Ansible创建具有访问所有表权限的postgresql用户吗? [英] Ansible create postgresql user with access to all tables?

问题描述

这应该非常简单.我想发表一条Ansible语句来创建一个Postgres用户，该用户具有对特定数据库的连接特权，并具有对该特定数据库内所有表的选择/插入/更新/删除特权.我尝试了以下方法:

This should be very simple. I want to make an Ansible statement to create a Postgres user that has connection privileges to a specific database and select/insert/update/delete privileges to all tables within that specific database. I tried the following:

  - name: Create postgres user for my app
    become: yes
    become_user: postgres
    postgresql_user:
      db: "mydatabase"
      name: "myappuser"
      password: "supersecretpassword"
      priv: CONNECT/ALL:SELECT,INSERT,UPDATE,DELETE

我得到relation \"ALL\" does not exist

如果我删除ALL:，我会得到Invalid privs specified for database: INSERT UPDATE SELECT DELETE

If I remove ALL:, I get Invalid privs specified for database: INSERT UPDATE SELECT DELETE

推荐答案

我要做的是首先创建用户，然后分别授予特权.它的工作就像一种魅力.

What I had to do was first create the user and then grant the privileges separately. It's working like a charm.

 - name: Create postgres user for my app
    become: yes
    become_user: postgres
    postgresql_user:
      name: "myappuser"
      password: "supersecretpassword"

  - name: Ensure we have access from the new user
    become: yes
    become_user: postgres
    postgresql_privs:
      db: mydatabase
      role: myappuser
      objs: ALL_IN_SCHEMA
      privs: SELECT,INSERT,UPDATE,DELETE

这篇关于Ansible创建具有访问所有表权限的postgresql用户吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！