-
-
Save oinopion/4a207726edba8b99fd0be31cb28124d0 to your computer and use it in GitHub Desktop.
-- Create a group | |
CREATE ROLE readaccess; | |
-- Grant access to existing tables | |
GRANT USAGE ON SCHEMA public TO readaccess; | |
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readaccess; | |
-- Grant access to future tables | |
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readaccess; | |
-- Create a final user with password | |
CREATE USER tomek WITH PASSWORD 'secret'; | |
GRANT readaccess TO tomek; |
If you want this readonly user to use pg_dump, you may also need to grant access to sequences.
-- Grant access to existing tables
GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO readaccess;
Hi there are four databases present in this server. When i create this user, that user can create tables in different databases. I want to restrict that too.
Thank you very much,
Thank you @tomek @slavafomin
tks man
CREATE ROLE readaccess;
GRANT USAGE ON SCHEMA public TO readaccess;
GRANT SELECT ON ALL TABLES IN SCHEMA public TO readaccess;
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO readaccess;
GRANT CONNECT ON DATABASE 'database_name' to readaccess;
CREATE USER user_name WITH PASSWORD ‘password’;
GRANT readaccess TO user_name;
GRANT REFERENCES ON ALL TABLES IN SCHEMA public TO readaccess;
To be able to see PrimaryKey constraint
Thanks it's useful
This is golden
Getting permission denied error on viewing list of data from any tables
AWSM!