Manage PostgreSQL Privileges with Ansible
Question
I've used the Ansible Galaxy role geerlingguy.postgresql[1] to create a PostgreSQL server. But I'm a bit stuck onto how I can create a user in PostgreSQL which has the following rights:
- Create tables in the database
- Doing SELECT, INSERT, UPDATE and DELETE queries
How can I achieve this?
My config at the moment looks like this:
postgresql_databases:
- name: mydb
owner: myuser
postgresql_users:
- name: myuser
db: mydb
objs: ALL_IN_SCHEMA
privs: SELECT,INSERT,UPDATE,DELETE,CONNECT,CREATEDB
role_attr_flags: CREATEROLE
1 answers
solution1
0 2019-01-14 10:15:34
Uh, postgres permission model is a mess (... not a mess, just is more complicated than everyone would like it to be).
You need to configure FOUR separate things for user to have an access (not counting the creation of the user itself and configuring hg_hba.conf for network-level access):
- database priveleges (type: database)
- schema priveleges (type: schema)
- table priveleges (type: table)
- sequence priveleges (type: sequence)
Moreover, when you do this, you need to have admin access to postgress, and it should not be root (it should be 'postgres' user for most Postgres installations).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.