Role

Create a Role Resource

new Role(name: string, args?: RoleArgs, opts?: CustomResourceOptions);
@overload
def Role(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         bypass_row_level_security: Optional[bool] = None,
         connection_limit: Optional[int] = None,
         create_database: Optional[bool] = None,
         create_role: Optional[bool] = None,
         encrypted: Optional[str] = None,
         encrypted_password: Optional[bool] = None,
         idle_in_transaction_session_timeout: Optional[int] = None,
         inherit: Optional[bool] = None,
         login: Optional[bool] = None,
         name: Optional[str] = None,
         password: Optional[str] = None,
         replication: Optional[bool] = None,
         roles: Optional[Sequence[str]] = None,
         search_paths: Optional[Sequence[str]] = None,
         skip_drop_role: Optional[bool] = None,
         skip_reassign_owned: Optional[bool] = None,
         statement_timeout: Optional[int] = None,
         superuser: Optional[bool] = None,
         valid_until: Optional[str] = None)
@overload
def Role(resource_name: str,
         args: Optional[RoleArgs] = None,
         opts: Optional[ResourceOptions] = None)
func NewRole(ctx *Context, name string, args *RoleArgs, opts ...ResourceOption) (*Role, error)
public Role(string name, RoleArgs? args = null, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args RoleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args RoleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args RoleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args RoleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Role Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Role resource accepts the following input properties:

BypassRowLevelSecurity bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
ConnectionLimit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
CreateDatabase bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
CreateRole bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
Encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

EncryptedPassword bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
IdleInTransactionSessionTimeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
Inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
Login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
Name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
Password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
Replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
Roles List<string>
Defines list of roles which will be granted to this new role.
SearchPaths List<string>
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
SkipDropRole bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
SkipReassignOwned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
StatementTimeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
Superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
ValidUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
BypassRowLevelSecurity bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
ConnectionLimit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
CreateDatabase bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
CreateRole bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
Encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

EncryptedPassword bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
IdleInTransactionSessionTimeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
Inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
Login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
Name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
Password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
Replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
Roles []string
Defines list of roles which will be granted to this new role.
SearchPaths []string
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
SkipDropRole bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
SkipReassignOwned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
StatementTimeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
Superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
ValidUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
bypassRowLevelSecurity boolean
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
connectionLimit number
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
createDatabase boolean
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
createRole boolean
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

encryptedPassword boolean
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
idleInTransactionSessionTimeout number
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
inherit boolean
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
login boolean
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
replication boolean
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
roles string[]
Defines list of roles which will be granted to this new role.
searchPaths string[]
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
skipDropRole boolean
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
skipReassignOwned boolean
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
statementTimeout number
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
superuser boolean
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
validUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
bypass_row_level_security bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
connection_limit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
create_database bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
create_role bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
encrypted str

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

encrypted_password bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
idle_in_transaction_session_timeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
name str
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
password str
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
roles Sequence[str]
Defines list of roles which will be granted to this new role.
search_paths Sequence[str]
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
skip_drop_role bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
skip_reassign_owned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
statement_timeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
valid_until str
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.

Outputs

All input properties are implicitly available as output properties. Additionally, the Role resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.

Look up an Existing Role Resource

Get an existing Role resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: RoleState, opts?: CustomResourceOptions): Role
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        bypass_row_level_security: Optional[bool] = None,
        connection_limit: Optional[int] = None,
        create_database: Optional[bool] = None,
        create_role: Optional[bool] = None,
        encrypted: Optional[str] = None,
        encrypted_password: Optional[bool] = None,
        idle_in_transaction_session_timeout: Optional[int] = None,
        inherit: Optional[bool] = None,
        login: Optional[bool] = None,
        name: Optional[str] = None,
        password: Optional[str] = None,
        replication: Optional[bool] = None,
        roles: Optional[Sequence[str]] = None,
        search_paths: Optional[Sequence[str]] = None,
        skip_drop_role: Optional[bool] = None,
        skip_reassign_owned: Optional[bool] = None,
        statement_timeout: Optional[int] = None,
        superuser: Optional[bool] = None,
        valid_until: Optional[str] = None) -> Role
func GetRole(ctx *Context, name string, id IDInput, state *RoleState, opts ...ResourceOption) (*Role, error)
public static Role Get(string name, Input<string> id, RoleState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

