Note: Please go to to access the current RightScale documentation set. Also, feel free to Chat with us!
Home > ServerTemplates > Archive > 11H1 > Tutorials > Deployment Setup - 11H1 > Create Credentials for Common Inputs

Create Credentials for Common Inputs


Create appropriate credentials so your application can access the database.  You will create and store the credentials for the database and DNSMadeEasy in this tutorial. 

Important!  Although this tutorial details creating database credentials, the process is exactly the same for creating RightScale Credentials for other purposes.  (For example, for accessing your DNS Made Easy account, or any application specific name/value pair of information that might contain sensitive data.  Others may use the RightScale Credential store simply to make configuring Inputs simpler later when building their Deployment.)

Table of Contents


When new servers are launched, the software running on those servers need credentials in order to access resources and perform tasks.   For example, an application server needs a password in order to access your database or backup scripts need the aws_secret_access_key in order to store the backup file in your S3 bucket.  Any type of sensitive information that need to be passed directly into a server should be stored as a Credential.  Credentials saved in the Dashboard are encrypted and can only be retrieved using the administrative password.

NOTE: These credentials are specific to running servers and are different from account credentials, which are used by RightScale to access Amazon Web Services on your behalf, such as launching new servers.


Create Database Credentials

First you'll create credentials for your database.  You need to make sure that the DB users that you create are not root.  Our scripts expect there to be "no password" for the root user.  If you set a password for the root user, it will break our scripts.


As a best practice, when you create a credential, you should use the name that matches the name of the input (in all caps).  This way, there will be no confusion when you need to select the appropriate credential when defining your inputs.



Go to Design > Credentials.

Click New Credential

Name the first credential DBADMIN_USER.  Add a value of admindb.

Click Save.


Now create several more credentials with the following names and values.

NOTE: The user/password values can be any value that you define.

 DBADMIN_USER  Your admin username
 DBADMIN_PASSWORD  Your admin user password
 DBAPPLICATION_USER  Your application username
 DBAPPLICATION_PASSWORD  Your application user password
 DBREPLICATION_USER*  Your replication username
 DBREPLICATION_PASSWORD*  Your replication user password

 * This tutorial assumes that you've already defined the replication user in your MySQL database.  However, if you are using a completely new MySQL database, you will need to set up the database replication user so that RightScale can automate data replication across the Master and Slave database servers.  See Creating a User for Replication for more information.

Create DNS Provider Credentials

Next you'll create the login credentials to update your DNS A Records with your chosen DNS Provider.  (e.g. DNS Made Easy, DynDNS, Route 53)

Create the following credentials:

 DNS_USER  my_user
 DNS_PASSWORD  my_passwd


Your credentials should now include the following:


Congratulations!  You've just added credentials to access your database.  When you create a Deployment that uses credentials in the credential store, you'll be amazed at how easy it is!  Basically, you select them from a series of drop-downs.  As long as you name them descriptively, the task becomes both easy and intuitive.   (Note:  We left ours blank above due to width-formatting issues, but you should fill out your descriptions.)

You must to post a comment.
Last modified
21:04, 16 May 2013



This page has no classifications.



© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.