Docker Hub Dynamic Secrets
You can define a Docker Hub Dynamic secret to generate just-in-time personal access tokens for your Docker Hub repository.
Create a Dynamic Secret for Docker Hub from the CLI
Let’s create a dynamic secret for Docker Hub using the Akeyless CLI.
akeyless gateway-create-producer-dockerhub -u <Your GW URL > \
--name <secret name> \
--dockerhub-username <Dockerhub username> \
--dockerhub-password <Dockerhub password> \
--dockerhub-token-scopes <permissions scopes for the temporary token, comma seperated>
Alternatively, you can replace dockerhub-username
and dockerhub-password
with target-name
to use an existing Docker Hub Target.
Docker Hub token scopes: Possible permissions scopes are:
repo:admin
,repo:write
, repo:read
, repo:public_read
.
Note that each of the permissions scopes above includes the lower permissions scopes i.e repo:admin
includes all the rest of the scopes permissions. e.g repo:write
contains repo:read
and repo:public_read
etc.
Create a Dynamic Secret for Docker Hub from the Akeyless Console UI
- In the Akeyless Console UI, select Secret & Keys > Dynamic Secret > Docker Hub.
Field | Description |
---|---|
Name | A unique name that describes the purpose or permissions scope of this dynamic secret. |
Location | The path in which to store this dynamic secret. |
Target Mode | Choose an existing target, or explicitly specify target properties |
Token Scopes | Permission profile of the temporary token for Docker Hub access level. |
Gateway | Choose on which gateway to create this item. Make sure this Gateway is available. |
Username | In case explicit target mode is used, provide a privileged username to create temporary tokens |
Password | Privleged username password |
Updated 2 months ago