The Akeyless Dev Hub

If you're looking for help with the only zero-trust, SaaS, unified platform for secrets management - you've come to the right place.

This is our documentation and updates center.

Documentation

Web Access Bastion

Akeyless Web Access Bastion provides Secure Remote Access to any web application with session recording.

Working with isolated browsers provides you a complete zero knowledge for users. i.e. users do not have any knowledge about the access credentials.

This chart bootstraps an Akeyless-Web-Access-Bastion deployment on a Kubernetes cluster using the Helm package manager. This chart has been tested to work with NGINX Ingress and cert-manager.

Prerequisites

Network

When using Embedded browser session behind load balancer such as ELB, the session can be closed due to idle connection timeout, so its advise to increase it to a reasonable high value, or event unlimited.

e.g when running on AWS with ELB: https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/config-idle-timeout.html?icmpid=docs_elb_console

Horizonal Auto-Scaling

Horizontal auto-scaling is based on the HorizonalPodAutoscaler object.
For it to work properly, Kubernetes metrics server must be installed in the cluster - https://github.com/kubernetes-sigs/metrics-server

  • Helm Installed

  • K8s Installed

🚧

Note:

To enable Secure Remote Access features you will have to get an access-key to Akeyless private repository. Please contact your Account Manager for more details.

Installing the Chart

Add Akeyless helm charts repository to your Helm repository list:

helm repo add akeyless https://akeylesslabs.github.io/helm-charts
helm repo update

The values.yaml file holds default values, replace the values with the ones from your environment where needed.

https://github.com/akeylesslabs/helm-charts/tree/main/charts/akeyless-zero-trust-web-access

The following parameters are mandatory:

Parameter

Default

Info

dockerRepositoryCreds

N\A

Credentials to access Akeyless private image

apiGatewayURL

https://rest.akeyless.io

A full URL of Akeyless API Gateway

listOnlyCredentials

N\A

Non privileged credentials with "List" access. Currently supported only SamlAccessID

privilegedAccess

N\A

Credentials for zero-trust access: If provided, it is possible for end users to have only "list" permissions on Akeyless items if privileged credentials have "read" access

allowdAccessIDs

N\A

Mandatory for Isolated mode.

config.policy.Exceptions

"https://*.akeyless.io/*"

Allow isolated access to the listed URL\domains.

Install the chart:

helm install <RELEASE NAME>  akeyless/akeyless-zero-trust-web-access -f values.yaml

Verify that both pods are up and running:

web-worker-deployment
web-dispatcher-deployment

Updated 3 months ago


Web Access Bastion


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.