| From: | kamal deen <kamaldeendba(at)gmail(dot)com> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | Super user password explicit in patroni yml |
| Date: | 2025-02-26 19:06:49 |
| Message-ID: | CAAGAcEe8qmL05tCLX_y8cPK8UHoxVOnC6BW1Or33-pH9xcxgQw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hi All,
As part of the security standardization we are working on postgres super
user DB password rotation POC.
In that POC we have successfully rotated the password with the help of
password management tool.
We have noticed in patroni yml file for authentication we are explicitly
using super user name and credentials same for replicator user as well.
Is there any option we can pass this password instead of direct mentioning
or using .pgpass file.
Our intention here is we should not expose superuser password anywhere at
server level.
If we change the super user password at DB level should we update the same
in patroni yml every time ? If we not update that password in patroni yml
file is that impact anything of replication , API calls , primary and
replica connectivity?
And also pls share the best way to rotate the DB user password in postgres.
Your valuable suggestion is highly appreciated.
Regards,
SK.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Ron Johnson | 2025-02-26 19:27:52 | Re: Super user password explicit in patroni yml |
| Previous Message | Frank Zhou | 2025-02-26 15:03:20 | Re: Monitoring postgresql 14 in a paasrole |