From 824e87424ea9c06130c7df3fb438e742b4e120e2 Mon Sep 17 00:00:00 2001 From: Sunil Singh Date: Thu, 9 Jan 2025 14:09:34 -0800 Subject: [PATCH] Adding bootstrap password instructions, tied to nvshas-8773 and 5.4 new feature usage. Signed-off-by: Sunil Singh --- .../03.configuration/01.console/01.console.md | 23 +++++++++++++++++++ .../03.configuration/01.console/01.console.md | 23 +++++++++++++++++++ 2 files changed, 46 insertions(+) diff --git a/docs/03.configuration/01.console/01.console.md b/docs/03.configuration/01.console/01.console.md index 48e776dfc..4f960cc45 100644 --- a/docs/03.configuration/01.console/01.console.md +++ b/docs/03.configuration/01.console/01.console.md @@ -60,6 +60,29 @@ All operations in NeuVector can be invoked through the REST API instead of the c After successful login, the admin user should update the account with a more secure password. +### Setting Up the Bootstrap Password + +An admin user can set up a bootstrap password while deploying for the first time. The admin user can change the password after first login using the example code below: + +:::important +The bootstrap password needs to follow the format: + - 8 character(s) minimum. + - 1 uppercase character(s). + - 1 lowercase character(s). + - 1 number(s). +::: + +```shell +helm install -n neuvector ./ neuvector --set tag=5.4.0,bootstrapPassword=P@ssw0rd1234 +``` + +If it is a fresh install and not a restore from a PVC, and no admin password is set in the configmap or secret then use the below command to retrieve the password to login to the NeuVector WebUI using an admin account. The password is randomly generated during the deployment if AWS cloud billing is enabled. + +```shell +kubectl get secret --namespace {{ .Release.Namespace }} neuvector-bootstrap-secret -o +go-template='{{ "{{" }}.data.bootstrapPassword|base64decode{{ "}}" }}{{ "{{" }} "\n" {{ "}}" }}' +``` + ### Creating Additional Users New users can be added from the Settings -> Users & Roles menu. There are predefined global roles in NeuVector: diff --git a/versioned_docs/version-5.4/03.configuration/01.console/01.console.md b/versioned_docs/version-5.4/03.configuration/01.console/01.console.md index 48e776dfc..4f960cc45 100644 --- a/versioned_docs/version-5.4/03.configuration/01.console/01.console.md +++ b/versioned_docs/version-5.4/03.configuration/01.console/01.console.md @@ -60,6 +60,29 @@ All operations in NeuVector can be invoked through the REST API instead of the c After successful login, the admin user should update the account with a more secure password. +### Setting Up the Bootstrap Password + +An admin user can set up a bootstrap password while deploying for the first time. The admin user can change the password after first login using the example code below: + +:::important +The bootstrap password needs to follow the format: + - 8 character(s) minimum. + - 1 uppercase character(s). + - 1 lowercase character(s). + - 1 number(s). +::: + +```shell +helm install -n neuvector ./ neuvector --set tag=5.4.0,bootstrapPassword=P@ssw0rd1234 +``` + +If it is a fresh install and not a restore from a PVC, and no admin password is set in the configmap or secret then use the below command to retrieve the password to login to the NeuVector WebUI using an admin account. The password is randomly generated during the deployment if AWS cloud billing is enabled. + +```shell +kubectl get secret --namespace {{ .Release.Namespace }} neuvector-bootstrap-secret -o +go-template='{{ "{{" }}.data.bootstrapPassword|base64decode{{ "}}" }}{{ "{{" }} "\n" {{ "}}" }}' +``` + ### Creating Additional Users New users can be added from the Settings -> Users & Roles menu. There are predefined global roles in NeuVector: