Created
January 11, 2018 14:51
-
-
Save GuidoS/6198822f6763ac5312e8fe342cbf9262 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- Add readaccess group with read permissions on dev, alpha, and beta db within same instance | |
| -- Add new readonly user and add to readaccess group | |
| -- Create a group role readaccess | |
| CREATE ROLE readaccess; | |
| -- Grant connect to databases for readonly role | |
| GRANT CONNECT ON DATABASE dev TO readaccess; | |
| GRANT CONNECT ON DATABASE alpha TO readaccess; | |
| GRANT CONNECT ON DATABASE beta TO readaccess; | |
| -- run within each database (doesn't work, need to login to each db seperately to get this to run) | |
| GRANT USAGE ON SCHEMA dev.public TO readaccess; | |
| GRANT SELECT ON ALL TABLES IN SCHEMA dev.public TO readaccess; | |
| ALTER DEFAULT PRIVILEGES IN SCHEMA dev.public GRANT | |
| SELECT ON TABLES TO readaccess; | |
| GRANT USAGE ON SCHEMA alpha.public TO readaccess; | |
| GRANT SELECT ON ALL TABLES IN SCHEMA alpha.public TO readaccess; | |
| ALTER DEFAULT PRIVILEGES IN SCHEMA alpha.public GRANT | |
| SELECT ON TABLES TO readaccess; | |
| GRANT USAGE ON SCHEMA beta.public TO readaccess; | |
| GRANT SELECT ON ALL TABLES IN SCHEMA beta.public TO readaccess; | |
| ALTER DEFAULT PRIVILEGES IN SCHEMA beta.public GRANT | |
| SELECT ON TABLES TO readaccess; | |
| -- Create user role readonly | |
| CREATE USER readonly WITH PASSWORD 'secret'; | |
| GRANT readaccess TO readonly; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment