Akeyless 101 — Modern Secrets Management
A comprehensive, hands-on course covering the Akeyless platform from fundamentals to production-ready integrations. Learn how the vaultless DFC architecture eliminates secrets sprawl, deploy and configure the Akeyless Gateway, manage static, rotated, and dynamic secrets, integrate with Kubernetes and CI/CD pipelines, and issue SSH and TLS certificates — all without managing a secrets server.
Course Preview
Why This Course is Different
Get everything you need to master platform engineering and advance your career
Certificate of Completion
Earn a certificate while gaining real-world skills that go beyond traditional certification prep
Hands-on Labs
11 practical labs with real-world scenarios in pre-configured cloud environments
Expert-Led
Learn from Sam Gabrail, Former HashiCorp Sr. Solutions Engineer with 18+ years experience
Community Support
Join our community where members help each other and collaborate on learning
What You'll Master
Understand the Akeyless vaultless DFC architecture and zero-knowledge encryption model
Navigate the Akeyless Console and use the CLI and REST API
Create and manage static secrets with versioning and time-limited sharing
Configure authentication methods for both human users and machines
Define and enforce access control using Akeyless Access Roles and sub-claims
Deploy and operate the Akeyless Gateway on Docker and Kubernetes
Create dynamic (just-in-time) secrets for AWS and databases
Configure automatic credential rotation for privileged accounts
Integrate Akeyless with Kubernetes using ESO and the Secrets Injector
Use JWT/OIDC authentication in GitHub Actions and GitLab CI pipelines
Issue ephemeral SSH certificates and manage PKI with Akeyless CLM
Encrypt and decrypt data and tokenize PII using Akeyless-managed keys
Manage Akeyless configuration as Infrastructure as Code with Terraform
Course Curriculum
SECTION 1 – COURSE INTRODUCTION
Course overview, prerequisites, and lab environment setup
- •Course Introduction
- •Lab Environment and Account Setup Guide
- •Course Code Repository
SECTION 2 – INTRODUCTION TO AKEYLESS
The secrets sprawl problem, DFC architecture, and platform components
- •What is Akeyless?
- •The Secrets Sprawl Problem
- •Distributed Fragments Cryptography (DFC)
- •Akeyless Use Cases and Deployment Patterns
- •Akeyless Platform Components
- •Akeyless Console BasicsLab
- •Section 2 Quiz — Akeyless Architecture and Core ConceptsQuiz
SECTION 3 – GETTING STARTED — CONSOLE, CLI, AND API
First hands-on contact with all three Akeyless interaction surfaces
- •The Akeyless Console — A Guided Tour
- •Installing the Akeyless CLI
- •CLI Fundamentals and Common Commands
- •The Akeyless REST API
- •CLI and REST APILab
- •Section 3 Quiz — Getting Started with AkeylessQuiz
SECTION 4 – STATIC SECRETS AND ACCESS CONTROL
Versioned static secrets, RBAC access roles, path-based permissions
- •Static Secrets — Versioning, Sharing, and Best Practices
- •Access Roles and RBAC
- •Path-Based Permissions and Wildcards
- •Akeyless FundamentalsLab
- •Section 4 Quiz — Static Secrets and RBACQuiz
SECTION 5 – AUTHENTICATION METHODS
Machine and human auth, cloud IAM, K8s auth, JWT/OIDC, sub-claims, Universal Identity
- •Authentication Methods Overview
- •API Key Authentication
- •Cloud IAM Authentication (AWS, Azure, GCP)
- •Kubernetes Authentication
- •JWT and OIDC Authentication
- •Human Authentication (SAML, LDAP, Email)
- •Sub-Claims — Restricting Auth Method Scope
- •Universal Identity (UID) for On-Premises Workloads
- •Authentication Methods and Sub-ClaimsLab
- •Section 5 Quiz — Authentication MethodsQuiz
SECTION 6 – THE AKEYLESS GATEWAY
Architecture, Docker and Kubernetes deployment, caching, and HA
- •Gateway Architecture and Why You Need It
- •Deploying the Gateway with Docker
- •Deploying the Gateway on Kubernetes with Helm
- •Gateway Caching and High Availability
- •Gateway Configuration and Access Permissions
- •Deploying the Akeyless GatewayLab
- •Section 6 Quiz — The Akeyless GatewayQuiz
SECTION 7 – DYNAMIC AND ROTATED SECRETS
Just-in-time credentials, automatic rotation, targets, and producers
