Grant permissions to a group in Redshift for new tables in schema
Question
We've been having an issue when giving permissions to groups in redshift.
The main problem is that when we give access to certain schemas and then after an user adds a new table to the schemas, the group has no access to the new table (due to permissions error).
We tried to give the following permissions:
GRANT USAGE ON SCHEMA <schema> TO GROUP <group>;
GRANT SELECT ON ALL TABLES IN SCHEMA <schema> TO GROUP <group>;
ALTER DEFAULT PRIVILEGES IN SCHEMA <schema> GRANT SELECT ON TABLES to group <group>;
And that solution didn't work as expected.
A temporary solution we made is making a super user to allow our developers to work, which is what we want to avoid and is not a good practice.
Thanks!
1 answers
solution1
0 2022-01-15 00:21:16
To set the privileges that will be created for new tables you have to update the default privileges. See: https://docs.aws.amazon.com/redshift/latest/dg/r_ALTER_DEFAULT_PRIVILEGES.html
The default privileges "Defines the default set of access privileges to be applied to objects that are created in the future by the specified user. By default, users can change only their own default access privileges. Only a superuser can specify default privileges for other users." Grant only works on existing tables / objects.
Hope this helps you out.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.