diff --git a/404.html b/404.html
index ddaa3e852..23b079fd9 100644
--- a/404.html
+++ b/404.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/assets/js/2c09ee5d.41b142bb.js b/assets/js/2c09ee5d.41b142bb.js
deleted file mode 100644
index 26b56d57f..000000000
--- a/assets/js/2c09ee5d.41b142bb.js
+++ /dev/null
@@ -1 +0,0 @@
-"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[4194,8401],{9365:(e,t,a)=>{a.d(t,{A:()=>s});var n=a(6540),r=a(53);const o={tabItem:"tabItem_Ymn6"};function s(e){let{children:t,hidden:a,className:s}=e;return n.createElement("div",{role:"tabpanel",className:(0,r.A)(o.tabItem,s),hidden:a},t)}},1470:(e,t,a)=>{a.d(t,{A:()=>k});var n=a(8168),r=a(6540),o=a(53),s=a(3104),l=a(6347),i=a(7485),c=a(1682),u=a(9466);function p(e){return function(e){return r.Children.map(e,(e=>{if(!e||(0,r.isValidElement)(e)&&function(e){const{props:t}=e;return!!t&&"object"==typeof t&&"value"in t}(e))return e;throw new Error(`Docusaurus error: Bad <Tabs> child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the <Tabs> component should be <TabItem>, and every <TabItem> should have a unique "value" prop.`)}))?.filter(Boolean)??[]}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:r}}=e;return{value:t,label:a,attributes:n,default:r}}))}function d(e){const{values:t,children:a}=e;return(0,r.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,c.X)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in <Tabs>. Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function g(e){let{queryString:t=!1,groupId:a}=e;const n=(0,l.W6)(),o=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The <Tabs> component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i.aZ)(o),(0,r.useCallback)((e=>{if(!o)return;const t=new URLSearchParams(n.location.search);t.set(o,e),n.replace({...n.location,search:t.toString()})}),[o,n])]}function h(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,o=d(e),[s,l]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the <Tabs> component requires at least one <TabItem> children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The <Tabs> has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:o}))),[i,c]=g({queryString:a,groupId:n}),[p,h]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,o]=(0,u.Dv)(a);return[n,(0,r.useCallback)((e=>{a&&o.set(e)}),[a,o])]}({groupId:n}),y=(()=>{const e=i??p;return m({value:e,tabValues:o})?e:null})();(0,r.useLayoutEffect)((()=>{y&&l(y)}),[y]);return{selectedValue:s,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:o}))throw new Error(`Can't select invalid tab value=${e}`);l(e),c(e),h(e)}),[c,h,o]),tabValues:o}}var y=a(2303);const b={tabList:"tabList__CuJ",tabItem:"tabItem_LNqP"};function f(e){let{className:t,block:a,selectedValue:l,selectValue:i,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:p}=(0,s.a_)(),d=e=>{const t=e.currentTarget,a=u.indexOf(t),n=c[a].value;n!==l&&(p(t),i(n))},m=e=>{let t=null;switch(e.key){case"Enter":d(e);break;case"ArrowRight":{const a=u.indexOf(e.currentTarget)+1;t=u[a]??u[0];break}case"ArrowLeft":{const a=u.indexOf(e.currentTarget)-1;t=u[a]??u[u.length-1];break}}t?.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,o.A)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:s}=e;return r.createElement("li",(0,n.A)({role:"tab",tabIndex:l===t?0:-1,"aria-selected":l===t,key:t,ref:e=>u.push(e),onKeyDown:m,onClick:d},s,{className:(0,o.A)("tabs__item",b.tabItem,s?.className,{"tabs__item--active":l===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:n}=e;const o=(Array.isArray(a)?a:[a]).filter(Boolean);if(t){const e=o.find((e=>e.props.value===n));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},o.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=h(e);return r.createElement("div",{className:(0,o.A)("tabs-container",b.tabList)},r.createElement(f,(0,n.A)({},e,t)),r.createElement(v,(0,n.A)({},e,t)))}function k(e){const t=(0,y.A)();return r.createElement(w,(0,n.A)({key:String(t)},e))}},1202:(e,t,a)=>{a.d(t,{A:()=>I});var n=a(8168),r=a(6540),o=a(2303),s=a(53),l=a(6058),i=a(7559),c=a(4291);const u={codeBlockContainer:"codeBlockContainer_APcc"};function p(e){let{as:t,...a}=e;const o=(0,l.A)(),p=(0,c.M$)(o);return r.createElement(t,(0,n.A)({},a,{style:p,className:(0,s.A)(a.className,u.codeBlockContainer,i.G.common.codeBlock)}))}const d={codeBlockContent:"codeBlockContent_m3Ux",codeBlockTitle:"codeBlockTitle_P25_",codeBlock:"codeBlock_qGQc",codeBlockStandalone:"codeBlockStandalone_zC50",codeBlockLines:"codeBlockLines_p187",codeBlockLinesWithNumbering:"codeBlockLinesWithNumbering_OFgW",buttonGroup:"buttonGroup_6DOT"};function m(e){let{children:t,className:a}=e;return r.createElement(p,{as:"pre",tabIndex:0,className:(0,s.A)(d.codeBlockStandalone,"thin-scrollbar",a)},r.createElement("code",{className:d.codeBlockLines},t))}var g=a(6342),h=a(6591),y=a(8382);const b={codeLine:"codeLine_iPqp",codeLineNumber:"codeLineNumber_F4P7",codeLineContent:"codeLineContent_pOih"};var f=a(6025);function v(e){let{line:t,classNames:a,showLineNumbers:o,getLineProps:l,getTokenProps:i}=e;1===t.length&&"\n"===t[0].content&&(t[0].content="");const c=l({line:t,className:(0,s.A)(a,o&&b.codeLine)}),u=t.map(((e,t)=>r.createElement("span",(0,n.A)({key:t},i({token:e,key:t})))));return r.createElement("span",c,o?r.createElement(r.Fragment,null,r.createElement("span",{className:b.codeLineNumber}),r.createElement("span",{className:b.codeLineContent},u)):u,r.createElement("br",null))}var w=a(6861),k=a(1312),N=a(1473),C=a(4115);const E={copyButtonCopied:"copyButtonCopied__QnY",copyButtonIcons:"copyButtonIcons_FhaS",copyButtonIcon:"copyButtonIcon_phi_",copyButtonSuccessIcon:"copyButtonSuccessIcon_FfTR"};function S(e){let{code:t,className:a}=e;const[n,o]=(0,r.useState)(!1),l=(0,r.useRef)(void 0),i=(0,r.useCallback)((()=>{(0,w.A)(t),o(!0),l.current=window.setTimeout((()=>{o(!1)}),1e3)}),[t]);return(0,r.useEffect)((()=>()=>window.clearTimeout(l.current)),[]),r.createElement("button",{type:"button","aria-label":n?(0,k.T)({id:"theme.CodeBlock.copied",message:"Copied",description:"The copied button label on code blocks"}):(0,k.T)({id:"theme.CodeBlock.copyButtonAriaLabel",message:"Copy code to clipboard",description:"The ARIA label for copy code blocks button"}),title:(0,k.T)({id:"theme.CodeBlock.copy",message:"Copy",description:"The copy button label on code blocks"}),className:(0,s.A)("clean-btn",a,E.copyButton,n&&E.copyButtonCopied),onClick:i},r.createElement("span",{className:E.copyButtonIcons,"aria-hidden":"true"},r.createElement(N.A,{className:E.copyButtonIcon}),r.createElement(C.A,{className:E.copyButtonSuccessIcon})))}var T=a(5048);const L={wordWrapButtonIcon:"wordWrapButtonIcon_iowe",wordWrapButtonEnabled:"wordWrapButtonEnabled_gY8A"};function B(e){let{className:t,onClick:a,isEnabled:n}=e;const o=(0,k.T)({id:"theme.CodeBlock.wordWrapToggle",message:"Toggle word wrap",description:"The title attribute for toggle word wrapping button of code block lines"});return r.createElement("button",{type:"button",onClick:a,className:(0,s.A)("clean-btn",t,n&&L.wordWrapButtonEnabled),"aria-label":o,title:o},r.createElement(T.A,{className:L.wordWrapButtonIcon,"aria-hidden":"true"}))}function A(e){let{children:t,className:a="",metastring:o,title:i,showLineNumbers:u,language:m}=e;const{prism:{defaultLanguage:b,magicComments:w}}=(0,g.p)(),k=m??(0,c.Op)(a)??b,N=(0,l.A)(),C=(0,h.f)(),E=(0,c.wt)(o)||i,{lineClassNames:T,code:L}=(0,c.Li)(t,{metastring:o,language:k,magicComments:w}),A=(0,f.A)("/",{absolute:!0}).slice(0,-1),I=L.replaceAll("${ABSOLUTE_URL}",A),z=u??(0,c._u)(o);return r.createElement(p,{as:"div",className:(0,s.A)(a,k&&!a.includes(`language-${k}`)&&`language-${k}`)},E&&r.createElement("div",{className:d.codeBlockTitle},E),r.createElement("div",{className:d.codeBlockContent},r.createElement(y.Ay,(0,n.A)({},y.Gs,{theme:N,code:I,language:k??"text"}),(e=>{let{className:t,tokens:a,getLineProps:n,getTokenProps:o}=e;return r.createElement("pre",{tabIndex:0,ref:C.codeBlockRef,className:(0,s.A)(t,d.codeBlock,"thin-scrollbar")},r.createElement("code",{className:(0,s.A)(d.codeBlockLines,z&&d.codeBlockLinesWithNumbering)},a.map(((e,t)=>r.createElement(v,{key:t,line:e,getLineProps:n,getTokenProps:o,classNames:T[t],showLineNumbers:z})))))})),r.createElement("div",{className:d.buttonGroup},(C.isEnabled||C.isCodeScrollable)&&r.createElement(B,{className:d.codeButton,onClick:()=>C.toggle(),isEnabled:C.isEnabled}),r.createElement(S,{className:d.codeButton,code:I}))))}function I(e){let{children:t,...a}=e;const s=(0,o.A)(),l=function(e){return r.Children.toArray(e).some((e=>(0,r.isValidElement)(e)))?e:Array.isArray(e)?e.join(""):e}(t),i="string"==typeof l?A:m;return r.createElement(i,(0,n.A)({key:String(s)},a),l)}},9411:(e,t,a)=>{a.r(t),a.d(t,{Terminal:()=>u,assets:()=>i,contentTitle:()=>s,default:()=>m,frontMatter:()=>o,metadata:()=>l,toc:()=>c});var n=a(8168),r=(a(6540),a(5680));a(1202),a(1470),a(9365);const o={sidebar_position:2,title:"Just-in-time PostgreSQL access",image:"/img/quick-tutorials/postgres/social.png"},s=void 0,l={unversionedId:"features/postgresql/tutorials/postgres",id:"features/postgresql/tutorials/postgres",title:"Just-in-time PostgreSQL access",description:"This tutorial will deploy an example cluster to highlight Otterize's PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:",source:"@site/docs/features/postgresql/tutorials/postgres.mdx",sourceDirName:"features/postgresql/tutorials",slug:"/features/postgresql/tutorials/postgres",permalink:"/features/postgresql/tutorials/postgres",draft:!1,editUrl:"https://github.com/otterize/docs/edit/main/docs/features/postgresql/tutorials/postgres.mdx",tags:[],version:"current",sidebarPosition:2,frontMatter:{sidebar_position:2,title:"Just-in-time PostgreSQL access",image:"/img/quick-tutorials/postgres/social.png"},sidebar:"docSidebar",previous:{title:"PostgreSQL | Overview",permalink:"/features/postgresql/"},next:{title:"PostgreSQL table-level access mapping",permalink:"/features/postgresql/tutorials/postgres-mapping"}},i={},c=[{value:"1. Minikube Cluster",id:"1-minikube-cluster",level:4},{value:"2. Deploy Otterize",id:"2-deploy-otterize",level:4},{value:"Deploy tutorial services and request database credentials",id:"deploy-tutorial-services-and-request-database-credentials",level:3},{value:"Deploy a PostgreSQLServerConfig to allow Otterize DB access",id:"deploy-a-postgresqlserverconfig-to-allow-otterize-db-access",level:3},{value:"View logs for the server",id:"view-logs-for-the-server",level:3},{value:"Define your ClientIntents",id:"define-your-clientintents",level:3},{value:"View logs for the server",id:"view-logs-for-the-server-1",level:3}],u=e=>{let{children:t}=e;return(0,r.yg)("div",{style:{backgroundColor:"#eee",borderRadius:"5px",fontSize:"12px",fontWeight:"600",color:"darkgreen",padding:"1rem",fontFamily:"monospace, monospace"}},t)},p={toc:c,Terminal:u},d="wrapper";function m(e){let{components:t,...a}=e;return(0,r.yg)(d,(0,n.A)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.yg)("h1",{id:"overview"},"Overview"),(0,r.yg)("p",null,"This tutorial will deploy an example cluster to highlight Otterize's PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:"),(0,r.yg)("ol",null,(0,r.yg)("li",{parentName:"ol"},"An ",(0,r.yg)("inlineCode",{parentName:"li"},"INSERT")," operation to append a table within the database"),(0,r.yg)("li",{parentName:"ol"},"A ",(0,r.yg)("inlineCode",{parentName:"li"},"SELECT")," operation to validate the updates.")),(0,r.yg)("p",null,"The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down."),(0,r.yg)("p",null,"In this tutorial, we will:"),(0,r.yg)("ul",null,(0,r.yg)("li",{parentName:"ul"},"Deploy an example cluster"),(0,r.yg)("li",{parentName:"ul"},"Deploy Otterize in our cluster and give it access to our database instance"),(0,r.yg)("li",{parentName:"ul"},"Declare a ClientIntents resource for the server, specifying required access"),(0,r.yg)("li",{parentName:"ul"},"See that the required access has been granted")),(0,r.yg)("h1",{id:"prerequisites"},"Prerequisites"),(0,r.yg)("h4",{id:"1-minikube-cluster"},"1. Minikube Cluster"),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Prepare a Kubernetes cluster with Minikube"),(0,r.yg)("p",null,"For this tutorial you'll need a local Kubernetes cluster. Having a cluster with a ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/"},"CNI")," that supports ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/network-policies/"},"NetworkPolicies")," isn't required for this tutorial, but is recommended so that your cluster works with other tutorials."),(0,r.yg)("p",null,"If you don't have the Minikube CLI, first ",(0,r.yg)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/docs/start/"},"install it"),"."),(0,r.yg)("p",null,"Then start your Minikube cluster with Calico, in order to enforce network policies."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"minikube start --cpus=4 --memory 4096 --disk-size 32g --cni=calico\n"))),(0,r.yg)("h4",{id:"2-deploy-otterize"},"2. Deploy Otterize"),(0,r.yg)("p",null,"To deploy Otterize, head over to ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com"},"Otterize Cloud")," and associate a Kubernetes cluster on the ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com/integrations"},"Integrations page"),", and follow the instructions. If you already have a Kubernetes cluster connected, skip this step."),(0,r.yg)("h1",{id:"tutorial"},"Tutorial"),(0,r.yg)("h3",{id:"deploy-tutorial-services-and-request-database-credentials"},"Deploy tutorial services and request database credentials"),(0,r.yg)("p",null,"This will set up the namespace we will use for our tutorial and deploy the client, server, and database."),(0,r.yg)("p",null,"Our server's Deployment spec will specify an annotation on the Pod, which requests that the Otterize operator will provision a username and password for the server."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n")),(0,r.yg)("p",null,"This specifies that the secret ",(0,r.yg)("inlineCode",{parentName:"p"},"server-creds")," will have keys with the username and password to connect to the database.\nThe secret will only be created by the Otterize operator after it is integrated with your database by applying a MySQLServerConfig resources."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-postgres\nkubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/client-server-database.yaml\n")),(0,r.yg)("h3",{id:"deploy-a-postgresqlserverconfig-to-allow-otterize-db-access"},"Deploy a PostgreSQLServerConfig to allow Otterize DB access"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: PostgreSQLServerConfig\nmetadata:\n  name: postgres-tutorial-db\nspec:\n  address: database.otterize-tutorial-postgres.svc.cluster.local:5432\n  credentials:\n    secretRef:\n      name: postgres-tutorial-db-credentials\n---\napiVersion: v1\ntype: Opaque\nkind: Secret\nmetadata:\n  name: postgres-tutorial-db-credentials\ndata:\n  username: '' # Your PostgreSQL server user\n  password: '' # Your PostgreSQL server password\n")),(0,r.yg)("p",null,"The above CRD tells Otterize how to access a database instance named ",(0,r.yg)("inlineCode",{parentName:"p"},"postgres-tutorial-db"),", meaning that when intents\nare applied requesting access permissions to ",(0,r.yg)("inlineCode",{parentName:"p"},"postgres-tutorial-db"),", the Otterize operator will be able to configure\nthem."),(0,r.yg)("p",null,"In this tutorial, the ",(0,r.yg)("inlineCode",{parentName:"p"},"database")," workload already comes with the predefined username & password, but for future uses a\nrole will have to be created in the database to grant Otterize access as well as the ability to configure other users."),(0,r.yg)("p",null,"Let's apply the above ",(0,r.yg)("inlineCode",{parentName:"p"},"PostgreSQLServerConfig")," so Otterize will know how to access our database instance."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},'kubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/postgresqlserverconfig.yaml\nPSQLUSER_B64=$(echo -n otterize-tutorial | base64)\nPSQLPASSWORD_B64=$(echo -n jeffdog523 | base64)\nkubectl patch secret -n otterize-tutorial-postgres postgres-tutorial-db-credentials --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/data/username\\", \\"value\\": \\"$PSQLUSER_B64\\"}, {\\"op\\": \\"replace\\", \\"path\\": \\"/data/password\\", \\"value\\": \\"$PSQLPASSWORD_B64\\"}]"\n')),(0,r.yg)("h3",{id:"view-logs-for-the-server"},"View logs for the server"),(0,r.yg)("p",null,"After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-postgres deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Unable to perform INSERT operation",(0,r.yg)("br",null),"Unable to perform SELECT operation"),(0,r.yg)("h3",{id:"define-your-clientintents"},"Define your ClientIntents"),(0,r.yg)("p",null,"ClientIntents are Otterize\u2019s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload the ability to insert and select records to allow it to access the database."),(0,r.yg)("p",null,"Below is our ",(0,r.yg)("inlineCode",{parentName:"p"},"intents.yaml")," file. As you can see, it is scoped to our database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize-tutorial")," and our ",(0,r.yg)("inlineCode",{parentName:"p"},"public.example")," table. We also have limited the access to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," operations. We could add more databases, tables, or operations if our service required more access."),(0,r.yg)("p",null,"Specifying the table and operations is optional. If you don't specify the table, access will be granted to all tables in the specified database. If you don't specify the operations, all operations will be allowed."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: ClientIntents\nmetadata:\n  name: client-intents-for-server\n  namespace: otterize-tutorial-postgres\nspec:\n  service:\n    name: server\n  calls:\n    - name: postgres-tutorial-db # Same name as our PostgreSQLServerConfig metadata.name\n      type: database\n      databaseResources:\n        - databaseName: otterize-tutorial\n          table: public.example\n          operations:\n            - SELECT\n            - INSERT\n")),(0,r.yg)("p",null,"We can now apply our intents. Behind the scenes, the Otterize operator created the user for our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload and executed ",(0,r.yg)("inlineCode",{parentName:"p"},"GRANT")," queries on the database, making our ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," errors disappear."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/clientintents.yaml\n")),(0,r.yg)("h3",{id:"view-logs-for-the-server-1"},"View logs for the server"),(0,r.yg)("p",null,"We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:"),(0,r.yg)(u,{mdxType:"Terminal"},"Successfully INSERTED into our table",(0,r.yg)("p",null,"Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z")),(0,r.yg)("p",null,"That\u2019s it! If your service\u2019s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the ",(0,r.yg)("inlineCode",{parentName:"p"},"operations")," to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," or ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT"),"."),(0,r.yg)("h1",{id:"teardown"},"Teardown"),(0,r.yg)("p",null,"To remove the deployed examples, run:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-postgres client-intents-for-server && \\\nkubectl delete namespace otterize-tutorial-postgres\n")))}m.isMDXComponent=!0}}]);
\ No newline at end of file
diff --git a/assets/js/2c09ee5d.cccc630c.js b/assets/js/2c09ee5d.cccc630c.js
new file mode 100644
index 000000000..e8e931edd
--- /dev/null
+++ b/assets/js/2c09ee5d.cccc630c.js
@@ -0,0 +1 @@
+"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[4194,8401],{9365:(e,t,a)=>{a.d(t,{A:()=>o});var n=a(6540),r=a(53);const s={tabItem:"tabItem_Ymn6"};function o(e){let{children:t,hidden:a,className:o}=e;return n.createElement("div",{role:"tabpanel",className:(0,r.A)(s.tabItem,o),hidden:a},t)}},1470:(e,t,a)=>{a.d(t,{A:()=>N});var n=a(8168),r=a(6540),s=a(53),o=a(3104),l=a(6347),i=a(7485),c=a(1682),u=a(9466);function p(e){return function(e){return r.Children.map(e,(e=>{if(!e||(0,r.isValidElement)(e)&&function(e){const{props:t}=e;return!!t&&"object"==typeof t&&"value"in t}(e))return e;throw new Error(`Docusaurus error: Bad <Tabs> child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the <Tabs> component should be <TabItem>, and every <TabItem> should have a unique "value" prop.`)}))?.filter(Boolean)??[]}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:r}}=e;return{value:t,label:a,attributes:n,default:r}}))}function d(e){const{values:t,children:a}=e;return(0,r.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,c.X)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in <Tabs>. Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function g(e){let{queryString:t=!1,groupId:a}=e;const n=(0,l.W6)(),s=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The <Tabs> component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i.aZ)(s),(0,r.useCallback)((e=>{if(!s)return;const t=new URLSearchParams(n.location.search);t.set(s,e),n.replace({...n.location,search:t.toString()})}),[s,n])]}function y(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,s=d(e),[o,l]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the <Tabs> component requires at least one <TabItem> children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The <Tabs> has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:s}))),[i,c]=g({queryString:a,groupId:n}),[p,y]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,s]=(0,u.Dv)(a);return[n,(0,r.useCallback)((e=>{a&&s.set(e)}),[a,s])]}({groupId:n}),h=(()=>{const e=i??p;return m({value:e,tabValues:s})?e:null})();(0,r.useLayoutEffect)((()=>{h&&l(h)}),[h]);return{selectedValue:o,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:s}))throw new Error(`Can't select invalid tab value=${e}`);l(e),c(e),y(e)}),[c,y,s]),tabValues:s}}var h=a(2303);const b={tabList:"tabList__CuJ",tabItem:"tabItem_LNqP"};function f(e){let{className:t,block:a,selectedValue:l,selectValue:i,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:p}=(0,o.a_)(),d=e=>{const t=e.currentTarget,a=u.indexOf(t),n=c[a].value;n!==l&&(p(t),i(n))},m=e=>{let t=null;switch(e.key){case"Enter":d(e);break;case"ArrowRight":{const a=u.indexOf(e.currentTarget)+1;t=u[a]??u[0];break}case"ArrowLeft":{const a=u.indexOf(e.currentTarget)-1;t=u[a]??u[u.length-1];break}}t?.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,s.A)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:o}=e;return r.createElement("li",(0,n.A)({role:"tab",tabIndex:l===t?0:-1,"aria-selected":l===t,key:t,ref:e=>u.push(e),onKeyDown:m,onClick:d},o,{className:(0,s.A)("tabs__item",b.tabItem,o?.className,{"tabs__item--active":l===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:n}=e;const s=(Array.isArray(a)?a:[a]).filter(Boolean);if(t){const e=s.find((e=>e.props.value===n));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},s.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function w(e){const t=y(e);return r.createElement("div",{className:(0,s.A)("tabs-container",b.tabList)},r.createElement(f,(0,n.A)({},e,t)),r.createElement(v,(0,n.A)({},e,t)))}function N(e){const t=(0,h.A)();return r.createElement(w,(0,n.A)({key:String(t)},e))}},1202:(e,t,a)=>{a.d(t,{A:()=>I});var n=a(8168),r=a(6540),s=a(2303),o=a(53),l=a(6058),i=a(7559),c=a(4291);const u={codeBlockContainer:"codeBlockContainer_APcc"};function p(e){let{as:t,...a}=e;const s=(0,l.A)(),p=(0,c.M$)(s);return r.createElement(t,(0,n.A)({},a,{style:p,className:(0,o.A)(a.className,u.codeBlockContainer,i.G.common.codeBlock)}))}const d={codeBlockContent:"codeBlockContent_m3Ux",codeBlockTitle:"codeBlockTitle_P25_",codeBlock:"codeBlock_qGQc",codeBlockStandalone:"codeBlockStandalone_zC50",codeBlockLines:"codeBlockLines_p187",codeBlockLinesWithNumbering:"codeBlockLinesWithNumbering_OFgW",buttonGroup:"buttonGroup_6DOT"};function m(e){let{children:t,className:a}=e;return r.createElement(p,{as:"pre",tabIndex:0,className:(0,o.A)(d.codeBlockStandalone,"thin-scrollbar",a)},r.createElement("code",{className:d.codeBlockLines},t))}var g=a(6342),y=a(6591),h=a(8382);const b={codeLine:"codeLine_iPqp",codeLineNumber:"codeLineNumber_F4P7",codeLineContent:"codeLineContent_pOih"};var f=a(6025);function v(e){let{line:t,classNames:a,showLineNumbers:s,getLineProps:l,getTokenProps:i}=e;1===t.length&&"\n"===t[0].content&&(t[0].content="");const c=l({line:t,className:(0,o.A)(a,s&&b.codeLine)}),u=t.map(((e,t)=>r.createElement("span",(0,n.A)({key:t},i({token:e,key:t})))));return r.createElement("span",c,s?r.createElement(r.Fragment,null,r.createElement("span",{className:b.codeLineNumber}),r.createElement("span",{className:b.codeLineContent},u)):u,r.createElement("br",null))}var w=a(6861),N=a(1312),k=a(1473),C=a(4115);const E={copyButtonCopied:"copyButtonCopied__QnY",copyButtonIcons:"copyButtonIcons_FhaS",copyButtonIcon:"copyButtonIcon_phi_",copyButtonSuccessIcon:"copyButtonSuccessIcon_FfTR"};function S(e){let{code:t,className:a}=e;const[n,s]=(0,r.useState)(!1),l=(0,r.useRef)(void 0),i=(0,r.useCallback)((()=>{(0,w.A)(t),s(!0),l.current=window.setTimeout((()=>{s(!1)}),1e3)}),[t]);return(0,r.useEffect)((()=>()=>window.clearTimeout(l.current)),[]),r.createElement("button",{type:"button","aria-label":n?