1. Packages
  2. PostgreSQL
  3. API Docs
  4. Grant
PostgreSQL v3.11.0 published on Sunday, Mar 3, 2024 by Pulumi

postgresql.Grant

Explore with Pulumi AI

postgresql logo
PostgreSQL v3.11.0 published on Sunday, Mar 3, 2024 by Pulumi

    The postgresql.Grant resource creates and manages privileges given to a user for a database schema.

    See PostgreSQL documentation

    Note: This resource needs Postgresql version 9 or above. Note: Using column & table grants on the same table with the same privileges can lead to unexpected behaviours.

    Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as postgresql from "@pulumi/postgresql";
    
    // Grant SELECT privileges on 2 tables
    const readonlyTables = new postgresql.Grant("readonlyTables", {
        database: "test_db",
        objectType: "table",
        objects: [
            "table1",
            "table2",
        ],
        privileges: ["SELECT"],
        role: "test_role",
        schema: "public",
    });
    // Grant SELECT & INSERT privileges on 2 columns in 1 table
    const readInsertColumn = new postgresql.Grant("readInsertColumn", {
        columns: [
            "col1",
            "col2",
        ],
        database: "test_db",
        objectType: "column",
        objects: ["table1"],
        privileges: [
            "UPDATE",
            "INSERT",
        ],
        role: "test_role",
        schema: "public",
    });
    
    import pulumi
    import pulumi_postgresql as postgresql
    
    # Grant SELECT privileges on 2 tables
    readonly_tables = postgresql.Grant("readonlyTables",
        database="test_db",
        object_type="table",
        objects=[
            "table1",
            "table2",
        ],
        privileges=["SELECT"],
        role="test_role",
        schema="public")
    # Grant SELECT & INSERT privileges on 2 columns in 1 table
    read_insert_column = postgresql.Grant("readInsertColumn",
        columns=[
            "col1",
            "col2",
        ],
        database="test_db",
        object_type="column",
        objects=["table1"],
        privileges=[
            "UPDATE",
            "INSERT",
        ],
        role="test_role",
        schema="public")
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using PostgreSql = Pulumi.PostgreSql;
    
    return await Deployment.RunAsync(() => 
    {
        // Grant SELECT privileges on 2 tables
        var readonlyTables = new PostgreSql.Grant("readonlyTables", new()
        {
            Database = "test_db",
            ObjectType = "table",
            Objects = new[]
            {
                "table1",
                "table2",
            },
            Privileges = new[]
            {
                "SELECT",
            },
            Role = "test_role",
            Schema = "public",
        });
    
        // Grant SELECT & INSERT privileges on 2 columns in 1 table
        var readInsertColumn = new PostgreSql.Grant("readInsertColumn", new()
        {
            Columns = new[]
            {
                "col1",
                "col2",
            },
            Database = "test_db",
            ObjectType = "column",
            Objects = new[]
            {
                "table1",
            },
            Privileges = new[]
            {
                "UPDATE",
                "INSERT",
            },
            Role = "test_role",
            Schema = "public",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		// Grant SELECT privileges on 2 tables
    		_, err := postgresql.NewGrant(ctx, "readonlyTables", &postgresql.GrantArgs{
    			Database:   pulumi.String("test_db"),
    			ObjectType: pulumi.String("table"),
    			Objects: pulumi.StringArray{
    				pulumi.String("table1"),
    				pulumi.String("table2"),
    			},
    			Privileges: pulumi.StringArray{
    				pulumi.String("SELECT"),
    			},
    			Role:   pulumi.String("test_role"),
    			Schema: pulumi.String("public"),
    		})
    		if err != nil {
    			return err
    		}
    		// Grant SELECT & INSERT privileges on 2 columns in 1 table
    		_, err = postgresql.NewGrant(ctx, "readInsertColumn", &postgresql.GrantArgs{
    			Columns: pulumi.StringArray{
    				pulumi.String("col1"),
    				pulumi.String("col2"),
    			},
    			Database:   pulumi.String("test_db"),
    			ObjectType: pulumi.String("column"),
    			Objects: pulumi.StringArray{
    				pulumi.String("table1"),
    			},
    			Privileges: pulumi.StringArray{
    				pulumi.String("UPDATE"),
    				pulumi.String("INSERT"),
    			},
    			Role:   pulumi.String("test_role"),
    			Schema: pulumi.String("public"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.postgresql.Grant;
    import com.pulumi.postgresql.GrantArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var readonlyTables = new Grant("readonlyTables", GrantArgs.builder()        
                .database("test_db")
                .objectType("table")
                .objects(            
                    "table1",
                    "table2")
                .privileges("SELECT")
                .role("test_role")
                .schema("public")
                .build());
    
