Gateway Access Permissions

Akeyless Access Roles control all user access levels for items, analytics, and usage reports.

In parallel with Gateway administrative operations, you can set the exact level of access your Gateway administrative users will have, from the management of just Dynamic or Rotated Secrets, up to, and including, complete admin rights.



Pre-Provisioned Admin Users - Pre-Provisioned settings of your Gateway Admin users can not be modified after setup. To limit already existing admin users of your Gateway, you will be required to remove them from your deployment files.

Configuring Access Permissions from the Gateway



Only Gateway Admin users can access and manage the Access Permissions settings.

To configure Access Permissions in your Gateway Configuration Manager, under the Access Permissions tab:

  1. Click New
  2. Define a meaningful Name for the item. e.g., Dynamic Secrets Admin
  3. From the Auth Method drop-down menu, choose the relevant Authentication Method and set the exact Sub-Claims identifying your users, and click Next
  4. In Permission Settings, select Admin or Custom
  5. If you choose Custom, select the relevant permissions to grant that Auth Method (e.g. Dynamic Secrets, etc) , and click Finish

Based on the selected operations, the relevant Auth Method will only have access to initiate those operations.

You can also manage your Gateway Access Permissions using the Console by going to the Gateways tab and selecting the desired Gateway. On the right side of the screen, click the Access Permissions tab.