(0,N.T)({id:"theme.CodeBlock.copied",message:"Copied",description:"The copied button label on code blocks"}):(0,N.T)({id:"theme.CodeBlock.copyButtonAriaLabel",message:"Copy code to clipboard",description:"The ARIA label for copy code blocks button"}),title:(0,N.T)({id:"theme.CodeBlock.copy",message:"Copy",description:"The copy button label on code blocks"}),className:(0,o.A)("clean-btn",a,E.copyButton,n&&E.copyButtonCopied),onClick:i},r.createElement("span",{className:E.copyButtonIcons,"aria-hidden":"true"},r.createElement(k.A,{className:E.copyButtonIcon}),r.createElement(C.A,{className:E.copyButtonSuccessIcon})))}var T=a(5048);const L={wordWrapButtonIcon:"wordWrapButtonIcon_iowe",wordWrapButtonEnabled:"wordWrapButtonEnabled_gY8A"};function A(e){let{className:t,onClick:a,isEnabled:n}=e;const s=(0,N.T)({id:"theme.CodeBlock.wordWrapToggle",message:"Toggle word wrap",description:"The title attribute for toggle word wrapping button of code block lines"});return r.createElement("button",{type:"button",onClick:a,className:(0,o.A)("clean-btn",t,n&&L.wordWrapButtonEnabled),"aria-label":s,title:s},r.createElement(T.A,{className:L.wordWrapButtonIcon,"aria-hidden":"true"}))}function B(e){let{children:t,className:a="",metastring:s,title:i,showLineNumbers:u,language:m}=e;const{prism:{defaultLanguage:b,magicComments:w}}=(0,g.p)(),N=m??(0,c.Op)(a)??b,k=(0,l.A)(),C=(0,y.f)(),E=(0,c.wt)(s)||i,{lineClassNames:T,code:L}=(0,c.Li)(t,{metastring:s,language:N,magicComments:w}),B=(0,f.A)("/",{absolute:!0}).slice(0,-1),I=L.replaceAll("${ABSOLUTE_URL}",B),z=u??(0,c._u)(s);return r.createElement(p,{as:"div",className:(0,o.A)(a,N&&!a.includes(`language-${N}`)&&`language-${N}`)},E&&r.createElement("div",{className:d.codeBlockTitle},E),r.createElement("div",{className:d.codeBlockContent},r.createElement(h.Ay,(0,n.A)({},h.Gs,{theme:k,code:I,language:N??"text"}),(e=>{let{className:t,tokens:a,getLineProps:n,getTokenProps:s}=e;return r.createElement("pre",{tabIndex:0,ref:C.codeBlockRef,className:(0,o.A)(t,d.codeBlock,"thin-scrollbar")},r.createElement("code",{className:(0,o.A)(d.codeBlockLines,z&&d.codeBlockLinesWithNumbering)},a.map(((e,t)=>r.createElement(v,{key:t,line:e,getLineProps:n,getTokenProps:s,classNames:T[t],showLineNumbers:z})))))})),r.createElement("div",{className:d.buttonGroup},(C.isEnabled||C.isCodeScrollable)&&r.createElement(A,{className:d.codeButton,onClick:()=>C.toggle(),isEnabled:C.isEnabled}),r.createElement(S,{className:d.codeButton,code:I}))))}function I(e){let{children:t,...a}=e;const o=(0,s.A)(),l=function(e){return r.Children.toArray(e).some((e=>(0,r.isValidElement)(e)))?e:Array.isArray(e)?e.join(""):e}(t),i="string"==typeof l?B:m;return r.createElement(i,(0,n.A)({key:String(o)},a),l)}},9411:(e,t,a)=>{a.r(t),a.d(t,{Terminal:()=>u,assets:()=>i,contentTitle:()=>o,default:()=>m,frontMatter:()=>s,metadata:()=>l,toc:()=>c});var n=a(8168),r=(a(6540),a(5680));a(1202),a(1470),a(9365);const s={sidebar_position:2,title:"Just-in-time PostgreSQL access",image:"/img/quick-tutorials/postgres/social.png"},o=void 0,l={unversionedId:"features/postgresql/tutorials/postgres",id:"features/postgresql/tutorials/postgres",title:"Just-in-time PostgreSQL access",description:"This tutorial will deploy an example cluster to highlight Otterize's PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:",source:"@site/docs/features/postgresql/tutorials/postgres.mdx",sourceDirName:"features/postgresql/tutorials",slug:"/features/postgresql/tutorials/postgres",permalink:"/features/postgresql/tutorials/postgres",draft:!1,editUrl:"https://github.com/otterize/docs/edit/main/docs/features/postgresql/tutorials/postgres.mdx",tags:[],version:"current",sidebarPosition:2,frontMatter:{sidebar_position:2,title:"Just-in-time PostgreSQL access",image:"/img/quick-tutorials/postgres/social.png"},sidebar:"docSidebar",previous:{title:"PostgreSQL | Overview",permalink:"/features/postgresql/"},next:{title:"PostgreSQL table-level access mapping",permalink:"/features/postgresql/tutorials/postgres-mapping"}},i={},c=[{value:"1. Minikube Cluster",id:"1-minikube-cluster",level:4},{value:"2. Deploy Otterize",id:"2-deploy-otterize",level:4},{value:"Deploy tutorial services and request database credentials",id:"deploy-tutorial-services-and-request-database-credentials",level:3},{value:"View logs for the server",id:"view-logs-for-the-server",level:3},{value:"Deploy a PostgreSQLServerConfig to allow Otterize DB access",id:"deploy-a-postgresqlserverconfig-to-allow-otterize-db-access",level:3},{value:"Define your ClientIntents",id:"define-your-clientintents",level:3},{value:"View logs for the server",id:"view-logs-for-the-server-1",level:3}],u=e=>{let{children:t}=e;return(0,r.yg)("div",{style:{backgroundColor:"#eee",borderRadius:"5px",fontSize:"12px",fontWeight:"600",color:"darkgreen",padding:"1rem",fontFamily:"monospace, monospace"}},t)},p={toc:c,Terminal:u},d="wrapper";function m(e){let{components:t,...a}=e;return(0,r.yg)(d,(0,n.A)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.yg)("h1",{id:"overview"},"Overview"),(0,r.yg)("p",null,"This tutorial will deploy an example cluster to highlight Otterize's PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:"),(0,r.yg)("ol",null,(0,r.yg)("li",{parentName:"ol"},"An ",(0,r.yg)("inlineCode",{parentName:"li"},"INSERT")," operation to append a table within the database"),(0,r.yg)("li",{parentName:"ol"},"A ",(0,r.yg)("inlineCode",{parentName:"li"},"SELECT")," operation to validate the updates.")),(0,r.yg)("p",null,"The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down."),(0,r.yg)("p",null,"In this tutorial, we will:"),(0,r.yg)("ul",null,(0,r.yg)("li",{parentName:"ul"},"Deploy an example cluster"),(0,r.yg)("li",{parentName:"ul"},"Deploy Otterize in our cluster and give it access to our database instance"),(0,r.yg)("li",{parentName:"ul"},"Declare a ClientIntents resource for the server, specifying required access"),(0,r.yg)("li",{parentName:"ul"},"See that the required access has been granted")),(0,r.yg)("h1",{id:"prerequisites"},"Prerequisites"),(0,r.yg)("h4",{id:"1-minikube-cluster"},"1. Minikube Cluster"),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Prepare a Kubernetes cluster with Minikube"),(0,r.yg)("p",null,"For this tutorial you'll need a local Kubernetes cluster. Having a cluster with a ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/"},"CNI")," that supports ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/network-policies/"},"NetworkPolicies")," isn't required for this tutorial, but is recommended so that your cluster works with other tutorials."),(0,r.yg)("p",null,"If you don't have the Minikube CLI, first ",(0,r.yg)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/docs/start/"},"install it"),"."),(0,r.yg)("p",null,"Then start your Minikube cluster with Calico, in order to enforce network policies."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"minikube start --cpus=4 --memory 4096 --disk-size 32g --cni=calico\n"))),(0,r.yg)("h4",{id:"2-deploy-otterize"},"2. Deploy Otterize"),(0,r.yg)("p",null,"To deploy Otterize, head over to ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com"},"Otterize Cloud")," and associate a Kubernetes cluster on the ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com/integrations"},"Integrations page"),", and follow the instructions. If you already have a Kubernetes cluster connected, skip this step."),(0,r.yg)("h1",{id:"tutorial"},"Tutorial"),(0,r.yg)("h3",{id:"deploy-tutorial-services-and-request-database-credentials"},"Deploy tutorial services and request database credentials"),(0,r.yg)("p",null,"Next, set up the namespace used for our tutorial and deploy the client, server & database services in it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-postgres\nkubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/client-server-database.yaml\n")),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Expand to see the deployment YAML"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: server\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: server\n  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n      labels:\n        app: server\n    spec:\n      serviceAccountName: server\n      containers:\n        - name: server\n          imagePullPolicy: Always\n          image: 'otterize/postgres-tutorial-server'\n          ports:\n            - containerPort: 80\n          env:\n            - name: DB_SERVER_USER\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: username\n            - name: DB_SERVER_PASSWORD\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: password\n---\napiVersion: v1\nkind: Service\nmetadata:\n  name: server\nspec:\n  type: ClusterIP\n  selector:\n    app: server\n  ports:\n    - name: http\n      port: 80\n      targetPort: 80\n---\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: server\n---\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: client\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: client\n  template:\n    metadata:\n      labels:\n        app: client\n    spec:\n      containers:\n        - name: client\n          imagePullPolicy: Always\n          image: 'otterize/postgres-tutorial-client'\n          ports:\n            - containerPort: 80\n---\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: database\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: database\n  template:\n    metadata:\n      labels:\n        app: database\n    spec:\n      containers:\n        - name: database\n          imagePullPolicy: Always\n          image: 'otterize/postgres-tutorial-database'\n          ports:\n            - containerPort: 5432\n---\napiVersion: v1\nkind: Service\nmetadata:\n  name: database\nspec:\n  selector:\n    app: database\n  ports:\n    - protocol: TCP\n      port: 5432\n      targetPort: 5432\n"))),(0,r.yg)("p",null,"Our server's Deployment spec specifies an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n")),(0,r.yg)("p",null,"This specifies that the secret ",(0,r.yg)("inlineCode",{parentName:"p"},"server-creds")," will be populated with keys containing the username and password used by this pod to connect to the database.\nThe secret will only be created by the Otterize operator after it is integrated with your database by applying a ",(0,r.yg)("inlineCode",{parentName:"p"},"PostgreSQLServerConfig")," resources."),(0,r.yg)("h3",{id:"view-logs-for-the-server"},"View logs for the server"),(0,r.yg)("p",null,"After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-postgres deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Unable to perform INSERT operation",(0,r.yg)("br",null),"Unable to perform SELECT operation"),(0,r.yg)("h3",{id:"deploy-a-postgresqlserverconfig-to-allow-otterize-db-access"},"Deploy a PostgreSQLServerConfig to allow Otterize DB access"),(0,r.yg)("p",null,"Let's apply a ",(0,r.yg)("inlineCode",{parentName:"p"},"PostgreSQLServerConfig")," so Otterize will know how to access our database instance."),(0,r.yg)("p",null,"First, create a Kuberentes secret containing the database credentials:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic postgres-tutorial-db-credentials -n otterize-tutorial-postgres --from-literal=username='otterize-tutorial' --from-literal=password='jeffdog523'\n")),(0,r.yg)("p",null,"In this tutorial, the PostgreSQL database comes with the predefined username & password, but for future uses a\nrole will have to be created in the database to grant Otterize access as well as the ability to configure other users."),(0,r.yg)("p",null,"Next, apply the ",(0,r.yg)("inlineCode",{parentName:"p"},"PostgreSQLServerConfig")," to the cluster:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre"},"kubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/postgresqlserverconfig.yaml\n")),(0,r.yg)("p",null,"This ",(0,r.yg)("inlineCode",{parentName:"p"},"PostgreSQLServerConfig")," tells Otterize how to access a database instance named ",(0,r.yg)("inlineCode",{parentName:"p"},"postgres-tutorial-db"),", meaning that when intents\nare applied requesting access permissions to ",(0,r.yg)("inlineCode",{parentName:"p"},"postgres-tutorial-db"),", the Otterize operator will be able to configure\nthem:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: PostgreSQLServerConfig\nmetadata:\n  name: postgres-tutorial-db\nspec:\n  address: database.otterize-tutorial-postgres.svc.cluster.local:5432\n  credentials:\n    secretRef:\n      name: postgres-tutorial-db-credentials\n")),(0,r.yg)("h3",{id:"define-your-clientintents"},"Define your ClientIntents"),(0,r.yg)("p",null,"ClientIntents are Otterize\u2019s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload the ability to insert and select records to allow it to access the database."),(0,r.yg)("p",null,"Below is our ",(0,r.yg)("inlineCode",{parentName:"p"},"intents.yaml")," file. As you can see, it is scoped to our database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize-tutorial")," and our ",(0,r.yg)("inlineCode",{parentName:"p"},"public.example")," table. We also have limited the access to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," operations. We could add more databases, tables, or operations if our service required more access."),(0,r.yg)("p",null,"Specifying the table and operations is optional. If you don't specify the table, access will be granted to all tables in the specified database. If you don't specify the operations, all operations will be allowed."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: ClientIntents\nmetadata:\n  name: client-intents-for-server\n  namespace: otterize-tutorial-postgres\nspec:\n  service:\n    name: server\n  calls:\n    - name: postgres-tutorial-db # Same name as our PostgreSQLServerConfig metadata.name\n      type: database\n      databaseResources:\n        - databaseName: otterize-tutorial\n          table: public.example\n          operations:\n            - SELECT\n            - INSERT\n")),(0,r.yg)("p",null,"We can now apply our intents. Behind the scenes, the Otterize operator created the user for our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload and executed ",(0,r.yg)("inlineCode",{parentName:"p"},"GRANT")," queries on the database, making our ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," errors disappear."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl apply -n otterize-tutorial-postgres -f ${ABSOLUTE_URL}/code-examples/postgres/clientintents.yaml\n")),(0,r.yg)("h3",{id:"view-logs-for-the-server-1"},"View logs for the server"),(0,r.yg)("p",null,"We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-postgres deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Successfully INSERTED into our table",(0,r.yg)("p",null,"Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z")),(0,r.yg)("p",null,"That\u2019s it! If your service\u2019s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the ",(0,r.yg)("inlineCode",{parentName:"p"},"operations")," to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," or ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT"),"."),(0,r.yg)("h1",{id:"teardown"},"Teardown"),(0,r.yg)("p",null,"To remove the deployed examples, run:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-postgres client-intents-for-server && \\\nkubectl delete namespace otterize-tutorial-postgres\n")))}m.isMDXComponent=!0}}]);
\ No newline at end of file
diff --git a/assets/js/4a90ba61.508c2b88.js b/assets/js/4a90ba61.ef77e495.js
similarity index 58%
rename from assets/js/4a90ba61.508c2b88.js
rename to assets/js/4a90ba61.ef77e495.js
index b61472fd7..542924992 100644
--- a/assets/js/4a90ba61.508c2b88.js
+++ b/assets/js/4a90ba61.ef77e495.js
@@ -1 +1 @@
-"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[2653,8401],{9365:(e,t,a)=>{a.d(t,{A:()=>l});var n=a(6540),r=a(53);const s={tabItem:"tabItem_Ymn6"};function l(e){let{children:t,hidden:a,className:l}=e;return n.createElement("div",{role:"tabpanel",className:(0,r.A)(s.tabItem,l),hidden:a},t)}},1470:(e,t,a)=>{a.d(t,{A:()=>w});var n=a(8168),r=a(6540),s=a(53),l=a(3104),o=a(6347),i=a(7485),c=a(1682),u=a(9466);function p(e){return function(e){return r.Children.map(e,(e=>{if(!e||(0,r.isValidElement)(e)&&function(e){const{props:t}=e;return!!t&&"object"==typeof t&&"value"in t}(e))return e;throw new Error(`Docusaurus error: Bad <Tabs> child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the <Tabs> component should be <TabItem>, and every <TabItem> should have a unique "value" prop.`)}))?.filter(Boolean)??[]}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:r}}=e;return{value:t,label:a,attributes:n,default:r}}))}function d(e){const{values:t,children:a}=e;return(0,r.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,c.X)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in <Tabs>. Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function y(e){let{queryString:t=!1,groupId:a}=e;const n=(0,o.W6)(),s=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The <Tabs> component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i.aZ)(s),(0,r.useCallback)((e=>{if(!s)return;const t=new URLSearchParams(n.location.search);t.set(s,e),n.replace({...n.location,search:t.toString()})}),[s,n])]}function g(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,s=d(e),[l,o]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the <Tabs> component requires at least one <TabItem> children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The <Tabs> has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:s}))),[i,c]=y({queryString:a,groupId:n}),[p,g]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,s]=(0,u.Dv)(a);return[n,(0,r.useCallback)((e=>{a&&s.set(e)}),[a,s])]}({groupId:n}),h=(()=>{const e=i??p;return m({value:e,tabValues:s})?e:null})();(0,r.useLayoutEffect)((()=>{h&&o(h)}),[h]);return{selectedValue:l,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:s}))throw new Error(`Can't select invalid tab value=${e}`);o(e),c(e),g(e)}),[c,g,s]),tabValues:s}}var h=a(2303);const b={tabList:"tabList__CuJ",tabItem:"tabItem_LNqP"};function f(e){let{className:t,block:a,selectedValue:o,selectValue:i,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:p}=(0,l.a_)(),d=e=>{const t=e.currentTarget,a=u.indexOf(t),n=c[a].value;n!==o&&(p(t),i(n))},m=e=>{let t=null;switch(e.key){case"Enter":d(e);break;case"ArrowRight":{const a=u.indexOf(e.currentTarget)+1;t=u[a]??u[0];break}case"ArrowLeft":{const a=u.indexOf(e.currentTarget)-1;t=u[a]??u[u.length-1];break}}t?.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,s.A)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:l}=e;return r.createElement("li",(0,n.A)({role:"tab",tabIndex:o===t?0:-1,"aria-selected":o===t,key:t,ref:e=>u.push(e),onKeyDown:m,onClick:d},l,{className:(0,s.A)("tabs__item",b.tabItem,l?.className,{"tabs__item--active":o===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:n}=e;const s=(Array.isArray(a)?a:[a]).filter(Boolean);if(t){const e=s.find((e=>e.props.value===n));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},s.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function S(e){const t=g(e);return r.createElement("div",{className:(0,s.A)("tabs-container",b.tabList)},r.createElement(f,(0,n.A)({},e,t)),r.createElement(v,(0,n.A)({},e,t)))}function w(e){const t=(0,h.A)();return r.createElement(S,(0,n.A)({key:String(t)},e))}},1202:(e,t,a)=>{a.d(t,{A:()=>B});var n=a(8168),r=a(6540),s=a(2303),l=a(53),o=a(6058),i=a(7559),c=a(4291);const u={codeBlockContainer:"codeBlockContainer_APcc"};function p(e){let{as:t,...a}=e;const s=(0,o.A)(),p=(0,c.M$)(s);return r.createElement(t,(0,n.A)({},a,{style:p,className:(0,l.A)(a.className,u.codeBlockContainer,i.G.common.codeBlock)}))}const d={codeBlockContent:"codeBlockContent_m3Ux",codeBlockTitle:"codeBlockTitle_P25_",codeBlock:"codeBlock_qGQc",codeBlockStandalone:"codeBlockStandalone_zC50",codeBlockLines:"codeBlockLines_p187",codeBlockLinesWithNumbering:"codeBlockLinesWithNumbering_OFgW",buttonGroup:"buttonGroup_6DOT"};function m(e){let{children:t,className:a}=e;return r.createElement(p,{as:"pre",tabIndex:0,className:(0,l.A)(d.codeBlockStandalone,"thin-scrollbar",a)},r.createElement("code",{className:d.codeBlockLines},t))}var y=a(6342),g=a(6591),h=a(8382);const b={codeLine:"codeLine_iPqp",codeLineNumber:"codeLineNumber_F4P7",codeLineContent:"codeLineContent_pOih"};var f=a(6025);function v(e){let{line:t,classNames:a,showLineNumbers:s,getLineProps:o,getTokenProps:i}=e;1===t.length&&"\n"===t[0].content&&(t[0].content="");const c=o({line:t,className:(0,l.A)(a,s&&b.codeLine)}),u=t.map(((e,t)=>r.createElement("span",(0,n.A)({key:t},i({token:e,key:t})))));return r.createElement("span",c,s?r.createElement(r.Fragment,null,r.createElement("span",{className:b.codeLineNumber}),r.createElement("span",{className:b.codeLineContent},u)):u,r.createElement("br",null))}var S=a(6861),w=a(1312),N=a(1473),k=a(4115);const L={copyButtonCopied:"copyButtonCopied__QnY",copyButtonIcons:"copyButtonIcons_FhaS",copyButtonIcon:"copyButtonIcon_phi_",copyButtonSuccessIcon:"copyButtonSuccessIcon_FfTR"};function E(e){let{code:t,className:a}=e;const[n,s]=(0,r.useState)(!1),o=(0,r.useRef)(void 0),i=(0,r.useCallback)((()=>{(0,S.A)(t),s(!0),o.current=window.setTimeout((()=>{s(!1)}),1e3)}),[t]);return(0,r.useEffect)((()=>()=>window.clearTimeout(o.current)),[]),r.createElement("button",{type:"button","aria-label":n?(0,w.T)({id:"theme.CodeBlock.copied",message:"Copied",description:"The copied button label on code blocks"}):(0,w.T)({id:"theme.CodeBlock.copyButtonAriaLabel",message:"Copy code to clipboard",description:"The ARIA label for copy code blocks button"}),title:(0,w.T)({id:"theme.CodeBlock.copy",message:"Copy",description:"The copy button label on code blocks"}),className:(0,l.A)("clean-btn",a,L.copyButton,n&&L.copyButtonCopied),onClick:i},r.createElement("span",{className:L.copyButtonIcons,"aria-hidden":"true"},r.createElement(N.A,{className:L.copyButtonIcon}),r.createElement(k.A,{className:L.copyButtonSuccessIcon})))}var C=a(5048);const T={wordWrapButtonIcon:"wordWrapButtonIcon_iowe",wordWrapButtonEnabled:"wordWrapButtonEnabled_gY8A"};function q(e){let{className:t,onClick:a,isEnabled:n}=e;const s=(0,w.T)({id:"theme.CodeBlock.wordWrapToggle",message:"Toggle word wrap",description:"The title attribute for toggle word wrapping button of code block lines"});return r.createElement("button",{type:"button",onClick:a,className:(0,l.A)("clean-btn",t,n&&T.wordWrapButtonEnabled),"aria-label":s,title:s},r.createElement(C.A,{className:T.wordWrapButtonIcon,"aria-hidden":"true"}))}function A(e){let{children:t,className:a="",metastring:s,title:i,showLineNumbers:u,language:m}=e;const{prism:{defaultLanguage:b,magicComments:S}}=(0,y.p)(),w=m??(0,c.Op)(a)??b,N=(0,o.A)(),k=(0,g.f)(),L=(0,c.wt)(s)||i,{lineClassNames:C,code:T}=(0,c.Li)(t,{metastring:s,language:w,magicComments:S}),A=(0,f.A)("/",{absolute:!0}).slice(0,-1),B=T.replaceAll("${ABSOLUTE_URL}",A),M=u??