Configuring security
To manage access to AIDA, you can optionally use Keycloak.
Before you begin
In Keycloak, each application has its own Realm with different users and authorization settings. AIDA authorization settings are stored in a Realm named AIDA.
- userid: aidaadmin, password: admin, role: aida-admin.
With this role, a user can directly login to AIDA UI, from where, besides analyzing anomalies and alerts, he can work with all KPIs, manage special days, customize prediction tuning parameters, retrain KPIs prediction, pause alerts. This user is tipically an AIDA Administrator.
- userid: admin, password: admin, role: keycloak-admin.
With this role, a user can access Keycloak administration console to define additional users, or change default passwords.
Defining users from Keycloak administration console
About this task
Use Keycloak administration console to define new users, new roles, or change user passwords.
- Access Keycloak administration console
https://<IP:PORT>/keycloak/auth/admin by using the following
credentials:
- userid=admin
- password=password
- If you want, you can change Keycloak default password:
- From Keycloak administration console, in the upper right corner, click Admin.
- Select Manage account -> password
- Under Clients -> nginx -> roles tab, click the Add role button.
- Provide the role name admin and click save.
- Under users, click the add user button.
- Provide a user name and click save.
- Under Credentials, provide a password for the user, turn the temporary field to off, click the Reset Password button and confirm.
- Under Role Mappings, in the Client Roles dropdown, select nginx. Some boxes appear on the right.
- Under Available Roles, select admin and click the Add Selected button. The admin role appears in the Assigned Roles box.
- On the left navigation bar, select the Realm Settings page and go to the Themes tab.
- In the Login Theme parameter, select the Keycloak theme, then click save.
For details about Keycloak, see Keycloak documentation.