Autonomous Identity 2022.11.11

Change the Vault Passwords

Autonomous Identity uses the ansible vault to store passwords in encrypted files, rather than in plaintext. Autonomous Identity stores the vault file at /autoid-config/vault.yml saves the encrypted passwords to /config/.autoid_vault_password . The /config/ mount is internal to the deployer container. The default encryption algorithm used is AES256.

By default, the /autoid-config/vault.yml file uses the following parameters:

  basic_auth_password: Welcome123

  openldap_password: Welcome123

  cassandra_password: Welcome123
  cassandra_admin_password: Welcome123

  mongo_admin_password: Welcome123
  mongo_root_password: Welcome123

  elastic_admin_password: Welcome123
  elasticsearch_password: Welcome123

Assume that the vault file is encrypted during the installation. To edit the file:

Edit the Vault file:
  1. Change to the /autoid-config/ directory.

    $ cd ~/autoid-config/
  2. First, decrypt the vault file.

    $ ./ decrypt-vault
  3. Open a text editor and edit the vault.yml file.

  4. Encrypt the file again.

    $ ./ encrypt-vault
Copyright © 2010-2024 ForgeRock, all rights reserved.