(0,c._u)(s);return r.createElement(p,{as:"div",className:(0,l.A)(a,w&&!a.includes(`language-${w}`)&&`language-${w}`)},L&&r.createElement("div",{className:d.codeBlockTitle},L),r.createElement("div",{className:d.codeBlockContent},r.createElement(h.Ay,(0,n.A)({},h.Gs,{theme:N,code:B,language:w??"text"}),(e=>{let{className:t,tokens:a,getLineProps:n,getTokenProps:s}=e;return r.createElement("pre",{tabIndex:0,ref:k.codeBlockRef,className:(0,l.A)(t,d.codeBlock,"thin-scrollbar")},r.createElement("code",{className:(0,l.A)(d.codeBlockLines,M&&d.codeBlockLinesWithNumbering)},a.map(((e,t)=>r.createElement(v,{key:t,line:e,getLineProps:n,getTokenProps:s,classNames:C[t],showLineNumbers:M})))))})),r.createElement("div",{className:d.buttonGroup},(k.isEnabled||k.isCodeScrollable)&&r.createElement(q,{className:d.codeButton,onClick:()=>k.toggle(),isEnabled:k.isEnabled}),r.createElement(E,{className:d.codeButton,code:B}))))}function B(e){let{children:t,...a}=e;const l=(0,s.A)(),o=function(e){return r.Children.toArray(e).some((e=>(0,r.isValidElement)(e)))?e:Array.isArray(e)?e.join(""):e}(t),i="string"==typeof o?A:m;return r.createElement(i,(0,n.A)({key:String(l)},a),o)}},3826:(e,t,a)=>{a.r(t),a.d(t,{Terminal:()=>u,assets:()=>i,contentTitle:()=>l,default:()=>m,frontMatter:()=>s,metadata:()=>o,toc:()=>c});var n=a(8168),r=(a(6540),a(5680));a(1202),a(1470),a(9365);const s={sidebar_position:2,title:"Just-in-time MySQL access",image:"/img/quick-tutorials/mysql/social.png"},l=void 0,o={unversionedId:"features/mysql/tutorials/mysql",id:"features/mysql/tutorials/mysql",title:"Just-in-time MySQL access",description:"This tutorial will deploy an example cluster to highlight Otterize's MySQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:",source:"@site/docs/features/mysql/tutorials/mysql.mdx",sourceDirName:"features/mysql/tutorials",slug:"/features/mysql/tutorials/mysql",permalink:"/features/mysql/tutorials/mysql",draft:!1,editUrl:"https://github.com/otterize/docs/edit/main/docs/features/mysql/tutorials/mysql.mdx",tags:[],version:"current",sidebarPosition:2,frontMatter:{sidebar_position:2,title:"Just-in-time MySQL access",image:"/img/quick-tutorials/mysql/social.png"},sidebar:"docSidebar",previous:{title:"MySQL | Overview",permalink:"/features/mysql/"},next:{title:"Reference",permalink:"/features/mysql/reference"}},i={},c=[{value:"1. Minikube Cluster",id:"1-minikube-cluster",level:4},{value:"2. Deploy Otterize",id:"2-deploy-otterize",level:4},{value:"3. Deploy a MySQL database instance",id:"3-deploy-a-mysql-database-instance",level:4},{value:"Setup MySQL database and table for the tutorial",id:"setup-mysql-database-and-table-for-the-tutorial",level:3},{value:"Deploy tutorial services and request database credentials",id:"deploy-tutorial-services-and-request-database-credentials",level:3},{value:"View logs for the server",id:"view-logs-for-the-server",level:3},{value:"Deploy a MySQLServerConfig to allow Otterize DB access",id:"deploy-a-mysqlserverconfig-to-allow-otterize-db-access",level:3},{value:"Define your ClientIntents",id:"define-your-clientintents",level:3},{value:"View logs for the server",id:"view-logs-for-the-server-1",level:3}],u=e=>{let{children:t}=e;return(0,r.yg)("div",{style:{backgroundColor:"#eee",borderRadius:"5px",fontSize:"12px",fontWeight:"600",color:"darkgreen",padding:"1rem",fontFamily:"monospace, monospace"}},t)},p={toc:c,Terminal:u},d="wrapper";function m(e){let{components:t,...a}=e;return(0,r.yg)(d,(0,n.A)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.yg)("h1",{id:"overview"},"Overview"),(0,r.yg)("p",null,"This tutorial will deploy an example cluster to highlight Otterize's MySQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:"),(0,r.yg)("ol",null,(0,r.yg)("li",{parentName:"ol"},"An ",(0,r.yg)("inlineCode",{parentName:"li"},"INSERT")," operation to append a table within the database"),(0,r.yg)("li",{parentName:"ol"},"A ",(0,r.yg)("inlineCode",{parentName:"li"},"SELECT")," operation to validate the updates.")),(0,r.yg)("p",null,"The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down."),(0,r.yg)("p",null,"In this tutorial, we will:"),(0,r.yg)("ul",null,(0,r.yg)("li",{parentName:"ul"},"Optionally, spin up a MySQL database instance on AWS, based on Amazon RDS for MySQL, or in your Kubernetes cluster, based on the official MySQL Docker image. Alternatively, you could use any MySQL server of your choice."),(0,r.yg)("li",{parentName:"ul"},"Deploy an example cluster"),(0,r.yg)("li",{parentName:"ul"},"Deploy Otterize in our cluster and give it access to our database instance"),(0,r.yg)("li",{parentName:"ul"},"Declare a ClientIntents resource for the server, specifying required access"),(0,r.yg)("li",{parentName:"ul"},"See that the required access has been granted")),(0,r.yg)("h1",{id:"prerequisites"},"Prerequisites"),(0,r.yg)("h4",{id:"1-minikube-cluster"},"1. Minikube Cluster"),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Prepare a Kubernetes cluster with Minikube"),(0,r.yg)("p",null,"For this tutorial you'll need a local Kubernetes cluster. Having a cluster with a ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/"},"CNI")," that supports ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/network-policies/"},"NetworkPolicies")," isn't required for this tutorial, but is recommended so that your cluster works with other tutorials."),(0,r.yg)("p",null,"If you don't have the Minikube CLI, first ",(0,r.yg)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/docs/start/"},"install it"),"."),(0,r.yg)("p",null,"Then start your Minikube cluster with Calico, in order to enforce network policies."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"minikube start --cpus=4 --memory 4096 --disk-size 32g --cni=calico\n"))),(0,r.yg)("h4",{id:"2-deploy-otterize"},"2. Deploy Otterize"),(0,r.yg)("p",null,"To deploy Otterize, head over to ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com"},"Otterize Cloud")," and associate a Kubernetes cluster on the ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com/integrations"},"Integrations page"),", and follow the instructions. If you already have a Kubernetes cluster connected, skip this step."),(0,r.yg)("h4",{id:"3-deploy-a-mysql-database-instance"},"3. Deploy a MySQL database instance"),(0,r.yg)("p",null,"Already have a MySQL database instance? ",(0,r.yg)("a",{parentName:"p",href:"#tutorial"},"Skip to the tutorial.")),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Deploy a MySQL database instance, based on Amazon RDS for MySQL"),(0,r.yg)("p",null,"Follow the ",(0,r.yg)("a",{parentName:"p",href:"https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.MySQL.html#CHAP_GettingStarted.Creating.MySQL"},"installation instructions on the AWS RDS documentation"),"."),(0,r.yg)("li",null,"You may use the Free tier template for this tutorial."),(0,r.yg)("li",null,'Under "Settings", choose "Auto generate password". Make sure you save the generated password after the instance is created.'),(0,r.yg)("li",null,'Under "Connectivity", enable public access to allow access from your Kubernetes cluster. Otterize will require that access to manage credentials for you. Additionally, make sure you choose a security group that allows inbound access from the internet.')),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Deploy a MySQL database instance, based on the official MySQL Docker image"),(0,r.yg)("p",null,"To deploy a local MySQL database instance, you can use the official MySQL Docker image. Run the following command to deploy a MySQL instance with the root password set to ",(0,r.yg)("inlineCode",{parentName:"p"},"password"),":"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-mysql\nkubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/database.yaml\n")),(0,r.yg)("p",null,"Use the following values as your MySQL host and password:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"export MYSQLHOST=mysql.otterize-tutorial-mysql.svc.cluster.local\nexport MYSQLUSER=root\nexport MYSQLPASSWORD=password\n"))),(0,r.yg)("h1",{id:"tutorial"},"Tutorial"),(0,r.yg)("h3",{id:"setup-mysql-database-and-table-for-the-tutorial"},"Setup MySQL database and table for the tutorial"),(0,r.yg)("p",null,"Throughout this tutorial, we will refer to your MySQL host & credentials via environment variables, so make sure to set them up:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"export MYSQLHOST=<YOURMYSQLHOST> # For RDS, this is the endpoint; for the official MySQL docker image, this is `mysql.otterize-tutorial-mysql.svc.cluster.local`\nexport MYSQLUSER=<YOURUSER> # For RDS, this is the username set during the RDS instance deployment, typically 'admin'; for the official MySQL docker image, this is `root`\nexport MYSQLPASSWORD=<YOURPASSWORD> # For RDS, this is the password set during the RDS instance deployment; for the official MySQL docker image, this is `password`\n")),(0,r.yg)("p",null,"Next, start a MySQL client to connect to your MySQL instance, and create a database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize_tutorial")," and a table named ",(0,r.yg)("inlineCode",{parentName:"p"},"example")," in your MySQL instance.\nOur tutorial server will use this database and table to perform ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," operations."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-mysql\nkubectl run -n otterize-tutorial-mysql -it --rm --image=mysql:latest --restart=Never mysql-client -- mysql -h $MYSQLHOST -u $MYSQLUSER -p$MYSQLPASSWORD \\\n -e 'CREATE DATABASE IF NOT EXISTS otterize_example;\n\nUSE otterize_example;\n\nCREATE TABLE IF NOT EXISTS example\n(\n    file_name   VARCHAR(255),\n    upload_time BIGINT\n);\n\nexit;\n'\n")),(0,r.yg)("h3",{id:"deploy-tutorial-services-and-request-database-credentials"},"Deploy tutorial services and request database credentials"),(0,r.yg)("p",null,"Next, set up the namespace used for our tutorial and deploy the client & server services in it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},'kubectl create namespace otterize-tutorial-mysql\nkubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/client-server.yaml\nkubectl patch deployment -n otterize-tutorial-mysql server --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/spec/template/spec/containers/0/env/0/value\\", \\"value\\": \\"$MYSQLHOST\\"}]"\n')),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Expand to see the deployment YAML"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: server\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: server\n  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n      labels:\n        app: server\n    spec:\n      serviceAccountName: server\n      containers:\n        - name: server\n          imagePullPolicy: Always\n          image: 'otterize/mysql-tutorial-server'\n          ports:\n            - containerPort: 80\n          env:\n            - name: DB_HOST\n              value: database\n            - name: DB_NAME\n              value: otterize_example\n            - name: DB_PORT\n              value: \"3306\"\n            - name: DB_SERVER_USER\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: username\n            - name: DB_SERVER_PASSWORD\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: password\n---\napiVersion: v1\nkind: Service\nmetadata:\n  name: server\nspec:\n  type: ClusterIP\n  selector:\n    app: server\n  ports:\n    - name: http\n      port: 80\n      targetPort: 80\n---\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: server\n---\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: client\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: client\n  template:\n    metadata:\n      labels:\n        app: client\n    spec:\n      containers:\n        - name: client\n          imagePullPolicy: Always\n          image: 'otterize/mysql-tutorial-client'\n          ports:\n            - containerPort: 80\n\n"))),(0,r.yg)("p",null,"Our server's Deployment spec specify an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n")),(0,r.yg)("p",null,"This specifies that the secret ",(0,r.yg)("inlineCode",{parentName:"p"},"server-creds")," will be populated with keys containing the username and password used by this pod to connect to the database.\nThe secret will only be created by the Otterize operator after it is integrated with your database by applying a MySQLServerConfig resources."),(0,r.yg)("h3",{id:"view-logs-for-the-server"},"View logs for the server"),(0,r.yg)("p",null,"After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-mysql deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Unable to perform INSERT operation",(0,r.yg)("br",null),"Unable to perform SELECT operation"),(0,r.yg)("h3",{id:"deploy-a-mysqlserverconfig-to-allow-otterize-db-access"},"Deploy a MySQLServerConfig to allow Otterize DB access"),(0,r.yg)("p",null,"Let's apply a ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," so Otterize will know how to access our database instance:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},'kubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/mysqlserverconfig.yaml\nkubectl patch mysqlserverconfig -n otterize-tutorial-mysql mysql-tutorial-db --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/spec/address\\", \\"value\\": \\"$MYSQLHOST\\"}]"\nMYSQLUSER_B64=$(echo -n $MYSQLUSER | base64)\nMYSQLPASSWORD_B64=$(echo -n $MYSQLPASSWORD | base64)\nkubectl patch secret -n otterize-tutorial-mysql mysql-tutorial-db-credentials --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/data/username\\", \\"value\\": \\"$MYSQLUSER_B64\\"}, {\\"op\\": \\"replace\\", \\"path\\": \\"/data/password\\", \\"value\\": \\"$MYSQLPASSWORD_B64\\"}]"\n')),(0,r.yg)("p",null,"This applies the following ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," to your cluster, and patches it with your DB instance address & credentials:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: MySQLServerConfig\nmetadata:\n  name: mysql-tutorial-db\nspec:\n  address: mysql.otterize-tutorial-mysql.svc.cluster.local:3306 # Your MySQL server address\n  credentials:\n    secretRef:\n      name: mysql-tutorial-db-credentials\n---\napiVersion: v1\ntype: Opaque\nkind: Secret\nmetadata:\n  name: mysql-tutorial-db-credentials\ndata:\n    username: '' # Your MySQL server user\n    password: '' # Your MySQL server password\n")),(0,r.yg)("p",null,"The above CRD tells Otterize how to access a database instance named ",(0,r.yg)("inlineCode",{parentName:"p"},"mysql-tutorial-db"),", meaning that when intents\nare applied requesting access permissions to ",(0,r.yg)("inlineCode",{parentName:"p"},"mysql-tutorial-db"),", the Otterize operator will be able to configure\nthem."),(0,r.yg)("p",null,"In this tutorial, we use the admin user to grant Otterize permissions to create users and grant them access to the database.\nIn a production environment, it is recommended to create a dedicated user for Otterize, and grant it the necessary permissions to create and manage other users."),(0,r.yg)("h3",{id:"define-your-clientintents"},"Define your ClientIntents"),(0,r.yg)("p",null,"ClientIntents are Otterize\u2019s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload the ability to insert and select records to allow it to access the database."),(0,r.yg)("p",null,"Below is our ",(0,r.yg)("inlineCode",{parentName:"p"},"intents.yaml")," file. As you can see, it is scoped to our database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize_tutorial")," and our ",(0,r.yg)("inlineCode",{parentName:"p"},"example")," table. We also have limited the access to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," operations. We could add more databases, tables, or operations if our service required more access."),(0,r.yg)("p",null,"Specifying the table and operations is optional. If you don't specify the table, access will be granted to all tables in the specified database. If you don't specify the operations, all operations will be allowed."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: ClientIntents\nmetadata:\n  name: client-intents-for-server\nspec:\n  service:\n    name: server\n  calls:\n    - name: mysql-tutorial-db\n      type: database\n      databaseResources:\n        - databaseName: otterize_example\n          table: example\n          operations:\n            - SELECT\n            - INSERT\n")),(0,r.yg)("p",null,"We can now apply our intents. Behind the scenes, the Otterize operator created the user for our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload and executed ",(0,r.yg)("inlineCode",{parentName:"p"},"GRANT")," queries on the database, making our ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," errors disappear."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/clientintents.yaml\n")),(0,r.yg)("h3",{id:"view-logs-for-the-server-1"},"View logs for the server"),(0,r.yg)("p",null,"We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-mysql deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Successfully INSERTED into our table",(0,r.yg)("p",null,"Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z")),(0,r.yg)("p",null,"That\u2019s it! If your service\u2019s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the ",(0,r.yg)("inlineCode",{parentName:"p"},"operations")," to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," or ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT"),"."),(0,r.yg)("h1",{id:"teardown"},"Teardown"),(0,r.yg)("p",null,"To remove the deployed examples, run:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-mysql client-intents-for-server\nkubectl delete namespace otterize-tutorial-mysql\n")))}m.isMDXComponent=!0}}]);
\ No newline at end of file
+"use strict";(self.webpackChunkdocs=self.webpackChunkdocs||[]).push([[2653,8401],{9365:(e,t,a)=>{a.d(t,{A:()=>o});var n=a(6540),r=a(53);const l={tabItem:"tabItem_Ymn6"};function o(e){let{children:t,hidden:a,className:o}=e;return n.createElement("div",{role:"tabpanel",className:(0,r.A)(l.tabItem,o),hidden:a},t)}},1470:(e,t,a)=>{a.d(t,{A:()=>N});var n=a(8168),r=a(6540),l=a(53),o=a(3104),s=a(6347),i=a(7485),c=a(1682),u=a(9466);function p(e){return function(e){return r.Children.map(e,(e=>{if(!e||(0,r.isValidElement)(e)&&function(e){const{props:t}=e;return!!t&&"object"==typeof t&&"value"in t}(e))return e;throw new Error(`Docusaurus error: Bad <Tabs> child <${"string"==typeof e.type?e.type:e.type.name}>: all children of the <Tabs> component should be <TabItem>, and every <TabItem> should have a unique "value" prop.`)}))?.filter(Boolean)??[]}(e).map((e=>{let{props:{value:t,label:a,attributes:n,default:r}}=e;return{value:t,label:a,attributes:n,default:r}}))}function d(e){const{values:t,children:a}=e;return(0,r.useMemo)((()=>{const e=t??p(a);return function(e){const t=(0,c.X)(e,((e,t)=>e.value===t.value));if(t.length>0)throw new Error(`Docusaurus error: Duplicate values "${t.map((e=>e.value)).join(", ")}" found in <Tabs>. Every value needs to be unique.`)}(e),e}),[t,a])}function m(e){let{value:t,tabValues:a}=e;return a.some((e=>e.value===t))}function y(e){let{queryString:t=!1,groupId:a}=e;const n=(0,s.W6)(),l=function(e){let{queryString:t=!1,groupId:a}=e;if("string"==typeof t)return t;if(!1===t)return null;if(!0===t&&!a)throw new Error('Docusaurus error: The <Tabs> component groupId prop is required if queryString=true, because this value is used as the search param name. You can also provide an explicit value such as queryString="my-search-param".');return a??null}({queryString:t,groupId:a});return[(0,i.aZ)(l),(0,r.useCallback)((e=>{if(!l)return;const t=new URLSearchParams(n.location.search);t.set(l,e),n.replace({...n.location,search:t.toString()})}),[l,n])]}function g(e){const{defaultValue:t,queryString:a=!1,groupId:n}=e,l=d(e),[o,s]=(0,r.useState)((()=>function(e){let{defaultValue:t,tabValues:a}=e;if(0===a.length)throw new Error("Docusaurus error: the <Tabs> component requires at least one <TabItem> children component");if(t){if(!m({value:t,tabValues:a}))throw new Error(`Docusaurus error: The <Tabs> has a defaultValue "${t}" but none of its children has the corresponding value. Available values are: ${a.map((e=>e.value)).join(", ")}. If you intend to show no default tab, use defaultValue={null} instead.`);return t}const n=a.find((e=>e.default))??a[0];if(!n)throw new Error("Unexpected error: 0 tabValues");return n.value}({defaultValue:t,tabValues:l}))),[i,c]=y({queryString:a,groupId:n}),[p,g]=function(e){let{groupId:t}=e;const a=function(e){return e?`docusaurus.tab.${e}`:null}(t),[n,l]=(0,u.Dv)(a);return[n,(0,r.useCallback)((e=>{a&&l.set(e)}),[a,l])]}({groupId:n}),h=(()=>{const e=i??p;return m({value:e,tabValues:l})?e:null})();(0,r.useLayoutEffect)((()=>{h&&s(h)}),[h]);return{selectedValue:o,selectValue:(0,r.useCallback)((e=>{if(!m({value:e,tabValues:l}))throw new Error(`Can't select invalid tab value=${e}`);s(e),c(e),g(e)}),[c,g,l]),tabValues:l}}var h=a(2303);const b={tabList:"tabList__CuJ",tabItem:"tabItem_LNqP"};function f(e){let{className:t,block:a,selectedValue:s,selectValue:i,tabValues:c}=e;const u=[],{blockElementScrollPositionUntilNextRender:p}=(0,o.a_)(),d=e=>{const t=e.currentTarget,a=u.indexOf(t),n=c[a].value;n!==s&&(p(t),i(n))},m=e=>{let t=null;switch(e.key){case"Enter":d(e);break;case"ArrowRight":{const a=u.indexOf(e.currentTarget)+1;t=u[a]??u[0];break}case"ArrowLeft":{const a=u.indexOf(e.currentTarget)-1;t=u[a]??u[u.length-1];break}}t?.focus()};return r.createElement("ul",{role:"tablist","aria-orientation":"horizontal",className:(0,l.A)("tabs",{"tabs--block":a},t)},c.map((e=>{let{value:t,label:a,attributes:o}=e;return r.createElement("li",(0,n.A)({role:"tab",tabIndex:s===t?0:-1,"aria-selected":s===t,key:t,ref:e=>u.push(e),onKeyDown:m,onClick:d},o,{className:(0,l.A)("tabs__item",b.tabItem,o?.className,{"tabs__item--active":s===t})}),a??t)})))}function v(e){let{lazy:t,children:a,selectedValue:n}=e;const l=(Array.isArray(a)?a:[a]).filter(Boolean);if(t){const e=l.find((e=>e.props.value===n));return e?(0,r.cloneElement)(e,{className:"margin-top--md"}):null}return r.createElement("div",{className:"margin-top--md"},l.map(((e,t)=>(0,r.cloneElement)(e,{key:t,hidden:e.props.value!==n}))))}function S(e){const t=g(e);return r.createElement("div",{className:(0,l.A)("tabs-container",b.tabList)},r.createElement(f,(0,n.A)({},e,t)),r.createElement(v,(0,n.A)({},e,t)))}function N(e){const t=(0,h.A)();return r.createElement(S,(0,n.A)({key:String(t)},e))}},1202:(e,t,a)=>{a.d(t,{A:()=>B});var n=a(8168),r=a(6540),l=a(2303),o=a(53),s=a(6058),i=a(7559),c=a(4291);const u={codeBlockContainer:"codeBlockContainer_APcc"};function p(e){let{as:t,...a}=e;const l=(0,s.A)(),p=(0,c.M$)(l);return r.createElement(t,(0,n.A)({},a,{style:p,className:(0,o.A)(a.className,u.codeBlockContainer,i.G.common.codeBlock)}))}const d={codeBlockContent:"codeBlockContent_m3Ux",codeBlockTitle:"codeBlockTitle_P25_",codeBlock:"codeBlock_qGQc",codeBlockStandalone:"codeBlockStandalone_zC50",codeBlockLines:"codeBlockLines_p187",codeBlockLinesWithNumbering:"codeBlockLinesWithNumbering_OFgW",buttonGroup:"buttonGroup_6DOT"};function m(e){let{children:t,className:a}=e;return r.createElement(p,{as:"pre",tabIndex:0,className:(0,o.A)(d.codeBlockStandalone,"thin-scrollbar",a)},r.createElement("code",{className:d.codeBlockLines},t))}var y=a(6342),g=a(6591),h=a(8382);const b={codeLine:"codeLine_iPqp",codeLineNumber:"codeLineNumber_F4P7",codeLineContent:"codeLineContent_pOih"};var f=a(6025);function v(e){let{line:t,classNames:a,showLineNumbers:l,getLineProps:s,getTokenProps:i}=e;1===t.length&&"\n"===t[0].content&&(t[0].content="");const c=s({line:t,className:(0,o.A)(a,l&&b.codeLine)}),u=t.map(((e,t)=>r.createElement("span",(0,n.A)({key:t},i({token:e,key:t})))));return r.createElement("span",c,l?r.createElement(r.Fragment,null,r.createElement("span",{className:b.codeLineNumber}),r.createElement("span",{className:b.codeLineContent},u)):u,r.createElement("br",null))}var S=a(6861),N=a(1312),w=a(1473),k=a(4115);const L={copyButtonCopied:"copyButtonCopied__QnY",copyButtonIcons:"copyButtonIcons_FhaS",copyButtonIcon:"copyButtonIcon_phi_",copyButtonSuccessIcon:"copyButtonSuccessIcon_FfTR"};function E(e){let{code:t,className:a}=e;const[n,l]=(0,r.useState)(!1),s=(0,r.useRef)(void 0),i=(0,r.useCallback)((()=>{(0,S.A)(t),l(!0),s.current=window.setTimeout((()=>{l(!1)}),1e3)}),[t]);return(0,r.useEffect)((()=>()=>window.clearTimeout(s.current)),[]),r.createElement("button",{type:"button","aria-label":n?