Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-60024

Automatic password rotation for AWS Secrets Manager

XMLWordPrintable

    • 3
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      AWS Secrets Manager allows to use a rotate password for the Databases, that changes every X days, without human interaction. But there is no such a function or change the Database password on Confluence automatically.

      Suggested Solution

       
      Create an integration between Confluence and the AWS Secrets Manager to update the database password automatically.

      Suggest workaround

       
      AWS Secrets Manager has a API that permits to use scrips to connect to it and collect the new password. A possible workaround would be:

      1. Create a script to get the new password from the AWS Secrets Manager as described in this page: How to use AWS Secrets Manager to rotate credentials for all Amazon RDS database types, including Oracle
      2. Use the script to update the password retrieve from the AWS to update the database password from Confluence. More details where the Confluence DB password is stored can be found here: Where does Confluence store the database password?
      3. Finally, use the script to restart the Confluence
           

              Unassigned Unassigned
              6eec25a24f71 Diego Martins (Inactive)
              Votes:
              18 Vote for this issue
              Watchers:
              14 Start watching this issue

                Created:
                Updated: