When you create a static secret, you need to name it and provide the secret value. All secret values are encrypted using patented Akeyless Distributed Fragment Cryptography (DFC) technology.
Let’s create a static secret using the Akeyless CLI. If you’d prefer, see how to do this from the Akeyless Console instead.
Akeyless CLI Required
Ensure you have installed the Akeyless CLI before you begin.
The CLI command to create a static secret is:
akeyless create-secret --name <secret name> --value <secret value>
The output is:
A new secret named <secret name> was successfully created
The secret name can include the path to the virtual folder in which you want to create the secret, using slash / separators. If the folder does not exist, it will be created together with the secret.
For example, to create a secret in the Admin folder, called AdminCredentials with the value Admin101!, type:
$ akeyless create-secret --name /Admin/AdminCredentials --value Admin101! A new secret named /Admin/AdminCredentials was successfully created
For more information about additional options available for this command, see create-secret.
Next, assign the static secret to an access role that defines who can access the secret value, and with what permissions.
Make sure you've fulfilled the prerequisites. It's time to create a static secret.
You must have Create access to the area in which you want to create this secret. If you don't see the options described here, speak with your administrator for assistance.
- Navigate to the folder in which you want to create the new secret.
- Go to Secret & Keys > New.
- From the dropdown menu select Static Secret (+). The Create New Static Secret window pops up.
- Enter valid values in the window and click Save to create the new secret. The fields and values are described in Create New Static Secret Values described here:
The following table describes the different fields in the Create New Static Secret window and their valid values.
Description and values
Assign any unique name to help you identify which key this is.
Use the slash "/" separator to create or indicate a path as part of the secret creation.
From the CLI, include the entire path and the secret name together as part of the
Use tags as an extra tool for organizing and searching secrets. If the tag you want hasn't yet been created, you can add it as part of secret creation.
Encrypt secret with the following key
Choose an Encryption Key to be used to encrypt your secret. Leave the field empty in order to use the default (protectionKey) system key.
This is the value of the secret (the password essentially). The length should be 16KB.
The provided value is a multiline value (separated by '\n')
Updated 3 months ago
In order to fetch the secret read more here:
|Add a Static Secret to an Access Role|