SecretStore Setup

The Security SecretStore Setup microservice (previously Vault Worker) is responsible for doing the following: - Create tokens for each microservice to access Vault - Create random Redis password for each microservice to access Redis database


As of Edge Xpert 2.0, the service name was changed from Vault Worker to Security SecretStore Setup.

The username and password for each microservice is created by the Security SecretStore Setup microservice and stored in Vault at the following path: v1/secret/edgex/{service-key}/redisdb. Where {service-key} is defined in the configuration file of Security SecretStore Setup microservice.

If the EDGEXPERT_PASSWORD_FILE environment variable is set to true, the password for Security SecretStore Setup microservice will be written to /tmp/edgex/secrets/redis-password of local file system. (Username defaults to redis5)


If you want to access the database directly, you are recommended to retrieve the password from Vault. However, as the Security SecretStore Setup microservice does not create a token for use by external services, this cannot be done. For further information and a workaround, see Known Issues

Back to top