Open hongkongkiwi opened 3 years ago
mooreds
commented
3 years ago @hongkongkiwi This is a great question for our forums. Or, if you have a paid edition, please open a support ticket.
We aim to keep github focused on bug reports and feature requests.
Please head over to https://fusionauth.io/community/forum/ and post your question there.
hongkongkiwi
commented
3 years ago Ok, let me rephrase this as a feature request. Support Reload DB credentials via Sighup for credential rotation.
Or if this is currently possible please add to documentation.
mooreds
commented
3 years ago Sure, I'll leave this as a feature request.
robotdan
commented
3 years ago Can you just restart the fusionauth service? If you are in a multi-node configuration, this should be roughly equivalent.
Support Reload DB credentials via Sighup for credential rotation.
Problem
Please support reloading database credentials
Solution
When I send FusionAuth a sighup, please reload the database credentials (or perhaps all settings?).
Alternatives/workarounds
None found, other than stopping and restarting the instance. I suppose I could use multiple nodes or two instances behind a load balancer, but that would complicate things architecturally.
Additional context
Original request
Hi there,
I'm interested in using AWS Secrets Manager (along with Kubernetes) to automatically rotate the database user/password every 30 days.
I'm keen to keep the docker running, so ideally I would just update the configuration file and tell FusionAuth to reload it. Any database connections which need renewing should use the new user/password and any existing connections should stay connected.
Is there a way to achieve this? Or if not whats the best way to handle automatic db password rotation (such as with AWS Secrets Manager with a lambda function).
Related
How to vote
Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.