Step 1: Enable security in Portworx

This document guides you through enabling Portworx Security in your cluster by adding a single flag to your StorageCluster object.


  • You must have Portworx Operator 1.4 or greater


The Operator includes first-class support for Portworx Security in the StorageCluster spec. This means that the operator will auto-generate the following for you if security is enabled:

  • Shared Secret stored under the secret px-shared-secret
  • Admin token stored under the secret px-admin-token
  • User token stored under the secret px-user-token

Enabling Security in your cluster

  1. Enable security under of your StorageCluster:

    kind: StorageCluster
      name: portworx
      namespace: kube-system
      image: portworx/oci-monitor:
        enabled: true
  2. You can now apply the StorageCluster spec and wait until Portworx is ready.

Once you’ve enabled security in Portworx, continue to the next section.

Last edited: Tuesday, Jan 26, 2021