(0,N.T)({id:"theme.CodeBlock.copied",message:"Copied",description:"The copied button label on code blocks"}):(0,N.T)({id:"theme.CodeBlock.copyButtonAriaLabel",message:"Copy code to clipboard",description:"The ARIA label for copy code blocks button"}),title:(0,N.T)({id:"theme.CodeBlock.copy",message:"Copy",description:"The copy button label on code blocks"}),className:(0,o.A)("clean-btn",a,L.copyButton,n&&L.copyButtonCopied),onClick:i},r.createElement("span",{className:L.copyButtonIcons,"aria-hidden":"true"},r.createElement(w.A,{className:L.copyButtonIcon}),r.createElement(k.A,{className:L.copyButtonSuccessIcon})))}var C=a(5048);const T={wordWrapButtonIcon:"wordWrapButtonIcon_iowe",wordWrapButtonEnabled:"wordWrapButtonEnabled_gY8A"};function q(e){let{className:t,onClick:a,isEnabled:n}=e;const l=(0,N.T)({id:"theme.CodeBlock.wordWrapToggle",message:"Toggle word wrap",description:"The title attribute for toggle word wrapping button of code block lines"});return r.createElement("button",{type:"button",onClick:a,className:(0,o.A)("clean-btn",t,n&&T.wordWrapButtonEnabled),"aria-label":l,title:l},r.createElement(C.A,{className:T.wordWrapButtonIcon,"aria-hidden":"true"}))}function A(e){let{children:t,className:a="",metastring:l,title:i,showLineNumbers:u,language:m}=e;const{prism:{defaultLanguage:b,magicComments:S}}=(0,y.p)(),N=m??(0,c.Op)(a)??b,w=(0,s.A)(),k=(0,g.f)(),L=(0,c.wt)(l)||i,{lineClassNames:C,code:T}=(0,c.Li)(t,{metastring:l,language:N,magicComments:S}),A=(0,f.A)("/",{absolute:!0}).slice(0,-1),B=T.replaceAll("${ABSOLUTE_URL}",A),z=u??(0,c._u)(l);return r.createElement(p,{as:"div",className:(0,o.A)(a,N&&!a.includes(`language-${N}`)&&`language-${N}`)},L&&r.createElement("div",{className:d.codeBlockTitle},L),r.createElement("div",{className:d.codeBlockContent},r.createElement(h.Ay,(0,n.A)({},h.Gs,{theme:w,code:B,language:N??"text"}),(e=>{let{className:t,tokens:a,getLineProps:n,getTokenProps:l}=e;return r.createElement("pre",{tabIndex:0,ref:k.codeBlockRef,className:(0,o.A)(t,d.codeBlock,"thin-scrollbar")},r.createElement("code",{className:(0,o.A)(d.codeBlockLines,z&&d.codeBlockLinesWithNumbering)},a.map(((e,t)=>r.createElement(v,{key:t,line:e,getLineProps:n,getTokenProps:l,classNames:C[t],showLineNumbers:z})))))})),r.createElement("div",{className:d.buttonGroup},(k.isEnabled||k.isCodeScrollable)&&r.createElement(q,{className:d.codeButton,onClick:()=>k.toggle(),isEnabled:k.isEnabled}),r.createElement(E,{className:d.codeButton,code:B}))))}function B(e){let{children:t,...a}=e;const o=(0,l.A)(),s=function(e){return r.Children.toArray(e).some((e=>(0,r.isValidElement)(e)))?e:Array.isArray(e)?e.join(""):e}(t),i="string"==typeof s?A:m;return r.createElement(i,(0,n.A)({key:String(o)},a),s)}},3826:(e,t,a)=>{a.r(t),a.d(t,{Terminal:()=>u,assets:()=>i,contentTitle:()=>o,default:()=>m,frontMatter:()=>l,metadata:()=>s,toc:()=>c});var n=a(8168),r=(a(6540),a(5680));a(1202),a(1470),a(9365);const l={sidebar_position:2,title:"Just-in-time MySQL access",image:"/img/quick-tutorials/mysql/social.png"},o=void 0,s={unversionedId:"features/mysql/tutorials/mysql",id:"features/mysql/tutorials/mysql",title:"Just-in-time MySQL access",description:"This tutorial will deploy an example cluster to highlight Otterize's MySQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:",source:"@site/docs/features/mysql/tutorials/mysql.mdx",sourceDirName:"features/mysql/tutorials",slug:"/features/mysql/tutorials/mysql",permalink:"/features/mysql/tutorials/mysql",draft:!1,editUrl:"https://github.com/otterize/docs/edit/main/docs/features/mysql/tutorials/mysql.mdx",tags:[],version:"current",sidebarPosition:2,frontMatter:{sidebar_position:2,title:"Just-in-time MySQL access",image:"/img/quick-tutorials/mysql/social.png"},sidebar:"docSidebar",previous:{title:"MySQL | Overview",permalink:"/features/mysql/"},next:{title:"Reference",permalink:"/features/mysql/reference"}},i={},c=[{value:"1. Minikube Cluster",id:"1-minikube-cluster",level:4},{value:"2. Deploy Otterize",id:"2-deploy-otterize",level:4},{value:"3. Deploy a MySQL database instance",id:"3-deploy-a-mysql-database-instance",level:4},{value:"Setup MySQL database and table for the tutorial",id:"setup-mysql-database-and-table-for-the-tutorial",level:3},{value:"Deploy tutorial services and request database credentials",id:"deploy-tutorial-services-and-request-database-credentials",level:3},{value:"View logs for the server",id:"view-logs-for-the-server",level:3},{value:"Deploy a MySQLServerConfig to allow Otterize DB access",id:"deploy-a-mysqlserverconfig-to-allow-otterize-db-access",level:3},{value:"Define your ClientIntents",id:"define-your-clientintents",level:3},{value:"View logs for the server",id:"view-logs-for-the-server-1",level:3}],u=e=>{let{children:t}=e;return(0,r.yg)("div",{style:{backgroundColor:"#eee",borderRadius:"5px",fontSize:"12px",fontWeight:"600",color:"darkgreen",padding:"1rem",fontFamily:"monospace, monospace"}},t)},p={toc:c,Terminal:u},d="wrapper";function m(e){let{components:t,...a}=e;return(0,r.yg)(d,(0,n.A)({},p,a,{components:t,mdxType:"MDXLayout"}),(0,r.yg)("h1",{id:"overview"},"Overview"),(0,r.yg)("p",null,"This tutorial will deploy an example cluster to highlight Otterize's MySQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:"),(0,r.yg)("ol",null,(0,r.yg)("li",{parentName:"ol"},"An ",(0,r.yg)("inlineCode",{parentName:"li"},"INSERT")," operation to append a table within the database"),(0,r.yg)("li",{parentName:"ol"},"A ",(0,r.yg)("inlineCode",{parentName:"li"},"SELECT")," operation to validate the updates.")),(0,r.yg)("p",null,"The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down."),(0,r.yg)("p",null,"In this tutorial, we will:"),(0,r.yg)("ul",null,(0,r.yg)("li",{parentName:"ul"},"Optionally, spin up a MySQL database instance on AWS, based on Amazon RDS for MySQL, or in your Kubernetes cluster, based on the official MySQL Docker image. Alternatively, you could use any MySQL server of your choice."),(0,r.yg)("li",{parentName:"ul"},"Deploy an example cluster"),(0,r.yg)("li",{parentName:"ul"},"Deploy Otterize in our cluster and give it access to our database instance"),(0,r.yg)("li",{parentName:"ul"},"Declare a ClientIntents resource for the server, specifying required access"),(0,r.yg)("li",{parentName:"ul"},"See that the required access has been granted")),(0,r.yg)("h1",{id:"prerequisites"},"Prerequisites"),(0,r.yg)("h4",{id:"1-minikube-cluster"},"1. Minikube Cluster"),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Prepare a Kubernetes cluster with Minikube"),(0,r.yg)("p",null,"For this tutorial you'll need a local Kubernetes cluster. Having a cluster with a ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/"},"CNI")," that supports ",(0,r.yg)("a",{parentName:"p",href:"https://kubernetes.io/docs/concepts/services-networking/network-policies/"},"NetworkPolicies")," isn't required for this tutorial, but is recommended so that your cluster works with other tutorials."),(0,r.yg)("p",null,"If you don't have the Minikube CLI, first ",(0,r.yg)("a",{parentName:"p",href:"https://minikube.sigs.k8s.io/docs/start/"},"install it"),"."),(0,r.yg)("p",null,"Then start your Minikube cluster with Calico, in order to enforce network policies."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"minikube start --cpus=4 --memory 4096 --disk-size 32g --cni=calico\n"))),(0,r.yg)("h4",{id:"2-deploy-otterize"},"2. Deploy Otterize"),(0,r.yg)("p",null,"To deploy Otterize, head over to ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com"},"Otterize Cloud")," and associate a Kubernetes cluster on the ",(0,r.yg)("a",{parentName:"p",href:"https://app.otterize.com/integrations"},"Integrations page"),", and follow the instructions. If you already have a Kubernetes cluster connected, skip this step."),(0,r.yg)("h4",{id:"3-deploy-a-mysql-database-instance"},"3. Deploy a MySQL database instance"),(0,r.yg)("p",null,"Already have a MySQL database instance? ",(0,r.yg)("a",{parentName:"p",href:"#tutorial"},"Skip to the tutorial.")),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Deploy a MySQL database instance, based on Amazon RDS for MySQL"),(0,r.yg)("p",null,"Follow the ",(0,r.yg)("a",{parentName:"p",href:"https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.MySQL.html#CHAP_GettingStarted.Creating.MySQL"},"installation instructions on the AWS RDS documentation"),"."),(0,r.yg)("li",null,"You may use the Free tier template for this tutorial."),(0,r.yg)("li",null,'Under "Settings", choose "Auto generate password". Make sure you save the generated password after the instance is created.'),(0,r.yg)("li",null,'Under "Connectivity", enable public access to allow access from your Kubernetes cluster. Otterize will require that access to manage credentials for you. Additionally, make sure you choose a security group that allows inbound access from the internet.')),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Deploy a MySQL database instance, based on the official MySQL Docker image"),(0,r.yg)("p",null,"To deploy a local MySQL database instance, you can use the official MySQL Docker image. Run the following command to deploy a MySQL instance with the root password set to ",(0,r.yg)("inlineCode",{parentName:"p"},"password"),":"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-mysql\nkubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/database.yaml\n")),(0,r.yg)("p",null,"Use the following values as your MySQL host and password:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"export MYSQLHOST=mysql.otterize-tutorial-mysql.svc.cluster.local\nexport MYSQLUSER=root\nexport MYSQLPASSWORD=password\n"))),(0,r.yg)("h1",{id:"tutorial"},"Tutorial"),(0,r.yg)("h3",{id:"setup-mysql-database-and-table-for-the-tutorial"},"Setup MySQL database and table for the tutorial"),(0,r.yg)("p",null,"Throughout this tutorial, we will refer to your MySQL host & credentials via environment variables, so make sure to set them up:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"export MYSQLHOST=<YOURMYSQLHOST> # For RDS, this is the endpoint; for the official MySQL docker image, this is `mysql.otterize-tutorial-mysql.svc.cluster.local`\nexport MYSQLUSER=<YOURUSER> # For RDS, this is the username set during the RDS instance deployment, typically 'admin'; for the official MySQL docker image, this is `root`\nexport MYSQLPASSWORD=<YOURPASSWORD> # For RDS, this is the password set during the RDS instance deployment; for the official MySQL docker image, this is `password`\n")),(0,r.yg)("p",null,"Next, start a MySQL client to connect to your MySQL instance, and create a database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize_tutorial")," and a table named ",(0,r.yg)("inlineCode",{parentName:"p"},"example")," in your MySQL instance.\nOur tutorial server will use this database and table to perform ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," operations."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create namespace otterize-tutorial-mysql\nkubectl run -n otterize-tutorial-mysql -it --rm --image=mysql:latest --restart=Never mysql-client -- mysql -h $MYSQLHOST -u $MYSQLUSER -p$MYSQLPASSWORD \\\n -e 'CREATE DATABASE IF NOT EXISTS otterize_example;\n\nUSE otterize_example;\n\nCREATE TABLE IF NOT EXISTS example\n(\n    file_name   VARCHAR(255),\n    upload_time BIGINT\n);\n\nexit;\n'\n")),(0,r.yg)("h3",{id:"deploy-tutorial-services-and-request-database-credentials"},"Deploy tutorial services and request database credentials"),(0,r.yg)("p",null,"Next, set up the namespace used for our tutorial and deploy the client & server services in it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},'kubectl create namespace otterize-tutorial-mysql\nkubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/client-server.yaml\nkubectl patch deployment -n otterize-tutorial-mysql server --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/spec/template/spec/containers/0/env/0/value\\", \\"value\\": \\"$MYSQLHOST\\"}]"\n')),(0,r.yg)("details",null,(0,r.yg)("summary",null,"Expand to see the deployment YAML"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: server\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: server\n  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n      labels:\n        app: server\n    spec:\n      serviceAccountName: server\n      containers:\n        - name: server\n          imagePullPolicy: Always\n          image: 'otterize/mysql-tutorial-server'\n          ports:\n            - containerPort: 80\n          env:\n            - name: DB_HOST\n              value: database\n            - name: DB_NAME\n              value: otterize_example\n            - name: DB_PORT\n              value: \"3306\"\n            - name: DB_SERVER_USER\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: username\n            - name: DB_SERVER_PASSWORD\n              valueFrom:\n                secretKeyRef:\n                  name: server-creds\n                  key: password\n---\napiVersion: v1\nkind: Service\nmetadata:\n  name: server\nspec:\n  type: ClusterIP\n  selector:\n    app: server\n  ports:\n    - name: http\n      port: 80\n      targetPort: 80\n---\napiVersion: v1\nkind: ServiceAccount\nmetadata:\n  name: server\n---\napiVersion: apps/v1\nkind: Deployment\nmetadata:\n  name: client\nspec:\n  replicas: 1\n  selector:\n    matchLabels:\n      app: client\n  template:\n    metadata:\n      labels:\n        app: client\n    spec:\n      containers:\n        - name: client\n          imagePullPolicy: Always\n          image: 'otterize/mysql-tutorial-client'\n          ports:\n            - containerPort: 80\n\n"))),(0,r.yg)("p",null,"Our server's Deployment spec specifies an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"  template:\n    metadata:\n      annotations:\n        credentials-operator.otterize.com/user-password-secret-name: server-creds\n")),(0,r.yg)("p",null,"This specifies that the secret ",(0,r.yg)("inlineCode",{parentName:"p"},"server-creds")," will be populated with keys containing the username and password used by this pod to connect to the database.\nThe secret will only be created by the Otterize operator after it is integrated with your database by applying a ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," resources."),(0,r.yg)("h3",{id:"view-logs-for-the-server"},"View logs for the server"),(0,r.yg)("p",null,"After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-mysql deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Unable to perform INSERT operation",(0,r.yg)("br",null),"Unable to perform SELECT operation"),(0,r.yg)("h3",{id:"deploy-a-mysqlserverconfig-to-allow-otterize-db-access"},"Deploy a MySQLServerConfig to allow Otterize DB access"),(0,r.yg)("p",null,"Let's apply a ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," so Otterize will know how to access our database instance."),(0,r.yg)("p",null,"First, create a Kuberentes secret containing the database credentials:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl create secret generic mysql-tutorial-db-credentials -n otterize-tutorial-mysql --from-literal=username=$MYSQLUSER --from-literal=password=$MYSQLPASSWORD\n")),(0,r.yg)("p",null,"Next, apply the ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," to the cluster, and patch it with your DB instance address:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre"},'kubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/mysqlserverconfig.yaml\nkubectl patch mysqlserverconfig -n otterize-tutorial-mysql mysql-tutorial-db --type=\'json\' -p="[{\\"op\\": \\"replace\\", \\"path\\": \\"/spec/address\\", \\"value\\": \\"$MYSQLHOST\\"}]"\n')),(0,r.yg)("p",null,"This ",(0,r.yg)("inlineCode",{parentName:"p"},"MySQLServerConfig")," tells Otterize how to access a database instance named ",(0,r.yg)("inlineCode",{parentName:"p"},"mysql-tutorial-db"),", meaning that when intents\nare applied requesting access permissions to ",(0,r.yg)("inlineCode",{parentName:"p"},"mysql-tutorial-db"),", the Otterize operator will be able to configure\nthem:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: MySQLServerConfig\nmetadata:\n  name: mysql-tutorial-db\nspec:\n  address: mysql.otterize-tutorial-mysql.svc.cluster.local:3306 # Your MySQL server address\n  credentials:\n    secretRef:\n      name: mysql-tutorial-db-credentials\n")),(0,r.yg)("p",null,"In this tutorial, we use the admin user to grant Otterize permissions to create users and grant them access to the database.\nIn a production environment, it is recommended to create a dedicated user for Otterize, and grant it the necessary permissions to create and manage other users."),(0,r.yg)("h3",{id:"define-your-clientintents"},"Define your ClientIntents"),(0,r.yg)("p",null,"ClientIntents are Otterize\u2019s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload the ability to insert and select records to allow it to access the database."),(0,r.yg)("p",null,"Below is our ",(0,r.yg)("inlineCode",{parentName:"p"},"intents.yaml")," file. As you can see, it is scoped to our database named ",(0,r.yg)("inlineCode",{parentName:"p"},"otterize_tutorial")," and our ",(0,r.yg)("inlineCode",{parentName:"p"},"example")," table. We also have limited the access to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," operations. We could add more databases, tables, or operations if our service required more access."),(0,r.yg)("p",null,"Specifying the table and operations is optional. If you don't specify the table, access will be granted to all tables in the specified database. If you don't specify the operations, all operations will be allowed."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-yaml"},"apiVersion: k8s.otterize.com/v1alpha3\nkind: ClientIntents\nmetadata:\n  name: client-intents-for-server\nspec:\n  service:\n    name: server\n  calls:\n    - name: mysql-tutorial-db\n      type: database\n      databaseResources:\n        - databaseName: otterize_example\n          table: example\n          operations:\n            - SELECT\n            - INSERT\n")),(0,r.yg)("p",null,"We can now apply our intents. Behind the scenes, the Otterize operator created the user for our ",(0,r.yg)("inlineCode",{parentName:"p"},"server")," workload and executed ",(0,r.yg)("inlineCode",{parentName:"p"},"GRANT")," queries on the database, making our ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," and ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT")," errors disappear."),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl apply -n otterize-tutorial-mysql -f ${ABSOLUTE_URL}/code-examples/mysql/clientintents.yaml\n")),(0,r.yg)("h3",{id:"view-logs-for-the-server-1"},"View logs for the server"),(0,r.yg)("p",null,"We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl logs -f -n otterize-tutorial-mysql deploy/server\n")),(0,r.yg)("p",null,"Example log:"),(0,r.yg)(u,{mdxType:"Terminal"},"Successfully INSERTED into our table",(0,r.yg)("p",null,"Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z")),(0,r.yg)("p",null,"That\u2019s it! If your service\u2019s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the ",(0,r.yg)("inlineCode",{parentName:"p"},"operations")," to just ",(0,r.yg)("inlineCode",{parentName:"p"},"SELECT")," or ",(0,r.yg)("inlineCode",{parentName:"p"},"INSERT"),"."),(0,r.yg)("h1",{id:"teardown"},"Teardown"),(0,r.yg)("p",null,"To remove the deployed examples, run:"),(0,r.yg)("pre",null,(0,r.yg)("code",{parentName:"pre",className:"language-shell"},"kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-mysql client-intents-for-server\nkubectl delete namespace otterize-tutorial-mysql\n")))}m.isMDXComponent=!0}}]);
\ No newline at end of file
diff --git a/assets/js/runtime~main.cbba4083.js b/assets/js/runtime~main.a1c4a5b4.js
similarity index 98%
rename from assets/js/runtime~main.cbba4083.js
rename to assets/js/runtime~main.a1c4a5b4.js
index cf7deef71..c371e2cb1 100644
--- a/assets/js/runtime~main.cbba4083.js
+++ b/assets/js/runtime~main.a1c4a5b4.js
@@ -1 +1 @@
-(()=>{"use strict";var e,a,f,b,c,d={},t={};function r(e){var a=t[e];if(void 0!==a)return a.exports;var f=t[e]={id:e,loaded:!1,exports:{}};return d[e].call(f.exports,f,f.exports,r),f.loaded=!0,f.exports}r.m=d,r.c=t,e=[],r.O=(a,f,b,c)=>{if(!f){var d=1/0;for(i=0;i<e.length;i++){f=e[i][0],b=e[i][1],c=e[i][2];for(var t=!0,o=0;o<f.length;o++)(!1&c||d>=c)&&Object.keys(r.O).every((e=>r.O[e](f[o])))?f.splice(o--,1):(t=!1,c<d&&(d=c));if(t){e.splice(i--,1);var n=b();void 0!==n&&(a=n)}}return a}c=c||0;for(var i=e.length;i>0&&e[i-1][2]>c;i--)e[i]=e[i-1];e[i]=[f,b,c]},r.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return r.d(a,{a:a}),a},f=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,b){if(1&b&&(e=this(e)),8&b)return e;if("object"==typeof e&&e){if(4&b&&e.__esModule)return e;if(16&b&&"function"==typeof e.then)return e}var c=Object.create(null);r.r(c);var d={};a=a||[null,f({}),f([]),f(f)];for(var t=2&b&&e;"object"==typeof t&&!~a.indexOf(t);t=f(t))Object.getOwnPropertyNames(t).forEach((a=>d[a]=()=>e[a]));return d.default=()=>e,r.d(c,d),c},r.d=(e,a)=>{for(var f in a)r.o(a,f)&&!r.o(e,f)&&Object.defineProperty(e,f,{enumerable:!0,get:a[f]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((a,f)=>(r.f[f](e,a),a)),[])),r.u=e=>"assets/js/"+({760:"13f991ea",765:"6f40fd2f",801:"bb52994a",805:"b6b04eda",918:"01027e3c",1040:"f1151ea7",1205:"698135b2",1295:"97c2207d",1386:"a43681c9",1538:"40ccd1ee",1601:"013a04c2",1625:"f7d1f224",1709:"e93b0177",1733:"fab3c742",1836:"87583c6c",1886:"9a9c42f7",1907:"a630a6fc",1952:"5e4199df",2138:"1a4e3797",2148:"13e8e5b0",2194:"3fbbf99b",2229:"8e233326",2242:"96faae56",2324:"93fb3e94",2343:"be46e07c",2368:"2894b329",2653:"4a90ba61",2703:"6bd33d99",2706:"7b307392",2934:"751ef2b5",3024:"fef0a614",3381:"f8b70272",4194:"2c09ee5d",4312:"89d24bb8",4496:"dcc76ebc",4713:"44e49d37",4911:"a28f5f9a",4940:"f26efbc5",5066:"dff029d6",5106:"fba06901",5290:"ed63a978",5305:"797a5a6f",5548:"247783bb",5582:"da523844",5864:"671fd195",5878:"6303d649",5894:"f1a90138",6326:"42fb6e35",6587:"2e135cc6",6589:"efaf9258",6633:"c6ec7a52",6964:"6ee27f91",7199:"51639cf9",7202:"fec8a912",7255:"64420156",7317:"4d029c8d",8102:"96b2b7a2",8263:"fb8f3a82",8397:"62ac5b94",8401:"17896441",8502:"d05b304a",8581:"935f2afb",8595:"a3ff3870",8626:"944eab8f",8639:"9a6944ab",8714:"1be78505",8750:"ceba1265",8968:"59b068d1",9060:"4388075d",9184:"3ba2fa8f",9441:"c38cf504",9514:"4291f23d",9581:"f89eda61",9715:"b1654ad1",9990:"2bd353df"}[e]||e)+"."+{416:"5a82d981",760:"ff662baa",765:"21d36fb9",801:"4d9cd4d8",805:"68a50ecd",918:"1299f9a1",1040:"b6365de7",1205:"080f42cf",1295:"329b7ba8",1386:"8469fc27",1427:"db807010",1538:"58779a6e",1601:"fc45ce5e",1625:"354ae921",1709:"7754b93d",1733:"edf0efef",1774:"9ea8a3a2",1836:"d4b5f4ad",1886:"75113969",1907:"8904fcd8",1952:"89e69ac5",2138:"b3d3408a",2148:"5fc4ed15",2194:"0285d213",2229:"d3d2c4f4",2242:"feb3beba",2324:"bc45af9d",2343:"274b90ff",2368:"dc2b31bc",2653:"508c2b88",2703:"40cc61c9",2706:"36b34522",2934:"ed338caa",3024:"d0c7bb15",3381:"b387f121",4194:"41b142bb",4312:"25e48f8c",4496:"ec21e679",4713:"1717d835",4911:"09d958b2",4940:"57e7591b",5066:"5b15b888",5106:"baef74eb",5290:"9b969f70",5305:"604c0287",5548:"54c9fe51",5582:"051940bd",5864:"31425a69",5878:"c96fb342",5894:"8b6c041c",6140:"25b4571d",6326:"cdd85e86",6587:"4dc5ca9a",6589:"60ccc42b",6633:"360a7e79",6964:"31f4b69d",7199:"b2d2a9e0",7202:"9c52c13d",7255:"45a8e519",7317:"078ac474",8102:"bce72d60",8263:"8f9da060",8397:"f6ec7d8a",8401:"57dfb6c6",8502:"cf0eda4b",8581:"09c75987",8595:"2d74a1ff",8626:"b2a2d847",8639:"9f62fd9a",8714:"de56d63e",8750:"aca67551",8913:"64e5ee35",8968:"11ea3e06",9060:"e23af36f",9184:"d2ac052b",9441:"0b454f35",9462:"a16127cd",9514:"5c71d58e",9581:"bc4eba67",9715:"116e133d",9990:"cdf9b5f7"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),b={},c="docs:",r.l=(e,a,f,d)=>{if(b[e])b[e].push(a);else{var t,o;if(void 0!==f)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==c+f){t=u;break}}t||(o=!0,(t=document.createElement("script")).charset="utf-8",t.timeout=120,r.nc&&t.setAttribute("nonce",r.nc),t.setAttribute("data-webpack",c+f),t.src=e),b[e]=[a];var l=(a,f)=>{t.onerror=t.onload=null,clearTimeout(s);var c=b[e];if(delete b[e],t.parentNode&&t.parentNode.removeChild(t),c&&c.forEach((e=>e(f))),a)return a(f)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=l.bind(null,t.onerror),t.onload=l.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={17896441:"8401",64420156:"7255","13f991ea":"760","6f40fd2f":"765",bb52994a:"801",b6b04eda:"805","01027e3c":"918",f1151ea7:"1040","698135b2":"1205","97c2207d":"1295",a43681c9:"1386","40ccd1ee":"1538","013a04c2":"1601",f7d1f224:"1625",e93b0177:"1709",fab3c742:"1733","87583c6c":"1836","9a9c42f7":"1886",a630a6fc:"1907","5e4199df":"1952","1a4e3797":"2138","13e8e5b0":"2148","3fbbf99b":"2194","8e233326":"2229","96faae56":"2242","93fb3e94":"2324",be46e07c:"2343","2894b329":"2368","4a90ba61":"2653","6bd33d99":"2703","7b307392":"2706","751ef2b5":"2934",fef0a614:"3024",f8b70272:"3381","2c09ee5d":"4194","89d24bb8":"4312",dcc76ebc:"4496","44e49d37":"4713",a28f5f9a:"4911",f26efbc5:"4940",dff029d6:"5066",fba06901:"5106",ed63a978:"5290","797a5a6f":"5305","247783bb":"5548",da523844:"5582","671fd195":"5864","6303d649":"5878",f1a90138:"5894","42fb6e35":"6326","2e135cc6":"6587",efaf9258:"6589",c6ec7a52:"6633","6ee27f91":"6964","51639cf9":"7199",fec8a912:"7202","4d029c8d":"7317","96b2b7a2":"8102",fb8f3a82:"8263","62ac5b94":"8397",d05b304a:"8502","935f2afb":"8581",a3ff3870:"8595","944eab8f":"8626","9a6944ab":"8639","1be78505":"8714",ceba1265:"8750","59b068d1":"8968","4388075d":"9060","3ba2fa8f":"9184",c38cf504:"9441","4291f23d":"9514",f89eda61:"9581",b1654ad1:"9715","2bd353df":"9990"}[e]||e,r.p+r.u(e)},(()=>{var e={5354:0,1869:0};r.f.j=(a,f)=>{var b=r.o(e,a)?e[a]:void 0;if(0!==b)if(b)f.push(b[2]);else if(/^(1869|5354)$/.test(a))e[a]=0;else{var c=new Promise(((f,c)=>b=e[a]=[f,c]));f.push(b[2]=c);var d=r.p+r.u(a),t=new Error;r.l(d,(f=>{if(r.o(e,a)&&(0!==(b=e[a])&&(e[a]=void 0),b)){var c=f&&("load"===f.type?"missing":f.type),d=f&&f.target&&f.target.src;t.message="Loading chunk "+a+" failed.\n("+c+": "+d+")",t.name="ChunkLoadError",t.type=c,t.request=d,b[1](t)}}),"chunk-"+a,a)}},r.O.j=a=>0===e[a];var a=(a,f)=>{var b,c,d=f[0],t=f[1],o=f[2],n=0;if(d.some((a=>0!==e[a]))){for(b in t)r.o(t,b)&&(r.m[b]=t[b]);if(o)var i=o(r)}for(a&&a(f);n<d.length;n++)c=d[n],r.o(e,c)&&e[c]&&e[c][0](),e[c]=0;return r.O(i)},f=self.webpackChunkdocs=self.webpackChunkdocs||[];f.forEach(a.bind(null,0)),f.push=a.bind(null,f.push.bind(f))})()})();