            var readInsertColumn = new Grant("readInsertColumn", GrantArgs.builder()        
                .columns(            
                    "col1",
                    "col2")
                .database("test_db")
                .objectType("column")
                .objects("table1")
                .privileges(            
                    "UPDATE",
                    "INSERT")
                .role("test_role")
                .schema("public")
                .build());
    
        }
    }
    
    resources:
      # Grant SELECT privileges on 2 tables
      readonlyTables:
        type: postgresql:Grant
        properties:
          database: test_db
          objectType: table
          objects:
            - table1
            - table2
          privileges:
            - SELECT
          role: test_role
          schema: public
      # Grant SELECT & INSERT privileges on 2 columns in 1 table
      readInsertColumn:
        type: postgresql:Grant
        properties:
          columns:
            - col1
            - col2
          database: test_db
          objectType: column
          objects:
            - table1
          privileges:
            - UPDATE
            - INSERT
          role: test_role
          schema: public
    

    Examples

    Revoke default accesses for public schema:

    import * as pulumi from "@pulumi/pulumi";
    import * as postgresql from "@pulumi/postgresql";
    
    const revokePublic = new postgresql.Grant("revokePublic", {
        database: "test_db",
        objectType: "schema",
        privileges: [],
        role: "public",
        schema: "public",
    });
    
    import pulumi
    import pulumi_postgresql as postgresql
    
    revoke_public = postgresql.Grant("revokePublic",
        database="test_db",
        object_type="schema",
        privileges=[],
        role="public",
        schema="public")
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using PostgreSql = Pulumi.PostgreSql;
    
    return await Deployment.RunAsync(() => 
    {
        var revokePublic = new PostgreSql.Grant("revokePublic", new()
        {
            Database = "test_db",
            ObjectType = "schema",
            Privileges = new[] {},
            Role = "public",
            Schema = "public",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-postgresql/sdk/v3/go/postgresql"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := postgresql.NewGrant(ctx, "revokePublic", &postgresql.GrantArgs{
    			Database:   pulumi.String("test_db"),
    			ObjectType: pulumi.String("schema"),
    			Privileges: pulumi.StringArray{},
    			Role:       pulumi.String("public"),
    			Schema:     pulumi.String("public"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.postgresql.Grant;
    import com.pulumi.postgresql.GrantArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var revokePublic = new Grant("revokePublic", GrantArgs.builder()        
                .database("test_db")
                .objectType("schema")
                .privileges()
                .role("public")
                .schema("public")
                .build());
    
        }
    }
    
    resources:
      revokePublic:
        type: postgresql:Grant
        properties:
          database: test_db
          objectType: schema
          privileges: []
          role: public
          schema: public
    

    Create Grant Resource

    new Grant(name: string, args: GrantArgs, opts?: CustomResourceOptions);
    @overload
    def Grant(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              columns: Optional[Sequence[str]] = None,
              database: Optional[str] = None,
              object_type: Optional[str] = None,
              objects: Optional[Sequence[str]] = None,
              privileges: Optional[Sequence[str]] = None,
              role: Optional[str] = None,
              schema: Optional[str] = None,
              with_grant_option: Optional[bool] = None)
    @overload
    def Grant(resource_name: str,
              args: GrantArgs,
              opts: Optional[ResourceOptions] = None)
    func NewGrant(ctx *Context, name string, args GrantArgs, opts ...ResourceOption) (*Grant, error)
    public Grant(string name, GrantArgs args, CustomResourceOptions? opts = null)
    public Grant(String name, GrantArgs args)
    public Grant(String name, GrantArgs args, CustomResourceOptions options)
    
    type: postgresql:Grant
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args GrantArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args GrantArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args GrantArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args GrantArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args GrantArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Grant Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Grant resource accepts the following input properties:

