Skip to main content
An Account contains the credentials (such as a username and password) used to connect to a Resource.

Relationship to Resources

Accounts belong to Resources. A single Resource can have multiple Accounts associated with it, each with different permission levels. For example, your database would normally have multiple accounts. You might have a superuser account for admins, a standard read/write account for applications, and a read-only account for reporting. In PAM, these are represented as:
  • Resource: production-database (PostgreSQL)
    • Account 1: postgres (Superuser)
    • Account 2: app-user (Read/Write)
    • Account 3: analytics (Read-only)
When a user accesses a PAM account, they access a specific Account on a Resource. Users navigate to a resource, then select an account within it to gain access.

Creating an Account

Prerequisite: You must have at least one Resource created before adding accounts.
To add an account, navigate to the Resources tab in your PAM project, click into the resource you want to add an account to, and then click Add Account. Add Account Button Provide the credentials (username, password, etc.) for this account. The required fields vary depending on the resource type. For example, for a Linux server, you would enter the username and the corresponding password or SSH key. Create Account Clicking Create Account will trigger a validation check. Infisical will attempt to connect to the resource using the provided credentials to verify they are valid.

Automated Credential Rotation

Infisical supports automated credential rotation for some accounts on select resources, allowing you to automatically change passwords at set intervals to enhance security. To learn more about how to configure this, please refer to the Credential Rotation guide.