devorbitus

Domain OS Int

Web address to search for information about domains

https://bgp.he.net/

devorbitus

GCP Enable Flow API

You can definitely several of those GCP APIs that our integration needs individually, but there is a little known webpage that allows you to enable them all at once like so. If you examine the URL, you can see how each of the APIs have the official service name added to the query parameters and the user simply selects which project they want to apply these to and it will enable them all. If the API is already enabled it will just skip it. https://console.cloud.google.com/apis/enableflow;apiid=cloudresourcemanager.googleapis.co[…]pis.com,logging.googleapis.com,cloudasset.googleapis.com

devorbitus

Akeyless Hashi Vault Proxy examples

The Secret Path within Akeyless

/Dev/Lab/SecretKey

Access through the Akeyless CLI

devorbitus

Akeyless Nu Shell Account Reference Archive

This script will use an Akeyless T-Token to authenticate to the API and download account details for reference WITHOUT accessing secret values.

The script will create a datadirectory and place the JSON files into that directory.

Prerequisites

• Install Nu Shell
• Download the script and make it executable
• Execute the script

devorbitus

High-Level Plan for Deploying an Akeyless Gateway in an AKS Cluster Using Workload Identity

Deploying an Akeyless Gateway into an Azure Kubernetes Service (AKS) cluster using Azure Workload Identity allows the Gateway to authenticate using its own Azure AD Identity without storing long-lived credentials. This setup ensures secure, seamless authentication through Azure AD authentication methods.

---

1. Prerequisites

Before proceeding, ensure you have:

• An AKS Cluster (running Kubernetes 1.21+)
• Azure CLI installed and authenticated (az login)

devorbitus

Akeyless GitHub SSH Certificate Integration

Background

GitHub Enterprise plans allow for setting an SSH Certificate Authority. We can configure the Akeyless CLI to use the company SSO to enable the user to authenticate and then use an SSH Cert Issuer to create and utilize an SSH Certificate signed by the CA of an Akeyless RSA2048 DFC Key. The SSH Certificate Issuer will use the user's local SSH key to create the SSH Certificate. We can confgure the user's local SSH client to utilize the certificate for connections to GitHub like below.

Instructions

• Download the Akeyless CLI and configure the default profile to use the appropriate Single Sign On SSO (SAML/OIDC) for the user
• Create a DFC RSA2048 Key (Signer Key)
• Create a SSH Cert Issuer that uses the Signer Key

devorbitus

Installation and Configuration of Akeyless CLI for Tokenization on a Cloud VM

Create an AWS Auth Method tied to this specific AWS Acccount ID

https://docs.akeyless.io/docs/aws-iam#create-an-aws-iam-authentication-method-in-the-akeyless-console

Copy the Access ID of the newly created Auth Method

The Access ID should look something like p-8au8y41c5us0wm

devorbitus

Akeyless K8s Auth Config Dedicated Service Account

Existing K8s documentation

Extract the Cluster CA Certificate and Cluster Host Endpoint

kubectl config view --flatten --minify --output=go-template='====================
Cluster Endpoint URL:
====================

devorbitus

Akeyless MySQL Create Admin User for Dynamic Secrets

GRANT ALL PRIVILEGES ON *.* TO 'newadmin'@'%' WITH GRANT OPTION;
FLUSH PRIVILEGES;

devorbitus

Akeyless Postgres K8s

Create the Root Password Secret

kubectl create secret generic postgres-password --from-literal=PASSWORD=$(openssl rand -base64 32)

Deploy Manifests