The Infisical Vertica dynamic secret allows you to generate Vertica database credentials on demand based on configured role.

Prerequisite

Create a user with the required permission in your Vertica instance. This user will be used to create new accounts on-demand.

Set up Dynamic Secrets with Vertica

1

Open Secret Overview Dashboard

Open the Secret Overview dashboard and select the environment in which you would like to add a dynamic secret.

2

Click on the 'Add Dynamic Secret' button

3

Select `Vertica`

4

Provide the inputs for dynamic secret parameters

Secret Name
string
required

Name by which you want the secret to be referenced

Default TTL
string
required

Default time-to-live for a generated secret (it is possible to modify this value after a secret is generated)

Max TTL
string
required

Maximum time-to-live for a generated secret

Gateway
string

Select a gateway for private cluster access. If not specified, the Internet Gateway will be used.

Host
string
required

Vertica database host

Port
number
required

Vertica database port (default: 5433)

Database
string
required

Name of the Vertica database for which you want to create dynamic secrets

User
string
required

Username that will be used to create dynamic secrets

Password
string
required

Password that will be used to create dynamic secrets

5

(Optional) Modify SQL Statements

Username Template
string
default:"{{randomUsername}}"

Specifies a template for generating usernames. This field allows customization of how usernames are automatically created.

Allowed template variables are

  • {{randomUsername}}: Random username string
  • {{unixTimestamp}}: Current Unix timestamp
Creation Statement
string

Customize the SQL statement used to create new users. Default creates a user with basic schema permissions.

Revocation Statement
string

Customize the SQL statement used to revoke users. Default revokes a user.

6

(Optional) Configure Password Requirements

Password Length
number
default:"48"

Length of generated passwords (1-250 characters)

Character Requirements
object

Minimum required character counts:

  • Lowercase Count: Minimum lowercase letters (default: 1)
  • Uppercase Count: Minimum uppercase letters (default: 1)
  • Digit Count: Minimum digits (default: 1)
  • Symbol Count: Minimum symbols (default: 0)
Allowed Symbols
string
default:"-_.~!*"

Symbols allowed in generated passwords

7

Click 'Submit'

After submitting the form, you will see a dynamic secret created in the dashboard.

8

Generate dynamic secrets

Once you’ve successfully configured the dynamic secret, you’re ready to generate on-demand credentials. To do this, simply click on the ‘Generate’ button which appears when hovering over the dynamic secret item. Alternatively, you can initiate the creation of a new lease by selecting ‘New Lease’ from the dynamic secret lease list section.

When generating these secrets, it’s important to specify a Time-to-Live (TTL) duration. This will dictate how long the credentials are valid for.

Ensure that the TTL for the lease falls within the maximum TTL defined when configuring the dynamic secret.

Once you click the Submit button, a new secret lease will be generated and the credentials for it will be shown to you.

Audit or Revoke Leases

Once you have created one or more leases, you will be able to access them by clicking on the respective dynamic secret item on the dashboard. This will allow you to see the expiration time of the lease or delete the lease before its set time to live.

Renew Leases

To extend the life of the generated dynamic secret leases past its initial time to live, simply click on the Renew button as illustrated below.

Lease renewals cannot exceed the maximum TTL set when configuring the dynamic secret