Initial credentials after controller install

I have installed a controller and need to know how to determine or set the initial administrator account for the instance. The dev environment has a process that auto generates these but I cannot see these in the SQL DB I have. Thanks.

Did you run boundary database init?

I did and the controller is up and running. I have the database up and a single controller and worker. Looking into the database, there is only a global scope and nothing else. How do I logon to create any other scopes etc?

When you run db init it will give you admin credentials that can be used for cli and web.
The web interface is located at port 9200.

Ok. I checked again. When I created the boundary_db, I assigned my service account full control to the DB. The Postgres changed it to Temporary access and when I ran the init, it failed creating the pgcrypto extension. I re-did it all but this time went back into the DB and changed the security from Temporary to ALL and this time it configured the DB with the extension. I can now see the logon details. Would be good to cover the security required in Postgres somewhere as this has taken the longest time to figure out so far.

I guess you are not setting up a real production instance (since its not even v1.0 yet :slight_smile: ), so you could just run postgress locally in docker/podman and use its postgres account meanwhile figuring stuff out:

docker run --name pg-boundary -e POSTGRES_PASSWORD=blabla -d -p 5432:5432 -v /opt/docker/postgres/:/var/lib/postgresql/data postgres

Connect and create database:

psql -h localhost -U postgres -d postgres
create database boundary;

Then disable SSL in your boundary controller config:

database {
      url = "postgresql://postgres:blabla@localhost:5432/boundary?sslmode=disable"

It is true, but I am also looking at this from a high availability perspective and more complex deployments so typically these would be lesser used scenarios. I also dont know anything about Postgres :slightly_smiling_face: Thanks for your help.

Hey there and thank you for raising this! I saw this earlier today and started writing up this PR for our docs to help users configure a Boundary deployment that has no generated resources.

This PR is essentially the configuration around Boundary that you’ll find in our reference architecture but in narrative form, clearly broken down.

Hopefully between these two resources you should have enough to get started, but please reach out if you have any follow questions or comments!