Re: grant connect to all databases

On Sat, Oct 5, 2024 at 5:43 PM Adrian Klaver wrote: > On 10/5/24 15:04, Matt Zagrabelny wrote: > > > psql (15.8 (Debian 15.8-0+deb12u1)) > > > > > > Where did you install it from or where are you running it? > > > > > > Installed from Debian repos via apt via puppet. > > > > Still digging...

Re: grant connect to all databases

On 10/5/24 15:04, Matt Zagrabelny wrote: psql (15.8 (Debian 15.8-0+deb12u1)) Where did you install it from or where are you running it? Installed from Debian repos via apt via puppet. Still digging... To me it looks like something is doing: REVOKE CONNECT ON DATABASE FROM PU

Re: grant connect to all databases

On Sat, Oct 5, 2024 at 3:12 PM Adrian Klaver wrote: > On 10/5/24 11:24, Matt Zagrabelny wrote: > > > > > > > Nope. I create the role (via puppet) and then add the GRANT > > pg_read_all_data TO (via puppet). > > > > > What is \drgS? I don't believe I have that. > > That is available in Postgres 16

Re: grant connect to all databases

On 10/5/24 11:24, Matt Zagrabelny wrote: Nope. I create the role (via puppet) and then add the GRANT pg_read_all_data TO (via puppet). What is \drgS? I don't believe I have that. That is available in Postgres 16+, you must running be in an instance of Postgres before that.  'CRE

Re: grant connect to all databases

Matt Zagrabelny writes: > ...but I still cannot connect: > $ psql -d test -U alice > psql: error: connection to server on socket > "/var/run/postgresql/.s.PGSQL.5432" failed: FATAL: permission denied for > database "test" > DETAIL: User does not have CONNECT privilege. This shouldn't be happe

Re: grant connect to all databases

On Sat, Oct 5, 2024 at 11:26 AM Adrian Klaver wrote: > On 10/5/24 09:04, Matt Zagrabelny wrote: > > > > > > On Sat, Oct 5, 2024 at 10:27 AM Adrian Klaver > > wrote: > > > > On 10/5/24 07:13, Matt Zagrabelny wrote: > > > Hi David (and others), > > >

Re: grant connect to all databases

On 10/5/24 09:04, Matt Zagrabelny wrote: On Sat, Oct 5, 2024 at 10:27 AM Adrian Klaver > wrote: On 10/5/24 07:13, Matt Zagrabelny wrote: > Hi David (and others), > > Thanks for the info about Public. > > I should expound on my ori

Re: grant connect to all databases

On Sat, Oct 5, 2024 at 10:27 AM Adrian Klaver wrote: > On 10/5/24 07:13, Matt Zagrabelny wrote: > > Hi David (and others), > > > > Thanks for the info about Public. > > > > I should expound on my original email. > > > > In our dev and test environments our admins (alice, bob, eve) are > > superus

Re: grant connect to all databases

On 10/5/24 07:13, Matt Zagrabelny wrote: Hi David (and others), Thanks for the info about Public. I should expound on my original email. In our dev and test environments our admins (alice, bob, eve) are superusers. In production environments we'd like the admins to be read-only. What are th

Re: grant connect to all databases

Hi David (and others), Thanks for the info about Public. I should expound on my original email. In our dev and test environments our admins (alice, bob, eve) are superusers. In production environments we'd like the admins to be read-only. Is the Public role something I can leverage to achieve t

Re: grant connect to all databases

On Saturday, October 5, 2024, Matt Zagrabelny wrote: > Hello, > > I'd like to have a read-only user for all databases. > > I found the pg_read_all_data role predefined role, which I granted to my > RO user: > > GRANT pg_read_all_data TO ro_user; > > ...but I cannot connect to my database(s). > >

grant connect to all databases

Hello, I'd like to have a read-only user for all databases. I found the pg_read_all_data role predefined role, which I granted to my RO user: GRANT pg_read_all_data TO ro_user; ...but I cannot connect to my database(s). I'd like to not have to iterate over all the databases and "GRANT CONNECT.