This document guides you through enabling PX-Security in your cluster by adding a single flag to your
- You must have Portworx Operator 1.4 or greater
The Operator includes first-class support for PX-Security in the
StorageCluster spec. This means that the operator will auto-generate the following for you if security is enabled:
- Shared Secret stored under the secret
- Admin token stored under the secret
- User token stored under the secret
Enabling Security in your cluster
Enable security under
spec.securityof your StorageCluster:
You can now apply the StorageCluster spec and wait until Portworx is ready.
Once you've enabled security in Portworx, continue to the next section.
pxctl in this context, see use
pxctl with security enabled. Otherwise, all
pxctl commands will fail with an
access denied error.