This section covers security configuration and best practices for StackGres PostgreSQL clusters.
StackGres provides multiple layers of security:
| Layer | Feature | Default |
|---|---|---|
| Transport | SSL/TLS encryption | Enabled (auto-generated certificates) |
| Authentication | Password-based auth | Enabled (auto-generated passwords) |
| Authorization | PostgreSQL roles | Standard PostgreSQL RBAC |
| Network | Kubernetes Services | Internal cluster access |
| Secrets | Kubernetes Secrets | Credentials stored in Secrets |
| Backups | Encryption at rest | Available (optional) |
How to configure SSL/TLS encryption for PostgreSQL connections.
How to manage PostgreSQL credentials and secrets in StackGres.
Kubernetes RBAC configuration for StackGres operator and clusters.
Network policies and service exposure security for StackGres clusters.
How to configure OpenID Connect (OIDC) authentication for the StackGres Web Console.