Skip to content

Instantly share code, notes, and snippets.

View devorbitus's full-sized avatar

Chris Gruel devorbitus

38 followers · 49 following
View GitHub Profile
@devorbitus
devorbitus / README.md
Created January 9, 2025 20:16
Akeyless MySQL Docker Compose

Akeyless MySQL Docker Compose

@devorbitus
devorbitus / README.md
Last active January 29, 2025 16:43
Akeyless Unified Gateway Docker Compose

Akeyless Gateway & SRA docker compose

Create the two .env files that the docker-compose reference below then create the docker-compose.yaml file

Generate Random OpenSSL Password

You can use this password for the redis password

openssl rand -base64 15
@devorbitus
devorbitus / README.md
Created October 25, 2024 13:14
Akeyless Amazon Linux Docker & Docker Compose Installation

You can start from the scratch on Amazon Linux ec2 instance for installing Docker by following the step:

sudo yum update -y 

sudo amazon-linux-extras install docker 

sudo yum install docker 

sudo service docker start
@devorbitus
devorbitus / README.md
Created October 8, 2024 19:00
Akeyless Kubectl Server Information

Akeyless Kubectl Server Information

kubectl config view --flatten --minify --output=go-template='====================
Cluster Endpoint URL:
====================

{{(index .clusters 0).cluster.server}}

====================
@devorbitus
devorbitus / README.md
Last active October 4, 2024 13:18
Akeyless Gateway Force Disconnected for Cache testing

Note as indicated, it is a bit challenging to make sure the GW is fully disconnects from SaaS. Make sure when you fetch the secret you set export AKEYLESS_GATEWAY_URL="https://rest-GW_URL"

There are few ways to make sure secrets are taken from the cache.

The simple way query the secret, change it and query it again twice. The 1st attempt should give the old version and the 2nd should give the updated version.

The “hard” why - forcing GW disconnect (detailed below)

@devorbitus
devorbitus / README.md
Last active September 19, 2024 13:48
Akeyless List Items - Modified After

Akeyless CLI Poller Script

Overview

The Akeyless CLI Poller Script is a bash script designed to periodically check for new or updated secrets in an Akeyless vault using the Akeyless CLI. It's intended to be run as a cron job, providing an efficient way to monitor and process changes to secrets.

Features

  • Configurable path to the Akeyless CLI executable
  • Efficient polling using the --modified-after flag
@devorbitus
devorbitus / README.md
Last active September 18, 2024 20:53
Akeyless PKI Certificate Authentication

Akeyless PKI Certificate Authentication

Creation process

Mandatory fields:

  • "certificate": File containing a PEM encoded certificate or certificate trust chain that will be used to verify the authentication certificates.
  • "unique identifier": A field from the sub-claims which are taken from the certificate to uniquely identify the client (such as "common_name" or "organizational_unit").

Example usage:

@devorbitus
devorbitus / README.md
Created August 27, 2024 14:24
Akeyless CLI Autocomplete

Akeyless CLI Autocomplete

Setting up bash completion for Linux or Mac:

To add bash-completion for akeyless cli, add the following file (name it ‘akeyless’) to/etc/bash_completion.d/ (MacOS: to /usr/local/etc/bash_completion.d/)

_akeyless() 
{
    local cur prev opts
 COMPREPLY=()
@devorbitus
devorbitus / README.md
Last active August 26, 2024 15:44
test

test

@devorbitus
devorbitus / README.md
Created August 6, 2024 15:17
Akeyless GKE Workload Identity Test

Akeyless GKE Workload Identity Test

cat <<EOF | kubectl apply -f -
apiVersion: v1
kind: ServiceAccount
metadata:
  annotations:
 iam.gke.io/gcp-service-account: sbx-sra-sa@customer-success-391112.iam.gserviceaccount.com