How to manage passwords

vmk8s

In Charmed PostgreSQL 14, user credentials are managed with Juju’s get-password and set-password actions.

Get password

To retrieve the operator’s password:

juju run postgresql/leader get-password
juju run postgresql-k8s/leader get-password

Set password

To change the operator’s password to a new, randomised password:

juju run postgresql/leader set-password

juju run postgresql-k8s/leader set-password

To set a manual password for the operator/admin user:

juju run postgresql/leader set-password password=

juju run postgresql-k8s/leader set-password password=

To set a manual password for another user:

juju run postgresql/leader set-password username= password=

juju run postgresql-k8s/leader set-password username= password=

Rotate application passwords

To rotate the passwords of users created for integrated applications, the integration should be removed and created again. This process will generate a new user and password for the application.

juju remove-relation <application> postgresql
juju integrate <application> postgresql
juju remove-relation <application> postgresql-k8s
juju integrate <application> postgresql-k8s

In the case of connecting with a non-charmed application, <application> would be data-integrator.