    Database string
    The database to grant privileges on for this role.
    ObjectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    Privileges List<string>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    Role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    Columns List<string>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    Objects List<string>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    Schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    WithGrantOption bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    Database string
    The database to grant privileges on for this role.
    ObjectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    Privileges []string
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    Role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    Columns []string
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    Objects []string
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    Schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    WithGrantOption bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    database String
    The database to grant privileges on for this role.
    objectType String
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    privileges List<String>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role String
    The name of the role to grant privileges on, Set it to "public" for all roles.
    columns List<String>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    objects List<String>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    schema String
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption Boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    database string
    The database to grant privileges on for this role.
    objectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    privileges string[]
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    columns string[]
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    objects string[]
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    database str
    The database to grant privileges on for this role.
    object_type str
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    privileges Sequence[str]
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role str
    The name of the role to grant privileges on, Set it to "public" for all roles.
    columns Sequence[str]
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    objects Sequence[str]
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    schema str
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    with_grant_option bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    database String
    The database to grant privileges on for this role.
    objectType String
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    privileges List<String>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role String
    The name of the role to grant privileges on, Set it to "public" for all roles.
    columns List<String>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    objects List<String>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    schema String
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption Boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Grant resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Grant Resource

    Get an existing Grant resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: GrantState, opts?: CustomResourceOptions): Grant
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            columns: Optional[Sequence[str]] = None,
            database: Optional[str] = None,
            object_type: Optional[str] = None,
            objects: Optional[Sequence[str]] = None,
            privileges: Optional[Sequence[str]] = None,
            role: Optional[str] = None,
            schema: Optional[str] = None,
            with_grant_option: Optional[bool] = None) -> Grant
    func GetGrant(ctx *Context, name string, id IDInput, state *GrantState, opts ...ResourceOption) (*Grant, error)
    public static Grant Get(string name, Input<string> id, GrantState? state, CustomResourceOptions? opts = null)
    public static Grant get(String name, Output<String> id, GrantState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Columns List<string>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    Database string
    The database to grant privileges on for this role.
    ObjectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    Objects List<string>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    Privileges List<string>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    Role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    Schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    WithGrantOption bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    Columns []string
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    Database string
    The database to grant privileges on for this role.
    ObjectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    Objects []string
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    Privileges []string
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    Role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    Schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    WithGrantOption bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    columns List<String>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    database String
    The database to grant privileges on for this role.
    objectType String
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    objects List<String>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    privileges List<String>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role String
    The name of the role to grant privileges on, Set it to "public" for all roles.
    schema String
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption Boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    columns string[]
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    database string
    The database to grant privileges on for this role.
    objectType string
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    objects string[]
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    privileges string[]
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role string
    The name of the role to grant privileges on, Set it to "public" for all roles.
    schema string
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    columns Sequence[str]
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    database str
    The database to grant privileges on for this role.
    object_type str
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    objects Sequence[str]
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    privileges Sequence[str]
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role str
    The name of the role to grant privileges on, Set it to "public" for all roles.
    schema str
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    with_grant_option bool
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.
    columns List<String>
    The columns upon which to grant the privileges. Required when object_type is column. You cannot specify this option if the object_type is not column.
    database String
    The database to grant privileges on for this role.
    objectType String
    The PostgreSQL object type to grant the privileges on (one of: database, schema, table, sequence, function, procedure, routine, foreign_data_wrapper, foreign_server, column).
    objects List<String>
    The objects upon which to grant the privileges. An empty list (the default) means to grant permissions on all objects of the specified type. You cannot specify this option if the object_type is database or schema. When object_type is column, only one value is allowed.
    privileges List<String>
    The list of privileges to grant. There are different kinds of privileges: SELECT, INSERT, UPDATE, DELETE, TRUNCATE, REFERENCES, TRIGGER, CREATE, CONNECT, TEMPORARY, EXECUTE, and USAGE. An empty list could be provided to revoke all privileges for this role.
    role String
    The name of the role to grant privileges on, Set it to "public" for all roles.
    schema String
    The database schema to grant privileges on for this role (Required except if object_type is "database")
    withGrantOption Boolean
    Whether the recipient of these privileges can grant the same privileges to others. Defaults to false.

    Package Details

    Repository
    PostgreSQL pulumi/pulumi-postgresql
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the postgresql Terraform Provider.
    postgresql logo
    PostgreSQL v3.11.0 published on Sunday, Mar 3, 2024 by Pulumi