\ No newline at end of file
+(()=>{"use strict";var e,a,f,b,c,d={},t={};function r(e){var a=t[e];if(void 0!==a)return a.exports;var f=t[e]={id:e,loaded:!1,exports:{}};return d[e].call(f.exports,f,f.exports,r),f.loaded=!0,f.exports}r.m=d,r.c=t,e=[],r.O=(a,f,b,c)=>{if(!f){var d=1/0;for(i=0;i<e.length;i++){f=e[i][0],b=e[i][1],c=e[i][2];for(var t=!0,o=0;o<f.length;o++)(!1&c||d>=c)&&Object.keys(r.O).every((e=>r.O[e](f[o])))?f.splice(o--,1):(t=!1,c<d&&(d=c));if(t){e.splice(i--,1);var n=b();void 0!==n&&(a=n)}}return a}c=c||0;for(var i=e.length;i>0&&e[i-1][2]>c;i--)e[i]=e[i-1];e[i]=[f,b,c]},r.n=e=>{var a=e&&e.__esModule?()=>e.default:()=>e;return r.d(a,{a:a}),a},f=Object.getPrototypeOf?e=>Object.getPrototypeOf(e):e=>e.__proto__,r.t=function(e,b){if(1&b&&(e=this(e)),8&b)return e;if("object"==typeof e&&e){if(4&b&&e.__esModule)return e;if(16&b&&"function"==typeof e.then)return e}var c=Object.create(null);r.r(c);var d={};a=a||[null,f({}),f([]),f(f)];for(var t=2&b&&e;"object"==typeof t&&!~a.indexOf(t);t=f(t))Object.getOwnPropertyNames(t).forEach((a=>d[a]=()=>e[a]));return d.default=()=>e,r.d(c,d),c},r.d=(e,a)=>{for(var f in a)r.o(a,f)&&!r.o(e,f)&&Object.defineProperty(e,f,{enumerable:!0,get:a[f]})},r.f={},r.e=e=>Promise.all(Object.keys(r.f).reduce(((a,f)=>(r.f[f](e,a),a)),[])),r.u=e=>"assets/js/"+({760:"13f991ea",765:"6f40fd2f",801:"bb52994a",805:"b6b04eda",918:"01027e3c",1040:"f1151ea7",1205:"698135b2",1295:"97c2207d",1386:"a43681c9",1538:"40ccd1ee",1601:"013a04c2",1625:"f7d1f224",1709:"e93b0177",1733:"fab3c742",1836:"87583c6c",1886:"9a9c42f7",1907:"a630a6fc",1952:"5e4199df",2138:"1a4e3797",2148:"13e8e5b0",2194:"3fbbf99b",2229:"8e233326",2242:"96faae56",2324:"93fb3e94",2343:"be46e07c",2368:"2894b329",2653:"4a90ba61",2703:"6bd33d99",2706:"7b307392",2934:"751ef2b5",3024:"fef0a614",3381:"f8b70272",4194:"2c09ee5d",4312:"89d24bb8",4496:"dcc76ebc",4713:"44e49d37",4911:"a28f5f9a",4940:"f26efbc5",5066:"dff029d6",5106:"fba06901",5290:"ed63a978",5305:"797a5a6f",5548:"247783bb",5582:"da523844",5864:"671fd195",5878:"6303d649",5894:"f1a90138",6326:"42fb6e35",6587:"2e135cc6",6589:"efaf9258",6633:"c6ec7a52",6964:"6ee27f91",7199:"51639cf9",7202:"fec8a912",7255:"64420156",7317:"4d029c8d",8102:"96b2b7a2",8263:"fb8f3a82",8397:"62ac5b94",8401:"17896441",8502:"d05b304a",8581:"935f2afb",8595:"a3ff3870",8626:"944eab8f",8639:"9a6944ab",8714:"1be78505",8750:"ceba1265",8968:"59b068d1",9060:"4388075d",9184:"3ba2fa8f",9441:"c38cf504",9514:"4291f23d",9581:"f89eda61",9715:"b1654ad1",9990:"2bd353df"}[e]||e)+"."+{416:"5a82d981",760:"ff662baa",765:"21d36fb9",801:"4d9cd4d8",805:"68a50ecd",918:"1299f9a1",1040:"b6365de7",1205:"080f42cf",1295:"329b7ba8",1386:"8469fc27",1427:"db807010",1538:"58779a6e",1601:"fc45ce5e",1625:"354ae921",1709:"7754b93d",1733:"edf0efef",1774:"9ea8a3a2",1836:"d4b5f4ad",1886:"75113969",1907:"8904fcd8",1952:"89e69ac5",2138:"b3d3408a",2148:"5fc4ed15",2194:"0285d213",2229:"d3d2c4f4",2242:"feb3beba",2324:"bc45af9d",2343:"274b90ff",2368:"dc2b31bc",2653:"ef77e495",2703:"40cc61c9",2706:"36b34522",2934:"ed338caa",3024:"d0c7bb15",3381:"b387f121",4194:"cccc630c",4312:"25e48f8c",4496:"ec21e679",4713:"1717d835",4911:"09d958b2",4940:"57e7591b",5066:"5b15b888",5106:"baef74eb",5290:"9b969f70",5305:"604c0287",5548:"54c9fe51",5582:"051940bd",5864:"31425a69",5878:"c96fb342",5894:"8b6c041c",6140:"25b4571d",6326:"cdd85e86",6587:"4dc5ca9a",6589:"60ccc42b",6633:"360a7e79",6964:"31f4b69d",7199:"b2d2a9e0",7202:"9c52c13d",7255:"45a8e519",7317:"078ac474",8102:"bce72d60",8263:"8f9da060",8397:"f6ec7d8a",8401:"57dfb6c6",8502:"cf0eda4b",8581:"09c75987",8595:"2d74a1ff",8626:"b2a2d847",8639:"9f62fd9a",8714:"de56d63e",8750:"aca67551",8913:"64e5ee35",8968:"11ea3e06",9060:"e23af36f",9184:"d2ac052b",9441:"0b454f35",9462:"a16127cd",9514:"5c71d58e",9581:"bc4eba67",9715:"116e133d",9990:"cdf9b5f7"}[e]+".js",r.miniCssF=e=>{},r.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),r.o=(e,a)=>Object.prototype.hasOwnProperty.call(e,a),b={},c="docs:",r.l=(e,a,f,d)=>{if(b[e])b[e].push(a);else{var t,o;if(void 0!==f)for(var n=document.getElementsByTagName("script"),i=0;i<n.length;i++){var u=n[i];if(u.getAttribute("src")==e||u.getAttribute("data-webpack")==c+f){t=u;break}}t||(o=!0,(t=document.createElement("script")).charset="utf-8",t.timeout=120,r.nc&&t.setAttribute("nonce",r.nc),t.setAttribute("data-webpack",c+f),t.src=e),b[e]=[a];var l=(a,f)=>{t.onerror=t.onload=null,clearTimeout(s);var c=b[e];if(delete b[e],t.parentNode&&t.parentNode.removeChild(t),c&&c.forEach((e=>e(f))),a)return a(f)},s=setTimeout(l.bind(null,void 0,{type:"timeout",target:t}),12e4);t.onerror=l.bind(null,t.onerror),t.onload=l.bind(null,t.onload),o&&document.head.appendChild(t)}},r.r=e=>{"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},r.p="/",r.gca=function(e){return e={17896441:"8401",64420156:"7255","13f991ea":"760","6f40fd2f":"765",bb52994a:"801",b6b04eda:"805","01027e3c":"918",f1151ea7:"1040","698135b2":"1205","97c2207d":"1295",a43681c9:"1386","40ccd1ee":"1538","013a04c2":"1601",f7d1f224:"1625",e93b0177:"1709",fab3c742:"1733","87583c6c":"1836","9a9c42f7":"1886",a630a6fc:"1907","5e4199df":"1952","1a4e3797":"2138","13e8e5b0":"2148","3fbbf99b":"2194","8e233326":"2229","96faae56":"2242","93fb3e94":"2324",be46e07c:"2343","2894b329":"2368","4a90ba61":"2653","6bd33d99":"2703","7b307392":"2706","751ef2b5":"2934",fef0a614:"3024",f8b70272:"3381","2c09ee5d":"4194","89d24bb8":"4312",dcc76ebc:"4496","44e49d37":"4713",a28f5f9a:"4911",f26efbc5:"4940",dff029d6:"5066",fba06901:"5106",ed63a978:"5290","797a5a6f":"5305","247783bb":"5548",da523844:"5582","671fd195":"5864","6303d649":"5878",f1a90138:"5894","42fb6e35":"6326","2e135cc6":"6587",efaf9258:"6589",c6ec7a52:"6633","6ee27f91":"6964","51639cf9":"7199",fec8a912:"7202","4d029c8d":"7317","96b2b7a2":"8102",fb8f3a82:"8263","62ac5b94":"8397",d05b304a:"8502","935f2afb":"8581",a3ff3870:"8595","944eab8f":"8626","9a6944ab":"8639","1be78505":"8714",ceba1265:"8750","59b068d1":"8968","4388075d":"9060","3ba2fa8f":"9184",c38cf504:"9441","4291f23d":"9514",f89eda61:"9581",b1654ad1:"9715","2bd353df":"9990"}[e]||e,r.p+r.u(e)},(()=>{var e={5354:0,1869:0};r.f.j=(a,f)=>{var b=r.o(e,a)?e[a]:void 0;if(0!==b)if(b)f.push(b[2]);else if(/^(1869|5354)$/.test(a))e[a]=0;else{var c=new Promise(((f,c)=>b=e[a]=[f,c]));f.push(b[2]=c);var d=r.p+r.u(a),t=new Error;r.l(d,(f=>{if(r.o(e,a)&&(0!==(b=e[a])&&(e[a]=void 0),b)){var c=f&&("load"===f.type?"missing":f.type),d=f&&f.target&&f.target.src;t.message="Loading chunk "+a+" failed.\n("+c+": "+d+")",t.name="ChunkLoadError",t.type=c,t.request=d,b[1](t)}}),"chunk-"+a,a)}},r.O.j=a=>0===e[a];var a=(a,f)=>{var b,c,d=f[0],t=f[1],o=f[2],n=0;if(d.some((a=>0!==e[a]))){for(b in t)r.o(t,b)&&(r.m[b]=t[b]);if(o)var i=o(r)}for(a&&a(f);n<d.length;n++)c=d[n],r.o(e,c)&&e[c]&&e[c][0](),e[c]=0;return r.O(i)},f=self.webpackChunkdocs=self.webpackChunkdocs||[];f.forEach(a.bind(null,0)),f.push=a.bind(null,f.push.bind(f))})()})();
\ No newline at end of file
diff --git a/code-examples/mysql/mysqlserverconfig.yaml b/code-examples/mysql/mysqlserverconfig.yaml
index 0c5c1f94c..b189006de 100644
--- a/code-examples/mysql/mysqlserverconfig.yaml
+++ b/code-examples/mysql/mysqlserverconfig.yaml
@@ -6,13 +6,4 @@ spec:
   address: mysql.otterize-tutorial-mysql.svc.cluster.local:3306 # Your MySQL server address
   credentials:
     secretRef:
-      name: mysql-tutorial-db-credentials
----
-apiVersion: v1
-type: Opaque
-kind: Secret
-metadata:
-  name: mysql-tutorial-db-credentials
-data:
-    username: '' # Your MySQL server user
-    password: '' # Your MySQL server password
\ No newline at end of file
+      name: mysql-tutorial-db-credentials
\ No newline at end of file
diff --git a/code-examples/postgres/postgresqlserverconfig.yaml b/code-examples/postgres/postgresqlserverconfig.yaml
index 59715ddb5..522182179 100644
--- a/code-examples/postgres/postgresqlserverconfig.yaml
+++ b/code-examples/postgres/postgresqlserverconfig.yaml
@@ -6,13 +6,4 @@ spec:
   address: database.otterize-tutorial-postgres.svc.cluster.local:5432
   credentials:
     secretRef:
-      name: postgres-tutorial-db-credentials
----
-apiVersion: v1
-type: Opaque
-kind: Secret
-metadata:
-  name: postgres-tutorial-db-credentials
-data:
-  username: '' # Your PostgreSQL server user
-  password: '' # Your PostgreSQL server password
\ No newline at end of file
+      name: postgres-tutorial-db-credentials
\ No newline at end of file
diff --git a/faq.html b/faq.html
index 4aa042d0e..aff39d2b9 100644
--- a/faq.html
+++ b/faq.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -197,7 +197,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features.html b/features.html
index a60cfb4f6..9a211e656 100644
--- a/features.html
+++ b/features.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/aws-iam.html b/features/aws-iam.html
index 79f381f88..47e747a75 100644
--- a/features/aws-iam.html
+++ b/features/aws-iam.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/aws-iam/reference.html b/features/aws-iam/reference.html
index 038730c99..0e35fca7d 100644
--- a/features/aws-iam/reference.html
+++ b/features/aws-iam/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/aws-iam/tutorials/aws-iam-eks.html b/features/aws-iam/tutorials/aws-iam-eks.html
index 378be5d00..7061e589d 100644
--- a/features/aws-iam/tutorials/aws-iam-eks.html
+++ b/features/aws-iam/tutorials/aws-iam-eks.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -159,7 +159,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/aws-iam/tutorials/aws-visibility.html b/features/aws-iam/tutorials/aws-visibility.html
index b04e549f6..edffddd22 100644
--- a/features/aws-iam/tutorials/aws-visibility.html
+++ b/features/aws-iam/tutorials/aws-visibility.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/azure-iam.html b/features/azure-iam.html
index 1a1a2a4ef..d53b2f0eb 100644
--- a/features/azure-iam.html
+++ b/features/azure-iam.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/azure-iam/reference.html b/features/azure-iam/reference.html
index 134766bc4..f147ef7f0 100644
--- a/features/azure-iam/reference.html
+++ b/features/azure-iam/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/azure-iam/tutorials/azure-iam-aks.html b/features/azure-iam/tutorials/azure-iam-aks.html
index 7fdce802b..60db3396e 100644
--- a/features/azure-iam/tutorials/azure-iam-aks.html
+++ b/features/azure-iam/tutorials/azure-iam-aks.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -163,7 +163,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gcp-iam.html b/features/gcp-iam.html
index 6d35d4d53..9d0f3c9fa 100644
--- a/features/gcp-iam.html
+++ b/features/gcp-iam.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gcp-iam/reference.html b/features/gcp-iam/reference.html
index 628fbd4a5..ff4ea22c0 100644
--- a/features/gcp-iam/reference.html
+++ b/features/gcp-iam/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gcp-iam/tutorials/gcp-iam-gke.html b/features/gcp-iam/tutorials/gcp-iam-gke.html
index 08051e4b0..1f98b70b4 100644
--- a/features/gcp-iam/tutorials/gcp-iam-gke.html
+++ b/features/gcp-iam/tutorials/gcp-iam-gke.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -163,7 +163,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/github.html b/features/github.html
index f6f8c6e31..82894fa1a 100644
--- a/features/github.html
+++ b/features/github.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/github/reference.html b/features/github/reference.html
index b7b8e03c1..786c5e0d5 100644
--- a/features/github/reference.html
+++ b/features/github/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/github/tutorials/automated-pull-requests.html b/features/github/tutorials/automated-pull-requests.html
index 001097d7d..0ef610b9a 100644
--- a/features/github/tutorials/automated-pull-requests.html
+++ b/features/github/tutorials/automated-pull-requests.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gitlab.html b/features/gitlab.html
index f53c0c6df..1d1528e07 100644
--- a/features/gitlab.html
+++ b/features/gitlab.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gitlab/reference.html b/features/gitlab/reference.html
index 37c168309..63d0fd45e 100644
--- a/features/gitlab/reference.html
+++ b/features/gitlab/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/gitlab/tutorials/automated-merge-requests.html b/features/gitlab/tutorials/automated-merge-requests.html
index 24ad1e72c..17dad5a89 100644
--- a/features/gitlab/tutorials/automated-merge-requests.html
+++ b/features/gitlab/tutorials/automated-merge-requests.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/istio.html b/features/istio.html
index 67fcb63eb..0c7f3ec68 100644
--- a/features/istio.html
+++ b/features/istio.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -156,7 +156,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/istio/reference.html b/features/istio/reference.html
index 21533b932..e9637e778 100644
--- a/features/istio/reference.html
+++ b/features/istio/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/istio/tutorials/k8s-istio-authorization-policies.html b/features/istio/tutorials/k8s-istio-authorization-policies.html
index 3f7cd03ec..9c8761f85 100644
--- a/features/istio/tutorials/k8s-istio-authorization-policies.html
+++ b/features/istio/tutorials/k8s-istio-authorization-policies.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -171,7 +171,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/istio/tutorials/k8s-istio-watcher.html b/features/istio/tutorials/k8s-istio-watcher.html
index 37b09ad3e..8ca4bf88c 100644
--- a/features/istio/tutorials/k8s-istio-watcher.html
+++ b/features/istio/tutorials/k8s-istio-watcher.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -164,7 +164,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/kafka.html b/features/kafka.html
index f18eafb5a..57ffa0a36 100644
--- a/features/kafka.html
+++ b/features/kafka.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/kafka/reference.html b/features/kafka/reference.html
index 154f62399..b2ad8bd69 100644
--- a/features/kafka/reference.html
+++ b/features/kafka/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/kafka/tutorials/k8s-kafka-mapping.html b/features/kafka/tutorials/k8s-kafka-mapping.html
index 10993cc90..d71b5fab8 100644
--- a/features/kafka/tutorials/k8s-kafka-mapping.html
+++ b/features/kafka/tutorials/k8s-kafka-mapping.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -160,7 +160,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/kafka/tutorials/k8s-kafka-mtls-cert-manager.html b/features/kafka/tutorials/k8s-kafka-mtls-cert-manager.html
index 8c842b5cb..3190adf3a 100644
--- a/features/kafka/tutorials/k8s-kafka-mtls-cert-manager.html
+++ b/features/kafka/tutorials/k8s-kafka-mtls-cert-manager.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -164,7 +164,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/kafka/tutorials/k8s-kafka-mtls.html b/features/kafka/tutorials/k8s-kafka-mtls.html
index 9a4f3c0cc..8f4a2bcfb 100644
--- a/features/kafka/tutorials/k8s-kafka-mtls.html
+++ b/features/kafka/tutorials/k8s-kafka-mtls.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -163,7 +163,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/mysql.html b/features/mysql.html
index 97eae60ba..85295d5af 100644
--- a/features/mysql.html
+++ b/features/mysql.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/mysql/reference.html b/features/mysql/reference.html
index e5a102d0b..93aca4880 100644
--- a/features/mysql/reference.html
+++ b/features/mysql/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/mysql/tutorials/mysql.html b/features/mysql/tutorials/mysql.html
index 4a48d984d..2bcd239c5 100644
--- a/features/mysql/tutorials/mysql.html
+++ b/features/mysql/tutorials/mysql.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -60,10 +60,10 @@
 </div>
 </div>
 </a></li></ul></div></div><div class="navbar__items navbar__items--right"><a href="https://app.otterize.com/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div id="login-link" classname="tw-inline-flex tw-h-11 tw-w-24 tw-items-center tw-justify-center tw-gap-2 tw-rounded-lg tw-px-4 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-text-gray-600 tw-no-underline -tw-mr-10">Log in</div></a><a href="https://otterize.com/signup" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><button class="tw-cursor-pointer tw-inline-flex tw-items-center tw-justify-center tw-gap-2 tw-rounded-xl tw-bg-gradient-to-b tw-px-3 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-no-underline tw-shadow tw-font-sans -tw-mr-2 tw-from-indigo-500 tw-bg-indigo-500 tw-to-indigo-600 tw-h-11 tw-border-none tw-text-white tw-w-full"><img src="/img/menu/cloud.svg">Signup <span id="sign-extended-text">for free<span></span></span></button></a><a href="https://otterize.com/book-demo" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div class="tw-cursor-pointer tw-font-sans tw-flex tw-items-center tw-rounded-xl tw-h-11 tw-border tw-border-solid tw-border-gray-300 tw-bg-white tw-px-3 tw-text-gray-900 tw-shadow tw-font-medium tw-text-sm lg:tw-text-base tw-w-full tw-justify-center"><span id="request-demo-full-text">Request a demo</span><span id="request-demo-partial-text">Demo</span><img class="tw-ml-2" src="/img/menu/right-arrow.svg"></div></a><div class="searchBox_ZlJk"><button type="button" class="DocSearch DocSearch-Button" aria-label="Search"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20" aria-hidden="true"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">Search</span></span><span class="DocSearch-Button-Keys"></span></button></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/">Getting started</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" href="/overview">Overview</a><button aria-label="Toggle the collapsible sidebar category &#x27;Overview&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" href="/features">Features</a><button aria-label="Toggle the collapsible sidebar category &#x27;Features&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/network-mapping-network-policies">Network mapping &amp; network policies</a><button aria-label="Toggle the collapsible sidebar category &#x27;Network mapping &amp; network policies&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/aws-iam">AWS IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;AWS IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/azure-iam">Microsoft Azure IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Microsoft Azure IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gcp-iam">Google Cloud IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Google Cloud IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/kafka">Kafka</a><button aria-label="Toggle the collapsible sidebar category &#x27;Kafka&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/istio">Istio</a><button aria-label="Toggle the collapsible sidebar category &#x27;Istio&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" tabindex="0" href="/features/mysql">MySQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;MySQL&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-3 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret menu__link--active" aria-expanded="true" tabindex="0" href="/features/mysql/tutorials/mysql">Tutorials</a></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-4 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/features/mysql/tutorials/mysql">Just-in-time MySQL access</a></li></ul></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-3 menu__list-item"><a class="menu__link" tabindex="0" href="/features/mysql/reference">Reference</a></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/postgresql">PostgreSQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;PostgreSQL&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/github">GitHub</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitHub&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gitlab">GitLab</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitLab&#x27;" type="button" class="clean-btn menu__caret"></button></div></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" aria-expanded="false" href="/reference/configuration/otterize-chart">Reference</a></div></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/security">Security</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/faq">FAQ</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features"><span itemprop="name">Features</span></a><meta itemprop="position" content="1"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features/mysql"><span itemprop="name">MySQL</span></a><meta itemprop="position" content="2"></li><li class="breadcrumbs__item"><span class="breadcrumbs__link">Tutorials</span><meta itemprop="position" content="3"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Just-in-time MySQL access</span><meta itemprop="position" content="4"></li></ul></nav><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Just-in-time MySQL access</h1></header><h1>Overview</h1><p>This tutorial will deploy an example cluster to highlight Otterize&#x27;s MySQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:</p><ol><li>An <code>INSERT</code> operation to append a table within the database</li><li>A <code>SELECT</code> operation to validate the updates.</li></ol><p>The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down.</p><p>In this tutorial, we will:</p><ul><li>Optionally, spin up a MySQL database instance on AWS, based on Amazon RDS for MySQL, or in your Kubernetes cluster, based on the official MySQL Docker image. Alternatively, you could use any MySQL server of your choice.