- 12 Dec 2023
- 1 Minute to read
Akeyless Vault Integration
- Updated on 12 Dec 2023
- 1 Minute to read
The Akeyless integration enables Axonius to securely pull privileged credentials from the Akeyless Vault. The integration helps to ensure that privileged credentials are secured in the Akeyless Vault, rotated to meet company guidelines, and meet complexity requirements.
Description of Product Integration
Axonius uses the Akeyless Vault to fetch credentials from the Vault.
Axonius authenticates to the Akeyless Vault Server token authentication.
The credentials are only fetched by Axonius when:
- Creating a new adapter connection
- Updating an existing adapter connection
- Running an enforcement set
- Fetching asset information for adapters during discovery cycles
Axonius does not store the credentials anywhere and deletes any trace of credentials.
To enable fetching credentials from your Akeyless Vault Server, you need to:
- Install and configure Akeyless Vault
- Enable and configure the External Password Managers - Enterprise Password Management Settings in Axonius.
The secrets must be created as static secrets.
- Configure adapter connection credential to fetch passwords from Akeyless Vault Server.
Enable Akeyless Vault Integration
Follow the guidelines in External Password Managers - Enterprise Password Management Settings to enable Akeyless Vault integration and allow Axonius to securely pull privileged credentials from the Akeyless Vault Server.
Working with Akeyless Vault
Once the Akeyless Vault integration is enabled in Axonius, a new Akeyless Vault icon will appear in all password fields when configuring adapters or configuring Enforcement sets, allowing you to enter a password manually or to fetch the secret from Akeyless Vault Server.
To fetch the password from Akeyless Vault:
- In a password field, click the Akeyless Vault icon. If you have configured more than one password manager, click the vault icon and select Akeyless Vault from the drop-down. An Akeyless Vault password dialog opens.
In the dialog, specify the following parameters:
Secret Name (required) - The name of the secret key that you saved for the Akeyless vault.
- If the fetch is successful, a green indication is displayed next to the Akeyless Vault icon. Hovering over the Akeyless Vault icon shows the credentials you input.
- If the fetch is unsuccessful, a red indication is displayed next to the Akeyless icon. Hovering over the Akeyless Vault icon shows the error.