- •Targets — Connecting Akeyless to External Systems
- •Dynamic Secrets and Producers
- •Dynamic Secrets for AWS and Databases
- •Rotated Secrets and Automatic Credential Rotation
- •Choosing the Right Secret Type
- •Dynamic and Rotated SecretsLab
- •Section 7 Quiz — Dynamic and Rotated SecretsQuiz
SECTION 8 – KUBERNETES SECRETS MANAGEMENT
ESO, Secrets Injector, CSI Driver, and Cert Manager
- •The Kubernetes Secrets Management Challenge
- •Four Kubernetes Integration Patterns
- •External Secrets Operator (ESO)
- •Akeyless Secrets Injector (Mutating Webhook)
- •Kubernetes Secrets ManagementLab
- •Section 8 Quiz — Kubernetes IntegrationQuiz
SECTION 9 – CI/CD INTEGRATION
GitHub Actions, GitLab CI, Jenkins, and Ansible
- •The CI/CD Secrets Problem
- •GitHub Actions — OIDC Integration
- •GitLab CI/CD Integration
- •Jenkins and Ansible Integration
- •GitHub Actions and AkeylessLab
- •Section 9 Quiz — CI/CD IntegrationQuiz
SECTION 10 – CERTIFICATE LIFECYCLE MANAGEMENT
Private CA, SSH certificates, ACME server, and public CA integration
- •PKI and Certificate Management Fundamentals
- •Private CA with Akeyless CLM
- •SSH Certificates — Replacing Static Keys
- •ACME Server and Public CA Integration
- •SSH Certificates with AkeylessLab
- •Section 10 Quiz — Certificate ManagementQuiz
SECTION 11 – ENCRYPTION, KEY MANAGEMENT, AND TOKENIZATION
DFC keys, BYOK, tokenization for PCI-DSS, KMIP, and TDE
- •Encryption as a Service with Akeyless
- •Classic Keys and BYOK
- •Tokenization for PCI-DSS Compliance
- •KMIP and Transparent Data Encryption
- •Encryption Keys and TokenizationLab
- •Section 11 Quiz — Encryption and Key ManagementQuiz
SECTION 12 – TERRAFORM INTEGRATION AND INFRASTRUCTURE AS CODE
Akeyless Terraform provider, dynamic credentials for Terraform, IaC best practices
- •Managing Akeyless with the Terraform Provider
- •Using Dynamic Secrets with Terraform
- •IaC Best Practices for Secrets Management
- •Terraform and AkeylessLab
- •Section 12 Quiz — Terraform IntegrationQuiz
SECTION 13 – CLOSING REMARKS
Next steps, community, and continued learning
- •Closing Remarks and Next Steps
- •Community
Course Features
Hands-on Labs
Lots of hands-on labs to learn by doing
Join our Community
Community support to ask questions and collaborate
Test Your Knowledge
Quizzes to help you grasp the material well
See what others are saying about our Courses
“I like the Crossplane 101 course a lot. I think it is one of the best online courses I have taken (and I've taken a lot in the last 2 years, transitioning into DevOps). The labs are phenomenal – every task has a long tutorial with lots of explanations, gotchas, and recaps, and you always provide the reasoning for implementing a certain solution.”
“I just completed the Crossplane 101 course! Managing infrastructure as Kubernetes resources is a total game-changer. A huge thanks to TeKanAid and Sam Gabrail for the incredible training and insights.”
“Although I've worked with Crossplane in real production environments, I always felt there were gaps in my understanding. Completing this course filled those gaps perfectly. I had to unlearn and relearn quite a few things, especially around Crossplane v2.0 concepts. Well structured and thoughtfully put together. Highly recommended for building a strong, foundational understanding of Crossplane.”
“Dear Sam, I hope this email finds you well. If you remember before the end of last year I register for one your courses Terraform 101 – Certified Terraform Associate, I must admit that I learned a lot even though I was not patient enough for all videos to be available. All in all I enjoy the way you structured the course and how you went through it. The main reason of this email, to send you my gratitude for the content you created and to let you know that I passed my exam/test last week.”
“This course was a perfect introduction to Terraform and Infrastructure as Code. Loved the gitpod, saving me a lot of time for developer environment setup. We have a project at work where we want to go from a click-ops version of server-deploy to a more automated flow using ci/cd and terraform for deploying virtual servers.”
