How do I grant permissions on a PostgreSQL object using Pulumi?
In this guide, we will demonstrate how to grant specific permissions on a PostgreSQL object using Pulumi. We will create a PostgreSQL role and grant it privileges on a database schema.
import * as pulumi from "@pulumi/pulumi";
import * as postgresql from "@pulumi/postgresql";
// Define the PostgreSQL provider
const provider = new postgresql.Provider("postgresql", {
host: "your-postgresql-host",
port: 5432,
username: "your-username",
password: "your-password",
database: "your-database",
});
// Create a PostgreSQL role
const role = new postgresql.Role("exampleRole", {
name: "example_role",
login: true,
password: "example-password",
}, { provider });
// Grant permissions to the role on a specific schema
const grant = new postgresql.Grant("exampleGrant", {
role: role.name,
database: "your-database",
schema: "public",
objectType: "table",
privileges: ["SELECT", "INSERT", "UPDATE", "DELETE"],
}, { provider });
Key Points
- We used the
postgresql.Provider
to define the connection details for the PostgreSQL instance. - A new PostgreSQL role was created using the
postgresql.Role
resource. - Permissions were granted to the role on a specific schema using the
postgresql.Grant
resource.
Summary
In this guide, we demonstrated how to use Pulumi to grant permissions on a PostgreSQL object. We created a role and granted it specific privileges on a database schema. This approach ensures that database permissions are managed as code, making it easier to maintain and reproduce environments.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.