# RBAC with Aerospike Database

Role-based Access Control (RBAC) is a security feature of Aerospike Database Enterprise Edition. For information about setting up RBAC on your Aerospike Database deployment, see the [documentation](https://aerospike.com/docs/database/manage/security/rbac).

To use Aerospike Graph Service (AGS) with an Aerospike Database deployment that has RBAC enabled, include the username and password credentials as configuration options when you [start the Aerospike Graph Service Docker image](https://aerospike.com/docs/graph/2.5.0/install/docker).

The relevant configuration options are:

-   `aerospike.client.user`: username of authorized user
-   `aerospike.client.password`: password of authorized user

For a complete list of AGS configuration options, see [Options](https://aerospike.com/docs/graph/reference/config).

### Example

In the following example, an RBAC-enabled Aerospike Database instance includes a user with the username `admin` and password `password123`. To start Aerospike Graph with that user’s credentials, use the following command:

Terminal window

```bash
docker run -p8182:8182 -e aerospike.client.namespace="test" -e \

aerospike.client.host="aerospike-host1:3000, aerospike-host2:3000" \

-e aerospike.client.user=admin \

-e aerospike.client.password=password123 \

aerospike/aerospike-graph-service
```

### TLS Setup

For information about setting up AGS to use TLS, see the [documentation](https://aerospike.com/docs/graph/2.5.0/manage/security/tls-setup).