</li><li>Deploy an example cluster</li><li>Deploy Otterize in our cluster and give it access to our database instance</li><li>Declare a ClientIntents resource for the server, specifying required access</li><li>See that the required access has been granted</li></ul><h1>Prerequisites</h1><h4 class="anchor anchorWithStickyNavbar_LWe7" id="1-minikube-cluster">1. Minikube Cluster<a href="#1-minikube-cluster" class="hash-link" aria-label="Direct link to 1. Minikube Cluster" title="Direct link to 1. Minikube Cluster">​</a></h4><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Prepare a Kubernetes cluster with Minikube</summary><div><div class="collapsibleContent_i85q"><p>For this tutorial you&#x27;ll need a local Kubernetes cluster. Having a cluster with a <a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/" target="_blank" rel="noopener noreferrer">CNI</a> that supports <a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/" target="_blank" rel="noopener noreferrer">NetworkPolicies</a> isn&#x27;t required for this tutorial, but is recommended so that your cluster works with other tutorials.</p><p>If you don&#x27;t have the Minikube CLI, first <a href="https://minikube.sigs.k8s.io/docs/start/" target="_blank" rel="noopener noreferrer">install it</a>.</p><p>Then start your Minikube cluster with Calico, in order to enforce network policies.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">minikube start --cpus</span><span class="token operator" style="color:#d7deea">=</span><span class="token number" style="color:#5a9bcf">4</span><span class="token plain"> --memory </span><span class="token number" style="color:#5a9bcf">4096</span><span class="token plain"> --disk-size 32g --cni</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">calico</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><h4 class="anchor anchorWithStickyNavbar_LWe7" id="2-deploy-otterize">2. Deploy Otterize<a href="#2-deploy-otterize" class="hash-link" aria-label="Direct link to 2. Deploy Otterize" title="Direct link to 2. Deploy Otterize">​</a></h4><p>To deploy Otterize, head over to <a href="https://app.otterize.com" target="_blank" rel="noopener noreferrer">Otterize Cloud</a> and associate a Kubernetes cluster on the <a href="https://app.otterize.com/integrations" target="_blank" rel="noopener noreferrer">Integrations page</a>, and follow the instructions. If you already have a Kubernetes cluster connected, skip this step.</p><h4 class="anchor anchorWithStickyNavbar_LWe7" id="3-deploy-a-mysql-database-instance">3. Deploy a MySQL database instance<a href="#3-deploy-a-mysql-database-instance" class="hash-link" aria-label="Direct link to 3. Deploy a MySQL database instance" title="Direct link to 3. Deploy a MySQL database instance">​</a></h4><p>Already have a MySQL database instance? <a href="#tutorial">Skip to the tutorial.</a></p><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Deploy a MySQL database instance, based on Amazon RDS for MySQL</summary><div><div class="collapsibleContent_i85q"><p>Follow the <a href="https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_GettingStarted.CreatingConnecting.MySQL.html#CHAP_GettingStarted.Creating.MySQL" target="_blank" rel="noopener noreferrer">installation instructions on the AWS RDS documentation</a>.</p><li>You may use the Free tier template for this tutorial.</li><li>Under &quot;Settings&quot;, choose &quot;Auto generate password&quot;. Make sure you save the generated password after the instance is created.</li><li>Under &quot;Connectivity&quot;, enable public access to allow access from your Kubernetes cluster. Otterize will require that access to manage credentials for you. Additionally, make sure you choose a security group that allows inbound access from the internet.</li></div></div></details><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Deploy a MySQL database instance, based on the official MySQL Docker image</summary><div><div class="collapsibleContent_i85q"><p>To deploy a local MySQL database instance, you can use the official MySQL Docker image. Run the following command to deploy a MySQL instance with the root password set to <code>password</code>:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-mysql</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/database.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Use the following values as your MySQL host and password:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLHOST</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">mysql.otterize-tutorial-mysql.svc.cluster.local</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLUSER</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">root</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLPASSWORD</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">password</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><h1>Tutorial</h1><h3 class="anchor anchorWithStickyNavbar_LWe7" id="setup-mysql-database-and-table-for-the-tutorial">Setup MySQL database and table for the tutorial<a href="#setup-mysql-database-and-table-for-the-tutorial" class="hash-link" aria-label="Direct link to Setup MySQL database and table for the tutorial" title="Direct link to Setup MySQL database and table for the tutorial">​</a></h3><p>Throughout this tutorial, we will refer to your MySQL host &amp; credentials via environment variables, so make sure to set them up:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLHOST</span><span class="token operator" style="color:#d7deea">=</span><span class="token operator" style="color:#d7deea">&lt;</span><span class="token plain">YOURMYSQLHOST</span><span class="token operator" style="color:#d7deea">&gt;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># For RDS, this is the endpoint; for the official MySQL docker image, this is `mysql.otterize-tutorial-mysql.svc.cluster.local`</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLUSER</span><span class="token operator" style="color:#d7deea">=</span><span class="token operator" style="color:#d7deea">&lt;</span><span class="token plain">YOURUSER</span><span class="token operator" style="color:#d7deea">&gt;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># For RDS, this is the username set during the RDS instance deployment, typically &#x27;admin&#x27;; for the official MySQL docker image, this is `root`</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token builtin class-name" style="color:#FAC863">export</span><span class="token plain"> </span><span class="token assign-left variable" style="color:#d7deea">MYSQLPASSWORD</span><span class="token operator" style="color:#d7deea">=</span><span class="token operator" style="color:#d7deea">&lt;</span><span class="token plain">YOURPASSWORD</span><span class="token operator" style="color:#d7deea">&gt;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># For RDS, this is the password set during the RDS instance deployment; for the official MySQL docker image, this is `password`</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Next, start a MySQL client to connect to your MySQL instance, and create a database named <code>otterize_tutorial</code> and a table named <code>example</code> in your MySQL instance.
-Our tutorial server will use this database and table to perform <code>INSERT</code> and <code>SELECT</code> operations.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-mysql</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl run -n otterize-tutorial-mysql -it --rm --image</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">mysql:latest --restart</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">Never mysql-client -- mysql -h </span><span class="token variable" style="color:#d7deea">$MYSQLHOST</span><span class="token plain"> -u </span><span class="token variable" style="color:#d7deea">$MYSQLUSER</span><span class="token plain"> -p</span><span class="token variable" style="color:#d7deea">$MYSQLPASSWORD</span><span class="token plain"> </span><span class="token punctuation" style="color:#8dc891">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"> -e </span><span class="token string" style="color:#8dc891">&#x27;CREATE DATABASE IF NOT EXISTS otterize_example;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">USE otterize_example;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">CREATE TABLE IF NOT EXISTS example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">(</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">    file_name   VARCHAR(255),</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">    upload_time BIGINT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">);</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">exit;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">&#x27;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-tutorial-services-and-request-database-credentials">Deploy tutorial services and request database credentials<a href="#deploy-tutorial-services-and-request-database-credentials" class="hash-link" aria-label="Direct link to Deploy tutorial services and request database credentials" title="Direct link to Deploy tutorial services and request database credentials">​</a></h3><p>Next, set up the namespace used for our tutorial and deploy the client &amp; server services in it:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-mysql</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/client-server.yaml</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch deployment -n otterize-tutorial-mysql server --type</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;json&#x27;</span><span class="token plain"> -p</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&quot;[{</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/spec/template/spec/containers/0/env/0/value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$MYSQLHOST</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}]&quot;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Expand to see the deployment YAML</summary><div><div class="collapsibleContent_i85q"><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">serviceAccountName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/mysql-tutorial-server&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">env</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_HOST</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_NAME</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize_example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_PORT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&quot;3306&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_USER</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> username</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_PASSWORD</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> password</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Service</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClusterIP</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> http</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">port</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">targetPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ServiceAccount</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/mysql-tutorial-client&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><p>Our server&#x27;s Deployment spec specify an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This specifies that the secret <code>server-creds</code> will be populated with keys containing the username and password used by this pod to connect to the database.
-The secret will only be created by the Otterize operator after it is integrated with your database by applying a MySQLServerConfig resources.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server">View logs for the server<a href="#view-logs-for-the-server" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-mysql deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Unable to perform INSERT operation<br>Unable to perform SELECT operation</div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-a-mysqlserverconfig-to-allow-otterize-db-access">Deploy a MySQLServerConfig to allow Otterize DB access<a href="#deploy-a-mysqlserverconfig-to-allow-otterize-db-access" class="hash-link" aria-label="Direct link to Deploy a MySQLServerConfig to allow Otterize DB access" title="Direct link to Deploy a MySQLServerConfig to allow Otterize DB access">​</a></h3><p>Let&#x27;s apply a <code>MySQLServerConfig</code> so Otterize will know how to access our database instance:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/mysqlserverconfig.yaml</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch mysqlserverconfig -n otterize-tutorial-mysql mysql-tutorial-db --type</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;json&#x27;</span><span class="token plain"> -p</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&quot;[{</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/spec/address</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$MYSQLHOST</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}]&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token assign-left variable" style="color:#d7deea">MYSQLUSER_B64</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$(</span><span class="token variable builtin class-name" style="color:#FAC863">echo</span><span class="token variable" style="color:#d7deea"> -n $MYSQLUSER </span><span class="token variable operator" style="color:#d7deea">|</span><span class="token variable" style="color:#d7deea"> base64</span><span class="token variable" style="color:#d7deea">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token assign-left variable" style="color:#d7deea">MYSQLPASSWORD_B64</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$(</span><span class="token variable builtin class-name" style="color:#FAC863">echo</span><span class="token variable" style="color:#d7deea"> -n $MYSQLPASSWORD </span><span class="token variable operator" style="color:#d7deea">|</span><span class="token variable" style="color:#d7deea"> base64</span><span class="token variable" style="color:#d7deea">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch secret -n otterize-tutorial-mysql mysql-tutorial-db-credentials --type</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;json&#x27;</span><span class="token plain"> -p</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&quot;[{</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/data/username</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$MYSQLUSER_B64</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}, {</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/data/password</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$MYSQLPASSWORD_B64</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}]&quot;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This applies the following <code>MySQLServerConfig</code> to your cluster, and patches it with your DB instance address &amp; credentials:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> MySQLServerConfig</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">address</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql.otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">mysql.svc.cluster.local</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token number" style="color:#5a9bcf">3306</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your MySQL server address</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">credentials</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">secretRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Opaque</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Secret</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">data</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">username</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your MySQL server user</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">password</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your MySQL server password</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>The above CRD tells Otterize how to access a database instance named <code>mysql-tutorial-db</code>, meaning that when intents
+Our tutorial server will use this database and table to perform <code>INSERT</code> and <code>SELECT</code> operations.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-mysql</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl run -n otterize-tutorial-mysql -it --rm --image</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">mysql:latest --restart</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">Never mysql-client -- mysql -h </span><span class="token variable" style="color:#d7deea">$MYSQLHOST</span><span class="token plain"> -u </span><span class="token variable" style="color:#d7deea">$MYSQLUSER</span><span class="token plain"> -p</span><span class="token variable" style="color:#d7deea">$MYSQLPASSWORD</span><span class="token plain"> </span><span class="token punctuation" style="color:#8dc891">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"> -e </span><span class="token string" style="color:#8dc891">&#x27;CREATE DATABASE IF NOT EXISTS otterize_example;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">USE otterize_example;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">CREATE TABLE IF NOT EXISTS example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">(</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">    file_name   VARCHAR(255),</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">    upload_time BIGINT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">);</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="display:inline-block;color:#8dc891"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">exit;</span><br></span><span class="token-line" style="color:#ffffff"><span class="token string" style="color:#8dc891">&#x27;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-tutorial-services-and-request-database-credentials">Deploy tutorial services and request database credentials<a href="#deploy-tutorial-services-and-request-database-credentials" class="hash-link" aria-label="Direct link to Deploy tutorial services and request database credentials" title="Direct link to Deploy tutorial services and request database credentials">​</a></h3><p>Next, set up the namespace used for our tutorial and deploy the client &amp; server services in it:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-mysql</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/client-server.yaml</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch deployment -n otterize-tutorial-mysql server --type</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;json&#x27;</span><span class="token plain"> -p</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&quot;[{</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/spec/template/spec/containers/0/env/0/value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$MYSQLHOST</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}]&quot;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Expand to see the deployment YAML</summary><div><div class="collapsibleContent_i85q"><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">serviceAccountName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/mysql-tutorial-server&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">env</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_HOST</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_NAME</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize_example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_PORT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">value</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&quot;3306&quot;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_USER</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> username</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_PASSWORD</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> password</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Service</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClusterIP</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> http</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">port</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">targetPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ServiceAccount</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/mysql-tutorial-client&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain" style="display:inline-block"></span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><p>Our server&#x27;s Deployment spec specifies an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This specifies that the secret <code>server-creds</code> will be populated with keys containing the username and password used by this pod to connect to the database.
+The secret will only be created by the Otterize operator after it is integrated with your database by applying a <code>MySQLServerConfig</code> resources.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server">View logs for the server<a href="#view-logs-for-the-server" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-mysql deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Unable to perform INSERT operation<br>Unable to perform SELECT operation</div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-a-mysqlserverconfig-to-allow-otterize-db-access">Deploy a MySQLServerConfig to allow Otterize DB access<a href="#deploy-a-mysqlserverconfig-to-allow-otterize-db-access" class="hash-link" aria-label="Direct link to Deploy a MySQLServerConfig to allow Otterize DB access" title="Direct link to Deploy a MySQLServerConfig to allow Otterize DB access">​</a></h3><p>Let&#x27;s apply a <code>MySQLServerConfig</code> so Otterize will know how to access our database instance.</p><p>First, create a Kuberentes secret containing the database credentials:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create secret generic mysql-tutorial-db-credentials -n otterize-tutorial-mysql --from-literal</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">username</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$MYSQLUSER</span><span class="token plain"> --from-literal</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">password</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$MYSQLPASSWORD</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Next, apply the <code>MySQLServerConfig</code> to the cluster, and patch it with your DB instance address:</p><div class="codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-text codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/mysqlserverconfig.yaml</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch mysqlserverconfig -n otterize-tutorial-mysql mysql-tutorial-db --type=&#x27;json&#x27; -p=&quot;[{\&quot;op\&quot;: \&quot;replace\&quot;, \&quot;path\&quot;: \&quot;/spec/address\&quot;, \&quot;value\&quot;: \&quot;$MYSQLHOST\&quot;}]&quot;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This <code>MySQLServerConfig</code> tells Otterize how to access a database instance named <code>mysql-tutorial-db</code>, meaning that when intents
 are applied requesting access permissions to <code>mysql-tutorial-db</code>, the Otterize operator will be able to configure
-them.</p><p>In this tutorial, we use the admin user to grant Otterize permissions to create users and grant them access to the database.
+them:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> MySQLServerConfig</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">address</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql.otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">mysql.svc.cluster.local</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token number" style="color:#5a9bcf">3306</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your MySQL server address</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">credentials</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">secretRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In this tutorial, we use the admin user to grant Otterize permissions to create users and grant them access to the database.
