diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
new file mode 100644
index 0000000..d937af8
--- /dev/null
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-idm-db-ca0629d86201d4c4ac857d60.yaml
@@ -0,0 +1,27 @@
+apiVersion: "operator.nevis-security.ch/v1"
+kind: "NevisDatabase"
+metadata:
+  name: "idm"
+  namespace: "adn-agov-nevisidm-admin-01-uat"
+  labels:
+    deploymentTarget: "idm"
+  annotations:
+    projectKey: "DEFAULT-ADN-AGOV-ADMIN-PROJECT"
+    patternId: "ca0629d86201d4c4ac857d60"
+spec:
+  type: "NevisIDM"
+  databaseType: "MariaDB"
+  version: "8.2411.1"
+  url: "mariadb-agov-uat.mariadb.database.azure.com"
+  port: 3306
+  ssl: true
+  database: "nevisidm_uat"
+  bootstrap: true
+  migrate: true
+  rootCredentials:
+    name: "root-adn-agov-nevisidm-admin-01-uat-idm"
+    namespace: "adn-agov-nevisidm-admin-01-uat"
+  podSecurity:
+    policy: "baseline"
+    automountServiceAccountToken: false
+  timeZone: "Europe/Zurich"
diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml
index 07cf761..f3202ad 100644
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/etc/nevis/k8s-nevisidm-admin-ba7c7a3b091df0c4b8ba0bb2.yaml
@@ -46,9 +46,12 @@ spec:
   podDisruptionBudget:
     maxUnavailable: "50%"
   git:
-    tag: "r-95bb4b95a4a367e8c9143d72e7c1b127aff89c21"
+    tag: "r-bc25f5ce8b5f95963ebf28cf4402570435720696"
     dir: "DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm"
     credentials: "git-credentials"
+  database:
+    name: "idm"
+    requiredVersion: "8.2411.1"
   keystores:
   - "idm-default-identity"
   truststores:
@@ -60,5 +63,4 @@ spec:
   timeZone: "Europe/Zurich"
   secrets:
     secret:
-    - "a2068eb83a60702322c13949-27ed70d3"
     - "c418560f50e0332d087e85bf-89ec31e5"
diff --git a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
index 7a32fc6..d0829ef 100644
--- a/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
+++ b/DEFAULT-ADN-AGOV-ADMIN-PROJECT/DEFAULT-ADN-AGOV-ADMIN-INV/idm/var/opt/nevisidm/default/conf/nevisidm-prod.properties
@@ -3,9 +3,9 @@ web.gui.languages.default=de
 # source: pattern://ca0629d86201d4c4ac857d60
 database.connection.url=jdbc:mariadb://mariadb-agov-uat.mariadb.database.azure.com:3306/nevisidm_uat?pinGlobalTxToPhysicalConnection=1&useMysqlMetadata=true&cachePrepStmts=true&prepStmtCacheSize=1000&useSSL=true&trustStore=/var/opt/keys/trust/idm-db-tls-truststore/truststore.jks
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.username=adndbadmin
+database.connection.username=${exec:/var/opt/nevisidm/default/conf/credentials/dbUser}
 # source: pattern://ca0629d86201d4c4ac857d60
-database.connection.password=secret://a2068eb83a60702322c13949-27ed70d3
+database.connection.password=${exec:/var/opt/nevisidm/default/conf/credentials/dbPassword}
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2
 application.mail.smtp.host=greenmail.adn-agov-mail-01-uat.svc
 # source: pattern://ba7c7a3b091df0c4b8ba0bb2