sergioeliot2039
commented
2 years ago To complement the documentation available here are links to Akeyless docs:
Akeyless Dev Hub -- https://docs.akeyless.io/ Akeyless Documentation and updates center -- https://docs.akeyless.io/docs Akeyless API Reference -- https://docs.akeyless.io/reference
The Akeyless Vault Platform can use JWT authentication for platform use-cases like GitLab or GitHub Actions so repositories don't have to have any secrets stored within and are able to pull down static secrets and ephemeral least-privilege credentials like database credentials and Docker Hub credentials as needed instead of having long-standing credentials.
Does Pipedream have any plans to have anything like these within workflows for the secrets that are needed?
https://docs.github.com/en/actions/deployment/security-hardening-your-deployments/about-security-hardening-with-openid-connect https://docs.gitlab.com/ee/ci/examples/authenticating-with-hashicorp-vault/
Here is an example where the only piece of information tied back to my account is my access ID which is tied to the JWT authentication in my account https://github.com/devorbitus/akeyless-dba-workflow-tf-example/blob/main/.github/workflows/secret.yml#L21