I have a situation where I’m deploying (and redeploying) an InfluxDB instance via a(n Ansible) script, and I want the script to create a known user account. My problem is that if the instance happens to be new, then I can use the default root user with no password to log in to create the user; but if the user has already been created (e.g. on a redeploy), that default access is gone and I have to authenticate as the known user in order to recreate that user. (You might say, why not just do nothing in that case, but it may happen that I actually want to update the user account, e.g. the password may have been manually changed and I want to reset it, or I may have a new password I want to set.)
In my ideal, there would be an out-of-band mechanism I could use to manipulate user accounts without authenticating through the same kinds of user accounts. For example, in my script I have sudo access to the host, so perhaps that could talk to InfluxDB in a trusted way without knowing any password.
Does such a thing exist? Or do people have other tricks they use to solve this problem?