Required Users Accounts in Dependencies
- 01 Oct 2024
-
DarkLight
-
PDF
Required Users Accounts in Dependencies
- Updated on 01 Oct 2024
-
DarkLight
-
PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
The validated designs are very opinionated installations of Itential and its dependencies.
The following user accounts are required by the dependencies for a validated design and are used for the following purposes.
MongoDB
Account | Description |
---|---|
admin |
Has full root access to the mongo database. Can read and write to any logical database. Can be used to issue admin commands like forcing an election and configuring replica sets. This is NOT used by the Itential application but is created for admin purposes. |
itential |
Has read and write access to the “itential” database only. This is the account used by the IAP application. |
localaaa |
Has read and write access to the “LocalAAA” database. This is used by the Local AAA adapter for local, non-LDAP logins. |
Redis
Account | Description |
---|---|
admin |
Has full root access to the Redis database, all channels, all keys, all commands. This is NOT used by the Itential application but is created for admin purposes. |
itential |
Has full access to the Redis database, all channels, all keys, EXCEPT the following commands: asking , cluster , readonly , readwrite , bgrewriteaof , bgsave , failover , flushall , flushdb , psync , replconf , replicaof , save , shutdown , sync . This is the account used by the IAP application. |
repluser |
Has access to the minimum set of commands to perform replication: psync , replconf , ping . |
admin |
Full root access to Redis Sentinel. This is NOT used by the Itential application but is created for admin purposes of Redis Sentinel. |
sentineluser |
Has access to the minimum set of commands to perform sentinel monitoring: multi , slaveof , ping , exec , subscribe , config |rewrite , role , publish , info , client|setname , client|kill , script|kill . |
Was this article helpful?