An instance administrator can optionally disable the option to use shared credentials in
connections in platform connections, projects, and catalogs.
About this task
When a connection is created with shared credentials, all users access the connection with the
same credentials. However, because the credentials are shared, it is difficult to audit access to
the connection, to identify the source of data loss, or identify the source of a security
breach.
- Who needs to complete this task?
-
To complete this task you must be either:
- A cluster administrator
- An instance administrator
- When do you need to complete this task?
-
Complete this task if either of the following statements are true:
- You want to enforce the use of personal credentials.
- Your require individual accountability because of industry-specific regulations that your
organization must comply with.
Common core services This feature is available only when
the
Cloud Pak for Data
common core services are installed. To determine
whether the
common core services are installed,
run:
oc get ccs --namespace ${PROJECT_CPD_INST_OPERANDS}
- If the common core services are installed, the
command returns information about the common core services custom resource.
- If the common core services are not installed, the
command returns an empty response.
Procedure
-
Log in to Red Hat®
OpenShift® Container Platform as a user with sufficient permissions to
complete the
task.
- Run the following command to set the
wdp_connect_connection_allow_shared_credentials parameter to
false:
oc patch ccs ccs-cr \
--namespace=${PROJECT_CPD_INST_OPERANDS} \
--type=merge \
--patch '{"spec": {"wdp_connect_connection_allow_shared_credentials": "false"}}'
- Wait for the status of the common core services operator to change to
Completed. You can check the status by running: