| From: | yudhi s <learnerdatabase99(at)gmail(dot)com> |
|---|---|
| To: | pgsql-general <pgsql-general(at)lists(dot)postgresql(dot)org> |
| Subject: | Question on roles and privileges |
| Date: | 2024-05-10 04:33:40 |
| Message-ID: | CAEzWdqdtbWCcSFgPAwsXPA2+6k2j0xud3mWbM=LktKp4y-ETgg@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hello All,
We want to make sure to keep minimal privileges for the users based on
their roles and responsibility. We have one user group who will be working
on analyzing/debugging into performance issues in the databases. Basically
this group will be operating on extensions like apg_plan_management,
pg_hint_plan, auto_explain, plprofiler, pg_repack. So these extensions will
already be installed for the group, but they will just need to use those
appropriately. For example pg_hint_plan will not need any write privilege
because the user just has to put the hint in the query and run it to see
any performance variation.
So like that , what kind of minimal privileges will each of these
extensions need to make them work for this performance group? Basically if
any of these will need write privilege or all works can be performed using
Readonly roles/privilege only?
And I understand pg_monitor role wraps up most of the key read only
privileges within it to work on performance issues and also its a readonly
privilege only. So I wanted to know from experts here , if it's true and
pg_monitor role will suffice for all the above work?
Regards
Yudhi
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Vidyashree H S | 2024-05-10 05:18:42 | Re: Postgresql active-active nodes in cluster |
| Previous Message | Bruce Momjian | 2024-05-09 23:23:07 | Re: Postgresql active-active nodes in cluster |