“I want to thank you for such wonderful courses. They are more comprehensive than other courses I have taken in the past. You take the time to explain every detail of the code and what it does exactly, further enforcing your student's understanding and confidence in what they are learning. Your methods are very effective and set you apart from other instructors.”
Choose your plan
Simple, Transparent Pricing
Unlock full access to TeKanAid courses, labs, and bootcamps
Just exploring? Start free below. Want the full experience? Try Premium free for 7 days (card required, $0 today).
Pro
All courses, with lab scripts to run on your own machine
Renews automatically. Cancel anytime.
Final price verified at checkout.
- Full access to all courses
- Lab scripts to download and run on your own machine (hosted labs not included)
- Progress tracking
- Certificate of completion
- Community access
- Bootcamp participation
- New content access
Premium
Full access, including unlimited hosted labs
Renews automatically. Cancel anytime.
Final price verified at checkout.
- Everything in Pro
- Unlimited hands-on labs, fully hosted on TeKanAid Academy (nothing to set up)
- Lab AI Assistant
- Accelerator bootcamps with live office hours
- Priority support
Prefer just this course?
Purchase Akeyless 101 — Modern Secrets Management for a one-time fee of $79. Full access to course content, quizzes, certificates, and community features, lab access is not included.
Buy this course for $79 →Just exploring? Start free, no account needed
Three free ways to start. All bridge into the paid Premium catalog when you're ready.
Not ready to commit? The crash course is email-only. No academy account required.
Hi there, I'm Sam
I'm a husband and father of two wonderful boys. I'm also very passionate 🔥 about all things technology. From when I was 10, I had a dream to become a computer 💻 engineer one day. Here I am today living the dream!
Thanks for visiting TeKanAid Academy. My goal is to teach you all things DevOps. Below are some of the things I've done over the years. I'm confident that I can help you achieve your dreams too.
- 18+ years of experience in various Information Technology fields from Telecommunications, Computer Networks, Digital Transformation, DevOps, Cybersecurity, and IoT
- President of TeKanAid Solutions Inc. building online content in the DevOps space
- Previous – Sr. Solutions Engineer at HashiCorp
View my Certifications
Terraform: Authorized HashiCorp Instructor
Verify my certificate
HashiCorp Authorized Instructors are experienced DevOps professionals who deliver official HashiCorp training courses in person and virtually.
Issued by HashiCorp Partner Network (HPN)
Vault: Authorized HashiCorp Instructor
Verify my certificate
HashiCorp Authorized Instructors are experienced DevOps professionals who deliver official HashiCorp training courses in person and virtually.
Issued by HashiCorp Partner Network (HPN)
HashiCorp Certified: Terraform Associate (002)
Verify my certificate
Earners of the HashiCorp Certified: Terraform Associate certification know the basic concepts, skills, and use cases associated with open source HashiCorp Terraform.
Issued by HashiCorp
HashiCorp Certified: Vault Associate (002)
Verify my certificate
Earners of the HashiCorp Certified: Vault Associate certification know the basic concepts, skills, and use cases associated with open source HashiCorp Vault.
Issued by HashiCorp
Featured Products
Week 4: AI Agents and Agentic Workflows
Part of the AI Platform Engineering Bootcamp. Week 4 of 8. The bootcamp follows an 8-week arc that culminates in a capstone Platform Assistant: a production-ready AI system you build by combining the LLM, RAG, agent, MLOps, model serving, and observability layers introduced across each week.
Learn More →
Week 1: AI Foundations for Infrastructure Engineers
Part of the AI Platform Engineering Bootcamp. Week 1 of 8. The bootcamp follows an 8-week arc that culminates in a capstone Platform Assistant: a production-ready AI system you build by combining the LLM, RAG, agent, MLOps, model serving, and observability layers introduced across each week.
Learn More →
Week 7: AI Observability and LLMOps
Part of the AI Platform Engineering Bootcamp. Week 7 of 8. The bootcamp follows an 8-week arc that culminates in a capstone Platform Assistant: a production-ready AI system you build by combining the LLM, RAG, agent, MLOps, model serving, and observability layers introduced across each week.
Learn More →
30-Day Money-Back Guarantee
Try it risk-free
I'm confident you'll get everything you need from this course and be 100% satisfied. But in the unlikely event you decide it's not for you just ask for a refund any time during the first 30 days and you'll get your money back with no questions asked.