-
-
Save oinopion/4a207726edba8b99fd0be31cb28124d0 to your computer and use it in GitHub Desktop.
| -- Create a group | |
| CREATE ROLE readaccess; | |
| -- Grant access to existing tables | |
| GRANT USAGE ON SCHEMA public TO readaccess; | |
| GRANT SELECT ON ALL TABLES IN SCHEMA public TO readaccess; | |
| -- Grant access to future tables | |
| ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readaccess; | |
| -- Create a final user with password | |
| CREATE USER tomek WITH PASSWORD 'secret'; | |
| GRANT readaccess TO tomek; |
AWSM!
If you want this readonly user to use pg_dump, you may also need to grant access to sequences.
-- Grant access to existing tables
GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO readaccess;
Hi there are four databases present in this server. When i create this user, that user can create tables in different databases. I want to restrict that too.
Thank you very much,
Thank you @tomek @slavafomin
tks man
CREATE ROLE readaccess;
GRANT USAGE ON SCHEMA public TO readaccess;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readaccess;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readaccess;
GRANT CONNECT ON DATABASE 'database_name' to readaccess;
CREATE USER user_name WITH PASSWORD ‘password’;
GRANT readaccess TO user_name;
GRANT REFERENCES ON ALL TABLES IN SCHEMA public TO readaccess;
To be able to see PrimaryKey constraint
Thanks it's useful
This is golden
Getting permission denied error on viewing list of data from any tables
@electropolis were you granting on the correct database? were you connected when you did it? i noticed the same issue and found it was because i was granting for A database, not the correct one though