Creating a Gateway

Creating a Keeper Gateway

Overview

In order to install and setup a Keeper Gateway device, you need to have a few resources set up:

Shared Folders to hold the PAM Resources (Machines, Databases, Users, etc)
Keeper Secrets Manager application
PAM Configuration

To simplify the process, we have a new Gateway wizard which creates all of the necessary components. Or, you can run each step individually.

Using the Gateway Wizard

A new Gateway deployment can be created by clicking on Create New > Gateway from the Web Vault. We have also posted a page describing how to create a sandbox environment in just a few steps.

Creating a Gateway

Create a Secrets Manager Application

In the Keeper Web Vault or Desktop App user interface, create a Shared Folder. This Shared Folder will contain the PAM resource records.
Navigate to the "Secret Managers" tab on the left and click on "Create Application" to create a KSM application
In the prompted window:
- Enter the name of your KSM application
- Choose the Shared Folder
- Set the Record Permissions for Application to "Can Edit"
- Click on "Generate Access Token" and then click on "OK"
- You can safely ignore the first One-Time Access Token generated for the newly created KSM application. When creating a Keeper Gateway device, a different One-Time Access Token will be created.

Generate the Gateway Token

From the Application screen, open the Gateways tab
Click on Provision Gateway
Select a name for the Gateway and the operating system
Follow the on-screen instructions based on the type of install

Using Commander CLI

You can also create a Gateway and configuration file from the Commander CLI:

pam gateway new -n "<Gateway Name>" -a <Application Name or UID> -c b64

The Application names and UIDs can be found with secrets-manager app list

PreviousGateways NextDocker Installation

Last updated 2 months ago

Was this helpful?