23.56:8080)
      --mongodb-default-auth-db         MongoDB server default authentication database
      --mongodb-uri-options             MongoDB server URI options (e.g. replicaSet=mySet&authSource=authDB)
      --mongodb-atlas-project-id        MongoDB Atlas project ID
      --mongodb-atlas-api-public-key    MongoDB Atlas public key
      --mongodb-atlas-api-private-key   MongoDB Atlas private key
  -k, --key                             Key name. The key will be used to encrypt the target secret value. If key name is not specified, the account default protection key is used
      --profile                         Use a specific profile from your akeyless/profiles/ folder
      --username                        Optional username for various authentication flows
      --password                        Optional password for various authentication flows
      --uid-token                       The universal identity token, Required only for universal_identity authentication
  -h, --help                            display help information
      --json[=false]                    Set output format to JSON
      --no-creds-cleanup[=false]        Do not clean local temporary expired creds

Did this page help you?