 In a production environment, it is recommended to create a dedicated user for Otterize, and grant it the necessary permissions to create and manage other users.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="define-your-clientintents">Define your ClientIntents<a href="#define-your-clientintents" class="hash-link" aria-label="Direct link to Define your ClientIntents" title="Direct link to Define your ClientIntents">​</a></h3><p>ClientIntents are Otterize’s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our <code>server</code> workload the ability to insert and select records to allow it to access the database.</p><p>Below is our <code>intents.yaml</code> file. As you can see, it is scoped to our database named <code>otterize_tutorial</code> and our <code>example</code> table. We also have limited the access to just <code>SELECT</code> and <code>INSERT</code> operations. We could add more databases, tables, or operations if our service required more access.</p><p>Specifying the table and operations is optional. If you don&#x27;t specify the table, access will be granted to all tables in the specified database. If you don&#x27;t specify the operations, all operations will be allowed.</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClientIntents</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">intents</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">for</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">service</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">calls</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> mysql</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">databaseResources</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">databaseName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize_example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">table</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">operations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> SELECT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> INSERT</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>We can now apply our intents. Behind the scenes, the Otterize operator created the user for our <code>server</code> workload and executed <code>GRANT</code> queries on the database, making our <code>SELECT</code> and <code>INSERT</code> errors disappear.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-mysql -f https://docs.otterize.com/code-examples/mysql/clientintents.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server-1">View logs for the server<a href="#view-logs-for-the-server-1" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-mysql deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Successfully INSERTED into our table<p>Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z</p></div><p>That’s it! If your service’s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the <code>operations</code> to just <code>SELECT</code> or <code>INSERT</code>.</p><h1>Teardown</h1><p>To remove the deployed examples, run:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-mysql client-intents-for-server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete namespace otterize-tutorial-mysql</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a href="https://github.com/otterize/docs/edit/main/docs/features/mysql/tutorials/mysql.mdx" target="_blank" rel="noreferrer noopener" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_vwxv"></div></div></footer></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/features/mysql"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">MySQL | Overview</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/features/mysql/reference"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">Reference</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#setup-mysql-database-and-table-for-the-tutorial" class="table-of-contents__link toc-highlight">Setup MySQL database and table for the tutorial</a></li><li><a href="#deploy-tutorial-services-and-request-database-credentials" class="table-of-contents__link toc-highlight">Deploy tutorial services and request database credentials</a></li><li><a href="#view-logs-for-the-server" class="table-of-contents__link toc-highlight">View logs for the server</a></li><li><a href="#deploy-a-mysqlserverconfig-to-allow-otterize-db-access" class="table-of-contents__link toc-highlight">Deploy a MySQLServerConfig to allow Otterize DB access</a></li><li><a href="#define-your-clientintents" class="table-of-contents__link toc-highlight">Define your ClientIntents</a></li><li><a href="#view-logs-for-the-server-1" class="table-of-contents__link toc-highlight">View logs for the server</a></li></ul></div></div></div></div></main></div></div><footer class="footer"><div class="container container-fluid"><div class="footer__links text--center"><div class="footer__links"><span class="footer__link-item">
                 <div class="footer_left">
                   <div class="tw-w-96 tw-h-60 tw-flex-col tw-justify-start tw-items-start tw-gap-6 tw-inline-flex">
@@ -159,7 +159,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies.html b/features/network-mapping-network-policies.html
index 4a7114109..6f00efd6d 100644
--- a/features/network-mapping-network-policies.html
+++ b/features/network-mapping-network-policies.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/reference.html b/features/network-mapping-network-policies/reference.html
index 14d094934..cadf23e8b 100644
--- a/features/network-mapping-network-policies/reference.html
+++ b/features/network-mapping-network-policies/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -161,7 +161,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/reference/Network-Policies-Deep-Dive.html b/features/network-mapping-network-policies/reference/Network-Policies-Deep-Dive.html
index 881509041..b6fae89af 100644
--- a/features/network-mapping-network-policies/reference/Network-Policies-Deep-Dive.html
+++ b/features/network-mapping-network-policies/reference/Network-Policies-Deep-Dive.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -166,7 +166,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/tutorials/aws-eks-cni-mini.html b/features/network-mapping-network-policies/tutorials/aws-eks-cni-mini.html
index 85042ca0f..1bcd1a213 100644
--- a/features/network-mapping-network-policies/tutorials/aws-eks-cni-mini.html
+++ b/features/network-mapping-network-policies/tutorials/aws-eks-cni-mini.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/tutorials/k8s-egress-access-control-tutorial.html b/features/network-mapping-network-policies/tutorials/k8s-egress-access-control-tutorial.html
index e9c6de110..53b93f8ef 100644
--- a/features/network-mapping-network-policies/tutorials/k8s-egress-access-control-tutorial.html
+++ b/features/network-mapping-network-policies/tutorials/k8s-egress-access-control-tutorial.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/tutorials/k8s-network-mapper.html b/features/network-mapping-network-policies/tutorials/k8s-network-mapper.html
index ff03ade00..54b7cc726 100644
--- a/features/network-mapping-network-policies/tutorials/k8s-network-mapper.html
+++ b/features/network-mapping-network-policies/tutorials/k8s-network-mapper.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -163,7 +163,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/tutorials/k8s-network-policies.html b/features/network-mapping-network-policies/tutorials/k8s-network-policies.html
index 519851364..6314a952a 100644
--- a/features/network-mapping-network-policies/tutorials/k8s-network-policies.html
+++ b/features/network-mapping-network-policies/tutorials/k8s-network-policies.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -173,7 +173,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/network-mapping-network-policies/tutorials/protect-1-service-network-policies.html b/features/network-mapping-network-policies/tutorials/protect-1-service-network-policies.html
index f7d687388..670279a46 100644
--- a/features/network-mapping-network-policies/tutorials/protect-1-service-network-policies.html
+++ b/features/network-mapping-network-policies/tutorials/protect-1-service-network-policies.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/postgresql.html b/features/postgresql.html
index 21ac00295..875cc4127 100644
--- a/features/postgresql.html
+++ b/features/postgresql.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/postgresql/reference.html b/features/postgresql/reference.html
index 1a9b6390f..2e9e85c7b 100644
--- a/features/postgresql/reference.html
+++ b/features/postgresql/reference.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/postgresql/tutorials/postgres-mapping.html b/features/postgresql/tutorials/postgres-mapping.html
index c5e52ded7..276d404b9 100644
--- a/features/postgresql/tutorials/postgres-mapping.html
+++ b/features/postgresql/tutorials/postgres-mapping.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -175,7 +175,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/features/postgresql/tutorials/postgres.html b/features/postgresql/tutorials/postgres.html
index 95609d850..bf4bf26c6 100644
--- a/features/postgresql/tutorials/postgres.html
+++ b/features/postgresql/tutorials/postgres.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -59,11 +59,11 @@
   <p class="tw-text-gray-600 tw-whitespace-pre-wrap	tw-min-w-[225px] tw-mb-0">Dive into our company’s mission, our philosophy, and the team that makes it all possible.</p>
 </div>
 </div>
-</a></li></ul></div></div><div class="navbar__items navbar__items--right"><a href="https://app.otterize.com/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div id="login-link" classname="tw-inline-flex tw-h-11 tw-w-24 tw-items-center tw-justify-center tw-gap-2 tw-rounded-lg tw-px-4 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-text-gray-600 tw-no-underline -tw-mr-10">Log in</div></a><a href="https://otterize.com/signup" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><button class="tw-cursor-pointer tw-inline-flex tw-items-center tw-justify-center tw-gap-2 tw-rounded-xl tw-bg-gradient-to-b tw-px-3 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-no-underline tw-shadow tw-font-sans -tw-mr-2 tw-from-indigo-500 tw-bg-indigo-500 tw-to-indigo-600 tw-h-11 tw-border-none tw-text-white tw-w-full"><img src="/img/menu/cloud.svg">Signup <span id="sign-extended-text">for free<span></span></span></button></a><a href="https://otterize.com/book-demo" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div class="tw-cursor-pointer tw-font-sans tw-flex tw-items-center tw-rounded-xl tw-h-11 tw-border tw-border-solid tw-border-gray-300 tw-bg-white tw-px-3 tw-text-gray-900 tw-shadow tw-font-medium tw-text-sm lg:tw-text-base tw-w-full tw-justify-center"><span id="request-demo-full-text">Request a demo</span><span id="request-demo-partial-text">Demo</span><img class="tw-ml-2" src="/img/menu/right-arrow.svg"></div></a><div class="searchBox_ZlJk"><button type="button" class="DocSearch DocSearch-Button" aria-label="Search"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20" aria-hidden="true"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">Search</span></span><span class="DocSearch-Button-Keys"></span></button></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/">Getting started</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" href="/overview">Overview</a><button aria-label="Toggle the collapsible sidebar category &#x27;Overview&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" href="/features">Features</a><button aria-label="Toggle the collapsible sidebar category &#x27;Features&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/network-mapping-network-policies">Network mapping &amp; network policies</a><button aria-label="Toggle the collapsible sidebar category &#x27;Network mapping &amp; network policies&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/aws-iam">AWS IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;AWS IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/azure-iam">Microsoft Azure IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Microsoft Azure IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gcp-iam">Google Cloud IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Google Cloud IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/kafka">Kafka</a><button aria-label="Toggle the collapsible sidebar category &#x27;Kafka&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/istio">Istio</a><button aria-label="Toggle the collapsible sidebar category &#x27;Istio&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/mysql">MySQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;MySQL&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" tabindex="0" href="/features/postgresql">PostgreSQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;PostgreSQL&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-3 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret menu__link--active" aria-expanded="true" tabindex="0" href="/features/postgresql/tutorials/postgres">Tutorials</a></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-4 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/features/postgresql/tutorials/postgres">Just-in-time PostgreSQL access</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-4 menu__list-item"><a class="menu__link" tabindex="0" href="/features/postgresql/tutorials/postgres-mapping">PostgreSQL table-level access mapping</a></li></ul></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-3 menu__list-item"><a class="menu__link" tabindex="0" href="/features/postgresql/reference">Reference</a></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/github">GitHub</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitHub&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gitlab">GitLab</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitLab&#x27;" type="button" class="clean-btn menu__caret"></button></div></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" aria-expanded="false" href="/reference/configuration/otterize-chart">Reference</a></div></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/security">Security</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/faq">FAQ</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features"><span itemprop="name">Features</span></a><meta itemprop="position" content="1"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features/postgresql"><span itemprop="name">PostgreSQL</span></a><meta itemprop="position" content="2"></li><li class="breadcrumbs__item"><span class="breadcrumbs__link">Tutorials</span><meta itemprop="position" content="3"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Just-in-time PostgreSQL access</span><meta itemprop="position" content="4"></li></ul></nav><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Just-in-time PostgreSQL access</h1></header><h1>Overview</h1><p>This tutorial will deploy an example cluster to highlight Otterize&#x27;s PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:</p><ol><li>An <code>INSERT</code> operation to append a table within the database</li><li>A <code>SELECT</code> operation to validate the updates.</li></ol><p>The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down.</p><p>In this tutorial, we will:</p><ul><li>Deploy an example cluster</li><li>Deploy Otterize in our cluster and give it access to our database instance</li><li>Declare a ClientIntents resource for the server, specifying required access</li><li>See that the required access has been granted</li></ul><h1>Prerequisites</h1><h4 class="anchor anchorWithStickyNavbar_LWe7" id="1-minikube-cluster">1. Minikube Cluster<a href="#1-minikube-cluster" class="hash-link" aria-label="Direct link to 1. Minikube Cluster" title="Direct link to 1. Minikube Cluster">​</a></h4><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Prepare a Kubernetes cluster with Minikube</summary><div><div class="collapsibleContent_i85q"><p>For this tutorial you&#x27;ll need a local Kubernetes cluster. Having a cluster with a <a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/" target="_blank" rel="noopener noreferrer">CNI</a> that supports <a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/" target="_blank" rel="noopener noreferrer">NetworkPolicies</a> isn&#x27;t required for this tutorial, but is recommended so that your cluster works with other tutorials.</p><p>If you don&#x27;t have the Minikube CLI, first <a href="https://minikube.sigs.k8s.io/docs/start/" target="_blank" rel="noopener noreferrer">install it</a>.</p><p>Then start your Minikube cluster with Calico, in order to enforce network policies.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">minikube start --cpus</span><span class="token operator" style="color:#d7deea">=</span><span class="token number" style="color:#5a9bcf">4</span><span class="token plain"> --memory </span><span class="token number" style="color:#5a9bcf">4096</span><span class="token plain"> --disk-size 32g --cni</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">calico</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><h4 class="anchor anchorWithStickyNavbar_LWe7" id="2-deploy-otterize">2. Deploy Otterize<a href="#2-deploy-otterize" class="hash-link" aria-label="Direct link to 2. Deploy Otterize" title="Direct link to 2. Deploy Otterize">​</a></h4><p>To deploy Otterize, head over to <a href="https://app.otterize.com" target="_blank" rel="noopener noreferrer">Otterize Cloud</a> and associate a Kubernetes cluster on the <a href="https://app.otterize.com/integrations" target="_blank" rel="noopener noreferrer">Integrations page</a>, and follow the instructions. If you already have a Kubernetes cluster connected, skip this step.</p><h1>Tutorial</h1><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-tutorial-services-and-request-database-credentials">Deploy tutorial services and request database credentials<a href="#deploy-tutorial-services-and-request-database-credentials" class="hash-link" aria-label="Direct link to Deploy tutorial services and request database credentials" title="Direct link to Deploy tutorial services and request database credentials">​</a></h3><p>This will set up the namespace we will use for our tutorial and deploy the client, server, and database.</p><p>Our server&#x27;s Deployment spec will specify an annotation on the Pod, which requests that the Otterize operator will provision a username and password for the server.</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This specifies that the secret <code>server-creds</code> will have keys with the username and password to connect to the database.
-The secret will only be created by the Otterize operator after it is integrated with your database by applying a MySQLServerConfig resources.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-postgres</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/client-server-database.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-a-postgresqlserverconfig-to-allow-otterize-db-access">Deploy a PostgreSQLServerConfig to allow Otterize DB access<a href="#deploy-a-postgresqlserverconfig-to-allow-otterize-db-access" class="hash-link" aria-label="Direct link to Deploy a PostgreSQLServerConfig to allow Otterize DB access" title="Direct link to Deploy a PostgreSQLServerConfig to allow Otterize DB access">​</a></h3><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> PostgreSQLServerConfig</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">address</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database.otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">postgres.svc.cluster.local</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token number" style="color:#5a9bcf">5432</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">credentials</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">secretRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Opaque</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Secret</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">data</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">username</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your PostgreSQL server user</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">password</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;&#x27;</span><span class="token plain"> </span><span class="token comment" style="color:#999999"># Your PostgreSQL server password</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>The above CRD tells Otterize how to access a database instance named <code>postgres-tutorial-db</code>, meaning that when intents
+</a></li></ul></div></div><div class="navbar__items navbar__items--right"><a href="https://app.otterize.com/" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div id="login-link" classname="tw-inline-flex tw-h-11 tw-w-24 tw-items-center tw-justify-center tw-gap-2 tw-rounded-lg tw-px-4 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-text-gray-600 tw-no-underline -tw-mr-10">Log in</div></a><a href="https://otterize.com/signup" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><button class="tw-cursor-pointer tw-inline-flex tw-items-center tw-justify-center tw-gap-2 tw-rounded-xl tw-bg-gradient-to-b tw-px-3 tw-py-2.5 tw-text-sm lg:tw-text-base tw-font-semibold tw-leading-normal tw-no-underline tw-shadow tw-font-sans -tw-mr-2 tw-from-indigo-500 tw-bg-indigo-500 tw-to-indigo-600 tw-h-11 tw-border-none tw-text-white tw-w-full"><img src="/img/menu/cloud.svg">Signup <span id="sign-extended-text">for free<span></span></span></button></a><a href="https://otterize.com/book-demo" target="_blank" rel="noopener noreferrer" class="navbar__item navbar__link"><div class="tw-cursor-pointer tw-font-sans tw-flex tw-items-center tw-rounded-xl tw-h-11 tw-border tw-border-solid tw-border-gray-300 tw-bg-white tw-px-3 tw-text-gray-900 tw-shadow tw-font-medium tw-text-sm lg:tw-text-base tw-w-full tw-justify-center"><span id="request-demo-full-text">Request a demo</span><span id="request-demo-partial-text">Demo</span><img class="tw-ml-2" src="/img/menu/right-arrow.svg"></div></a><div class="searchBox_ZlJk"><button type="button" class="DocSearch DocSearch-Button" aria-label="Search"><span class="DocSearch-Button-Container"><svg width="20" height="20" class="DocSearch-Search-Icon" viewBox="0 0 20 20" aria-hidden="true"><path d="M14.386 14.386l4.0877 4.0877-4.0877-4.0877c-2.9418 2.9419-7.7115 2.9419-10.6533 0-2.9419-2.9418-2.9419-7.7115 0-10.6533 2.9418-2.9419 7.7115-2.9419 10.6533 0 2.9419 2.9418 2.9419 7.7115 0 10.6533z" stroke="currentColor" fill="none" fill-rule="evenodd" stroke-linecap="round" stroke-linejoin="round"></path></svg><span class="DocSearch-Button-Placeholder">Search</span></span><span class="DocSearch-Button-Keys"></span></button></div></div></div><div role="presentation" class="navbar-sidebar__backdrop"></div></nav><div id="__docusaurus_skipToContent_fallback" class="main-wrapper mainWrapper_z2l0 docsWrapper_BCFX"><button aria-label="Scroll back to top" class="clean-btn theme-back-to-top-button backToTopButton_sjWU" type="button"></button><div class="docPage__5DB"><aside class="theme-doc-sidebar-container docSidebarContainer_b6E3"><div class="sidebarViewport_Xe31"><div class="sidebar_njMd"><nav aria-label="Docs sidebar" class="menu thin-scrollbar menu_SIkG"><ul class="theme-doc-sidebar-menu menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/">Getting started</a></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" href="/overview">Overview</a><button aria-label="Toggle the collapsible sidebar category &#x27;Overview&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" href="/features">Features</a><button aria-label="Toggle the collapsible sidebar category &#x27;Features&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/network-mapping-network-policies">Network mapping &amp; network policies</a><button aria-label="Toggle the collapsible sidebar category &#x27;Network mapping &amp; network policies&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/aws-iam">AWS IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;AWS IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/azure-iam">Microsoft Azure IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Microsoft Azure IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gcp-iam">Google Cloud IAM</a><button aria-label="Toggle the collapsible sidebar category &#x27;Google Cloud IAM&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/kafka">Kafka</a><button aria-label="Toggle the collapsible sidebar category &#x27;Kafka&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/istio">Istio</a><button aria-label="Toggle the collapsible sidebar category &#x27;Istio&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/mysql">MySQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;MySQL&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--active" aria-expanded="true" tabindex="0" href="/features/postgresql">PostgreSQL</a><button aria-label="Toggle the collapsible sidebar category &#x27;PostgreSQL&#x27;" type="button" class="clean-btn menu__caret"></button></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-3 menu__list-item"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret menu__link--active" aria-expanded="true" tabindex="0" href="/features/postgresql/tutorials/postgres">Tutorials</a></div><ul style="display:block;overflow:visible;height:auto" class="menu__list"><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-4 menu__list-item"><a class="menu__link menu__link--active" aria-current="page" tabindex="0" href="/features/postgresql/tutorials/postgres">Just-in-time PostgreSQL access</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-4 menu__list-item"><a class="menu__link" tabindex="0" href="/features/postgresql/tutorials/postgres-mapping">PostgreSQL table-level access mapping</a></li></ul></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-3 menu__list-item"><a class="menu__link" tabindex="0" href="/features/postgresql/reference">Reference</a></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/github">GitHub</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitHub&#x27;" type="button" class="clean-btn menu__caret"></button></div></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-2 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist" aria-expanded="false" tabindex="0" href="/features/gitlab">GitLab</a><button aria-label="Toggle the collapsible sidebar category &#x27;GitLab&#x27;" type="button" class="clean-btn menu__caret"></button></div></li></ul></li><li class="theme-doc-sidebar-item-category theme-doc-sidebar-item-category-level-1 menu__list-item menu__list-item--collapsed"><div class="menu__list-item-collapsible"><a class="menu__link menu__link--sublist menu__link--sublist-caret" aria-expanded="false" href="/reference/configuration/otterize-chart">Reference</a></div></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/security">Security</a></li><li class="theme-doc-sidebar-item-link theme-doc-sidebar-item-link-level-1 menu__list-item"><a class="menu__link" href="/faq">FAQ</a></li></ul></nav></div></div></aside><main class="docMainContainer_gTbr"><div class="container padding-top--md padding-bottom--lg"><div class="row"><div class="col docItemCol_VOVn"><div class="docItemContainer_Djhp"><article><nav class="theme-doc-breadcrumbs breadcrumbsContainer_Z_bl" aria-label="Breadcrumbs"><ul class="breadcrumbs" itemscope="" itemtype="https://schema.org/BreadcrumbList"><li class="breadcrumbs__item"><a aria-label="Home page" class="breadcrumbs__link" href="/"><svg viewBox="0 0 24 24" class="breadcrumbHomeIcon_YNFT"><path d="M10 19v-5h4v5c0 .55.45 1 1 1h3c.55 0 1-.45 1-1v-7h1.7c.46 0 .68-.57.33-.87L12.67 3.6c-.38-.34-.96-.34-1.34 0l-8.36 7.53c-.34.3-.13.87.33.87H5v7c0 .55.45 1 1 1h3c.55 0 1-.45 1-1z" fill="currentColor"></path></svg></a></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features"><span itemprop="name">Features</span></a><meta itemprop="position" content="1"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item"><a class="breadcrumbs__link" itemprop="item" href="/features/postgresql"><span itemprop="name">PostgreSQL</span></a><meta itemprop="position" content="2"></li><li class="breadcrumbs__item"><span class="breadcrumbs__link">Tutorials</span><meta itemprop="position" content="3"></li><li itemscope="" itemprop="itemListElement" itemtype="https://schema.org/ListItem" class="breadcrumbs__item breadcrumbs__item--active"><span class="breadcrumbs__link" itemprop="name">Just-in-time PostgreSQL access</span><meta itemprop="position" content="4"></li></ul></nav><div class="tocCollapsible_ETCw theme-doc-toc-mobile tocMobile_ITEo"><button type="button" class="clean-btn tocCollapsibleButton_TO0P">On this page</button></div><div class="theme-doc-markdown markdown"><header><h1>Just-in-time PostgreSQL access</h1></header><h1>Overview</h1><p>This tutorial will deploy an example cluster to highlight Otterize&#x27;s PostgreSQL capabilities. Within that cluster is a client service that hits an endpoint on a server, which then connects to a database. The server runs two different database operations:</p><ol><li>An <code>INSERT</code> operation to append a table within the database</li><li>A <code>SELECT</code> operation to validate the updates.</li></ol><p>The server needs appropriate permissions to access the database. You could use one admin user for all services, which is insecure and is the cause for many security breaches. With Otterize, you can specify required access, and have Otterize create users and perform correctly scoped SQL GRANTs just in time, as the service spins up and down.</p><p>In this tutorial, we will:</p><ul><li>Deploy an example cluster</li><li>Deploy Otterize in our cluster and give it access to our database instance</li><li>Declare a ClientIntents resource for the server, specifying required access</li><li>See that the required access has been granted</li></ul><h1>Prerequisites</h1><h4 class="anchor anchorWithStickyNavbar_LWe7" id="1-minikube-cluster">1. Minikube Cluster<a href="#1-minikube-cluster" class="hash-link" aria-label="Direct link to 1. Minikube Cluster" title="Direct link to 1. Minikube Cluster">​</a></h4><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Prepare a Kubernetes cluster with Minikube</summary><div><div class="collapsibleContent_i85q"><p>For this tutorial you&#x27;ll need a local Kubernetes cluster. Having a cluster with a <a href="https://kubernetes.io/docs/concepts/extend-kubernetes/compute-storage-net/network-plugins/" target="_blank" rel="noopener noreferrer">CNI</a> that supports <a href="https://kubernetes.io/docs/concepts/services-networking/network-policies/" target="_blank" rel="noopener noreferrer">NetworkPolicies</a> isn&#x27;t required for this tutorial, but is recommended so that your cluster works with other tutorials.</p><p>If you don&#x27;t have the Minikube CLI, first <a href="https://minikube.sigs.k8s.io/docs/start/" target="_blank" rel="noopener noreferrer">install it</a>.</p><p>Then start your Minikube cluster with Calico, in order to enforce network policies.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">minikube start --cpus</span><span class="token operator" style="color:#d7deea">=</span><span class="token number" style="color:#5a9bcf">4</span><span class="token plain"> --memory </span><span class="token number" style="color:#5a9bcf">4096</span><span class="token plain"> --disk-size 32g --cni</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">calico</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><h4 class="anchor anchorWithStickyNavbar_LWe7" id="2-deploy-otterize">2. Deploy Otterize<a href="#2-deploy-otterize" class="hash-link" aria-label="Direct link to 2. Deploy Otterize" title="Direct link to 2. Deploy Otterize">​</a></h4><p>To deploy Otterize, head over to <a href="https://app.otterize.com" target="_blank" rel="noopener noreferrer">Otterize Cloud</a> and associate a Kubernetes cluster on the <a href="https://app.otterize.com/integrations" target="_blank" rel="noopener noreferrer">Integrations page</a>, and follow the instructions. If you already have a Kubernetes cluster connected, skip this step.</p><h1>Tutorial</h1><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-tutorial-services-and-request-database-credentials">Deploy tutorial services and request database credentials<a href="#deploy-tutorial-services-and-request-database-credentials" class="hash-link" aria-label="Direct link to Deploy tutorial services and request database credentials" title="Direct link to Deploy tutorial services and request database credentials">​</a></h3><p>Next, set up the namespace used for our tutorial and deploy the client, server &amp; database services in it:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create namespace otterize-tutorial-postgres</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/client-server-database.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><details class="details_lb9f alert alert--info details_b_Ee" data-collapsed="true"><summary>Expand to see the deployment YAML</summary><div><div class="collapsibleContent_i85q"><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">serviceAccountName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/postgres-tutorial-server&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">env</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_USER</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> username</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> DB_SERVER_PASSWORD</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">              </span><span class="token key atrule" style="color:#FAC863">valueFrom</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                </span><span class="token key atrule" style="color:#FAC863">secretKeyRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">                  </span><span class="token key atrule" style="color:#FAC863">key</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> password</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Service</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClusterIP</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> http</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">port</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">targetPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ServiceAccount</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/postgres-tutorial-client&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">80</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> apps/v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Deployment</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">replicas</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">1</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">matchLabels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">labels</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">containers</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">imagePullPolicy</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Always</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">image</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token string" style="color:#8dc891">&#x27;otterize/postgres-tutorial-database&#x27;</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">containerPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">5432</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token punctuation" style="color:#8dc891">---</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> v1</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> Service</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">selector</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">app</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">ports</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">protocol</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> TCP</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">port</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">5432</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">targetPort</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> </span><span class="token number" style="color:#5a9bcf">5432</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div></div></details><p>Our server&#x27;s Deployment spec specifies an annotation on its Pod, which requests that the Otterize operator provision a username and password for it:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">template</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">annotations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token key atrule" style="color:#FAC863">credentials-operator.otterize.com/user-password-secret-name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">creds</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This specifies that the secret <code>server-creds</code> will be populated with keys containing the username and password used by this pod to connect to the database.
