Deployment Template  

  

Environment 


Aqua Database, PostgreSQL 


Deployment Task  


To deploy Aqua CSP using a custom user rather than default to postgres. 
 In this document we refer to PostgreSQL 9.6 [1] therefore we suggest checking the relevant used version just in case the role creation command has changed. 


Deployment Steps  


  1. Normally deploy the Aqua database container following the specific documentation pertaining to your method, orchestrator and cloud provider as suggested by Aqua. 

  1. Execute the relevant command to access the Aqua database instance e.g. 

sudo docker exec -it aqua-db bash 

  1. Switch to user postgres and to the interactive psql terminal 

su – postgres 

psql 

  1. Create the new role 

create role your_custom_role LOGIN CREATEDB PASSWORD 'your_custom_role_password'; 

  1. List the new role 

\du 

List of roles 
 Role name | Attributes | Member of 
 -----------+------------------------------------------------------------+----------- 
 your_custom_role | Create DB | {} 

  1. Deploy the Aqua Web and the Aqua Gateway components using the new custom credentials. E.g. aqua-web on Docker Only (shortened command) [2] 

docker run -d -p 8080:8080 -p 443:8443 \ 

  --name aqua-web \ 

  -e SCALOCK_DBHOST=<DB_HOST> \ 

  -e SCALOCK_DBNAME=scalock \ 

  -e SCALOCK_DBUSER=your_custom_role \ 

  -e SCALOCK_DBPASSWORD=<your_custom_role_password> \ 


Related information