Aembit CLI

Aembit CLI is a command-line interface tool that enables you to get credentials to access a Server Workload directly from your terminal.

Use the Aembit CLI Set-up and usage guides for Aembit CLI.

→

Command Reference View all Aembit CLI commands and their options.

→

Supported operating systems

Aembit CLI is available for the following operating systems:

Linux - Aembit CLI is available as a binary package for Linux.
Windows Server 2019 and 2022 - Aembit CLI is available as a binary package for Windows.

Supported Trust Providers

Aembit CLI supports certain Trust Providers to retrieve credentials for Client Workloads through the command line. Aembit uses these Trust Providers to verify the identity of any requesting Client Workloads and ensure that Aembit retrieves the correct credentials for that workload.

Aembit CLI supports the following Trust Provider identity types:

GitLab
GitHub
Generic OIDC ID Token which supports other CI/CD platforms, such as Jenkins, that can provide OIDC-compliant ID tokens.

If you don’t have a Trust Provider set up, you can follow the steps in the Aembit User Guide to create one.

Supported Credential Providers

The type of credentials output by Aembit CLI depends on the Credential Provider configured on the Access Policy in your Aembit Tenant. Not all Credential Providers output the same type of credentials, and some require that you use specific credential names when retrieving credentials.

Credential Providers that don’t expect a specific credential names:

The preceding Credential Providers output a single credential, which you can use directly in your scripts or applications. You can use the --credential-names option to rename the output credential to a name of your choice.

Credential Providers that expect specific credential names:

Username & Password
This Credential Provider outputs two credentials: USERNAME and PASSWORD. You can use the --credential-names option to specify the names of these credentials when retrieving them.