The /usr/share/aeolus-configure/modules/aeolus/manifests/conductor.pp file contains the password for the aeolus postgres user. Perhaps a better method is to regenerate the password on the fly so that it's not always hard-coded. BZ 805436 seemed related to this, but perhaps this BZ is more specific.
There are (at least) two appropriate usages here that need to be taken into account: a) Secure environment use (ie production environment) This will need the password randomized when a server is brought up. Probably suited to aeolus-configure. The randomized password also _must not_ be viewable in a world readable file. b) Fast and easy use (ie personal developers desktop) Having to manually look up the newly generated password each time aeolus-configure is run, could be a pain for developers. Having an easy way to get the randomized password into .pgpass for developers will probably take care of this though. (once per configure run)