We Keep Coding

What is the command to upgrade Heroku Postgresql to a Basic plan

I need to upgrade my Heroku Postgresql database to the Basic plan. I've found the command in Heroku's docs, but I'm not sure if I need to change it to affect my account. My app's name on Heroku is tranquil-mountain-51138
heroku addons:upgrade HEROKU_POSTGRESQL_LAVENDER_URL heroku-postgresql:premium-0 -a sushi
Do I need to change this terminal command to include my app's name and the Basic db plan? If so, could you give me the edited version. My guess would be that I change premium-0 to basic. I've no idea what the rest of the command refers to: HEROKU_POSTGRESQL_LAVENDER_URL and sushi
It is a very small personal app. I'm the only one using it, so I've no worries about down time when the maintenance starts.
Thanks for any help.

Finally received a response from Herouku HelpDesk that explains the parts of their example command for upgrading a db.
Their example: heroku addons:upgrade HEROKU_POSTGRESQL_LAVENDER_URL heroku-postgresql:premium-0 -a sushi
$heroku addons:upgrade DATABASE_URL <database-type> -a <app-name>
For my app, upgrading to their Basic plan, the command is:
$heroku addons:upgrade DATABASE_URL heroku-postgresql:basic -a tranquil-mountain-51138
Hope this helps others.

Load to redshift from s3 without redshift credentials

We are loading loading data from S3 to Redshift, but proving redshift username and password on the command line.
Can we do this too role based because this leads to hard coding user name password in code which is a security vulnerability.
psql -h $redshift_jdbc_url -U $redshift_db_username -d $redshift_dbname -p $port_number -c "copy $destinationTable$columnList from '$s3fileName' credentials 'aws_iam_role=arn:aws:iam::$account_number:role/$s3role;master_symmetric_key=$master_key' region '$s3region' format as json '$jsonPathFile' timeformat 'auto' GZIP TRUNCATECOLUMNS maxerror $maxError";

Though this question has nothing to do specifically with Redshift, there could be multiple options to avoid username/password, by mistake checked in to code repository like (cvs,git etc) or getting shared.
Not sure if we do(as stated below) is best practice or not, here is how we do and I think, its safe.
We use the environment variable in our case, and those environment variables are outside of source code repository and the shell script code reads usually there at particular instance environment only.
For e.g. if you have shell script that execute the above command, will load the environment file variable like below. example psql.sh
#!/bin/bash
echo "Loading environment variable"
. "$HOME/.env"
Your other commands
The env file could have variables like below,
#!/bin/bash
export REDSHIFT_USER="xxxxxxxxx"
export REDSHIFT_PASSWORD="xxxxxx"
There are other options too, but not sure if they work well with Redshift.
.pgpass file to store the password. refer below link.
http://www.postgresql.org/docs/current/static/libpq-pgpass.html
"trust authentication" for that specific user, refer below link.
http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-TRUST
Hope that answers your question.

Approach 1:
Generate temporary username / password which has a TTL as part of your script. Use that temporary username / password to connect to DB.
Reference From AWS documentation
https://docs.aws.amazon.com/cli/latest/reference/redshift/get-cluster-credentials.html
Approach 2:
Use AWS Secerets Manager Service

Can not login to Postgres DB as new user

I have installed Foreman via foreman-installer (that pack included Postgres DB 9.5). Now i want to create new user + new database for Zabbix, however it seems that i am doing something wrong. The image shows what commands i typed. The new user is created succesfully but i can't login as it to database. Could someone help me and explain where is the problem?
EDIT: I've added option that was suggested in another thread (WITH LOGIN) but it didn't help me:

I believe the answer is here.
In summary, "peer authentication" means postgres checked the username of the UNIX user (which is not zabbix), and ignored your -U option. Instead, you want to use "password authentication", which you can configure in your pg_hba.conf file. Check the link for instructions how to do that.

how to protect the mongo password in shell script?

I have backed up the data from my deployed database successfully using the following commands:
mongodump admin -u user -p password
Is there a shell script to do this automatically with the password hidden(to protect the password even someone get the script)?

You can use crontab to create scheduled task on the server that will run this command for you. in that way only those who have access to the server can get your password.
Here is a link how to do it https://sheharyar.me/blog/regular-mongo-backups-using-cron/

You should implement the solution by Ariel with a read-only user. This limits the damage when someone still manages to obtain the script. It would also be good practice to store the password encrypted and let the scrip that runs the backup decrypt it.

How to secure KDB/Q web interface

I am aware of the fact that we can run a Q process with the -p parameter which enables other instances to connect to it and enables also a web interface on that port.
Is there a way how to secure the connection so there will be some kind of authorization? In the moment I don't like the fact that anyone can view and even execute queries on my database when it is running with the -p parameter.

You can add authentication by using -U:
-U /path/to/password.txt
This file contains user:password where password is result of in q md5"password" and strip off 0x in front.

there's also the .z.pw and .z.ac hooks, which can be used for more complex auth logic