BypassRowLevelSecurity bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
ConnectionLimit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
CreateDatabase bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
CreateRole bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
Encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

EncryptedPassword bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
IdleInTransactionSessionTimeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
Inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
Login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
Name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
Password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
Replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
Roles List<string>
Defines list of roles which will be granted to this new role.
SearchPaths List<string>
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
SkipDropRole bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
SkipReassignOwned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
StatementTimeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
Superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
ValidUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
BypassRowLevelSecurity bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
ConnectionLimit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
CreateDatabase bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
CreateRole bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
Encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

EncryptedPassword bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
IdleInTransactionSessionTimeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
Inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
Login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
Name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
Password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
Replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
Roles []string
Defines list of roles which will be granted to this new role.
SearchPaths []string
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
SkipDropRole bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
SkipReassignOwned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
StatementTimeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
Superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
ValidUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
bypassRowLevelSecurity boolean
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
connectionLimit number
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
createDatabase boolean
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
createRole boolean
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
encrypted string

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

encryptedPassword boolean
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
idleInTransactionSessionTimeout number
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
inherit boolean
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
login boolean
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
name string
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
password string
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
replication boolean
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
roles string[]
Defines list of roles which will be granted to this new role.
searchPaths string[]
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
skipDropRole boolean
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
skipReassignOwned boolean
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
statementTimeout number
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
superuser boolean
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
validUntil string
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.
bypass_row_level_security bool
Defines whether a role bypasses every row-level security (RLS) policy. Default value is false.
connection_limit int
If this role can log in, this specifies how many concurrent connections the role can establish. -1 (the default) means no limit.
create_database bool
Defines a role’s ability to execute CREATE DATABASE. Default value is false.
create_role bool
Defines a role’s ability to execute CREATE ROLE. A role with this privilege can also alter and drop other roles. Default value is false.
encrypted str

Deprecated: Rename PostgreSQL role resource attribute "encrypted" to "encrypted_password"

encrypted_password bool
Defines whether the password is stored encrypted in the system catalogs. Default value is true. NOTE: this value is always set (to the conservative and safe value), but may interfere with the behavior of PostgreSQL’s password_encryption setting.
idle_in_transaction_session_timeout int
Terminate any session with an open transaction that has been idle for longer than the specified duration in milliseconds
inherit bool
Defines whether a role “inherits” the privileges of roles it is a member of. Default value is true.
login bool
Defines whether role is allowed to log in. Roles without this attribute are useful for managing database privileges, but are not users in the usual sense of the word. Default value is false.
name str
The name of the role. Must be unique on the PostgreSQL server instance where it is configured.
password str
Sets the role’s password. A password is only of use for roles having the login attribute set to true.
replication bool
Defines whether a role is allowed to initiate streaming replication or put the system in and out of backup mode. Default value is false
roles Sequence[str]
Defines list of roles which will be granted to this new role.
search_paths Sequence[str]
Alters the search path of this new role. Note that due to limitations in the implementation, values cannot contain the substring ", ".
skip_drop_role bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, the cleanup of ownership of objects in each of the respective databases must occur before the ROLE can be dropped from the catalog. Set this option to true when there are multiple databases in a PostgreSQL cluster using the same PostgreSQL ROLE for object ownership. This is the third and final step taken when removing a ROLE from a database.
skip_reassign_owned bool
When a PostgreSQL ROLE exists in multiple databases and the ROLE is dropped, a REASSIGN OWNED in must be executed on each of the respective databases before the DROP ROLE can be executed to dropped the ROLE from the catalog. This is the first and second steps taken when removing a ROLE from a database (the second step being an implicit DROP OWNED).
statement_timeout int
Defines statement_timeout setting for this role which allows to abort any statement that takes more than the specified amount of time.
superuser bool
Defines whether the role is a “superuser”, and therefore can override all access restrictions within the database. Default value is false.
valid_until str
Defines the date and time after which the role’s password is no longer valid. Established connections past this valid_time will have to be manually terminated. This value corresponds to a PostgreSQL datetime. If omitted or the magic value NULL is used, valid_until will be set to infinity. Default is NULL, therefore infinity.

Package Details

Repository
https://github.com/pulumi/pulumi-postgresql
License
Apache-2.0
Notes
This Pulumi package is based on the postgresql Terraform Provider.