+The secret will only be created by the Otterize operator after it is integrated with your database by applying a <code>PostgreSQLServerConfig</code> resources.</p><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server">View logs for the server<a href="#view-logs-for-the-server" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-postgres deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Unable to perform INSERT operation<br>Unable to perform SELECT operation</div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="deploy-a-postgresqlserverconfig-to-allow-otterize-db-access">Deploy a PostgreSQLServerConfig to allow Otterize DB access<a href="#deploy-a-postgresqlserverconfig-to-allow-otterize-db-access" class="hash-link" aria-label="Direct link to Deploy a PostgreSQLServerConfig to allow Otterize DB access" title="Direct link to Deploy a PostgreSQLServerConfig to allow Otterize DB access">​</a></h3><p>Let&#x27;s apply a <code>PostgreSQLServerConfig</code> so Otterize will know how to access our database instance.</p><p>First, create a Kuberentes secret containing the database credentials:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl create secret generic postgres-tutorial-db-credentials -n otterize-tutorial-postgres --from-literal</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">username</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;otterize-tutorial&#x27;</span><span class="token plain"> --from-literal</span><span class="token operator" style="color:#d7deea">=</span><span class="token plain">password</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;jeffdog523&#x27;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>In this tutorial, the PostgreSQL database comes with the predefined username &amp; password, but for future uses a
+role will have to be created in the database to grant Otterize access as well as the ability to configure other users.</p><p>Next, apply the <code>PostgreSQLServerConfig</code> to the cluster:</p><div class="codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-text codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/postgresqlserverconfig.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>This <code>PostgreSQLServerConfig</code> tells Otterize how to access a database instance named <code>postgres-tutorial-db</code>, meaning that when intents
 are applied requesting access permissions to <code>postgres-tutorial-db</code>, the Otterize operator will be able to configure
-them.</p><p>In this tutorial, the <code>database</code> workload already comes with the predefined username &amp; password, but for future uses a
-role will have to be created in the database to grant Otterize access as well as the ability to configure other users.</p><p>Let&#x27;s apply the above <code>PostgreSQLServerConfig</code> so Otterize will know how to access our database instance.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/postgresqlserverconfig.yaml</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token assign-left variable" style="color:#d7deea">PSQLUSER_B64</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$(</span><span class="token variable builtin class-name" style="color:#FAC863">echo</span><span class="token variable" style="color:#d7deea"> -n otterize-tutorial </span><span class="token variable operator" style="color:#d7deea">|</span><span class="token variable" style="color:#d7deea"> base64</span><span class="token variable" style="color:#d7deea">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token assign-left variable" style="color:#d7deea">PSQLPASSWORD_B64</span><span class="token operator" style="color:#d7deea">=</span><span class="token variable" style="color:#d7deea">$(</span><span class="token variable builtin class-name" style="color:#FAC863">echo</span><span class="token variable" style="color:#d7deea"> -n jeffdog523 </span><span class="token variable operator" style="color:#d7deea">|</span><span class="token variable" style="color:#d7deea"> base64</span><span class="token variable" style="color:#d7deea">)</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl patch secret -n otterize-tutorial-postgres postgres-tutorial-db-credentials --type</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&#x27;json&#x27;</span><span class="token plain"> -p</span><span class="token operator" style="color:#d7deea">=</span><span class="token string" style="color:#8dc891">&quot;[{</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/data/username</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$PSQLUSER_B64</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}, {</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">op</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">replace</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">path</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">/data/password</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">, </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">value</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">: </span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string variable" style="color:#d7deea">$PSQLPASSWORD_B64</span><span class="token string entity" style="color:#d7deea">\&quot;</span><span class="token string" style="color:#8dc891">}]&quot;</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server">View logs for the server<a href="#view-logs-for-the-server" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>After the client, server, and database are up and running, we can see that the server does not have the appropriate access to the database by inspecting the logs with the following command.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-postgres deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Unable to perform INSERT operation<br>Unable to perform SELECT operation</div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="define-your-clientintents">Define your ClientIntents<a href="#define-your-clientintents" class="hash-link" aria-label="Direct link to Define your ClientIntents" title="Direct link to Define your ClientIntents">​</a></h3><p>ClientIntents are Otterize’s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our <code>server</code> workload the ability to insert and select records to allow it to access the database.</p><p>Below is our <code>intents.yaml</code> file. As you can see, it is scoped to our database named <code>otterize-tutorial</code> and our <code>public.example</code> table. We also have limited the access to just <code>SELECT</code> and <code>INSERT</code> operations. We could add more databases, tables, or operations if our service required more access.</p><p>Specifying the table and operations is optional. If you don&#x27;t specify the table, access will be granted to all tables in the specified database. If you don&#x27;t specify the operations, all operations will be allowed.</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClientIntents</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">intents</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">for</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">namespace</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">postgres</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">service</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">calls</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db </span><span class="token comment" style="color:#999999"># Same name as our PostgreSQLServerConfig metadata.name</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">databaseResources</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">databaseName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">table</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> public.example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">operations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> SELECT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> INSERT</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>We can now apply our intents. Behind the scenes, the Otterize operator created the user for our <code>server</code> workload and executed <code>GRANT</code> queries on the database, making our <code>SELECT</code> and <code>INSERT</code> errors disappear.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/clientintents.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server-1">View logs for the server<a href="#view-logs-for-the-server-1" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Successfully INSERTED into our table<p>Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z</p></div><p>That’s it! If your service’s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the <code>operations</code> to just <code>SELECT</code> or <code>INSERT</code>.</p><h1>Teardown</h1><p>To remove the deployed examples, run:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-postgres client-intents-for-server </span><span class="token operator" style="color:#d7deea">&amp;&amp;</span><span class="token plain"> </span><span class="token punctuation" style="color:#8dc891">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete namespace otterize-tutorial-postgres</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a href="https://github.com/otterize/docs/edit/main/docs/features/postgresql/tutorials/postgres.mdx" target="_blank" rel="noreferrer noopener" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_vwxv"></div></div></footer></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/features/postgresql"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">PostgreSQL | Overview</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/features/postgresql/tutorials/postgres-mapping"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">PostgreSQL table-level access mapping</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#deploy-tutorial-services-and-request-database-credentials" class="table-of-contents__link toc-highlight">Deploy tutorial services and request database credentials</a></li><li><a href="#deploy-a-postgresqlserverconfig-to-allow-otterize-db-access" class="table-of-contents__link toc-highlight">Deploy a PostgreSQLServerConfig to allow Otterize DB access</a></li><li><a href="#view-logs-for-the-server" class="table-of-contents__link toc-highlight">View logs for the server</a></li><li><a href="#define-your-clientintents" class="table-of-contents__link toc-highlight">Define your ClientIntents</a></li><li><a href="#view-logs-for-the-server-1" class="table-of-contents__link toc-highlight">View logs for the server</a></li></ul></div></div></div></div></main></div></div><footer class="footer"><div class="container container-fluid"><div class="footer__links text--center"><div class="footer__links"><span class="footer__link-item">
+them:</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> PostgreSQLServerConfig</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">address</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database.otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">postgres.svc.cluster.local</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token number" style="color:#5a9bcf">5432</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">credentials</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">secretRef</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">credentials</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="define-your-clientintents">Define your ClientIntents<a href="#define-your-clientintents" class="hash-link" aria-label="Direct link to Define your ClientIntents" title="Direct link to Define your ClientIntents">​</a></h3><p>ClientIntents are Otterize’s way of defining access through unique relationships, which lead to perfectly scoped access. In this example, we provide our <code>server</code> workload the ability to insert and select records to allow it to access the database.</p><p>Below is our <code>intents.yaml</code> file. As you can see, it is scoped to our database named <code>otterize-tutorial</code> and our <code>public.example</code> table. We also have limited the access to just <code>SELECT</code> and <code>INSERT</code> operations. We could add more databases, tables, or operations if our service required more access.</p><p>Specifying the table and operations is optional. If you don&#x27;t specify the table, access will be granted to all tables in the specified database. If you don&#x27;t specify the operations, all operations will be allowed.</p><div class="language-yaml codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-yaml codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token key atrule" style="color:#FAC863">apiVersion</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> k8s.otterize.com/v1alpha3</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">kind</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> ClientIntents</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">metadata</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> client</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">intents</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">for</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">namespace</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">postgres</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain"></span><span class="token key atrule" style="color:#FAC863">spec</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">service</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> server</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">  </span><span class="token key atrule" style="color:#FAC863">calls</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">    </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">name</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> postgres</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">db </span><span class="token comment" style="color:#999999"># Same name as our PostgreSQLServerConfig metadata.name</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">type</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> database</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">      </span><span class="token key atrule" style="color:#FAC863">databaseResources</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">        </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> </span><span class="token key atrule" style="color:#FAC863">databaseName</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> otterize</span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain">tutorial</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">table</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"> public.example</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">          </span><span class="token key atrule" style="color:#FAC863">operations</span><span class="token punctuation" style="color:#8dc891">:</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> SELECT</span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">            </span><span class="token punctuation" style="color:#8dc891">-</span><span class="token plain"> INSERT</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>We can now apply our intents. Behind the scenes, the Otterize operator created the user for our <code>server</code> workload and executed <code>GRANT</code> queries on the database, making our <code>SELECT</code> and <code>INSERT</code> errors disappear.</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl apply -n otterize-tutorial-postgres -f https://docs.otterize.com/code-examples/postgres/clientintents.yaml</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><h3 class="anchor anchorWithStickyNavbar_LWe7" id="view-logs-for-the-server-1">View logs for the server<a href="#view-logs-for-the-server-1" class="hash-link" aria-label="Direct link to View logs for the server" title="Direct link to View logs for the server">​</a></h3><p>We can now view the server logs once again. This time, we should see that the server has the appropriate access to the database:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl logs -f -n otterize-tutorial-postgres deploy/server</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div><p>Example log:</p><div style="background-color:#eee;border-radius:5px;font-size:12px;font-weight:600;color:darkgreen;padding:1rem;font-family:monospace, monospace">Successfully INSERTED into our table<p>Successfully SELECTED, most recent value:  2024-04-30T13:20:46Z</p></div><p>That’s it! If your service’s functionality changes, adding or removing access is as simple as updating your ClientIntents definitions. For fun, try altering the <code>operations</code> to just <code>SELECT</code> or <code>INSERT</code>.</p><h1>Teardown</h1><p>To remove the deployed examples, run:</p><div class="language-shell codeBlockContainer_APcc theme-code-block" style="--prism-background-color:#282c34;--prism-color:#ffffff"><div class="codeBlockContent_m3Ux"><pre tabindex="0" class="prism-code language-shell codeBlock_qGQc thin-scrollbar"><code class="codeBlockLines_p187"><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete clientintents.k8s.otterize.com -n otterize-tutorial-postgres client-intents-for-server </span><span class="token operator" style="color:#d7deea">&amp;&amp;</span><span class="token plain"> </span><span class="token punctuation" style="color:#8dc891">\</span><span class="token plain"></span><br></span><span class="token-line" style="color:#ffffff"><span class="token plain">kubectl delete namespace otterize-tutorial-postgres</span><br></span></code></pre><div class="buttonGroup_6DOT"><button type="button" aria-label="Copy code to clipboard" title="Copy" class="clean-btn"><span class="copyButtonIcons_FhaS" aria-hidden="true"><svg viewBox="0 0 24 24" class="copyButtonIcon_phi_"><path fill="currentColor" d="M19,21H8V7H19M19,5H8A2,2 0 0,0 6,7V21A2,2 0 0,0 8,23H19A2,2 0 0,0 21,21V7A2,2 0 0,0 19,5M16,1H4A2,2 0 0,0 2,3V17H4V3H16V1Z"></path></svg><svg viewBox="0 0 24 24" class="copyButtonSuccessIcon_FfTR"><path fill="currentColor" d="M21,7L9,19L3.5,13.5L4.91,12.09L9,16.17L19.59,5.59L21,7Z"></path></svg></span></button></div></div></div></div><footer class="theme-doc-footer docusaurus-mt-lg"><div class="theme-doc-footer-edit-meta-row row"><div class="col"><a href="https://github.com/otterize/docs/edit/main/docs/features/postgresql/tutorials/postgres.mdx" target="_blank" rel="noreferrer noopener" class="theme-edit-this-page"><svg fill="currentColor" height="20" width="20" viewBox="0 0 40 40" class="iconEdit_Z9Sw" aria-hidden="true"><g><path d="m34.5 11.7l-3 3.1-6.3-6.3 3.1-3q0.5-0.5 1.2-0.5t1.1 0.5l3.9 3.9q0.5 0.4 0.5 1.1t-0.5 1.2z m-29.5 17.1l18.4-18.5 6.3 6.3-18.4 18.4h-6.3v-6.2z"></path></g></svg>Edit this page</a></div><div class="col lastUpdated_vwxv"></div></div></footer></article><nav class="pagination-nav docusaurus-mt-lg" aria-label="Docs pages"><a class="pagination-nav__link pagination-nav__link--prev" href="/features/postgresql"><div class="pagination-nav__sublabel">Previous</div><div class="pagination-nav__label">PostgreSQL | Overview</div></a><a class="pagination-nav__link pagination-nav__link--next" href="/features/postgresql/tutorials/postgres-mapping"><div class="pagination-nav__sublabel">Next</div><div class="pagination-nav__label">PostgreSQL table-level access mapping</div></a></nav></div></div><div class="col col--3"><div class="tableOfContents_bqdL thin-scrollbar theme-doc-toc-desktop"><ul class="table-of-contents table-of-contents__left-border"><li><a href="#deploy-tutorial-services-and-request-database-credentials" class="table-of-contents__link toc-highlight">Deploy tutorial services and request database credentials</a></li><li><a href="#view-logs-for-the-server" class="table-of-contents__link toc-highlight">View logs for the server</a></li><li><a href="#deploy-a-postgresqlserverconfig-to-allow-otterize-db-access" class="table-of-contents__link toc-highlight">Deploy a PostgreSQLServerConfig to allow Otterize DB access</a></li><li><a href="#define-your-clientintents" class="table-of-contents__link toc-highlight">Define your ClientIntents</a></li><li><a href="#view-logs-for-the-server-1" class="table-of-contents__link toc-highlight">View logs for the server</a></li></ul></div></div></div></div></main></div></div><footer class="footer"><div class="container container-fluid"><div class="footer__links text--center"><div class="footer__links"><span class="footer__link-item">
                 <div class="footer_left">
                   <div class="tw-w-96 tw-h-60 tw-flex-col tw-justify-start tw-items-start tw-gap-6 tw-inline-flex">
                     <div class="tw-w-36 tw-h-8 tw-justify-start tw-items-start tw-inline-flex">
@@ -158,7 +158,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/index.html b/index.html
index 840ab3f3a..7f2e0639b 100644
--- a/index.html
+++ b/index.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview.html b/overview.html
index 212cafa82..359d0af3f 100644
--- a/overview.html
+++ b/overview.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/installation.html b/overview/installation.html
index c4cbedbd9..147156c5e 100644
--- a/overview/installation.html
+++ b/overview/installation.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -161,7 +161,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/intent-based-access-control.html b/overview/intent-based-access-control.html
index cc060442f..4da3b673b 100644
--- a/overview/intent-based-access-control.html
+++ b/overview/intent-based-access-control.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/otterize-cloud.html b/overview/otterize-cloud.html
index fcca1ec84..98815336e 100644
--- a/overview/otterize-cloud.html
+++ b/overview/otterize-cloud.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -169,7 +169,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/otterize-oss.html b/overview/otterize-oss.html
index 08575dcc2..661dceab4 100644
--- a/overview/otterize-oss.html
+++ b/overview/otterize-oss.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -159,7 +159,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/otterize-oss/error-telemetry.html b/overview/otterize-oss/error-telemetry.html
index ab57c5898..d8fdb9aaf 100644
--- a/overview/otterize-oss/error-telemetry.html
+++ b/overview/otterize-oss/error-telemetry.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/overview/otterize-oss/usage-telemetry.html b/overview/otterize-oss/usage-telemetry.html
index b6cdc9dd2..10aa7c9eb 100644
--- a/overview/otterize-oss/usage-telemetry.html
+++ b/overview/otterize-oss/usage-telemetry.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/IBAC-Overview.html b/reference/IBAC-Overview.html
index 06d32c1c7..35da692db 100644
--- a/reference/IBAC-Overview.html
+++ b/reference/IBAC-Overview.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -182,7 +182,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/api.html b/reference/api.html
index 15bcec34c..9aab93f7d 100644
--- a/reference/api.html
+++ b/reference/api.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/cli.html b/reference/cli.html
index 75054b4eb..76a0a8452 100644
--- a/reference/cli.html
+++ b/reference/cli.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -172,7 +172,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/credentials-operator.html b/reference/configuration/credentials-operator.html
index 31084fa58..a91611ad6 100644
--- a/reference/configuration/credentials-operator.html
+++ b/reference/configuration/credentials-operator.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/credentials-operator/helm-chart.html b/reference/configuration/credentials-operator/helm-chart.html
index 0217df890..b0fd7505f 100644
--- a/reference/configuration/credentials-operator/helm-chart.html
+++ b/reference/configuration/credentials-operator/helm-chart.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/intents-operator.html b/reference/configuration/intents-operator.html
index 45b3fa047..c4979a418 100644
--- a/reference/configuration/intents-operator.html
+++ b/reference/configuration/intents-operator.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -172,7 +172,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/intents-operator/configuration.html b/reference/configuration/intents-operator/configuration.html
index 9a2ac586d..4a39aabaa 100644
--- a/reference/configuration/intents-operator/configuration.html
+++ b/reference/configuration/intents-operator/configuration.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/intents-operator/helm-chart.html b/reference/configuration/intents-operator/helm-chart.html
index d9c1faf7e..272191cdb 100644
--- a/reference/configuration/intents-operator/helm-chart.html
+++ b/reference/configuration/intents-operator/helm-chart.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/network-mapper.html b/reference/configuration/network-mapper.html
index e52504edf..c589c4828 100644
--- a/reference/configuration/network-mapper.html
+++ b/reference/configuration/network-mapper.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -157,7 +157,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/network-mapper/helm-chart.html b/reference/configuration/network-mapper/helm-chart.html
index 502211084..28ed3d17b 100644
--- a/reference/configuration/network-mapper/helm-chart.html
+++ b/reference/configuration/network-mapper/helm-chart.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/network-mapper/kafka-watcher.html b/reference/configuration/network-mapper/kafka-watcher.html
index 0187dac82..c0e5cb272 100644
--- a/reference/configuration/network-mapper/kafka-watcher.html
+++ b/reference/configuration/network-mapper/kafka-watcher.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -161,7 +161,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/configuration/otterize-chart.html b/reference/configuration/otterize-chart.html
index 61077a337..19efc8b0e 100644
--- a/reference/configuration/otterize-chart.html
+++ b/reference/configuration/otterize-chart.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -159,7 +159,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/mtls.html b/reference/mtls.html
index 761ca1dac..08409701c 100644
--- a/reference/mtls.html
+++ b/reference/mtls.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -165,7 +165,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/service-identities.html b/reference/service-identities.html
index 73b8fdfd3..6a1418686 100644
--- a/reference/service-identities.html
+++ b/reference/service-identities.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -160,7 +160,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/shadow-vs-active-enforcement.html b/reference/shadow-vs-active-enforcement.html
index 6c7eb542d..05bc67cce 100644
--- a/reference/shadow-vs-active-enforcement.html
+++ b/reference/shadow-vs-active-enforcement.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -156,7 +156,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/terminology.html b/reference/terminology.html
index e3d28c088..2b6bb14cc 100644
--- a/reference/terminology.html
+++ b/reference/terminology.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -165,7 +165,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/troubleshooting.html b/reference/troubleshooting.html
index 6f12e6f43..5164dd5f2 100644
--- a/reference/troubleshooting.html
+++ b/reference/troubleshooting.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -156,7 +156,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/reference/validating-clientintents.html b/reference/validating-clientintents.html
index 3cfe473ac..10bb8d652 100644
--- a/reference/validating-clientintents.html
+++ b/reference/validating-clientintents.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -156,7 +156,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/search.html b/search.html
index 33fb5f21e..da635db3c 100644
--- a/search.html
+++ b/search.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -154,7 +154,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/security.html b/security.html
index e8a49c634..7e0e42bf2 100644
--- a/security.html
+++ b/security.html
@@ -14,7 +14,7 @@
 <script src="/newsLetterSubscription.js" async></script>
 <script src="/ui.js" async></script>
 <script src="/pixels.js" async></script><link rel="stylesheet" href="/assets/css/styles.f296393d.css">
-<link rel="preload" href="/assets/js/runtime~main.cbba4083.js" as="script">
+<link rel="preload" href="/assets/js/runtime~main.a1c4a5b4.js" as="script">
 <link rel="preload" href="/assets/js/main.2067b156.js" as="script">
 </head>
 <body class="navigation-with-keyboard">
@@ -155,7 +155,7 @@
                     </div>
                   </div>
                 </div></span></div></div></div></footer></div>
-<script src="/assets/js/runtime~main.cbba4083.js"></script>
+<script src="/assets/js/runtime~main.a1c4a5b4.js"></script>
 <script src="/assets/js/main.2067b156.js"></script>
 </body>
 </html>
\ No newline at end of file